Directors should focus on three core areas to help establish and maintain an effective compliance program: structure, culture, and risk management.
Structural questions. This area consists of questions that will aid in determining the fundamental sense of a company’s overall compliance program. The questions should begin with the basics of the program through to how the program operates in action.
Cultural questions. This area of inquiry should focus on the organization’s culture regarding compliance. Board members should understand what message senior management and middle management communicate. Equally important, the Board needs to understand what message is being heard at the lowest levels within the company.
Risk management questions. Board members need to understand the company’s process being used to identify emerging risks, their evaluation, and management. Such risk analysis would be broader than simply a compliance risk assessment and should be tied to other broader corporate matters.
Three key takeaways:
- A Board of Directors should inquire into the structural component of the compliance program as it will aid in determining the fundamental sense of a company’s overall compliance program.
- Cultural questions should be asked to understand what message is being communicated by senior and middle management.
- Risk management questions should be asked to understand the company’s process being used to identify emerging risks, their evaluation, and management.