Categories
Blog

Lessons in Corporate Governance from the NRA

Corporate governance often shines brightest in times of crisis, and few organizational crises have unfolded as publicly or contentiously as the litigation involving the National Rifle Association (NRA). In a recent Order from the years of ongoing litigation in New York state, the Court mandated sweeping governance reforms, providing a treasure trove of lessons for compliance professionals seeking to strengthen Transparency, accountability, and oversight in their organizations. Regardless of your personal or political views on the NRA, this case underscores universal principles of good governance. Let’s unpack these lessons and explore how they can be applied across organizations of all types and sizes. Matt Kelly wrote about this topic in a blog post, and we explored its implications for compliance professionals in a recent episode of the Compliance into the Weeds podcast.

What Happened at the NRA?

The NRA’s troubles began with allegations of rampant mismanagement under long-time CEO Wayne LaPierre. The New York Attorney General’s lawsuit in 2020 detailed years of financial abuses, including excessive salaries and lavish spending billed to the organization, conflicts of interest, and questionable vendor relationships, held together by a structurally weak board that served as a rubber stamp for LaPierre’s decisions. The fallout included four years of litigation, a jury finding LaPierre liable for abuses, and, ultimately, a court-mandated series of governance reforms designed to ensure the NRA could never again fall victim to such mismanagement.

Key Governance Failures

The NRA’s dysfunction stemmed from several structural weaknesses common to organizations suffering from poor governance. An overpowering CEO, LaPierre, exerted an outsized influence enabled by a lack of checks and balances. There needed to be stronger board oversight, with 76 members. The board needed to be bigger and more cohesive to provide effective governance. A small faction, aligned with the CEO, controlled key decisions. There needed to be more financial controls. This absence of robust controls allowed the CEO to withhold critical information from the board. These issues, while prominent in the NRA, are not unique. Theranos, Wynn Resorts, and countless other organizations have fallen prey to similar patterns.

The Reforms: A Blueprint for Good Governance

Judge Cohen’s final ruling laid out a series of governance reforms that every compliance professional should study and consider incorporating into their organization. The Court strengthened the NRA Audit Committee in various ways. First, the entire board now elects Audit Committee members, ensuring independence. Equally importantly, former audit committee members from 2014 to 2022 are barred from future service to eliminate cronyism.

Board refreshment was given importance. The Nominating and Governance Committee must propose 20 new director candidates annually for five years, injecting fresh perspectives and reducing entrenchment. The Court created a committee on board effectiveness, recommending measures to make the large board more functional, possibly through a smaller, empowered executive committee.

There were significant areas for the compliance function and the Chief Compliance Officer (CCO). The first was a mandate that the CCO deliver an annual report detailing travel expenses, related-party transactions, and whistleblower hotline activity.  This report ensures that the board has visibility into high-risk areas. There was a section on CCO empowerment and protection. The CCO now has employment protections, including a three-year contract and two years’ severance pay if terminated without cause. These measures give the CCO the independence to address risks without fear of retaliation. Finally, there is a mandate for independent oversight, with an external consultant assisting the CCO in developing and implementing governance improvements.

Universal Lessons for Compliance Professionals

The reforms imposed on the NRA are not merely punitive; they are a masterclass in building robust governance frameworks. There are several important points for every compliance officer.

1. Empower Your Compliance Function. An independent compliance officer is a figurehead. Employment protections, direct reporting lines to the board, and clear mandates are essential to ensure the CCO can act as an effective watchdog.

2. Prioritize Transparency. Transparency must be embedded in governance structures. Mechanisms like annual compliance reports provide critical insights into organizational risks and ensure the board has the information needed to fulfill its oversight role.

3. Strengthen the Board. Boards should be diverse, independent, and active in their oversight responsibilities. Critical steps include refreshing board membership and ensuring committees are free from undue influence.

4. Focus on Financial Controls. Weak financial controls are a common thread in governance failures. Organizations should implement robust policies to monitor executive spending, conflicts of interest, and other high-risk areas.

5. Learn (and Use) from Templates The Court Order includes detailed templates for compliance reports, employment contracts, and governance policies. While tailored to the NRA’s specific issues, these documents can serve as starting points for any organization seeking to strengthen its governance practices.

Good Governance Is Universal

Good governance transcends an organization’s specific mission or values. Whether your entity is a nonprofit like the NRA, a public company, or a private enterprise, strong governance principles, an empowered board, Transparency, and accountability remain constant. Judge Cohen’s reforms highlight the importance of building durable structures that withstand the pressures of powerful personalities and shifting priorities. These reforms serve as a reminder that governance is not just about preventing crises but ensuring the organization stays true to its mission.

The NRA’s governance overhaul is a cautionary tale and an opportunity for all compliance professionals. By studying the Court’s findings and implementing similar reforms, organizations can build stronger foundations for accountability and ethical leadership.

In the words of Matt Kelly, “Good governance is a universal principle dependent on building durable structures for transparency and vigorous oversight.” Let this case inspire your efforts to create governance frameworks that protect your organization’s integrity, irrespective of its mission or values.

Categories
Compliance Into the Weeds

Compliance into the Weeds: NRA Governance Reforms: A Compliance Case Study

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject more fully. Are you looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode, Tom Fox and Matt Kelly dive into the intricate and unusual story of the National Rifle Association (NRA) and its recent corporate governance overhaul.

Matt and Tom explore Judge Joel Cohen’s final ruling, which mandates extensive corporate governance reforms for the NRA. These reforms address significant issues, such as a structurally weak board, poor financial controls, and an overpowering CEO in Wayne LaPierre, who misused the organization’s resources. Necessary measures discussed include revamping the board’s audit committee and introducing annual compliance reports, along with significant protections for the role of the Chief Compliance Officer.

The episode highlights the universal principles of good governance, asserting that the NRA’s reforms can serve as a valuable lesson for other organizations. Regardless of the political or ethical stance on the NRA’s activities, the implemented governance structures underscore the necessity of transparency, an empowered compliance function, and robust oversight mechanisms to prevent misuse of organizational resources. These insights are illustrated through sample agreements and templates in the court ruling, which can guide other organizations in strengthening their governance and compliance programs.

Key highlights:

  • Corporate Governance Reforms Ordered by the Court
  • Specifics of the Court-Ordered Reforms
  • Audit Committee and Board Reforms
  • Compliance and Governance Templates
  • Universal Principles of Good Governance

Resources

Matt in Radical Compliance

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

The Role of Compliance in Employee Retention

The fight to attract and retain top talent has long been a concern for corporate leaders, but the stakes are even higher for compliance professionals. The insights from the Harvard Business Review (HBR) article Why Employees Quit the authors offer actionable lessons that compliance professionals can integrate into their strategic efforts. Let’s explore how fostering a meaningful employee experience can mitigate compliance risks and strengthen organizational integrity.

The Compliance Costs of Employee Attrition

Employee turnover is more than a budgetary concern; it is also a compliance risk. When experienced employees leave, they take with them institutional knowledge, including an understanding of the organization’s policies, culture, and compliance framework. The cost of replacing employees ranges from 6 to 9 months of their salary—and for executive roles, it can double their annual pay. More insidiously, high attrition rates may signal deeper issues, such as cultural dysfunction or ethical lapses, which could attract regulatory scrutiny.

For the compliance professional, employee retention is not simply about the cost of replacement and retraining but about sustaining a culture of ethics and compliance. Addressing the root causes of turnover is an investment in long-term corporate resilience.

Understanding Employee Quests for Progress

The authors identify four primary motivations driving employees to switch jobs:

  1. Getting Out- escaping from toxic environments or dead-end roles.
  2. Regaining Control- seeking autonomy and work-life balance.
  3. Regaining Alignment – a desire for respect and utilization of skills.
  4. Taking the Next Step- pursuing growth opportunities.

Each of these quests resonates with compliance principles. For example, consistent policy enforcement may frustrate employees seeking alignment, while those striving for growth may feel supported by a lack of training or mentorship.

Compliance Takeaway: A compliance program should ensure adherence to laws and regulations and foster an environment where employees feel valued and empowered.

Proactive Measures: Compliance as a Partner in Employee Retention

The authors recommend three strategies for aligning employee experiences with organizational goals. Here’s how compliance can lead the charge:

  • Interview Employees Early and Often

Exit interviews should be conducted more often, but they should be too late. Instead, compliance professionals can implement regular “pulse checks” to assess the ethical climate and identify areas where employees feel unsupported. Consider aligning these efforts with the DOJ’s emphasis on continuous monitoring in compliance programs. As a practical step, include ethical climate questions in employee surveys and encourage anonymous reporting to surface hidden concerns.

  • Develop Shadow Job Descriptions

Official job descriptions often need to capture the dynamic realities of roles, leading to mismatched expectations. Compliance can play a pivotal role in ensuring these descriptions reflect the ethical responsibilities associated with the job. Your corporate compliance function should work closely with HR to include clear expectations for ethical behavior, reporting obligations, and compliance training in every role.

  • Collaborate with HR to Align Roles with Employee Progress

Flexible role design can create opportunities for employees to grow while adhering to compliance standards. This approach satisfies employees’ quests for progress and reduces the likelihood of ethical lapses driven by disengagement or frustration. This ties directly into what the DOJ wants to see around non-financial incentives for employees doing business ethically and in compliance. The 2024 ECCP speaks directly to this issue, and once again, compliance should partner with HR to design roles that balance individual aspirations with organizational needs, ensuring compliance remains a core element and fully incentivizes employees in and around compliance.

The Compliance Implications of “Pushes” and “Pulls”

The authors identify joint “push” factors, such as lack of trust, poor management, and generally poor culture, as well as “pull” factors, including alignment with values, flexibility, and a more positive corporate culture in job switches. Push Factors include a lack of trust in leadership, which often correlates with higher compliance risks. Employees disengaged from management will typically disengage from compliance initiatives. Conversely, Pull Factors enhance values-driven employees. Such employees are more likely to thrive in organizations that prioritize ethical behavior. Compliance professionals should pay close attention to these dynamics in their organizations. Moreover, for corporate compliance professionals, as the holders of Institutional Justice and Institutional Fairness in an organization, addressing push factors and amplifying pull factors can help create a culture where compliance is not merely a requirement but a shared value.

Technology’s Role in Enhancing the Employee Experience

Advanced compliance monitoring tools like AI-driven analytics can support compliance objectives and employee retention efforts. These tools can provide real-time insights into employee sentiment, flagging potential compliance risks while highlighting areas for improvement in the employee experience. Compliance professionals can utilize analytics to monitor ethical climate indicators, including response rates to compliance training and engagement in whistleblower programs.

Building a Workplace Employees Want to “Rehire” Every Day

Compliance professionals have a critical role in shaping an ethical, engaging workplace. By embedding employee-focused strategies into compliance initiatives, organizations can reduce turnover, strengthen their ethical culture, and build a more resilient compliance program.

The employee experience is no longer a “soft” issue; it is now imperative for compliance. By proactively addressing why employees leave, compliance leaders can ensure their organizations retain talent and integrity. For the CCO, you should ask: Are you engaging your employees in ways that align with compliance priorities? If not, it’s time to reimagine compliance as a partner in the employee experience. This intersection of compliance and employee experience is an opportunity to drive meaningful change. Compliance professionals need to seize it and move your entire culture forward.

Categories
Blog

Auditors and Compliance: Part 2 – Ten Key Takeaways for Compliance Professionals

The PCAOB’s recent information release, SPOTLIGHT Auditor Responsibilities for Detecting, Evaluating, and Making  Communications About Illegal Acts, is a critical guide for compliance professionals. The SPOTLIGHT sets out the role of auditors in assessing a company’s compliance with laws and regulations, particularly how auditors must identify, evaluate, and communicate potential illegal acts. However, for compliance officers, the SPOTLIGHT highlights areas where compliance and audit functions intersect and emphasizes collaboration’s importance to maintaining regulatory adherence and upholding financial integrity. Yesterday, we reviewed the roles and duties assigned to auditors. Today, we will dive into the 10 key takeaways for compliance professionals, outlining what they need to know to align their efforts with audit processes and effectively support their organization’s commitment to compliance.

  • Understand the Auditor’s Role in Identifying Illegal Acts

Auditors have a duty to detect and evaluate illegal acts that could materially impact a company’s financial statements. This includes assessing the potential effect of any illegal activity on the company’s financials and reporting these issues to management, the audit committee, and sometimes to the SEC. Compliance professionals need to understand this role to support auditors in fulfilling these obligations, especially by maintaining a strong compliance program that actively monitors regulatory adherence. Compliance should ensure that internal policies align with PCAOB standards and legal requirements, helping auditors conduct a thorough risk assessment as part of their evaluation.

  • Maintain Transparent and Open Communication Channels

Transparency and open communication are vital for a successful compliance-audit relationship. Auditors depend on information from management, the audit committee, and legal counsel to identify and evaluate potential violations. Compliance professionals should facilitate open communication with auditors and provide timely access to relevant information. This includes documentation from internal investigations, responses to auditor inquiries, and any corrective actions taken to address potential illegal acts. Proactively sharing information about compliance efforts demonstrates a commitment to ethical practices and supports auditors’ work to provide an accurate assessment of the company’s financial statements.

  • Foster a Strong Internal Reporting Culture

Auditors must inquire about complaints and tips, including those from whistleblower programs. For compliance professionals, this highlights the importance of fostering an internal reporting culture where employees feel safe raising concerns. A robust whistleblower program and other internal reporting mechanisms help identify potential illegal acts early, allowing the company to take action before issues escalate. Compliance teams should ensure employees know how to report concerns confidentially and clearly communicate that the company prohibits retaliation against whistleblowers. This can help create a steady pipeline of information that aids both compliance and audit functions in proactively addressing potential issues.

  • Document Document Document

Thorough documentation is crucial in every compliance arena, whether regulatory reporting, high-value transactions, or industry-specific regulations. (The Tom Fox Mantra Document Document Document.) Compliance professionals should maintain clear records of all compliance activities, internal investigations, and responses to auditor inquiries. By providing auditors with well-documented information, companies can help auditors assess whether any potential illegal acts are isolated incidents or indicative of broader compliance concerns. Such documentation facilitates the audit process and demonstrates to regulators a serious commitment to compliance.

  • Prioritize High-Risk Areas with Targeted Monitoring

Auditors focus on high-risk areas in their evaluations, such as transactions or activities with greater potential for legal violations. Compliance professionals should proactively monitor these high-risk areas to detect and mitigate issues before they escalate. For instance, compliance in industries with high regulatory scrutiny should ensure that the organization adheres to all industry-specific legal requirements. Regularly evaluating high-risk areas through targeted monitoring helps create a solid foundation for internal and external financial statement audits, reducing the chance of undetected illegal acts.

  • Be Prepared to Act on Auditor Findings Promptly

When auditors identify potential illegal acts, it is essential for compliance to respond swiftly and decisively. This involves conducting a thorough internal investigation and determining any required disclosures or corrective actions. From there, you should perform a Root Cause Analysis and then proactively address any concerns from auditors to help the organization maintain transparency and avoid further regulatory scrutiny. A prompt response strengthens the relationship between the compliance and audit functions and demonstrates to auditors and regulators a proactive approach to managing and mitigating compliance risks.

  • Strengthen Leadership’s Commitment to Compliance

The PCAOB emphasizes the importance of a “tone at the top” in its guidance, noting that auditors consider a company’s commitment to compliance when assessing potential illegal acts. Compliance teams should work with executive leadership to promote a strong culture of ethics and compliance, as this can significantly impact employee behavior and organizational practices. A commitment to compliance at the leadership level signals to employees that ethical conduct is a priority, supporting the organization’s overall compliance efforts. When leadership promotes compliance, employees are more likely to report concerns, and auditors can rely on the company’s internal controls and integrity.

  • Prepare for Potential Notification

If auditors discover a material illegal act and management fails to take appropriate action, the auditor may be required to notify the SEC or DOJ. For compliance professionals, this highlights the importance of swift and transparent responses to any findings of illegal activity. Working closely with auditors to address material findings and avoid potential SEC/DOJ notification is crucial. When the compliance function demonstrates a proactive approach to addressing auditor findings, it helps maintain the organization’s reputation, strengthens auditor relationships, and reduces the likelihood of regulatory intervention.

  • Regularly Review and Update Compliance Training

Auditors also assess a company’s internal compliance functions, including how well employees understand and adhere to compliance obligations. Regular compliance training ensures that employees are informed about identifying and reporting illegal acts, understand whistleblower protections, and know the resources available to them. Compliance professionals should review and update training programs frequently to address any changes in laws or regulations and any emerging risks specific to the company’s industry. Effective training reinforces employees’ commitment to ethical behavior and supports the company’s internal controls, bolstering the compliance-audit relationship.

  • Emphasize Materiality Assessments in Compliance Evaluations

When auditors evaluate the impact of illegal acts, they consider both quantitative and qualitative materiality. Compliance teams should adopt a similar approach when assessing potential violations. For instance, even a small illegal payment could be material if it raises ethical concerns or results in contingent liabilities. By considering potential violations’ financial and reputational implications, compliance teams can better assess the materiality of issues and take appropriate corrective action. This approach aligns with auditor standards and helps create a thorough and effective compliance environment.

Strengthening Compliance and Audit Collaboration

The PCAOB’s guidance reminds compliance professionals that a proactive approach to detecting, evaluating, and addressing potential illegal acts is essential. By understanding the auditor’s role and aligning compliance practices with PCAOB and SEC standards, compliance teams can effectively support auditors and contribute to a thorough evaluation of the organization’s adherence to laws and regulations.

A corporate compliance function plays a crucial role in creating a transparent, accountable organization where employees feel empowered to raise concerns and management responds promptly to address potential issues. Strong compliance-audit collaboration enables companies to build trust with regulators and stakeholders, demonstrating a commitment to ethical business practices. By implementing these takeaways and fostering a culture of compliance, companies can better navigate regulatory requirements and mitigate the risk of material misstatements or regulatory penalties, upholding the integrity of their financial statements and safeguarding their reputation in an increasingly scrutinized environment.

Categories
Great Women in Compliance

Great Women in Compliance – Joy Hayes and Gitanjali Sakhuja on Expats and Repats: Working Abroad & Reentry to the US

Welcome to the Great Women in Compliance podcast with Hemma Lomax and Lisa Fine, sponsored by Corporate Compliance Insights. Have you considered being an Expat and what it’s like to return after being abroad? This #GWIC episode explores what you need to know on both legs of the journey and the rich personal and professional growth that comes from immersing yourself in another culture and country.

Our expat guests, Joy Hayes, who has just moved to Geneva, Switzerland, and Gitanjali Sakhuja, who has worked in seven different countries and is now back in the U.S., share their journey, tips, and practical advice. Their insights range from when you decide to work in another country to when you return home – and some great experiences (and challenges). Ellen Hunt leads this roundtable discussion with our guests, who share their personal experiences and professional insights on becoming an expat and repat, including balancing expectations, the importance of language proficiency, and the challenges of tax and visa regulations. They also delve into the emotional aspects of adjusting to life abroad and the reentry process, offering practical tips and anecdotes. 

Thanks, as always, to our sponsor, Corporate Compliance Insights, and our wonderful #GWIC community.  You can join the Great Women in Compliance community on LinkedIn here.

Categories
10 For 10

10 For 10: Top Compliance Stories For the Week Ending November 16, 2024

Welcome to 10 For 10, the podcast that brings you the week’s Top 10 compliance stories in one podcast each week. Tom Fox, the Voice of Compliance, brings you the compliance professional and the compliance stories you need to know to end your busy week. Sit back, and in 10 minutes, hear the stories every compliance professional should know from the prior week. Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for the compliance professional, all curated by the Voice of Compliance, Tom Fox. Get your weekly filling of compliance stories with 10 for 10, a podcast produced by the Compliance Podcast Network.

  • Meta fined $840MM in EU for anti-trust violations. (NYT)
  • SBF LT. Builds fraud detection tool for DOJ. (Reuters)
  • Shell wins appeal in landmark climate case. (NYT)
  • ADM CCO steps down amid probe.  (Bloomberg)
  • End of ESG and crypt initiatives at SEC. (WSJ)
  • What science reveals about corruption. (El Pais)
  • Telefónica Venezuela settles FCPA action. (WSJ)
  • Handling a difficult employee with health issues. (NYT)
  • Hidden cost of textile and apparel non-compliance. (Homeland Security Today)
  • NetEase execs arrested for bribery and money laundering.  (biz)

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

You can check out the Daily Compliance News for four curated compliance and ethics-related stories each day here.

Check out the full 3-book series, The Compliance Kids, on Amazon.com.

Connect with Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

Empowering Middle Managers: A Compliance Training Guide

A culture where employees feel safe to voice concerns through a speak-up culture is foundational to an ethical and compliant organization. However, fostering this environment is a two-way street; employees must feel encouraged to raise issues and confident that their voices will be heard and respected. Middle managers play a vital role in this process, serving as a bridge between employees and leadership. Training these managers to be effective listeners and supportive leaders is critical to embedding a true speak-up and listen-up culture. Today, I want to provide a comprehensive guide to structuring compliance training for middle managers to empower them in this essential role.

Establishing a Foundation for Openness and Trust

Middle managers are often employees’ first contact when they have questions, suggestions, or concerns. For this reason, the training should prioritize methods to create a welcoming and open environment. Employees are more likely to speak up in a space where psychological safety is present.

Training should focus on helping managers:

  • Set a Positive Tone. Managers can model openness by actively seeking input, acknowledging diverse viewpoints, and demonstrating that they value honest feedback.
  • Practice Respectful Communication. Respect and empathy should be at the core of all interactions. Managers should receive guidance on fostering a culture where positive or critical feedback is welcomed and used constructively.
  • Address Barriers to Speaking Up. Training should include understanding common barriers, such as fear of retaliation or judgment, that might deter employees from sharing their concerns. Managers need to learn techniques to overcome these barriers, assuring employees that feedback is welcomed and issues are handled impartially

Mastering the Art of Active Listening

Active listening is the cornerstone of a listen-up culture. To create a sense of safety and encourage more openness, managers should learn to develop strong listening skills:

  • Concentrate on the Speaker. Active listening involves more than just hearing words; it means being fully engaged and present. Managers should learn techniques to eliminate distractions, maintain eye contact, and show genuine interest in the employee’s concerns.
  • Show Empathy and Support. Employees feel more valued when managers respond with empathy. Compliance training should include exercises to help managers practice empathy in real-time, learn to listen without judgment, and offer support without prematurely reaching conclusions.
  • Utilize Non-Verbal Communication. Body language and facial expressions are powerful communicators. Managers should be trained to become aware of their non-verbal cues, such as maintaining an open posture, nodding, and mirroring, to convey that they are fully engaged and receptive to what the employee shares.

Reinforcing Confidentiality and Non-Retaliation

One of the most significant obstacles to a speak-up culture is the fear of retaliation or breach of confidentiality. Employees need assurance that speaking up will not negatively impact their role or relationships within the company. Training should address these concerns by teaching managers how to:

  • Communicate Non-Retaliation Policies. Emphasize that the organization has a strict non-retaliation policy and that any reports made in good faith will not be used against the employee. Managers should be trained on what this means in practice and how to reiterate this assurance to their team.
  • Model Confidential Handling of Concerns. Managers must understand the importance of discretion and keeping sensitive information within appropriate boundaries. Training should cover practical examples and role-playing exercises to help managers practice discretion when handling real-life scenarios.
  • Know When and How to Escalate. Managers should learn the correct escalation protocols for concerns beyond their control, including when to involve HR, compliance, or other internal functions. This keeps matters within formal channels, allowing for a structured and consistent response to concerns.

Responding to Concerns with Consistency, Integrity, and Fairness

Consistency in handling concerns signals to employees that their voices are valued and treated equally. To encourage this, compliance training should incorporate strategies for managing responses to sensitive issues fairly and respectfully:

  • Role-Playing Scenarios. Managers should engage in simulated situations where they practice responding to different concerns, such as interpersonal conflicts, compliance issues, or ethical dilemmas. By exploring these scenarios, managers can prepare for potential challenges in a controlled environment, making them better equipped to handle real situations confidently.
  • Guided Self-Reflection and Assessments. Managers should regularly evaluate their response styles to ensure they meet company fairness, integrity, and transparency standards. Compliance training can include guided assessments that help managers identify areas for improvement, such as biases or tendencies that may unintentionally affect their responses.
  • Implement Escalation Protocols. Managers must understand that not all concerns can or should be handled independently. Training should include guidance on the importance of escalating certain issues, such as legal or safety concerns, to the compliance department or other designated channels. This structured process ensures consistency, limits liability, and enhances employee trust in it.

Using Feedback Loops to Promote Continuous Improvement

For a speak-up culture to thrive, there should be an ongoing feedback and improvement process. Regular communication and consistent messaging from middle managers are essential to reinforcing this culture:

  • Creating a Culture of Continuous Dialogue. Managers should be encouraged to check in with their teams regularly rather than wait for annual reviews or structured feedback sessions. This open, continuous dialogue builds familiarity and trust, making it easier for employees to speak up when they have concerns.
  • Leveraging Digital Communication Tools. Managers can integrate compliance reminders, policy updates, and reinforcement of ethical standards into digital platforms where employees frequently engage. For example, using intranet channels or corporate social media platforms allows periodic messages, reminders, and success stories to be shared, helping employees internalize compliance messages over time.
  • Self-Assessments for Managers. Incorporate periodic self-assessment exercises, where managers reflect on their actions and impact on the speak-up culture. This can include anonymous feedback from employees, allowing managers to gain insight into their perceptions and identify improvement areas. Regular self-assessments reinforce accountability and ensure that managers remain aligned with the company’s compliance goals.

Instilling the “Listen-Up” Culture in Managerial Training

A listen-up culture goes hand-in-hand with a speak-up culture. For managers to effectively handle the concerns brought forward, they must receive dedicated training on what it means to listen up:

  • Developing Emotional Intelligence. Managers should be trained to be aware of their emotions and biases. Emotional intelligence is crucial in handling sensitive topics, as it allows managers to approach discussions with patience, empathy, and a genuine willingness to understand employees’ perspectives.
  • Creating Safe Spaces in Daily Operations. Rather than waiting for formal review sessions, managers can be trained to set aside dedicated time during team meetings to allow employees to voice questions or concerns. Encouraging open discussions in a safe environment reinforces that the company values and listens to employee feedback on compliance issues.

A Continuous, Proactive Approach to Compliance Culture

By empowering middle managers to build trust, actively listen, and foster an open dialogue, a company can lay the groundwork for a resilient compliance culture. The speak-up and listen-up approach is about avoiding ethical or legal breaches and creating a workplace where employees feel valued and respected, leading to better overall engagement and performance. Compliance training that encourages middle managers to foster this culture of openness is an investment in the company’s ethical foundation and its long-term success. Ultimately, a strong compliance culture is only as robust as those who support and enact it, and middle managers are a critical part of that foundation.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – 5 Keys to Compliance Communication

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we consider 5 keys to building a culture of trust and engagement in your organization.

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Check out the full 3-book series, The Compliance Kids, on Amazon.com.

Categories
Blog

5 Keys to Compliance Communication: Building a Culture of Trust and Engagement in Your Organization

When it comes to corporate compliance, transparent and effective communication is non-negotiable. Your employees are not only the first line of defense but are also the customers of your compliance program. A well-communicated compliance function can shift the perception of compliance from a bureaucratic formality to a valued corporate asset. To establish this, compliance professionals must adopt a 360-degree communication approach emphasizing openness, interactivity, and alignment with company values.

Here are five keys to building a robust compliance communication framework within your organization:

Start with Clear Objectives: Define the “Why”

The first step to any successful compliance communication strategy is clarity of purpose. Before launching any campaign or distributing messaging, ensure you know why you are communicating in the first place. Some key questions include: Are you aiming to educate employees about new policies?

  • Does it reinforce the importance of ethical behavior? Prompt employees to report potential issues.
  • Will each goal shape your message and each audience within your company? Tailored messaging is required to understand the importance and relevance of your compliance program from the board of directors to the newest hires (from the boardroom to the shop floor).

If you aim to increase awareness of anti-corruption policies, your communication might center around the organization’s stance on integrity and honesty. However, if you encourage a speak-up culture, the message might emphasize confidentiality, support, and the importance of reporting misconduct. Ensuring your message has a clear and measurable objective can affect how it is received and whether employees take action.

Know Your Audience: Tailor Your Message for Maximum Impact

A single compliance message may only resonate with some in your organization. In any corporation, there are multiple audiences, including employees, senior leadership, middle management, external partners, and board members, all of whom have varying levels of familiarity with compliance topics. Recognizing and addressing these differences can significantly boost your messaging’s effectiveness.

For example, your frontline employees may need a straightforward explanation of policies and accessible reporting channels. Meanwhile, senior management may focus on the high-level implications of compliance initiatives on business strategy. A one-size-fits-all approach is less effective; instead, communicate with your audience in mind, considering their needs, knowledge level, and preferred communication channels.

Embrace Two-Way Communication: Build a Culture of Trust and Feedback

One of the most crucial aspects of compliance communication is creating an open line of dialogue, both up and down the chain. Employees should feel comfortable receiving compliance information, asking questions, seeking clarification, and providing feedback. Compliance should not be a one-way street; organizations must encourage interaction and feedback to build an authentic culture of ethics and accountability.

Integrating feedback mechanisms, such as surveys, focus groups, or town hall meetings, allows you to gauge employees’ understanding of compliance topics and uncover areas for improvement. But always remember that in compliance, we are only limited by our imaginations. Dun & Bradstreet CCO Louis Sapirman implemented a “Chatter Jam” for all company employees several years ago. It was a real-time discussion on an internal platform where employees shared their views on compliance topics like the company’s Code of Conduct. This open dialogue allowed the compliance team to hear employee concerns directly and make real-time adjustments.

In addition to these formal feedback channels, informal communication should be encouraged. Ensure employees know they can speak up without fear of retaliation. In doing so, you’re promoting compliance and creating an environment where ethical concerns can be discussed openly, ultimately preventing small issues from becoming major risks. 

Consistency and Frequency: Keep Compliance Top-of-Mind

Effective compliance communication is not a one-off event but a continuous conversation. Reminders and reinforcements must be consistent and frequent for employees to internalize compliance principles. Use multiple communication channels to keep compliance messages front and center. This can include periodic emails, newsletters, short videos, or even social media-style updates on internal platforms.

Consistency doesn’t mean redundancy; it’s about finding fresh ways to reinforce fundamental compliance principles. For example, the DOJ’s 2020 FCPA Resource Guide, 2nd edition, emphasizes that regular communication about compliance expectations helps companies demonstrate their commitment to ethics and compliance. Even brief reminders can have a lasting impact. Remember Morgan Stanley’s case, where they sent 35 compliance reminders over seven years to reinforce anti-bribery policies. The company’s diligence in maintaining consistent messaging resulted in receiving a declination from the DOJ when one of its managing directors was involved in misconduct.

Regularly communicating compliance expectations also helps create a sense of normalcy around compliance issues, positioning compliance as a natural part of everyday operations rather than an occasional reminder or, worse, a reactive measure only brought up after an incident occurs.

Foster Engagement Through Storytelling and Real-World Examples

Human beings are naturally drawn to stories, so it is no surprise that storytelling is one of the most effective ways to communicate compliance issues. Sharing real-world examples of positive and negative outcomes can help employees better understand the importance of compliance and the risks associated with unethical behavior. When employees see real-life scenarios, they can more easily relate to how compliance impacts their roles and the company’s success.

Using case studies from your industry to illustrate the potential consequences of non-compliance. Highlighting scenarios where similar companies faced penalties due to lapses in compliance can make the risks feel more tangible. Conversely, sharing success stories within your organization, such as how a well-trained team prevented a potential compliance breach, can reinforce the value of compliance.

Storytelling also applies to compliance champions within the organization. Showcase individuals or teams who have exemplified ethical behavior and contributed positively to the compliance culture. Celebrate these “compliance heroes” publicly, whether in internal newsletters, company meetings, or digital screens throughout the office. Recognizing and celebrating compliance efforts in this way can have a ripple effect, inspiring others to follow suit.

Bringing it All Together: The 360-Degree Compliance Communication Model

Incorporating these five keys into your communication strategy will help establish a 360-degree approach to compliance that keeps the program visible, relevant, and actionable across the organization. It’s about more than simply sending information; it’s about creating a dynamic, two-way exchange that reinforces compliance as an integral part of your company culture. When compliance communication is objective-driven, audience-centered, interactive, consistent, and engaging, you build trust and accountability within the organization.

A robust compliance communication strategy positions your program not as a barrier to business but as an ally, helping employees navigate ethical challenges confidently. By adopting these five keys, compliance leaders can shift the perception of compliance from a mandatory obligation to a trusted, positive influence on the company’s success. It’s a win-win for employees and the organization, promoting ethical conduct while protecting its reputation and bottom line.

In the end, remember this: compliance communication is not simply about conveying rules and policies. It is also about building a culture where employees feel supported, informed, and engaged in upholding the company’s values. The real measure of success in compliance communication is when employees understand, embrace, and live out these values in their daily work.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Board Questions and Metrics for 3rd Party Risk Management

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we consider what questions a Board of Directors should ask a CCO and the types of metrics they should ask for in their role of overseeing the compliance program.

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Check out the full 3-book series, The Compliance Kids, on Amazon.com.