The Emperor Has No [Compliance Program]
At the outset, I have to apologize for the title but during my morning bike ride I usually come up with blog posting titles. But moving past the trite title, I have a point to make.
It starts with a hypothetical – a CEO is supposed to introduce a company’s new code of conduct at a company event. Everyone attends – in person or virtually – and the CEO is supposed to lead off the event with a speech about the new code of conduct and reinforce the company’s commitment to live by the new code.
Shortly before speaking, the CEO turns to the CCO and informs the CCO that the CCO should introduce the new code and speak in the CEO’s place. The CCO, of course, follows the CEO’s instruction.
What is the message behind this scenario?
I know it is obvious but this has happened in the real world. The CEO does not understand ethics and compliance and the importance of his or her commitment to compliance. The company’s program, to the extent, it has been implemented will suffer. In fact, I would argue that the compliance program by definition is not effective.
Let me add another indication of a company’s commitment to ethics and compliance.
A new chief compliance officer is hired. During the interview process, the CCO candidate is assured that the company is committed to promoting an independent CCO and compliance function. The CCO believes the representations and takes the job.
On the first day of the new job, the CCO shows up and after preliminary paperwork and orientation is taken to his/her new office – on the fourth floor, 12 floors away from the C-Suite, where the CEO and senior executives are located.
What is the message behind this scenario?
I know it sounds shallow but there is a point here. A CCO is either a part of the senior executive team or is not – anyone who thinks there are gradations here of acceptable solutions to this issue is deluding themselves. The location of a CCO’s office and standing in the corporate ladder is a critical reflection of the CCO’s role in the company, and ultimately the influence that the CCO will have in the company.
Let’s consider another scenario.
A CCO reports quarterly to the company’s audit committee. The CCO has been pushing for additional staff to implement a comprehensive third-party risk management program. The CCO’s request has been resisted by the CEO and the Chief Legal Officer (CLO) because of other competing needs. The CCO believes that the request is imperative.
During the Audit Committee meeting, the CCO provides a quarterly review of relevant ethics and compliance program topics. The CCO brings up the issue and the CEO is quiet during the discussion. At the close of the presentation, the Audit Committee enters into executive session with the CCO. The Audit Committee chair asks the CCO if there are any issues to discuss. The CCO replies that there are no issues to discuss.
What is the message behind this scenario?
CCOs are under pressure in the corporate world to “go along to get along.” But a CCO who is not comfortable to bring up significant issues with the Audit Committee, when necessary, is not maximizing his/her ability to improve the company’s ethics and compliance program.
While there are other ways to solve this problem, such as informal discussions with the Audit Chair or other possibilities to secure the resources needed for compliance, the scenario sets up a situation where a CCO does not use all of the available tools to solve a specific problem. A CCO has to speak up, while balancing political factors in the corporate governance world. There are a number of ways to accomplish compliance objectives, and CCOs have to use creative strategies to get what they need.
These scenarios highlight ethics and compliance omissions. Each of the scenarios reflects potential weaknesses in the compliance program. When you add them up, or even consider the implications of each one by themselves, the company’s compliance program is likely not to be effective.
1 Response
[…] Read Full Article: The Emperor Has No [Compliance Program] – Corruption, Crime & Compliance […]