Day: February 19, 2025

We continue exploring what the Trump Administration’s suspension of FCPA enforcement means for the compliance professional. Hui Chen has suggested that this is an opportunity for compliance, but to do so, “It’s time to up your game . . . Instead of selling insurance for FCPA enforcement, become leaders that help your organizations perform.” Based upon this prompting from her, I am writing this week on issues that compliance professionals can use to ‘up their [compliance] game so that when the questions come from your senior executives or Board of Directors come down about your compliance program, you will be able to point to clear business advantages to doing business ethically and in compliance.

Today, we consider how a chief compliance officer (CCO) or compliance professional can personally up their leadership game and move their compliance program to a more collaborative and integrated business function. The shift is driven by changes in corporate power dynamics, new values that prioritize transparency and collaboration, and an increasing emphasis on engagement with business units. In their Harvard Business Review article, Understanding “New Power,” Jeremy Heimans and Henry Timms explore how leadership models change. I have adapted their insights for Chief Compliance Officers (CCOs) and compliance practitioners who seek to enhance their function’s role within an organization.

The Shift from Old Power to New Power

Heimans and Timms describe the transition from “old power” to “new power” as a shift in the models used to exercise power and the values organizations embrace. Traditional compliance programs often operated under old power models, centralized, top-down structures that relied on authority and rigid governance. In contrast, new power models emphasize distributed, collaborative, and participatory leadership.

1. Sharing and Shaping. In this new era under Trump, companies increasingly engage stakeholders, including employees and supply chain partners, in shaping compliance strategies. This shift recognizes that compliance is not just about adherence to regulations but about embedding ethical considerations into everyday decision-making. Companies that actively solicit input from their workforce and external partners create stronger, more effective compliance cultures.
2. Organizations are using creative financial structures to embed compliance into business operations rather than treating it as a standalone cost center. Instead of viewing compliance as an overhead expense, forward-thinking businesses integrate compliance into investment decisions, allocate resources for proactive risk management, and leverage compliance to drive operational efficiencies and innovation.
3. Employees and third-party stakeholders actively contribute to compliance initiatives rather than passively following directives. This participatory approach ensures that compliance is not merely a function of the legal or risk department but is embraced across the organization. Companies encourage employees to report issues, contribute to compliance improvements, and take ownership of ethical behavior.
4. Co-Ownership. Compliance is decentralized, empowering employees at all levels to take ownership of ethical behavior. When employees and third parties feel personally responsible for compliance, adherence to ethical standards becomes more organic. Businesses that create opportunities for co-ownership in compliance initiatives through peer-led training, employee-driven reporting mechanisms, and cross-functional ethics committees build a more resilient ethical culture.

This shift makes compliance less about enforcing rules and more about embedding ethical business practices into the corporate culture. Organizations that embrace new power structures are better positioned to handle complex regulatory environments, foster innovation, and build trust among employees, customers, and stakeholders.

New Compliance Values: A Guide for Leadership

Beyond structural changes, Heimans and Timms identify new values that organizations must embrace to remain effective. These values directly apply to compliance professionals, who must ensure compliance is embedded within the organization’s broader culture and governance structures.

• Decision-making is becoming more informal and network-driven, requiring compliance professionals to work across functions. Instead of a strict top-down enforcement model, modern compliance programs emphasize collaboration across departments, ensuring compliance is seamlessly integrated into everyday business activities.
• Compliance programs must reward those who share best practices and improve existing compliance structures. Organizations that foster a collaborative compliance culture encourage employees to speak up about risks, participate in ethics initiatives, and help improve compliance processes.
• Do It Ourselves (DIO). Employees expect to participate in ethical decision-making rather than be dictated to by top leadership. Empowering employees to take initiative in compliance—whether through peer-led training, ethics committees, or compliance ambassadors—creates a more engaged workforce and a stronger culture of accountability.
• Organizations must foster open communication about compliance issues, internally and externally. A transparent compliance program builds trust with employees, investors, and customers. Companies that proactively disclose compliance efforts, encourage whistleblowing, and provide clear guidelines for ethical decision-making strengthen their credibility and resilience.
• Younger employees are less likely to maintain long-term relationships with institutions, making an agile and adaptive compliance function essential. Compliance teams must develop dynamic and engaging strategies to connect with employees, including leveraging technology, social media, and innovative training programs to maintain engagement and adherence to ethical standards.

To succeed in this environment, compliance leaders must embrace these principles and adapt their approach accordingly. Compliance functions prioritized engagement, empowerment, and innovation will be better equipped to navigate the complexities of modern business environments.

Three Steps for Engaging Compliance Leadership

To fully integrate compliance into business strategy, CCOs and compliance practitioners should consider three key actions:

1. Assess Your Role in a Changing Power Environment

A compliance risk assessment has traditionally focused on external threats, but today’s CCOs must also assess their function internally. Where does your compliance program stand on the power spectrum, and where do you want it to be in five years?

• Conduct an internal assessment to evaluate how compliance is perceived across departments.
• Benchmark against industry leaders and best practices to identify areas for growth.
• Engage in strategic conversations with executives and employees to understand their compliance expectations and challenges.
• Develop a vision for the future of compliance in the organization, ensuring alignment with business objectives.

Organizations can proactively identify gaps and opportunities to enhance their compliance function by assessing compliance through a broader lens.

2. Incorporate Business Unit Interests (The UX)

To be effective, compliance should not operate in a silo or, as Carsten Tams continually reminds us, “It’s all about the UX.” Business units should have a voice in shaping compliance policies. This means:

• Conduct honest conversations with employees and leadership about compliance’s impact on business operations.
• Soliciting feedback from business units before imposing compliance requirements.
• Recognizing compliance as a business enabler, not just a risk mitigation function.
• Encouraging cross-departmental collaboration on compliance initiatives.

As Heimans and Timms note, introspection and engagement must precede any investment in compliance initiatives. Organizations that fail to engage business units in compliance discussions risk resistance, non-compliance, and inefficiencies.

3. Mobilize Compliance Capacity Across the Organization

Compliance leaders must proactively engage third parties and business ventures, such as joint ventures and supply chain partners, to extend compliance influence beyond internal teams.

• Establish compliance training programs tailored to third-party vendors and supply chain partners.
• Implement robust third-party due diligence processes to ensure compliance throughout the supply chain.
• Develop reporting mechanisms that allow external partners to flag compliance concerns.
• Build alliances with industry groups and regulators to stay ahead of evolving compliance trends.

For example, compliance expert Mary Jones, former Director of Compliance at Global Industries Ltd., emphasized the importance of training third parties. She traveled to supplier locations to conduct in-person compliance training, fostering stronger relationships and enhancing compliance effectiveness. This proactive approach strengthened Global Industries’ compliance function and positioned their suppliers as allies in the compliance journey.

A successful compliance function does more than enforce rules; it builds a network of ethical partners who actively support compliance objectives.