[Part 4] Compliance Management Success Kit
By GAN Integrity
The two former posts related to successful compliance management looked at defining key terms/positioning the compliance role and getting out of the office to collect information. Today, we turn to deepening your understanding of the third step related to the process, namely getting prepared for foreseeable challenges.
Foreseeable Challenges – Be Prepared:
CCOs will face challenging circumstances over their tenure. Preparing for certain foreseeable situations can help smooth out the peaks and valleys.
First and foremost, the sales team will present challenges – particularly at the outset of the compliance/sales relationship. As discussed above, getting past the initial assumption that compliance will act as the “sales prevention department” through the CCO finding ways to add value to the process is a good start to helping build a constructive working relationship. Thereafter, however, there will still be salespeople who will test (or exceed) limits in order to make quota or hit a certain target. Over time, work with sales management and Human Resources to align a common interest in clean sales through the only sure way to get sales reps’ attention: compensation. A system that rewards those involved for sustainable business and that penalizes both reps and their management for transactions that are found later to be problematic will help focus all concerned on compliance.
Investigations, because of the time and stakes involved, can also be difficult for CCOs. Most compliance functions are staffed at maximum utilization; investigations, particularly if they are externally driven, can absorb weeks or more of time that is already allocated to compliance program and other duties. The CCO should have a short list of pre-vetted outside counsel and an investigations response plan with clearly defined roles and responsibilities to help reduce the time and stress associated with these events. Walking the key internal participants through the normal investigations process and the various possible scenarios that could develop helps minimize the elements of surprise and uncertainty that can be so time consuming and disruptive during actual investigation events.
Two challenges that may appear after a CCO has been in office for several years are program staleness and budgetary push-back from the CFO. Both may be the result of programmatic success; the company has not experienced any material compliance issues, and so it’s been program management as usual, without need for dramatic change. But both situations are dangerous – in their own ways.
A stale program is by definition the antithesis of what a compliance program is supposed to be: dynamic and active. If a program is stale (e.g. using the same training materials, policies, controls year after year), then it likely does not reflect the business changes that have likely occurred during the same timeframe, and the risk assessment, at a minimum, is no longer appropriate. Stay on top of company business developments, reflect those changes in the program through periodic content modifications and changes in emphasis, and introduce new and engaging ways to communicate the combination of old and new messages.
Similarly, impress upon the CEO what specific actions have been taken (requiring which resources) to keep the program dynamic and active. Specifically cover with the CFO (and others in senior management) how the program is evolving to respond to the different risk profiles resulting from business change.
During business downturns, compliance may have to cut its budget, along with other departments. But during periods of business growth, the CCO should educate the CFO that the absence of material compliance problems for a prior period is not a guarantee that the same condition will apply in the future, and that there are sound risk management reasons for maintaining or growing the compliance function budget. Be open and honest about distinguishing between necessary vs. optional planned expenditures.
Federal appeals court upholds 5.6B USD Visa and Mastercard settlement
What is compliance risk management?
The DOJ updates its guidance on corporate compliance programs