Recently, my colleague Matt Kelly wrote a blog post about retaliation against Chief Compliance Officers (CCOs). Matt and I explored it in an episode of the podcast Compliance into the Weeds. Matt’s post and our discussion crystallized one of the frustrations of the CCO role: compliance is often experienced solely by senior management as a late-arriving messenger of bad news. When compliance walks into the room, something has already gone wrong. The tone changes. Defenses go up. Trust narrows.
Yet the most consequential moments for a CCO are precisely those situations where the stakes are highest. A potential regulatory disclosure. A decision about whether to notify a government agency. A moment where delay, missteps, or poor coordination can turn a manageable issue into an enterprise-level crisis. If compliance is only visible in those moments, the relationship with the CEO and executive leadership team is already at a disadvantage.
Interestingly, in our podcast, we explored a technique which might be termed “coaching management ahead of time”. Matt picked up the strategy of using a training borrowed from the cyber world of incident training for a cyber-attack. I see this as a very powerful way not only to communicate compliance but also to train on the specific issues senior management will face if a reportable compliance incident occurs. You could train on such hypotheticals by walking the executive leadership team through them so they understand the process, while also providing training on the specific issues.
I think this approach offers practical, repeatable ways to build trust with senior management before a crisis, so that when compliance raises a serious issue, the function is seen as a stabilizing force, not a source of panic.
The Core Problem: Compliance as the Bearer of Bad News
Many compliance officers do excellent technical work but still struggle to earn executive trust. The reason is not competence. It is timing and framing. Senior leaders often experience compliance in three narrow contexts:
- An investigation has begun.
- A whistleblower allegation has escalated; and/or
- A regulator may need to be notified.
In those moments, compliance is necessarily directive. The CCO must slow decisions down, insist on process, and sometimes recommend outcomes executives would prefer to avoid. Without a foundation of trust, those recommendations can feel punitive or overly conservative. The solution is not softer messaging during crises. The solution is familiarity with the compliance process long before the crisis arrives.
Process Transparency as a Trust-Building Strategy
Trust is built through predictability. Senior executives are far more comfortable with difficult outcomes when they understand the process that leads there. This is where scenario-based training becomes one of the most underused tools in the compliance arsenal. Instead of waiting for a live issue, the CCO can walk the executive leadership team through realistic hypotheticals:
- A fact pattern that suggests regulatory notification may be required
- How compliance evaluates credibility and materiality
- Who is involved at each stage and why
- What decisions will management be asked to make
- What actions help, and what actions make things worse
These sessions are not about assigning blame or rehearsing fear. They are about demystifying how compliance operates when the stakes are high.
Why Scenario-Based Training Works With Executives
Scenario-based discussions resonate with executive teams for several reasons. First, they are practical. Executives do not need another policy overview. They want to know what actually happens when something goes wrong. Second, they are respectful of executive time and intelligence. A well-designed hypothetical treats leadership as decision-makers, not students. Third, they normalize compliance involvement.
When executives have already walked through a compliance-led process in a low-pressure setting, that process feels familiar rather than threatening during a real event. Most importantly, scenario-based training reframes compliance from a reactive function to a preparedness function.
The Strategic Role of Informal Engagement
These conversations do not need to occur only in formal training sessions. In fact, some of the most effective trust-building happens outside structured settings.
- A short walkthrough during an executive offsite.
- A tabletop discussion over lunch.
- A casual conversation that begins with, “Let me show you how we would handle this if it ever happened.”
These informal touchpoints matter because they remove fear from the equation. They allow executives to ask questions they might not ask during a live issue. They also allow compliance to show judgment, nuance, and business awareness. This is not a charm offensive. It is a deliberate relationship strategy.
Training on What Not to Do
One of the most valuable elements of scenario-based transparency is the ability to explain mistakes before they occur. Executives often want to help in a crisis. That instinct, while well-intentioned, can create problems. Premature document reviews. Side conversations. Incomplete recollections. Overconfident assurances.
Scenario training allows the CCO to say, in advance, “Here is what helps us protect the company,” and just as importantly, “Here is what can unintentionally make things worse.” When executives understand these boundaries ahead of time, compliance interventions during a real issue feel protective rather than restrictive.
From Messenger of Doom to Stabilizing Force
When compliance has invested in transparency and education, something important shifts. When the CCO later says, “We believe this may require regulatory notification,” that recommendation is no longer heard in isolation. It is understood as part of a known, previously discussed process.
Executives may not like the conclusion, but they trust the path that led there. That trust allows compliance to do its job effectively. It reduces friction. It shortens response time. It improves decision quality. Most importantly, it positions compliance as an advisor whose presence brings structure and clarity to uncertainty.
What Compliance Officers Should Take Away
For compliance officers, the lesson is not about presentation skills or tone management. It is about timing and familiarity. If senior management only experiences compliance during moments of stress, compliance will always feel adversarial. If senior management understands the compliance process before the stress arrives, compliance becomes a stabilizing influence.
Scenario-based training, informal engagement, and process transparency are not “nice to have” activities. They are strategic tools for relationship-building at the highest levels of the organization. The most trusted CCOs are not those who avoid bringing bad news. They are the ones who ensure that when bad news arrives, it is delivered within a framework everyone already understands. That is how compliance earns trust before the crisis and credibility during it.
