Resources, Resources, and More Resources – The True Test of an Effective Ethics and Compliance Program
An effective ethics and compliance program depends on the Chief Compliance Officer’s authority, independence, and resources. A company’s commitment to a compliance program requires money and employees – there is no question that words of support, organizational status in the C-Suite and a robust board reporting relationship are all important. However, all those elements are important but, in the end, those principles mean relatively little if the compliance program does not have adequate resources.
It is too easy to tell the CEO and the board that they have to put their money where their mouth is. Instead, a CCO has a responsibility to demonstrate that he/she is using resources efficiently, coordinating and leveraging those resources with related functions, and providing compelling justification for resources.
Compliance surveys consistently show that CCOs are suffering from a lack of resources. By definition, these compliance programs fail to meet the effectiveness standard and the company is at risk. A 2017 Deloitte Survey reported that compliance teams “remain relatively lean.” (Here)
Nearly three quarters (73 percent of respondents) reported having fewer than 20 full-time resources (or equivalents) to design, implement and maintain the compliance and ethics program. Half of respondents indicated a compliance team of less than five full-time resources; nearly a quarter had 6 to 20 full-time employees, while 21 percent manage a team of more than 20 employees.
Consistent with the relatively small compliance teams, the budgets for compliance functions, including people, processes and technology, are also lean. Approximately 60 percent of the respondents reported a total budget of less than $5 million. Nearly a third had budgets of less than $500k, while 11 percent had budgets between $500k and $1 million, and 16 percent had budgets between $1 million and $5 million. Almost half expect their budgets to increase.
Corporate boards and CEOs have to commit to their ethics and compliance program. Nickle and diming a compliance program is the equivalent of death by a million cuts. Directors and CEOs are acting irresponsibly when they underestimate the importance of ethics and compliance programs. Many directors and CEOs continue to cling to the narrow view that compliance programs are important solely to keep the company from getting into trouble.
This narrow perspective is reflected in a failure to devote adequate support to the compliance function. Once established, a compliance program rarely increases significantly in size. Unfortunately, companies do not focus on ethics and compliance unless and until they are subject to a government investigation and enforcement action. Under the threat of government enforcement, companies then make the commitment to ethics and compliance with resources and priorities.
It is difficult to understand why corporate leaders continue to ignore ethics and compliance. In the absence of government mandates, most companies will not devote adequate resources to support their compliance programs. I am convinced that unless corporate leaders dedicate more attention to ethics and compliance, the government will eventually mandate ethics and compliance program requirements in response to the next set of corporate scandals.