In Defense of Compliance Checklists
Compliance officers have to avoid complicating a compliance program. As in many areas in life, there is a value in simplicity.
Take for example a compliance training presentation. If a compliance officer overwhelms his/her audience with legal mumbo jumbo, you can rest assured that no one will retain anything and the training program will not be very successful.
On the other hand, if a compliance officer presents a training program that is relevant, uses examples that employees often encounter, and is kept simple from a legal standpoint, the compliance officer’s training session is likely to be effective.
Compliance officers have to engage the business and they have to build a successful working relationship with the business. It can be the determinant of an effective ethics and compliance program. After all, the front lines of business operations are an important area where compliance has to occur.
Chief compliance officers have to be creative in reaching out to business partners, learning to work with them, and to convince them of the importance of compliance controls. In doing so, I always encourage compliance officers to develop strategies and procedures that minimize the burden on business managers and employees.
If a compliance officer can persuade the business side to take responsibility for compliance, compliance officers should develop simple checklists and other mechanisms to support the business. For example, the CCO could prepare a checklist for the onboarding of a new third party under the company’s due diligence policy, or a checklist for sponsoring a government official’s trip to company headquarters for product marketing and demonstration sessions. In these cases, the CCO can make the process transparent to the business managers and employees and provide them a clear and concise tool they can use to ensure that they follow company compliance tools.
This is an example of what some call the “win-win” strategy for operationalizing a compliance program. From the compliance perspective, the CCO has provided a tool that the business can use to make it easier for the business to comply with a specific compliance policy and procedure. Conversely, from the business side, the CCO’s tool facilitates compliance from the business side by translating a corporate policy and procedure into a more accessible format – a checklist.
We all use checklists in one way or another for organizational purposes. A checklist sometimes helps individuals to understand an otherwise complex procedure and encourages compliance because of the apparent simplicity of the checklist (assuming it does not consist of 100 items).
To be clear, I am not suggesting that a compliance program should be watered down into checklists; however, I am suggesting that a checklist can be used as a means to facilitate compliance with a procedure by simplifying the steps for compliance. A checklist can be a valuable tool to supplement a compliance program, and build bridges with the business side of the company.
Compliance depends on a company’s business taking responsibility for compliance functions. If compliance is viewed solely as the province of a compliance department or a legal department, the likelihood of success is remote. When a business embraces compliance, the company wins and ethics and compliance is enhanced.