Improving the Message of Ethics and Compliance
To succeed in life, you need two things: ignorance and confidence – Mark Twain
I have a problem with writers, columnists, consultants, bloggers and anyone else who puts a pen to paper (as we used to say) on ethics and compliance issues. All of us have a responsibility to the profession that we believe in and promote. Call it what you will but there is just too much general bs being written about ethics and compliance.
I may be guilty of this as well – I may be throwing stones from a glass house but I am willing to take the criticism and try to improve. (Of course, I could take the typical defensive route and urge everyone to look at other offenders in this area).
We have a real situation on our hands. Compliance professionals are out there in the real world trying to promote ethics and compliance programs. And they often need help in benchmarking their programs against others, but more importantly identifying new and helpful strategies and approaches to typical issues.
Most of what I read in the ethics, compliance or governance space is not helpful. It is filled with platitudes, general principles and no real world application. That is a real deficiency in this important time in compliance.
Let me give you an example of what I mean.
Take the issue of a risk assessment. I have seen so many articles written in this area that have literally no practical application or restate the obvious using new and creative language.
Put yourself in the position of a new chief compliance officer who is working on his or her own, has a limited budget and is getting started on the compliance program. The CCO needs a risk assessment and is not going to waste $150k to have some smarty-pants, overpriced organization (the 4 of whom will remain nameless) to conduct a risk assessment and tell the CCO what he or she already knows.
The challenge then is to provide practical advice to the CCO in this situation so that the company can say they conducted a risk assessment and tailored the compliance program to the risks. If I were he CCO, I would interview the business people myself (not too many), read about the business, and then fill out a spreadsheet with each risk and my observations and conclusions and relative risk-ranking. That is a great solution and one, if documented, that should pass muster if the company gets in trouble.
To make my point, can anyone point to a real article that would help this CCO? No, I doubt it.
There are other examples where writers are not willing to get into the weeds, consider all of the details and then write something that would be practical and helpful. That is my complaint for the day. I may be missing the point (which happens all too often) but there has to be some truth to my observation.
To all those who write in this space, let’s do a better job of supporting and helping the compliance professional with real and practical solutions to day-to-day issues. I will try my best.