Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

Martin Kenney: Can directors ever understand the complexity of compliance?

Alison Taylor’s white paper Risk, An Organizational Perspective, notes that corruption risks vary from continent to continent. That’s true. But it understates the depth of a very complex challenge that businesses face.

If we look past continental differences, we have to consider the nature of the business being conducted and even the prevailing political wind within that country. The culmination of these various threads means that no single compliance model can deal with all these variants. Instead, each company has to be prepared to tweak its standard compliance program and practices to suit the elevated risks associated with the location and the nature of the business being conducted.

Herein lies a problem: Most companies and their compliance chiefs are reluctant to waiver from what they and the board have already decided. And yet compliance officers with significant experience and perspective will know that at times they need to demonstrate a certain flexibility.

But can compliance approaches be flexible without real-time support and participation from the board? I would wager that even at this point in my discussion, some board members will be thinking:What has this got to do with me? We pay the compliance officer to make these decisions.”

Let’s be blunt. If the bosses don’t believe in it, why should the workers?

If directors and their companies exercise compliance rigidly and inflexibly, eventually they will miss something. Worse still, employees might identify new risks but decide to ignore them, because they have met the requirements of the compliance manual. (Richard Bistrong also discusses this dilemma in a post on his Front Line site.)

Overseeing deals where bribery and corruption may impact upon a legitimate tendering process is an extremely frustrating predicament for company directors. But in today’s enforcement environment, turning a blind eye to the possibility that a subordinate or intermediary is offering some form of gratuity to the prospective client isn’t an option. And it probably won’t work as a defense to say the requirements of a written-in-stone compliance program were met.

As a first step, then, directors should have compliance awareness training. Without it, they can’t fully appreciate the head-spinning complexity of compliance in high-risk environments or the hard choices their compliance officers face every day.


Martin Kenney is Managing Partner of Martin Kenney & Co., Solicitors, a specialist investigative and asset recovery practice focused on multi-jurisdictional fraud cases |@MKSolicitors.

Share this post



  1. Hi Martin, thanks for your comments and for reading the paper! I think a lot of the issues you allude to are covered by the discussion of intergroup relationships within the organization – what you are discussing is the relative authority of the center versus the regions, and the challenges relating to navigating global consistency versus local autonomy. This is a challenge for the compliance organization – should it sit where the risk is owned or experienced? But also for the culture of the company as a whole. Directors are often willfully blind to the local challenges in order to maintain plausible deniability, and employees often implicitly discouraged from raising the concerns you mention.. More here:

  2. Thank you, Martin, for sharing your reflections on this important issue and for calling attention to Alison's work. You well point out the need for Directors to become engaged with respect to anti-bribery compliance, and as a number recent surveys have demonstrated, many are not. There is some very troubling research in Blind Spots (Bazerman, Tenbrunsel), which calls attention to how "members of organizations routinely delegate unethical behavior to others in their organizations." In addition, their work draws attention to how compliance which is not embedded into business strategy and ethics can fail, "as employees focus on calculating the costs and benefits of compliance versus noncompliance and about trying to outsmart the system." I hope your piece serves as a wake-up call for getting Directors engaged with the C-Suite and beyond to truly understand and appreciate these perils.

Comments are closed for this article!