Author: admin

Perhaps the most prescient comment I heard during the height of the pandemic came from Jed Gardner, Group Director of Transformation at Linedata, which was that we have moved from disaster recovery to business continuity to business as usual. It appears that not only was the comment correct but now we are moving in the business world from crisis to crisis to crisis. This month’s Harvard Business Review magazine dedicated its Big Idea Series to the topic of crisis. Over this short week I am exploring what this new reality means for the compliance professional. Yesterday we looked at compliance as a trip wire to alert businesses a crisis is on the horizon, through the article A New Crisis Playbook for an Uncertain World. Today we look at cultures that are built to sustain during a crisis.
Our starting point for today is the article, Building a Culture That Can Withstand a Crisis by John E. Katsos, Jason Miklian, and Patrick L. McClelland. This article is based upon an interview the authors did with Alice Laugher, the head of Committed to Good (CTG), a private company founded in Afghanistan and based in Dubai, that provides specialist staffing and logistics to the humanitarian community. Since the company’s founding in 2006, its clients have included most major humanitarian organizations; it now operates in 26 countries. In 2019 Laugher was awarded the prestigious Oslo Business for Peace Award. In the article, the authors visited with Laugher on “what she and her team have learned about uncertainty through working in crisis zones, and how this might help managers new to the type of crisis leadership our tumultuous time requires.” It turned out she had some very interesting insights for the compliance professional to help a company in times of crisis.
1.When a New Crisis Appears
The most current crisis CTG is facing is in Afghanistan. Here Laugher said, “We navigate a new normal every day. The situation, the rules, the regulations, and the needs of the local population shift constantly. Can you imagine running a business in a place where banks are not operating? Or where corporate accounts are frozen? There is still active fighting and hostility in parts of Afghanistan where we have staff. How do you deliver salaries and make payroll to thousands of employees scattered across the country in such an environment? When the Taliban took over, we were forced to reevaluate our core objectives, achievements, and progress.” She said it “test[s] how strong our relationships with our staff, clients, and partners really are. We ride the waves together. It’s as simple as that. We share the same goal: to build humanitarian projects so that aid can get to the people who need it no matter the danger or challenge involved in getting it there.”
Compliance Lesson
Everyone in your compliance function must be on the same page. If an ethical issue arises, everyone must know what the corporate response should be; that is, we will only do business ethically and in compliance with not simply our policies and procedures but our culture and mission. So, are you communicating that message? Here I recall Louis Sapirman when, when he was Chief Compliance Officer (CCO) at Dun & Bradstreet, used the phrase Do the Right Thingto communicate the culture and values of the organization as it navigated a Foreign Corrupt Practices Act (FCPA) enforcement action. Does your compliance function and indeed entire organization have such a succinct, forceful and clear statement of culture values?
2. Uncertainties During a Crisis
When asked about dealing with uncertainties during crisis, Laugher said, “Each country is radically different, but preparation goes a long way everywhere we operate. You have to navigate local laws, some of which may be unpublished. In one country, the tax law is from 1921, so it certainly cannot be found easily and downloaded from the internet! And meeting tax obligations — something that is considered a back-office task — has much more serious consequences in conflict zones.”
Compliance Lesson
Here the lesson is you must have local compliance support ready and able when called upon by the business team or the greater organization. If you cannot have your compliance team embedded in high-risk areas, you should have local compliance assets trained to provide such support. A Regional Compliance Committee can be of great assistance here as they will have an ear closer to the ground. Indeed, Laugher noted, “it’s so important to have local staff members as part of your core team. They can help navigate the nuances and sensitivities of their country, and they have a deep understanding of their environments, a level of insight that can’t be matched by outsiders no matter how much research they do.”
It’s Really About Culture
Laugher believes that the culture at CTG drives the entire organization. She stated, “We have a culture that encourages people to go the extra mile because of the value of the work that we are enabling. We believe in what we are helping to deliver. Our people share a fundamental desire to make a difference and help those in need. Everyone trusts that we will jointly make the right decision for security and safety based on local knowledge and information, while still getting the job done. CTG is not a “look to the CEO for the answer” culture. I don’t pretend to have all the answers. Instead, we work together to find solutions to complex problems.”
Compliance Solution
Once again you have to drive your compliance message throughout the organization. Even when you do not have the answer immediately, compliance should be seen as a function to go to when you need to solve a problem. This is not simply being Dr. No from the Land of No but affirmatively being seen as a business enabler. As Laugher stated, “We embed it in everything we do.” As a CCO you should do so as well.
4. The Speed of Change
Covid-19 highlighted the speed of change. In literally a few days, companies had to figure out how to do business remotely, literally across the world. CTG was no different. How are you going to respond to the speed of a crisis, such as one that might damage your organization’s reputation in literally days across the world? Laugher said, “We have several plans of action as part of our day-to-day business in each country. Nonetheless, a lot of times our emergency plans do have to be used. So, we must remain versatile at both the local and leadership levels, and our culture and the trust we have in our team approach are essential.”
Compliance Lesson
Long term preparation is the key. Not only should you have plans in place, but have you cultivated and built relationships? Do you have relationships with the local, regional and state communities you are working, do you have relationships with both your outside sales agents and Supply Chain vendors who all may well be a part of the solution you need to have to activate? But building those relationships take time, effort, and care. You cannot start during the throes of a crisis; you must do so now.
The bottom line that the time to prepare for a crisis is now. Learn to work together as a team. As a CCO you will have to rely on your entire compliance team, from the most junior to the most senior. Know everyone and everyone’s role before crisis hits. Know who your key resources and assets will be throughout your company if you need to call upon them. Built up that trust with internal and external stakeholders.

Perhaps the most prescient comment I heard during the height of the pandemic came from Jed Gardner, Group Director of Transformation at Linedata, which was that we have moved from disaster recovery to business continuity to business as usual. It appears that not only was the comment correct but now we are moving in the business world from crisis to crisis to crisis. This month’s Harvard Business Review magazine dedicated its Big Idea Series to the topic of crisis. Over this short week I will be exploring what this new reality means for the compliance professional. We begin with the article A New Crisis Playbook for an Uncertain World by John E. Katsos and Jason Miklian. As we enter a period of unprecedented instability, is your compliance function prepared?
The authors begin by identifying what makes us now in essentially permanent crisis but as Gardner reminds us, it’s just business as usual. They state, “Today we stand at the precipice of not one but three converging and potentially catastrophic long-term trends: climate change, globalization, and growing inequality.” Given the political instability of America and much of the world, these will only get worse. Moreover, because of this political instability, corporate America has been forced to take the lead in providing solutions to these crises. But one type of crisis can initiate several other types of crises, so “the Covid-19 pandemic, for example, was not just a health crisis but an economic and political one as well.”
Last year we saw increased pressure on compliance functions to speed things up, disregard existing controls for the sake of expediency and move to doing business with a wide variety of third parties, both on the sales side and in the Supply Chain that were not fully vetted through standard due diligence. The Department of Justice (DOJ) responded to these developments in a very clear manner, do not forsake your standard controls for the sake of expediency. If you do and the resulting conduct violates the Foreign Corrupt Practices Act (FCPA) or other federal law, standard or regulation, your organization will not be able to use the excuse that it was an unprecedented crisis.
What the authors found was that “the red-flashing danger signals were always apparent to anyone reading the local news or talking to local people.” Yet almost all companies were “trying to do what they thought was the right thing. But the ones that both survived and thrived had more than good intentions or strong leadership.” Most interestingly, the single most important tactic for every company was to employ a tool long used by every successful Chief Compliance Officer (CCO) and compliance professional – to listen. Every best practices compliance program has a series of early warning posts which should be monitoring your organization. It could be the hotline, your internal controls, your compliance professionals embedded in business units or it could be your local compliance resources who are not compliance function employees. The authors developed a business playbook for dealing with them that I have adapted for the compliance professional.
Listening Locally
A compliance function cannot do effective strategic risk planning or risk management without understanding your organization’s sociopolitical context. The authors found that companies which “had little engagement with local communities, viewing them merely as sources of consumers or raw materials, were unlikely to outrun upheaval.” This is compounded that when a crisis hits and it becomes economic, leading to layoffs, your information flow is constricted and perhaps resentments arise from arbitrary closings. The key is to build a broad base in such localities, both in your compliance function but also far beyond. This is where both ESG and corporate social responsibility (CSR) initiatives can be critical. Through such initiatives, companies can “build deeper ties with the broader community, because those connections are integral to business survival during crises. This means developing relationships with local leaders within and beyond the corporate world and working across societal dividing lines instead of siloing within the “safest” segment of the community.”
Now think about those same concepts from the compliance perspective. Even if you do not have compliance professionals physically located in all regions, this is where your local compliance champions can be so critical. They can provide you information on a wide variety of topics. You could also consider the Regional Compliance structure I have previously advocated which can put an early warning system in place.
Go Beyond the Government Requirements
If it is one thing the business community has learned over the past few years is that the fractured US government will not show leadership in any meaningful way. While businesses have called for greater government regulation and oversight, most particularly in the tech sector, the government has failed to answer. This was most evident in the Business Roundtables Statement on the Purpose of a Corporation where businesses advocated a broader view of stakeholders than simply shareholders. Of course, the Trump Administration laid down regulations that were clearly anti-ESG, even with all business concerns supporting ESG.
This means businesses may well have to go beyond the basic legal requirements. This is even more important in the age of social media which can amplify any corporate misstep that becomes a public controversary. Witness the reputational damage to companies when their supply chains are found to include forced labor or modern slavery of employees. For the compliance professional, it also means going beyond the local government where you might do business. If the port authority where you are bringing goods in continually demands bribes for unloading of equipment, you can engage with a higher level in that country.
Make Principled Choices
Most interestingly, the authors found that the third key step was to “not be afraid to take principled political stands.” They found that “firms tend to thrive when they make consistent choices and communicate them clearly, even if a segment of the population disagrees with them.” They pointed to “the case of the American yogurt company Chobani in the highly polarized United States.” While the company was criticized for hiring immigrants and supporting others in immigrating to the US, it continued to do so because it was not only the right thing to do, it was good for the business. It improved morale and brought a hard-working class of employees into the organization.
This would seem right in the wheelhouse of the compliance professional. Think of institutional justice and institutional fairness. Not only did the DOJ announce in the 2020 Update to the Evaluation of Corporate Compliance Programs that the CCO and corporate compliance function is the keeper of institutional justice within an organization but the social justice movement over the past 18 months have made clear that employees expect the same inside of an organization. Witness the current imbroglio of Activism. Even with a CCO who criticized internal company employee whistleblowers, numerous employees stepped forward with information about the toxic culture of the company, through specific instances of discrimination and harassment.
Many compliance professionals are currently engaging in these steps. However, they may not be thinking about them as early trip wires for the next crisis. With the further admonition from the DOJ in the 2020 Update to the Evaluation of Corporate Compliance Programs that the compliance function must have access across all the data lakes within a company, CCOs and others may be the most uniquely suited corporate functions to help be ready for the next crisis.