The Importance of a Board Compliance Committee
It is not every day that I can report on a new governance innovation which is being rapidly embraced and implemented by companies. It may be one of the most significant corporate governance developments in the last five years, almost matching the empowerment of independent compliance officers.
A few years ago the percentage of companies reporting the creation of a compliance committee was around 20 percent. That number is increasing as more companies are realizing the importance of separating the board compliance oversight from the audit committee to a separate compliance committee.
In the governance world, we are on the threshold of a new and important phenomena – the empowered compliance committee.
The old model of layering compliance on top of the audit committee’s responsibility is a relic of the past when financial certifications and accuracy was the focus of compliance in the Sarbanes-Oxley world. In the last ten years, Sarbanes-Oxley is one of many new risks which have emerged in the global economy. To address these risks, a specialized compliance committee is the first and most important step in building a true culture of compliance.
The composition of the compliance committee is important. It should include a majority of independent directors to provide an objective view of the company’s compliance experts. One of the directors should have familiarity with compliance functions and understand the role of compliance in overall corporate governance.
The charter of the compliance committee should address several issues: (1) how should the company address overall risk management?; (2) how should the compliance program be designed and operate?; and (3) what steps should the board and the company take to communicate and build a corporate culture of ethics?
A compliance committee has responsibilities which exceed those of other committees. The government and compliance professionals have emphasized the need for regular reporting and review of compliance activities. With the direct reporting authority, a chief compliance officer should communicate on a regular basis, more often than once a quarter to the compliance committee. As a result, the compliance committee should plan on meeting more than four times a year.
The reporting protocol between the chief compliance officer and the compliance committee should take into account the need to address specific issues and risks which may come up during the year. As a result, reporting and communications should occur more often and provide more detail.
Senior management should be in the loop on all of these communications but the essential point has to be preserved – the chief compliance officer has a duty and a responsibility to report directly to the compliance committee on any significant issue which is identified by the chief compliance officer.
This is the “new frontier” of compliance, building a new and effective reporting and supervision structure which reflects the two new most significant players in the compliance arena – the empower chief compliance officer and the empowered board compliance committee.
I regard this as a “eurika” moment in corporate governance, particularly in view of the growing trend to separate the Chief Compliance Office function from that of the General Counsel. The establishment of a separate Board Compliance Committee is only the next logical step in order to ensure real time reporting on significant compiance risks and issues that faces a company. To further enhance corporate governance and corruption risk management I would like to suggest placing the CSR (Corporate Social Responsibity) function under the oversight of the Chief Compiance Officer and thus under the Board Compliance Committee. This may be of paricular importance in view of the fact that the CSR function can be seen as a major corruption risk area for companies operating in developing countries. The increasing transparency requirements placed on multinational corporations as regards their payments to foreign governments of countries in which they operate may further warrant the latter proposition.