Welcome to a special five-part blog series on building a stronger culture of compliance, sponsored by Diligent. Over this series I have visited with Yvette Hollingsworth-Clark, Viktor Cuijak, Jessica Czeczuga; Michael Parker; and today it is Alexander Cotoia. In this series, we considered what is culture, how to assess culture, putting together a strategy to manage culture based upon this assessment, the monitoring of that strategy going forward. We conclude on how to use this information from your monitoring to engage in continuous improvement of your culture.
Many compliance professionals struggle with the ‘softness’ of culture. However, properly viewed culture can be seen as another type of risk for any organization. Viewed through this lens, culture can then be assessed, managed, monitored and improved as any other business risk. This has become even more important since the announcement in October 2021 by Deputy Attorney General Lisa Monaco, that the Department of Justice would assess corporate culture as a part of corporate compliance enforcement action. In this concluding Part 5, we consider how to continuously improve your compliance program with Alexander Cotoia, from the Volkov Law Group.
Alexander Cotoia, a regulatory compliance manager at the Volkov Law Group, has a rich background in commercial litigation and has spent a significant part of his career as a paralegal before transitioning to an in-house role at Virgin Galactic. Cotoia emphasizes the importance of compliance culture in organizations, believing that a culture promoting compliant behavior reduces the likelihood of ethical lapses or legal violations. He argues that creating a culture of compliance is not only ethically sound but also makes good business sense in today’s era where consumers are well-informed, and employees prioritize alignment with organizational values. Cotoia suggests that organizations should reinforce their values and highlight the economic benefits of compliance to gain buy-in and engagement from employees, while also emphasizing the need for continuous improvement, conducting root cause analysis, and involving various stakeholders to address cultural issues effectively.
At its core, compliance culture is about promoting and encouraging behavior that aligns with ethical and legal standards. It goes beyond simply following rules and regulations; it involves fostering an environment where employees understand the importance of compliance and are committed to upholding it. As Cotoia emphasized, creating a culture of compliance makes good business sense in today’s era, where consumers are more informed than ever before and a new generation of employees are demanding that organizations align with their values.
One key aspect highlighted in the podcast episode is the role of leadership, particularly the CEO, in driving and reinforcing a culture of compliance. Cotoia stressed the importance of CEOs being actively involved in the compliance process, emphasizing the organization’s values, and demonstrating how compliance contributes to the overall success of the organization. By doing so, CEOs can set the tone at the top and inspire employees to embrace compliance as an integral part of their work.
To establish and maintain a culture of compliance, organizations need to employ various tools and strategies. Cotoia discussed the importance of conducting root cause analysis, which involves identifying the underlying causes of non-compliance or ethical lapses. This analysis can be facilitated through anonymous surveys that measure employees’ perception of compliance within the organization and the extent to which compliance concerns are integrated into their daily work. By understanding the root causes, organizations can implement targeted remedial measures to address the identified issues.
Collaboration among stakeholders is also crucial in promoting a culture of compliance. Cotoia emphasized the need for involvement from various departments, such as the financial team, legal, and compliance officers, depending on the specific compliance challenges faced by the organization. By working together, these stakeholders can collectively solve problems and ensure that compliance is embedded throughout the organization.
Monitoring the effectiveness of remedial measures is another critical aspect of compliance culture. Organizations should regularly assess whether the implemented measures are achieving the desired outcomes. This can be done through continuous improvement efforts, such as periodic pulse checks and assessments of employee understanding and engagement with compliance initiatives. If the results indicate that the remedial efforts are not effective, organizations should be willing to revisit the root cause analysis and adjust their approach accordingly.
We also discussed the importance of ongoing communication and collaboration for continuous improvement and alignment with compliance standards. Organizations should foster an environment where employees feel comfortable reporting compliance concerns and where open dialogue is encouraged. This not only helps identify potential issues but also demonstrates the organization’s commitment to addressing them.
In conclusion, the importance of compliance culture in organizations cannot be overstated. It not only minimizes ethical and legal risks but also contributes to the overall success and reputation of the organization. By involving leadership, conducting root cause analysis, collaborating with stakeholders, monitoring effectiveness, and fostering ongoing communication, organizations can create and maintain a culture of compliance that aligns with best practices and meets the expectations of employees and consumers alike. As Alexander Cotoia aptly stated, “Creating a culture of compliance just makes good business sense.”
Tune into Alexander Cotoia on the Diligent podcast series Unlocking Success: The Crucial Role of Culture in a Best Practices Compliance Program.