There are many ways to define compliance management success. A declination by the US Department of Justice (DOJ) or Securities and Exchange Commission (SEC) in an investigation context is the absolute measure. In most cases this happens only after the government’s detailed review of an organization’s compliance program, and the investigators’ conclusion that the bad act was isolated and not indicative of systemic issues. A program that survives this high level of scrutiny is a success by any measure – at least at that point in time.
Yet, if a company has not been subject of such an investigation, how can CCOs ensure that their established compliance programs are effective? How can CCOs guarantee that the company’s compliance processes can redeem corruption acts committed on its behalf? These considerations are best addressed as one takes on the CCO role, but it’s actually never too late to improve. In the author’s experience (former CCO, GC and Big 4 compliance consultant) there are certain steps that a CCO can take to fulfill these ends. This article aims to pave the road for CCOs to achieve compliance management success.
As the Chief Compliance Officer (CCO) initially implements a compliance program, it is possible to be objectively successful: Steering the organization from an initial risk assessment through the creation of related policies and protocols, conducting training and otherwise working towards putting in place the component parts of the applicable compliance standard(s) (e.g. Foreign Corrupt Practices Act, US Sentencing Guidelines, UK Bribery Act etc.). However, success is harder to measure in a day to day context. Objective measures may be difficult to establish – either internally or through benchmarking, beyond the obvious completion of a given compliance project such as personally training all members of a high risk group (and establishing good working relationships in the process.)
But more holistically, given the demands of, and stress associated with, the CCO role, there is a gratifying element of success to be found in managing a dynamic, operationally oriented program that is: (a) focused on substance; and (b) not spending undue time on the “little stuff” – the more mundane aspects of program management (e.g. identifying who still needs to take what training.)
Compliance management success can thus be achieved by following four steps/guidelines that will give CCOs just that gratifying element to be head of a focused and dynamic program, tailored to achieve risk assessment, screening, training and reporting all at once. These steps encompass:
- Defining certain key terms – Positioning the compliance role
- Collecting information outside office walls
- Preparing for foreseeable challenges
- Fostering a “Culture of Compliance”
Each step should act as a guideline for the work process of every CCO to achieve compliance management success and thus ensure that their companies stand the test of a DOJ or a SEC investigation. In next week’s article the author looks at the first step on the path of achieving compliance management success by dealing with how a CCO can ‘define key terms’ and ‘position the compliance role’.