I have been — and continue to be– hyper-focused on the proper role and responsibilities of Chief Compliance Officers. Not that I see any cause for alarm, but it is easy to lose focus in the sea of so-called hot issues — ESG, Diversity, Climate Change, Threats to Democracy, Cybersecurity and Data Privacy, each of which is an important component and focus for organizations. All of these issues intersect, are interdependent and should be addressed through organizational commitment. But I want to take a step back and return to an issue of importance — the proper role of CCOs. To do so, we need to remind everyone about basic requirements, lessons learned and ways forward to meet the fast-changing times. CCOs have to maintain and then advance their positions. In my view, given the interdependence of all the important issues mentioned above, the role of the CCO has become even more critical. In this episode, Michael Volkov reviews the standards applicable to the CCOs function in an effective compliance program.
Tag: compliance program
In this episode of the FCPA Compliance Report I visit with Scott Schneider, Head of Content Development at Traliant. Scott has been in the compliance space for over 15 years and is passionate about the building blocks of a best practices compliance program, including Codes of Conduct. This week we take a deep dive into the foundational backbone of every compliance program, the Code of Conduct. Some of the highlights include:
· Importance of Code of Conduct training.
· Types of Code training.
· Why have a Code of Conduct?
· How does a Code of Conduct help establish culture?
· Key areas the Code should cover?
· How should a company develop its Code of Conduct?
· When should a Code be revisited or reassessed?
· The roles of Codes of Conduct and training down the road into 2025 and beyond?
Resources
The digital transformation of compliance will probably be the biggest change in our profession since the move to operationalizing compliance in the past decade. Legal professionals are generally ill-suited to lead this effort due to the legal focused training we all received, not quantitative training that most business students received. This means that many Chief Compliance Officers (CCOs), compliance professionals and corporate compliance functions struggle to reap the benefits of investments in digital transformation. I was therefore intrigued by a recent Harvard Business Review (HBR) article, by Marco Iansiti and Satya Nadella, Microsoft Chief Executive Officer (CEO), on a five-step approach to digital transformation. The article, Democratizing Transformation, sets out how innovation can be pushed out throughout a company’s workforce. I have adapted it for the compliance professional.
For a true digital transformation, technologists and data scientists alone cannot bring about the kind of wholesale innovation both a compliance function and a business unit need. This means that your organization should pair “data scientists with business [and compliance] employees who had insight into where improvements in efficiency and performance were needed.” Another strategy, which is near and dear to the heart of Carsten Tams, Ethical Business Architect and founder and CEO of Emagence LLC, is to use Design Thinking concepts in designing and implementing a digital innovation of compliance. The authors note, “A growing number of teams adopted agile methods to address all kinds of opportunities. The intensity and impact of transformation thus accelerated rapidly, driving a range of innovation initiatives.” This same strategy can work in sales as well as compliance.
It is this step which “democratize access to data and technology” outside of compliance and can lead to true and permanent innovation. The potential for employee-driven digital innovation cannot be accomplished by small groups of technologists and data scientists walled off in organizational silos. It will require much larger and more-diverse groups of employees – executives, managers, and frontline workers – coming together to rethink how every aspect of the business should operate. Once again this is what Tams has talked about with his articulation of Design Thinking, the engagement of business unit employees can well be a significant driver of compliance.
To achieve the type of engagement which will drive real digital transformation, a CCO must create synergy in three key areas: Capabilities, Technology and Architecture. The authors state, “Digital transformation requires that executives, managers, and frontline employees work together to rethink how every aspect of the business should operate.”
- Capabilities. It is axiomatic that successful transformation and innovation efforts in compliance requires “that companies develop digital and data skills in employees outside traditional technology functions. These capabilities alone, however, are not sufficient to deliver the full benefits of transformation; organizations must also invest in developing process agility and, more broadly, a culture that encourages widespread, frequent experimentation.” It is all a long-winded way of saying “Call Carsten Tams” and use his framework for Design Thinking as a starting point for your digital transformation.
- Technology. As always, “investment in the right technologies is important, especially in the elements of an AI stack: data platform technology, data engineering, machine-learning algorithms, and algorithm-deployment technology. Companies must ensure that the technology deployed is easy to use and accessible to the many nontechnical employees participating in innovation efforts.” Fortunately, there are more compliance product providers you can provide the right tech to you. See the Rise of ComTech.
- . One of the things that many compliance professionals do not often consider is that of architecture. The authors believe the “investment in organizational and technical architecture is necessary to ensure that human capabilities and technology can work in synergy to drive innovation. That requires an architecture—for both technology and the organization—that supports the sharing, integration, and normalization of data (for example, making data definitions and characteristics consistent) across traditionally isolated silos. This is the only real, scalable way to assemble the necessary technological and data assets so that they are available to a distributed workforce.” This is similar to what the Department of Justice (DOJ) intoned in the 2020 Update to the Evaluation of Corporate Compliance Program where they mandated for the first time that both the CCO and corporate compliance function should have access to all corporate data, literally cutting across all siloes.
The authors concluded, “mandate for digital transformation creates a leadership imperative: Embrace transformation, and work to sustain it.” I would add that these words apply even more so to the CCO who is leading the digital transformation of a compliance program. You should put together a clear strategy and sell it to the Board and senior management as well as communicating it “relentlessly” throughout your organization. Work to inaugurate a compliance “architecture to evolve into as you make the myriad daily decisions that define your technology strategy. Deploy a real governance process to track the many technology projects underway, and coordinate and integrate them whenever possible. Champion agility in all business initiatives you touch and influence. And finally, break free of tradition. Train and coach your employees to understand the potential of technology and data, and release the innovators within your workforce.”
Momentum is growing for the digital transformation of compliance; from the regulators to business units to investors. Indeed, it will be the driving strategy for compliance in 2025 and beyond. But we must always remember that it is the human element that will be the critical component to drive the transformation and more importantly use those tools to drive compliance up to the next level of effectiveness and engagement.
In this 5-part podcast series I visit with Eric Feldman, Senior Vice President of AMI. We look at the Department of Justice Evaluation of Corporate Compliance Programs, (the “2019 Guidance”), which was released in April 2019. Over the next five podcasts we will explore what the 2019 Guidance changes are from the Evaluation of Corporate Compliance Program, released in February 2017, the structure and emphasis of the 2019 Guidance and what it means for the compliance practitioner going forward. In Episode 3, we consider the question “Is it being effectively implemented?” We look at commitment by top management, autonomy and resources for the CCO and compliance function and incentives and disciplinary measures taken by an organization.
