The Three Amigos/Amigas: Compliance, Audit and Legal
Every compliance program depends on collaboration. No one actor at a company determines the success or failure of a corporate compliance program.
One key component of this collaborative effort is the relationship among the Chief Compliance Officer (”CCO”), General Counsel and Internal Auditor. Neither one of them can do it all no matter how hard they work or how good they are at their respective jobs.
A good barometer of a corporation’s compliance program is the relationship among the three key players. When these three players are working together, a company’s compliance effort is likely to edge closer to “effective.” On the other hand, if these three players work at cross-purposes, or protect their turfs and create silos, a compliance program edges closer to a “paper” compliance program, permeated with good intentions but falling well short of an “effective” program.
The CCO is dependent on the Internal Auditor to develop important monitoring policies applicable for internal risks with company offices and external risks, particularly third party intermediaries. Internal Auditors are on the front lines inspecting and reviewing individual company offices’ internal controls and overall compliance activities.
When an auditor identifies improper payments or failures to follow internal procedures, the audit staff conducts a very important initial interview of the responsible staff to find out why the office is not complying with established procedures or an explanation for a questionable payment. These initial interviews can be critical for assessing potential violations and determining how to handle the issue.
Similarly, Internal Auditors are critical players in handling third parties. First, a CCO needs to develop controls to include in a written contract to make sure that a third party is paid based on an invoice which describes the specific services provided by the third party. Second, a CCO works closely with the Auditor to establish an annual schedule for conducting audits of third party intermediaries. Third parties are more likely to be audited, especially in high-risk areas. Audits of third parties can uncover important red flags which may require more scrutiny and investigation.
In an “effective” anti-corruption compliance program, CCOs work closely with the General Counsel on important compliance issues.
On a day-to-day basis, General Counsels provide important leadership on legal issues which are important to the overall compliance program. A General Counsel needs to collaborate with the CCO on a range of issues, including commercial matters, due diligence procedures, employee complaints, training, internal investigations, and acquisitions.
Most important is the synergy when the CCO, Internal Auditor and General Counsel share information and coordinate their activities. If they share information about business development strategies, potential acquisitions and business strategy, the CCO, Auditor and General Counsel can provide each other with critical information. In many cases, because the CCO, Auditor and the General Counsel are not part of the C-Suite, they are even more dependent on each other for information.