The Trump Administration has suspended FCPA enforcement for the foreseeable future. What does that mean for compliance professionals? Hui Chen has suggested that this is an opportunity for compliance, but to do so, “It’s time to up your game . . . Instead of selling insurance for FCPA enforcement, become leaders that help your organizations perform.” Based on this challenge by perhaps the most imminent compliance commentator, I am devoting this week’s blog posts to ways compliance professionals can indeed up their collective game. Today, we explore how effective compliance can help lead to greater business resiliency.
Resilience must be a core feature of every corporate compliance program. The reason is simple: compliance programs will inevitably face crises in today’s volatile and uncertain world. It could be from the Trump Administration’s suspension of Foreign Corrupt Practices Act (FCPA) enforcement, a natural disaster disrupting operations, the discovery of human rights abuses within the supply chain, activist shareholders pushing for corporate change, or new competitors leveraging technology to upend an industry. Recent history has shown us that global pandemics and social justice movements can also emerge to reshape the business landscape overnight.
In their article “6 Types of Resilience Companies Need Today,” Paul Polman and Andrew Winston explore how multinational corporations like Unilever have built resilience through both traditional and innovative strategies. Their insights offer valuable lessons for Chief Compliance Officers (CCOs) and compliance professionals seeking to fortify their organizations against future challenges.
Traditional Foundations of Corporate Resiliency
Polman and Winston highlight three traditional building blocks of corporate resiliency: financial flexibility, portfolio diversity, and organizational agility. These elements are critical in preparing companies for sudden shocks and long-term crises.
For compliance professionals, this means ensuring that the business remains functional during disruptions by embedding compliance within these foundational areas:
- Financial Flexibility: Compliance contributes to financial stability by preventing costly legal issues, regulatory fines, and reputational damage. Strong compliance programs also help organizations maintain favorable relationships with investors, regulators, and business partners.
- Portfolio Diversity: Just as businesses diversify revenue streams, compliance must diversify its approach to third-party risk management. This includes thoroughly vetting sales agents, distributors, and supply chain vendors to mitigate exposure to compliance failures.
- Organizational Agility: Compliance agility allows teams to respond rapidly to emerging risks. By fostering real-time feedback from regional offices, compliance professionals can identify potential problems before they escalate into crises.
A resilient compliance function helps businesses survive crises but positions them to recover more effectively.
The Net-Positive Approach to Resilience
The authors emphasize that true corporate resilience goes beyond surviving crises. It involves creating a long-term, crisis-resistant organization that benefits all stakeholders. They advocate for a “net-positive” company model that seeks to improve the well-being of everyone it touches through its operations, value chain, products, services, and influence. This concept aligns closely with the goals of corporate compliance programs.
Purpose-Driven Compliance
Companies that understand their purpose and integrate it into their operations are more resilient in times of crisis. Purpose-driven organizations don’t see compliance as a regulatory obligation but as a strategic advantage. Compliance professionals reinforce this purpose by embedding ethical business practices into corporate strategy.
The Business Roundtable’s Statement on the Purpose of a Corporation emphasizes stakeholder engagement beyond shareholders. Compliance can advance this vision by aligning business operations with ethical principles, incorporating feedback from employees, customers, and suppliers, and reinforcing a corporate culture of integrity.
Aligning compliance controls with the COSO 2013 Framework for Internal Controls helps build a strong ethical foundation, ensuring compliance is woven into the company’s operational backbone rather than treated as an afterthought.
Trust: The Cornerstone of Compliance
Trust is an absolute necessity for any compliance program. Internally, trust is built through institutional fairness, due process, and a commitment to ethical leadership. However, compliance must also extend trust-building beyond the organization, fostering transparent relationships with external stakeholders.
Modern compliance programs must embrace a level of transparency that many organizations have historically resisted. This includes proactively disclosing compliance efforts, engaging in open dialogue with regulators, and embracing external scrutiny. Polman and Winston note, “Transparency is a great tool to ensure consistency and engender trust. Rather than rebelling against tough questions and pressure, business leaders should embrace and use them to build a stronger organization.”
By fostering a culture of transparency and accountability, compliance teams can help their organizations navigate crises with credibility and resilience.
Engaging All Stakeholders in Compliance
Compliance is traditionally seen as a back-office function, primarily engaging with internal departments and regulators. However, leading companies are increasingly expanding compliance’s role to include broader stakeholder engagement.
Polman and Winston argue that “net-positive companies build better connections with stakeholders besides employees.” Compliance functions can drive this by engaging customers, investors, supply chain partners, and local communities. This shift aligns with compliance’s growing role in third-party risk management and due diligence processes.
For example, companies that conduct rigorous due diligence on supply chain partners mitigate risk and foster stronger, trust-based relationships with ethical suppliers. Compliance’s role in these engagements ensures that ethical business practices extend beyond corporate walls, creating a network of partners who support the company’s long-term resilience.
The Compliance Function as a Driver of Resilience
When major crises strike, whether compliance-related or otherwise, organizations with resilient compliance programs can respond swiftly and effectively. Polman and Winston conclude, “No company can prepare for every outcome, but these six forms of resilience, put together, can provide a serious buffer. They also allow organizations to work in larger coalitions on the biggest issues, such as climate change and income inequality.”
Compliance functions are uniquely positioned to help businesses anticipate and prevent crises rather than merely reacting. By integrating compliance into the core fabric of corporate resilience strategies, organizations can:
- Prevent crises through proactive compliance risk management
- Build a strong ethical culture that fosters long-term stability
- Enhance stakeholder trust and engagement
- Ensure business continuity in the face of regulatory changes
- Support innovation by creating ethical frameworks for emerging technologies
These strategies are not just compliance best practices but essential components of building a company that thrives in times of change and uncertainty.
The best compliance programs do more than mitigate risk; they build corporate resilience. By aligning compliance with financial stability, organizational agility, and a broader net-positive vision, companies can prepare for the challenges of an unpredictable world.
Compliance professionals should seize the opportunity to lead this transformation, ensuring that their organizations endure crises and emerge stronger from them. In doing so, compliance becomes a function of risk avoidance and a strategic driver of long-term business success.
