Welcome to the final entry in our special five-part blog post series on how to unlock the gold in your program. I have visited with Gio Gallo and Nick Gallo, Co-CEO’s of ComplianceLine, LLC, the series sponsor. In this concluding Part 5, we consider investment strategies for the compliance professional.
We began with the basic concept in investing that the greater the risk, properly managed, the greater the potential return. From there, we turned to how would an investor type, whether it be a Private Equity (PE), Venture Capitalist (VC) or others, think through managing risk. What sort of models would they use? How could those models assist compliance professionals to manage risk? With proper risk management, this can create a huge return on your compliance investment.
Nick explained this is the relationship between risk and return and not the just existence of whether there is a risk at all. He stated, “The amount of risk that someone is willing to take on is generally tied to the return that they expect or the return that they think is possible.” For the compliance professionals this is “trying to give some new colors to paint with new words”. It allows you to speak finance language a little bit more. Finally, for someone with a legal training (like myself) he added, “even if you don’t actually understand all these concepts, at least appear to understand them, high enough level to be talking across the table.” It really boils down to a question of risk and return.
We considered the two big categories of investments in the alternative space (i.e., non-public and non-banking). The first is private equity investing and second is venture capital investing. A typical private equity investor is going to try to make a bunch of bets. They are going to try to have a positive return on virtually all of those bets, the standard deviation, the volatility or the range of outcomes are going to be particular and are going to be relatively more dialed in around what the upside is. This allows them to protect their downside by buying good businesses that are probably proven to some level. While there obviously is downside, hopefully there will be protection. Another way to look at is they are going to be running a bunch of different plays on those investments or on that portfolio so there is relatively a high confidence interval on a dialed in investment outcome with the possibility for some big pops.
On the other side of the fence, is venture capital investing, which tends to have a much wider standard deviation of return. Here investors take on companies at an earlier stage. Gio said, “Maybe they are not proven yet. Maybe they are not cashflow positive. Maybe they have not even found their legs or their market.” Here maybe one out of 10 investments pan out, although of course, if you hit big it can be a home run or even a grand slam.
Both of these examples are important because they demonstrate the lens through which a finance professional will look at a potential compliance program investment. There is actually a wide range of how a finance person is going to think about risk. It is not simply “is there a risk or not? Because the answer is there’s always risk.” Even if you can find the safest investment there is always some risk present.
The final concept to overlay on top of this is beta, which Nick explained “is essentially the extent to which a particular investment moves with the broader market. You can use this as a concept to talk about an investment in your ethics and compliance space, or we can boil it down to talk about the stability of an investment relative to the market. And some things will have a positive beta or a negative beta or a high beta or a low beta or whatever, but the market goes up 5% and your investment goes up 5% with it. The market goes down 5% and it goes down 5% with it has a beta of one. If the market goes up 5% and your investment goes up 10% and it goes down 5% and then the investment goes down 10%, it is more volatile and it’s swinging more violently with market moves and has a beta of, in this case, two.”
This allows a compliance profession to think about broad compliance investments in a similar framework. Your compliance investment may have “a beta of zero. This could generate positive returns for your bottom line, irrespective of what our business does. Whether our business is going up or it’s going down, these investments that we, as an ethics compliance department, want to make are going to reinforce our culture and you are going to drop dollars to our bottom line, irrespective of what’s happening with the top line.”
You can take that same concept further by positing a negative beta or a zero-beta investment. It is important to remember that when you speak to a finance professional you are “not just a risk person, you are speaking to a risk and return person.” This means they will understand that a compliance investment will perform particularly well in a down market. Nick concluded, “if you are making ethics and compliance investments or taking steps within your program or getting budget released to actualize your program, that actually releases the magic in the workforce by driving higher employee engagement and lowering turnover.” These are two areas that directly impact the bottom line regardless of what might be happening at the top line of the organization, “regardless of what headwinds the organization might be approaching or hitting.”
These concepts were all obviously new to me, but the Brothers Gallo are really on to something here. By using these approaches to talk to finance professional in their terms and approaching your budget from the finance perspective, you have a real opportunity to garner budget dollars to invest in your compliance program. By using the strategies of compounding and extending out the value of compliance throughout the organization, you can then demonstrate the return on that investment.
Check out the full podcast series this blog post series is based upon.
Episode 1
Episode 2
Episode 3
Episode 4
Episode 5
Tag: Nick Gallo
Welcome to a special five-part blog post series on how to unlock the gold in your program. I visit with Gio Gallo and Nick Gallo, Co-CEO’s of ComplianceLine, LLC, the sponsor of this series.
One of the ongoing issues in compliance is to demonstrate the Return on Investment (ROI) in your compliance program. One way to do so is by demonstrating the extended value of compliance literally across your entire company. When overlaid with an ESG component, you can begin to see the gold in your compliance hills. In addition to showing how you can unlock the gold in your own compliance hills, Gio and Nick discussed demonstrating ROI for your internal budgeting process which can provide to you the financial resource to strengthen and improve your compliance program. Today, in Part 4, we consider finance and investment models for the corporate compliance function.
If there is one topic that every compliance professional understands it is risk analysis, but this is not the same type of risk analysis that a financial professional would look at. Gio noted that a finance professional would have a different focus in their risk lens. It would focus on such questions as “what is the risk of your investment? What is the risk in your model and your assumptions?” It is almost as if you need a translator to get into the room.
To Illustrate, he pointed to the example of a Black Swan event. With a Black Swan event you could have a wide distribution of different outcomes. A Black Swan event is very rare and it may be so small that it almost does not show up on your radar. However, “if you land on that number, right, if the roulette wheel spins around and lands at that number, it could be a total disaster. It can be an 80% chance everything will be fine and there’s a 90% chance we’ll be 10% bigger next year. And there’s a 70% chance that we’ll be 20% smaller or more difficult next year or whatever. Well, there might be a 0.0003% chance that this bad thing happens.” Yet the outcome is just so catastrophic, similar to the once in a 1,000-year flood, you cannot simply plan for it.”
Yet the Texas Gulf Coast had a 1,000-year flooding event in 2017 (and two 500-year flooding events withing 18 months). While you might not typically plan for the 1,000-year flood, it is a known possibility and I have lived through one and indeed and several 500-year floods. This means you must take the Black Swan concept and continuously re-evaluate it to move from something that could well happen because if it does, the result could be very bad and the circumstances have changed. This means you need to change your basic risk assumptions about calling it a Black Swan event. Gio had an interesting response to this and it was basically to think about storytelling. He listed several events such as the levees breaking causing the flooding of the city of New Orleans or the Fukishima Nuclear Plant flooding. These were both events which seemed very low probability yet were certainly within the realm of the possible. Perhaps even a known unknown.
This series of events illustrate that in the financial realm, you must be ready to move quickly. As Gio noted, “simply because you do not have the whole script and talk track put together and know that something terrible might happen. This can create a damaging dynamic between a CCO and someone in the finance function or in the executive level. Their response may well be ‘what do you want me to do about that?’ What are we going to do this month as there’s budget for it? So, if you can bridge that to, hey, we all know that this terrible stuff might happen and it’s not going to take a thousand years for a 1,000 year flood to happen.”
In response to this scenario, Nick said, “I suggest you take a little bit different tack than ignoring this Black Swan event.” Start by using the power of compounding interest to demonstrate your organization does not need to completely defend against this type of event in the next two months. You can use the power of your investment in compliance to essentially “build the levees a few feet higher so that when the next biggest flood occurs, we defend against it and talk about that in the realm of this is going to take another 2% of the compliance team’s budget to get a little bit better on this.” Even at this stage the compounding of the investment can create some very robust compliance practices for your organization. The bottom line is that if you we invest this 2% each year over the next five years, your compliance program will be five times better at defending against this 500 or 1,000-year flood.
Check out the full podcast series this blog post series is based upon.
Episode 1
Episode 2
Episode 3
Episode 4
Welcome to a special five-part blog post series on how to unlock the gold in your program. I visit with Gio Gallo and Nick Gallo, Co-CEO’s of ComplianceLine, LLC, the sponsor of this series.
One of the ongoing issues in compliance is to demonstrate the Return on Investment (ROI) in your compliance program. One way to do so is by demonstrating the extended value of compliance literally across your entire company. When overlaid with an ESG component, you can begin to see the gold in your compliance hills. In addition to showing how you can unlock the gold in your own compliance hills, Gio and Nick discussed demonstrating ROI for your internal budgeting process which can provide to you the financial resource to strengthen and improve your compliance program. Today, in Part 3, we look at the role of the Chief Compliance Officer (CCO) and corporate compliance function in ESG investments.
We began with the basic question of why a Chief Financial Officer (CFO), or corporate finance function look at ESG investment and how it will be different than a CCO or compliance function would do so. Gio noted that finance will most probably be “considering the outcome and it is something else for me to figure out.” Yet they may well also see it as a new opportunity and a “new conversation that we can be a part of. We may be able to get to that head of the pack because through some early investments which might be in programs or just how we talk about it.” The impact is that finance types might see more opportunities in this than the E&C professional, which you should be conscious of as you enter this conversation. Gio stated, “if we can make something out of this zeitgeist it might be seen as a unique opportunity.”
Conversely, he also noted “there’s no F in the ESG, right? This means the finance lens for this opportunity might be to get better financing for the company.” This might present a funding opportunity, either through a loan, additional capital or other funding mechanisms. It might also work to lower the cost of capital because investors might see your company is really an attractive company. That is what ESG might end up meaning from the finance perspective. The beauty of this is that the approach is equally valid to a compliance-focused approach and demonstrates there are multiple reasons for implementing an ESG program.
Nick emphasized the opportunity that ESG presents. Not simply for each commercial organization but for the compliance function as well. He stated, “irrespective of whether or not your organization is serious about it, you need to take advantage of the opportunity and the window of opportunity that we have right now, because compliance speaks to every single one of those pillars in the ESG acronym.”
From the compliance perspective, there are several reasons for this. It is top of mind for investors and in mind of the marketplace. He said, “Use what you have in place already to show your organization is committed to ESG. Moreover, you probably already have 80% of this stuff done. We already have a speak-up line. We already have a training for our business ethics and corporate culture.” The bottom line is “there are probably a bunch of ESG type things that you are doing.” You can build on all of them. It is a massive opportunity. Do some research on what is publicly available on ESG reports, “grab a handful of those and start looking at what some of your competitors or what other folks in the marketplace are putting into their report. I guarantee there’s a massive overlap with some of the data points that already exist in your organization.” As a compliance professional “it’s about shifting your mindset and using this opportunistically, to take advantage of the amorphousness that is ESG right now.” Nick even compared ESG in 2021 to where compliance was in the mid-1990s after the release of the US Federal Sentencing Guidelines and the creation of the modern compliance professional. It took some 15 to 20 years for corporations to understand that compliance was a business differentiator and business positive and not simply a legal response to a long-standing law, such as the Foreign Corrupt Practices Act (FCPA). In the age of social media, the speed of the change in ESG will be much quicker. Simply witness the change from the Trump Administration which actively fought corporate ESG initiatives to that under the Biden Administration which has fully embraced ESG from a regulatory perspective.
We concluded by considering many of the tasks that a CCO and compliance professional are already doing. Nick provided the following examples, “You can pull that out of your case management system and look at some of the following issues: How many discrimination and harassment claims did you have last year? How many did you have this year? What were the turnaround time on those? How many days did it take you to close those? What can you take credit for? That’s really what ESG is kind of about.” The same is true for your basic risk management strategies involving your third parties and other business ventures.
It is a function of getting an understanding of who your audience is. From the compliance perspective do not simply focus on an audience of one, the government. Look at in the way the Business Roundtable did with their Statement on the Purpose of an Organization. There are multiple stakeholders that you can engage with and work with to satisfy their ESG concerns.
Check out the full podcast series this blog post series is based upon.
Episode 1
Episode 2
Episode 3
Welcome to a special five-part blog post series on how to unlock the gold in your program. I visit with Gio Gallo and Nick Gallo, Co-CEO’s of ComplianceLine, LLC, the sponsor of this series.
One of the ongoing issues in compliance is to demonstrate the Return on Investment (ROI) in your compliance program. One way to do so is by demonstrating the extended value of compliance literally across your entire company. When overlaid with an ESG component, you can begin to see the gold in your compliance hills. In addition to showing how you can unlock the gold in your own compliance hills, Gio and Nick discussed demonstrating ROI for your internal budgeting process which can provide to you the financial resource to strengthen and improve your compliance program. Today, in Part 2, we consider how a corporate compliance function not only extends its value across an organization but demonstrates the value add of a robust compliance function in improving overall business ROI. It is a way of thinking about your compliance that many compliance professionals fail to grasp.
We began with an exploration of how a finance professional will view things differently from the compliance professional. This is important because there really is a different mindset or at least a different lens that a corporate finance function brings, separate and apart from the compliance function lens. As Nick explained, “in the finance game, people make massive bets, investing hundreds of millions or billions of dollars on acquisitions with no real certainty around how something’s will play out. You do not know if a market will disappear; if the historical growth is going to repeat in the future; if your margin improvements are going to justify a massive purchase price.” Moreover, an “investment committee is really about pushing on those assumptions and saying do we really feel good about how we assume things are going to play out?” He emphasized that it is about “getting comfortable with that level of uncertainty about predicting the future and making bets that are foundationally built on assumptions.”
Gio emphasized that many compliance professionals either believe or are perceived to believe that a company’s bottom line can improve being less risky. However, from the finance perspective that can come across as “Fewer expenses, fewer risk of fines and things like that, or things can get better by growth and improvement. This means not simply getting more revenue but becoming more efficient and even attracting better talent.” Of course, less risk can mean less upside and many finance professionals are “used to jumping to both sides of that kind of gain and loss. This means revenue slash growth versus expense costs.” However, if, as a compliance professional, you can realize that financial professionals are trained to kind of look at the downside, “it can allow you to reframe your perspective and your approach.”
Nick emphasized, “it’s really about being opportunistic. You are opportunistically looking at this risk landscape for things that other people have not seen before.” It was this insight that I found so critical for the compliance professional. Starting with the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs released in June 2020, it has become paramount for a Chief Compliance Officer (CCO) to have access to all company data. This necessitates working across corporate silos from the compliance perspective. It allows a corporate compliance function to have insights other functions do not have and allows compliance to “connect the dots”. Nick went on to state, “Once those light bulbs start to turn on, you can have some really powerful outcomes that you never thought would happen.”
We concluded with a discussion of the compounding effect of a corporate compliance program. Even legally trained compliance professionals have some understanding of compound interest. The compounding effect of a corporate compliance program is similar. Consider training an employee to become a compliance advocate and that employee later becomes manager. Gio related, “These are all these follow-on effects. That’s compounding.” Another way to consider this compounding effect is in handling an issue that comes into your hotline, so that person has confidence, and they tell some other people about it. Now there are five people who have confidence in your program and then two of them report. Then they tell five more people. You have this opportunity for compounding of your compliance scope. Gio added in this scenario, “I think we’re going to get 10 more reports this year. A CCO is also selling their program short if you are not drawing that line through the whole story to say this is going to well beat our 15% or three X ROI target. It’s going to blow it out of the water because there are so many ways that what we do in compliance touches the whole organization and those things compound naturally.”
The bottom line is that if you make these little changes, these 1% changes per year, that translate into 40 times impact over a 12-month period. You continue to make these small, incremental changes over time. Then the cultural difference in your organization relative to your competitors very quickly is going to separate in a nonlinear way. It’s in a separate, in a logarithmic way. And that’s where two, three or four years down the road, the real impact of the changes will become apparent the impact that we can have can really be compelling.
Check out the full podcast here.
Welcome to a special five-part blog post series on how to unlock the gold in your program. I visit with Gio Gallo and Nick Gallo, Co-CEO’s of ComplianceLine, LLC, the sponsor of this series. There is also a podcast on this topic and the link is listed below.
One of the ongoing issues in compliance is to demonstrate the Return on Investment (ROI) in your compliance program. One way to do so is by demonstrating the extended value of compliance literally across your entire company. When overlaid with an ESG component, you can begin to see the gold in your compliance hills. In addition to showing how you can unlock the gold in your own compliance hills, Gio and Nick discussed demonstrating ROI for your internal budgeting process which can provide to you the financial resource to strengthen and improve your compliance program. We begin Part 1 by considering how compliance can be seen as a corporate ROI multiplier by looking at the impact of compliance across your entire organization.
One of the most ubiquitous issues in compliance is making a case for ROI. Every compliance professional must be able to be able to justify not only their spending but their budgeting requests. However, as Gio believes, compliance professionals are “literally leaving some money on the table because there’s a lot more to this game than meets the eye.” It is important to understand not simply the numbers but also who you are talking to about ROI or budgetary requests. Also is the zero-mindset which is usually brought to the budgetary process. Many corporate officers feel that if their department does not receive funding those dollars go to another department, and vice-versa.
Gio emphasized that budgeting “is not a zero-sum game. If you can understand that being aligned with other departments, having some positive externalities that help someone else get their job done, or take some work from someone else’s plate, these are all things that you can align with this full company view.” Moreover, this allows you to portray you are not simply competing for dollars but putting in a richer attempt to serve the overall company mission. He emphasized it really takes a “broadening of your mindset not simply thinking about risk in the full company, but also thinking about the compliance budget as part of the whole.”
Nick added that many Chief Compliance Officers (CCOs) who come from a legally trained professional backgrounds handle budgets “like they are running a nonprofit, by minimizing spending, as opposed to like an abundance or growth mentality.” A CCO really does need to use a different set of frameworks when it comes to thinking through compliance ROI and budgeting, “fundamentally different than the binary sort of risk aversion frameworks that you’ll apply to managing an ethics and compliance department or building an FCPA policy or the like.” He concluded that it is all about taking a calculated risk.
Nick acknowledged that this might require making some assumptions, but it is also about doing some of the same things a compliance professional must do each and every day. We talked through the example of hotlines. Here you begin with a mandatory requirement for US public company for a hotline in Sarbanes-Oxley (SOX) all the way through a best practices compliance program, formulated by the Department of Justice (DOJ) in its most recent Update to the Evaluation of Corporate Compliance Programs. From the installation of the hotlines, all the way through the benefits of a speak up culture, a CCO should begin to show and build a picture that can be taken to senior management or the Board to represent the benefits internally and the types of ROI.
Nick noted this is “the exact arithmetic that we want to utilize. If you have a strong culture that people are engaged with their purpose is resonant with the organizational purpose. This means people expend more discretionary effort which falls directly to the bottom line. Moreover, if you love your work and you feel like your voice matters, and you’ve worked other places where your voice doesn’t matter, then you’re going to feel a particular allegiance to that organization. You’re going to appreciate that. Turnover is going to drop a little bit. All of those benefits will go directly to directly to the bottom line.”
But the conversation does not end there. Gio said, “part of this is a persuasion path, pointing to those outcomes, based on these inputs, which are a hotline or an improved case management system. Those are in my mind, extremely credible, especially when you can start to bring the finance people who are controlling purse strings into that calculation. And that’s what the basis of a lot of our ROI coaching has been not only getting those assumptions dialed in, but also building the persuasion path around the delivery of that message so that it lands in a way that is resonant with the you want to loosen those purse strings up.”
The bottom line is that as compliance leaders, we are “great at communicating the clarity that we have standing in and CCOs are also very good at dealing with the gray areas in the domain of risk management.” If, as the compliance professional, you can demonstrate the compliance function will “move the needle, from a risk management standpoint to not simply rectify the causes of those faster” but make the company run more efficiently, you can make a good case for increased budgeting and greater resources for your compliance program.
Check out the full podcast here.
Categories
Episode 097 – Dorie Clark
In this episode of The Ethics Experts, Nick welcomes Dorie Clark, Duke & Columbia business prof, to the show.
Categories
Episode 096 – Donna McGrath
In this episode of The Ethics Experts, Nick welcomes Donna McGrath, leadership coach & mentor for In-House Lawyers, to the show.
Categories
Episode 095 – Joseph Murphy
In this episode of The Ethics Experts, Nick welcomes Joseph Murphy, senior advisor at Compliance Strategists and director of public policy at SCCE, to the show.
Categories
Episode 094 – Lisa Fine
In this episode of The Ethics Experts, Nick welcomes Lisa Fine, senior counsel, director, compliance at Pearson, to the show.
Categories
Episode 093 – Robert Shindell
In this episode of The Ethics Experts, Nick welcomes Robert Shindell, president & CEO of Intern Bridge, Inc, to the show.
