12 Do’s and Don’ts of Internal Communications

Internal communication is a vital – but often overlooked – function within a business that can help to reinforce cultural values, ensure employees feel part of something, and even mitigate potential compliance risks. We explore the do’s and don’ts that will enhance your internal communications strategy.

16 November 2023 9 mins read
By Jay Hampshire

Modern businesses operate in an age of constant communication and connection. With an ever-expanding number of communications channels to manage, both internally and externally, organizations need to consider how they engage with partners – and the public – what they say, and how it is perceived by the wider world.

Often this focus on ‘looking outward’ means businesses leave thinking about internal communications until last. While building and maintaining relationships, increasing reputation, and securing new business via external communications is vital to businesses, neglecting a sound internal communications strategy can create challenges. Whether you’re considering communications within your organization for the first time, or looking to sharpen your existing strategy, these 12 tips will help you establish a comprehensive, communal, and compliant internal communications culture.

DO – Consider your audience

Not all of your internal communications will serve the same purpose, so will not need to be considered in the same way. A quick update to your immediate team can be fired off over an informal channel, such as WhatsApp or another instant messaging service, but a message sharing important information across the entire business will need more consideration. We’ve all seen the horror stories from when organizations get sensitive announcements wrong, using the wrong channels.

What’s also worth considering is how your message is phrased, and whether the reader will take it in the spirit you intended it. Emojis are notoriously challenging here. A thumbs-up emoji could now have unintended consequences, and while you might think the meaning of your message is obvious, the receiver – or a regulator – might take a very different view.

DON’T – Get personal

The increase in hybrid working has meant that some organizations are utilizing Bring Your Own Device (BYOD) strategies for communications, predominantly to control costs. While this can work well if managed correctly, it can leave the door open to potential risk. Employees using personal devices to discuss business matterswith colleagues or with clients  – on communications channels that aren’t being captured or archived compliantly are at risk of falling foul of regulators. With eye-watering fines being leveled, and organizations suffering reputational damage (and occasionally fines of their own) for this kind of conduct, understanding whether a BYOD or Company Owned, Personally Enabled (COPE) strategy works better for your business is increasingly vital.

DO – Capture all communications channels

While your internal communications strategy might be focused on ‘official’ channels like email or collaboration applications like Slack or Microsoft Teams, when it comes to regulatory scrutiny, it’s very much a case of ‘better safe than sorry’. The fast-paced expansion of digital communication channels – from WhatsApp to WeChat – means you can end up feeling like you’re playing ‘whack-a-mole’ trying to keep on top of them: unless you have a one-stop-shop that can capture them all. If regulators find evidence that staff are discussing business matters through ‘off-channel’ communications, they won’t hesitate to take enforcement action. Capturing all of your internal communications, whatever the channel, insulates you from potential negative outcomes and mitigates risk should the regulators come calling.

DON’T – Make assumptions

While it might be easy to assume that your teams follow best practice, that your third-parties are behaving themselves, or the internal communications platforms you and your employees use are fully compliant, the old adage about what happens when you assume can ring true. Assuming things are operating as they should can open you up to risk. Complacency is a cardinal sin when it comes to compliance, and having full oversight of all of your internal communication platforms and processes, including third-party offerings, is the best defense – because ‘we assumed it was fine’ won’t cut it with the regulators.

DO – Level the playing field with the right tech solutions

Consistency is a vital part of making sure internal communications are effective, and finding the right tech solutions can remove barriers that can sometimes make these comms more difficult than they need to be. Whether your users are operating at the C-suite level, or are recent hires, shared solutions that enhance collaboration and communication across the business are vital to empowering your teams to get the job done. In our personal lives, we expect communication and file sharing to be consistent and streamlined – business users expect the same.

DON’T – Keep surveillance hush hush

While nobody wants to feel like ‘big brother is watching them’ in the workplace, surveillance is an increasingly important strategy when it comes to mitigating internal communications risk. Using surveillance tools to proactively supervise how teams are communicating can help you flag potential issues and deal with them in-house – before they’ve escalated to regulatory level.

Getting employee buy-in for surveillance practices is a crucial part of internal communications culture, and advising them that surveillance tools are a ‘safety net’ that help prevent things like bullying and bad conduct can help prevent staff feel like you’re snooping for the sake of it.

DO – Consider compliance

Many stakeholders are engaged in establishing and executing an internal communications strategy, from PR to HR, marketing to IT. But it’s vital that you don’t leave compliance teams out of the conversation.

Building your internal communications culture around best-practice and ‘baking in’ compliance-positive culture early on ensures that your internal communications strategy and channels are compliant from the beginning. It also avoids looping in compliance teams 2/3rds into a process only for them to advise that things need to change substantially.

DON’T – Share customer data

A good internal communications strategy should always include education around data handling and management practices. While many of these will be ‘common sense’ steps, your organization has a duty to ensure that potentially sensitive customer data isn’t shared in the wrong way, or with the wrong people within your organization. Legislation like the General Data Protection Regulation (GDPR) in the EU and California Consumer Privacy Act (CCPA) exists for good reason, and sloppy internal communications that include client or customer data could fall foul of these. The penalties for doing so are incredibly severe and can have catastrophic effects.

DO – Remember the most important part of communication is listening

Listening is an incredibly important part of effective internal communications. Your teams will be able to tell you where their challenges lie, and advise on what channels they prefer to use and be contacted on.

They’ll also be able to tell you what they’d like to hear more (or less) of, and how much of an impact internal comms has on wider company culture. Making sure your employees feel listened to is integral to making sure they feel valued and part of the organization, and can act as a wellspring of great ideas – because nobody knows a company better than the people that comprise it.

DON’T – Be afraid to hold your hands up if things go wrong

Everyone wants to avoid things going wrong, but the nature of business is that it is a case of ‘when’ an issue might arise, not ‘if’. When it comes to internal communications, there might be a temptation to circle the wagons and try and suppress the issue.

But, as with all areas of non-compliance, honesty is the best policy. Where there are internal comms lapses, organizations are always best served by getting in touch with regulators and similar governing bodies as a first step. This not only shows their willingness to ‘do things by the book’ and maintain their reputational standing, but can also serve to secure a more lenient approach from regulators. Working with them, rather than being seen to work against them, is key. Plus, if junior staff see senior stakeholders hold their hands up and taking accountability when things go wrong, they’re more likely to follow that example when needed.

DO – Have an internal crisis communications strategy in place

While you can do what you can to prepare for it, sometimes the worst happens, and there is a crisis that needs to be managed. For instance, someone may say something ill advised, a regulator could take enforcement action against your organization, or you may be compromised with a data leak or cyber-attack.

Whatever happens, a lot of focus will be spent on external crisis communications, to reassure shareholders and the wider public that action is being taken and to maintain your reputation. This is doubtlessly important, but internal crisis communications should also be considered.

Letting people within your organization know what’s happened, what it means for them, and how you’re working to fix it Is key. If there isn’t adequate communication around a crisis, people will feel the gaps with speculation and gossip – which are harmful to your businesses’ morale, culture, and reputation.

DON’T – Try and do it all alone

Internal communications strategy is, by its nature, self-focused. It is conducted by your organization, for the benefit of your organization, and with your staff and stakeholders front of mind. Nobody will know your company and its culture as intimately as you.

With this said, establishing an effective internal communications strategy doesn’t have to be something you do alone. Compliance, and communications compliance, is a team sport, and by identifying the right partner with the right experience and the right solution, you’ll be well equipped to take on the challenges of internal communications while benefitting from external expertise.

Developing a compliant, cohesive internal communications strategy is all about having the right tools for the job. From ensuring all of your communications – internal and external – are captured and archived, to ensuring you can monitor for potential risks with a surveillance solution, we’re here to help you build your compliance-first communications capabilities.