Your organization's rules and regulations may not be enforced effectively without a chief compliance officer.
As every parent knows, household rules are all well and good, but if you don't get buy-in from all its members, as soon as you walk away the kids will go back to their video games rather than finish their homework. That's an extremely simplified summary of the challenges facing today's chief compliance officer (CCO). Organizations can generate reams of regulations with the aim of staying on the right side of the law, but if employees ignore them, they can be pointless.
"I strongly believe that the adage 'culture eats compliance for breakfast' correctly reflects the relationship between company's culture and formal compliance programs," says Lech Choroszucha, vice president, assistant general counsel and head of global compliance at ADP. In an increasingly complex business world and vigilant enforcement environment, CCOs need to ensure their messages get through.
A More Aggressive Department of Justice
In 2015, then-Attorney General Sally Yates wrote a memo that put corporations on notice: Individuals won't be able to hide behind a corporate curtain. Personal accountability was suddenly front and center, and C-suites across the country duly noted the warning.
Workforce management gained an urgency beyond operational effectiveness, adding ethics and regulatory compliance to the mix. The CCO, along with similar functions such as the chief audit executive and chief risk officer, became high-profile positions.
But it wasn't enough just to say how an organization should comply with rules. The organization had to demonstrate that it was doing so, Choroszucha says. The Department of Justice has let it be known that if an organization sets up a third-party due diligence program and reports never flagging a potential issue, the department would consider the program ineffective.
Software Solutions Can Help
Indeed, monitoring compliance is both the main focus of a chief compliance officer and the greatest weakness. So how do CCOs achieve the equivalent of ensuring the kids finish their homework instead of playing video games? There are software solutions that help. For example, there are applications that review gifts and entertainment expenses or charitable contributions to ensure they're in line with organizational policy.
Other solutions check out business partners and transactions to make sure they didn't run afoul of trade sanctions or money-laundering regulations. But as with any workforce management tactic, those electronic tools can't be seen as huge roadblocks to normal operations. If so, employees may find ways around them.
Real Risks, Holistic Solutions
Of course, CCOs can go too far to accommodate organizational realities. According to The Volkov Law Group, MoneyGram's chief compliance officer ignored internal requests to terminate outlets suspected of fraud, paying attention instead to the organization's sales department, which wanted to keep the revenue those outlets were earning. He found out the hard way that favoring sales above compliance was not OK: He was fined $250,000 by the Department of the Treasury and had to forego CCO duties for three years, notes The Volkov Law Group.
The successful CCO, Choroszucha says, needs to take the lead in creating a strong, well-reasoned policy, but the success depends on acceptance and adherence. "Ultimately, the business needs to own the policy," he says. "By owning the policy, the business is taking at least one step in instilling the values and culture that will drive the conduct we all hope employees will maintain."