I always use the “Streetcar Named Desire” line to describe the challenges a Chief Compliance Officer faces – CCOs depend on the kindness of strangers. It is a little bit of an exaggeration but bear with me. CCOs are not superheroes and cannot by themselves ensure an effective ethics and compliance program.
An effective compliance program depends on a positive working relationship among the key compliance functions in a company. CCOs have to work closely with the General Counsel, the Internal Auditor, Human Resources, CFO and Comptroller, Information Technology, Security, Procurement, Senior Leadership Team, and of course, the CEO.
This list is not exhaustive and not meant to exclude other vital functions within a company. My list is meant to capture as many of the essential functions within a company that are needed for coordination and implementation of compliance functions.
CCOs need the support and assistance of all of these functions. In most companies, the Internal Auditor and the General Counsel are natural allies with a CCO because of their concern to legal and financial risks. Internal Auditors are critical partners for CCOs to develop risk assessments, to conduct a variety of audit techniques, and to monitor the company’s compliance program.
Likewise, the General Counsel is a natural ally because of the common interest in ensuring compliance with all laws and regulations, legal training programs, and conduct of internal investigations with or without preserving the attorney-client privilege.
HR and CCOs share common interests in handling employee concerns, whistleblowers, monitoring the employee morale and culture, and imposing discipline for violations of law or the Code of Conduct.
On the financial side, CCOs have to devote more attention to building better coordination functions. For too long, CCOs have been ignoring the importance of internal controls and financial operations as an important focus for every compliance program – bribery depends on unauthorized access to company funds. Internal controls are essential to monitoring and identifying potential misuse of funds. CCOs have to increase their contact and collaboration with the CFO and the Comptroller.
Procurement is another essential function for CCO coordination and collaboration. A company’s supply chain always raises potential corruption risks when vendors and suppliers act on behalf of the company or when a shadow vendor is being used to create a slush fund for bribery purposes. Aside from corruption risks, vendors and suppliers raise significant reputational risks when they engage in illegal or unethical business practices.
My list of important partners, however, has one glaring omission – business managers throughout the company. Every business manager is an important compliance partner. In the absence of buy in from the business side, a CCO is facing a difficult challenge. Compliance depends on buy in, and integration of compliance principles and functions in the business operations.
I will never forget a country manager for a company who told me that compliance is his responsibility as the country manager for China. His statement was corroborated by a company culture in China that emphasized ethics and compliance.
The Compliance 2.0 model recognizes the importance of embedding a culture throughout a company as the most effective strategy for mitigating risks and promoting ethical business conduct. Business managers are the essential partner for such spreading the word and messaging on ethics and compliance.