Corporate Board Responsibility for Compliance
You can talk all you want about the importance of “tone-at-the-top.” People use that term all the time and everyone nods their heads in agreement. But what is the “top”? Is it the CEO? Is it the senior executives? Is it the corporate board? Is it the Audit/Compliance Committee?
In my mind, there is only one mountain top in a company. The buck ends at the corporate board. It sounds like a profound grasp of the obvious. But there is a lot of nuance to this issue.
What is corporate board’s responsibility, and what should it be, for overseeing and monitoring the ethics and compliance program?
The law in this area is going to change. Trust me on this. Change is coming and it should be very interesting. We are in for a confluence, or a “perfect storm,” on board governance.
We have important court cases winding through the courts involving significant corporate misconduct that occurred on the board’s watch – Wal-Mart, Petrobas, Bank of Nova Scotia and others. We have greater emphasis being placed on corporate ethics and compliance programs – from the private sector and from the government. And we have congressional interest in corporate governance, compliance meltdowns and misconduct. Shareholders, pension funds, and other stakeholders are bringing more derivative actions challenging board governance.
In this situation, corporate leaders are – and should be – interested in enhanced oversight of corporate ethics and compliance. It is the inevitable end product of a ground swell of interest in promoting ethics and compliance functions. Some might say it is about time.
The new era of responsibility will be pinned to the fiduciary duties required of corporate directors. A director is required to exercise a basic duty of care, which requires a director to act in good faith with the care an ordinarily prudent person would exercise under similar circumstances.
This duty requires a board member to exercise proper oversight of the company’s compliance system. In addition, the duty of care extends to reasonable inquiries of management to obtain information necessary to satisfy their duty of care. No one disagrees with these concepts. A director cannot just sit back and operate as a passive receptor of compliance information.
Courts have been reluctant, however, to second guess board members who have followed a careful and thoughtful process in their oversight activities. The courts look to whether the board has had access to sufficient information and asked appropriate questions.
Courts, policymakers and legislators are focusing on board responsibility for oversight – the exercise of reasonable care to ensure that corporate actors carry out their management responsibilities and comply with the company’s code of conduct and the law.
A director has a duty to exercise good faith to ensure that corporate information and reporting systems exist, and that the reporting system is adequate to ensure that the board has appropriate information as to compliance. The amount of information reported to the board will depend on the specific circumstances.
The level of oversight is likely to be heightened in the next five years as corporate scandals are dissected in shareholder litigation and political reviews. The Wal-Mart case is a perfect example, in hindsight, of the failure of a board to exercise reasonable inquiries. It is the classic head in the sand case that will turn the law in this area on its head.
When that happens, there will be many who cry foul and challenge the heightened expectations of corporate boards. But with great power, as they say, comes great responsibility (sorry to use a Spiderman/Voltaire reference). A new era of corporate board responsibility is beginning and no one can slow it down – there are too many forces pushing corporate boards for more and better performance. If the tone really begins at the top – the corporate board – then the responsibility rests with the board as well.