Operationalizing Compliance: Part 5-Overwhelmed, yet?

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. Over this series, I have visited with Jennifer May, Director of Compliance Advisory; Taylor Edwards,  Director of Sales; Xinia Pirkey, Design Manager; Alex Klingelberger, Chief Executive Officer (CEO) and Jaycee Dempsey, Director of Customer Success. We consider a variety of ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer and how to avoid being overwhelmed. In our Part 5 conclusion, I am joined by Taylor Edwards to discuss how compliance professionals can prevent from being overwhelmed by all of ‘this’.

Compliance professionals can be overwhelmed by all the information coming out of the regulators such as the Department of Justice (DOJ) and Securities and Exchange Commission (SEC). In 2022, this included the Monaco Memo and several major Foreign Corrupt Practices Act (FCPA) enforcement actions. Edwards suggested starting from the position of “how does that apply to me?” From there you can “get real with yourself about where things may not be perfect, but also provide insights into where you can start to work on your program.” He added that the key is “recognizing that it’s OK not to have a perfect program.” What the DOJ wants is for you to assess your own program, spot the weaknesses, rank them and then remediate your ranked list going forward. Edwards concluded; you should determine “what’s the next one thing I can work on? Sometimes it’s a matter of taking small baby steps, but just recognizing that there are needed to be taken.”

One of the key components of the Monaco Memo was the cementing of corporate culture as a factor the DOJ would evaluate in any enforcement action. This formalized the remarks made by Deputy Attorney General Monaco in October 2021. Edwards maintains that a “big aspect of this is the listening function of an organization.” He will often engage a client with the questions about listening, “Have you done any listening within the organization? Have you surveyed, have you had a focus group? Have you had some kind of forum for employees? Have you gathered or crowdsourced any of that from within the organization?”

Unfortunately, that answer is often no. Edwards believes that if you recognize the need to understand and to work within the landscape of your company culture, you must  accept the fact you will be required to do a better job of getting out into the business and understanding what the culture looks like outside of the corporate compliance office. He added, “listening plays a huge role.” Having conversations “across different parts of the business help inform not only your understanding of the culture, but then how you can go in and influence it for the better, influence it to be more ethical and compliant.”

We then turned to the DOJ’s 2020 Update to the Evaluation of Corporate Compliance Programs mandates around risk assessments, which move from biennial or even annual risk assessments to risk assessments when your risks change. This is a key area where compliance professionals often feel overwhelmed. Here Edwards suggested taking ‘bite sized or small chunks” to improve your program. Edwards pointed to training as the DOJ has moved far beyond the prior metric of completion rates.  He said, “if you are focused on a 100% completion rate and that is the outcome you’re trying to achieve, then your focus will be on a Learning Management Systems tool that allows you to easily assign modules to a 100% of your workforce. However, if the outcome you are really focused on is compliance, good behavior, making sure that laws and regulations do not get breached, then your focus should be how do I influence behavior as opposed to having a hundred percent completion rate?”

This means you need to emphasize the behavioral element. You can start to do things like “monitoring, which can seem overwhelming for a lot of groups, and it typically gets underinvested in.” But if your focus is on the prevention aspect, then you need to “go out there and see what people are doing wrong currently so you can an address it and stop it.” This can be down with a process mindset; “on a risk-by-risk basis, on a task-by-task basis or a on a process-by-process basis where you peel back the onions of the organization to see if there are any potential pitfalls in our current process.”

The bottom line is there are a variety of approaches you can take to move your program forward. The key is to identify your program weaknesses and begin the remediation process.

For more information go to TheBroadcat.com

Leave a Reply

Your email address will not be published. Required fields are marked *

What are you looking for?