Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

Donna Boehme: Five signs that Compliance 2.0 is the new normal

Major conferences like Compliance Week 2016 are the perfect venue for witnessing the continuing development of the dynamic and fast-evolving compliance profession.

Fresh from presenting the conference’s closing keynote with my “A-team” of panelists, Pat Gnazzo, Keith Darcy and Lee Augsburger, I’ve now had time to reflect on my five big takeaways from the event:

1. Compliance 2.0 is the new normal.  Over the last two decades, the compliance profession has successfully defined itself as a new and separate subject matter expertise from Legal, and has moved away from the old, flawed, legalistic Compliance 1.0 model (Compliance as a captive arm of Legal) to the modern, empowered Compliance 2.0 model, untethered from Legal and structured to succeed.  

Long gone are the days when responsibility for compliance was routinely assigned to a member of the law department with no subject matter expertise or successful track record of designing and managing compliance. As FCPA experts Richard Bistrong and Tom Fox have both noted, the rise of Compliance 2.0 was hard to miss when featured prominently in the ”bookend” keynote sessions of CW 2016, “Are We Defining Effectiveness Correctly?” and “The Maturing of a Profession: The Rise of Compliance 2.0.”

2. Both regulators and prosecutors have got the Compliance 2.0 memo. What better validation of the new modern standard for compliance than hearing both Stephen Cohen, Associate Director, Division of Enforcement – U.S. Securities and Exchange Commission, and Andrew Weissmann, Chief, Fraud Section, Criminal Division, U.S. Department of Justice, give shout outs to key elements of Compliance 2.0 (independence, empowerment and subject matter expertise) in the opening keynote? 

Further, frequent references to the DOJ’s new Compliance Counsel, Hui Chen, throughout the conference highlighted the recognition of compliance as a new subject matter expertise different and separate from Legal. As Assistant Attorney General Leslie Caldwell (head of the DOJ’s Criminal Division) has stated: ”We are prosecutors, not compliance experts” – a level of understanding also reflected by Weissman in his discussion of the DOJ’s hire of compliance expert Hui Chen.

3. The DOJ embraces Compliance 2.0 in the FCPA Pilot Program. The evolution of the profession could also be seen in another big theme of the conference: the DOJ’s new FCPA Pilot Program aimed at encouraging companies to self-report in hopes of receiving leniency and credit for their compliance efforts. The elements of subject matter expertise, independence, empowerment (stature, senior positioning, and clear independent mandate), seat at the table, line of sight and adequate resources – expressly noted in DOJ’s announcement of the pilot program – are noticeably absent in the old Compliance 1.0 model.  

As former federal prosecutor and compliance thought leader Mike Volkov has stated:

DOJ has attached itself to these five factors, which very clearly define a requirement that a company create an independent compliance function that is well-staffed, has adequate line-of-sight across the organization, consists of qualified compliance personnel who are appropriately compensated and offered promotional opportunities within the company.  In other words, companies have to create an effective, independent compliance department that is well-regarded within the governance framework.

It’s safe to say that the SEC and the DOJ’s recognition of Compliance 2.0 is the last nail in the coffin of the old, flawed Compliance 1.0 model.

4. Compliance professionals are voting with their feet. During my time at Compliance Week, I heard from a number of recruiters and employers that they were finding it difficult to recruit good, qualified candidates because those candidates were being so “picky about structure!”  

This anecdotal data is an indication that CCOs and other compliance professionals are now “voting with their feet” for Compliance 2.0 because, as we know, “there’s no crying in compliance!” As Mike Scher has explained on the FCPA Blog, it’s become clear that most CCOs, like WalMart’s ill-fated Maritza Munich, like to sleep at night and are opting not to be fired or lose their careers for doing their job well.

Another validation of the momentum to Compliance 2.0 were the results of the 2015 Deloitte/Compliance Week Compliance Trends Survey, which indicated that only 21 percent of CCOs still reported to the GC, with 57 percent reporting to the CEO or board, and 50 percent having a seat in the C-suite. This trend towards Compliance 2.0 has been noted in other relevant surveys and reporting on the issue.

5. The next generation of compliance will be positioned for success. I’ve often said that the CCO is often given a perilous and difficult mission to go to the moon, equipped with nothing but a hot air balloon to get there (with terrible, and sometimes fatal, results).

That was the world of Compliance 1.0. Yet given the prominent rise of Compliance 2.0, so evident at Compliance Week 2016, there is good reason to believe CCOs will be more likely to find themselves in positions that empower them to design and manage robust, effective programs that are less likely to be the topic of troubling scandal headlines. The healthcare and big-bank industries, Siemens, WalMart and VW are already there.

And this is great news for the compliance profession and corporate stakeholders alike, because, as we’ve said, The Rising CCO Lifts All Boats!


Donna Boehme is the Principal of Compliance Strategists LLC. She has advised a wide spectrum of private, public, governmental, academic and non-profit entities on organizational compliance and ethics. @DonnaCBoehme

Share this post



  1. I agree this is a good trend, but don’t relax. The legal system tends to resist change, and we in compliance and ethics always need to be alert to this. There remain too many pitfalls in this system that undercut efforts to make compliance and ethics programs effective. I would not assume that compliance and ethics professionals will be sufficiently empowered and independent, absent substantial support from government, including the Department of Justice and the SEC. Cheers, Joe

  2. Joe thanks for the wisdom. We do need a few more milestones to etch this in stone, and it helps that both Walmart and VW have set good examples. Choices have consequences, as I predict GM will discover. I am hoping to involve SEC and DOJ more directly in the next RAND Symposium.

Comments are closed for this article!