As the compliance profession continues to develop and increase its influence in the corporate governance landscape, there are no hard and fast rules. We all quickly repeat the compliance profession mantra: there are “no one-size-fits-all solutions” in the compliance field.
There has been considerable debate over the proper role of the Chief Compliance Officer in a corporate organization. In the last few years, in many organizations, CCOs have risen to the C-Suite and acquired access to senior management status. That has been a welcome development.
At the same time, we have seen another important trend – the increase in the number of CCOs reporting directly to the CEO, or even to the Audit/Compliance Committee of the Board. A CCO-CEO direct reporting relationship represents a company’s commitment to ethics and compliance.
Similarly, we have seen that corporate boards are becoming more aware of, and sensitive to, oversight and monitoring responsibilities for ethics and compliance issues. There is no question that more work is needed in this area but corporate boards are much more aware of the importance of promoting an ethics and compliance function in the corporate landscape.
Corporate and compliance structuring is an important focus of any basic commitment to ethics and compliance. The proper relationship between the CCO and the General Counsel continues to be a troubling question. Many CCOs continue to report to the General Counsel, or the General Counsel continues to wear two hats – a Chief Legal Officer and a Chief Compliance Officer hat.
The Justice Department has avoided taking any position on the efficacy of a two-hatted CCO/GC or a CCO reporting to a General Counsel. HHS, in a recent Office of Inspector General Report, reiterated its commitment to separation of the Chief Legal Officer and Chief Compliance Officer functions. (Here)
In a recent report, LRN released a study that indicated compliance programs led by two-hatted CCO/GCs were “more effective” than those led by independent CCOs. (Here). Recognizing that its study results run contrary to an almost unanimous push for CCO empowerment and independence, LRN sought to give possible explanations for its finding.
LRN’s examination of the “effectiveness” of a compliance program is based on a model divided into categories corresponding to the seven elements of a mandated ethics and compliance program in the United States Sentencing Guidelines. Whether LRN’s criteria and measurement technique is valid is an issue for another day. I am sure researchers who are experts in this area would be able to raise some concerns about LRN’s model.
LRN’s study, however, includes an important analysis of this finding. LRN suggests that by coupling the GC and CCO functions into a single individual the compliance function benefits by association with the GC’s existing internal relationships with important business operations. In other words, a separate CCO naturally has to expend significant resources to build relationships and constituencies in the company, while an existing GC who takes on the CCO role can leverage existing relationships to promote compliance functions.
If that is a valid explanation, there are two important take aways. First, LRN’s study underscores the importance of elevating a CCO in a corporate organization to promote his or her ability to build internal relationships and constituencies. Second, LRN’s study demonstrates, once again, the importance of a strong bond between CCO and GCs. Whether that is done by merging the two functions into a single position, or by ensuring the CCO and GC, as independent actors, closely coordinate and collaborate, the point is CCOs and GCs are natural allies in the corporate ethics and compliance landscape.
More research needs to be done in this area. My suspicion is that in another year new findings and trends will emerge. The CCO is rapidly evolving and no one can doubt that the CCO’s rise in an organization is a good thing for companies and for society as a whole