When prosecutors, regulators, and compliance practitioners agree on anything, I pay special attention.
Last week, Compliance Week 2016 opened with a panel of Stephen Cohen, Associate Director of the SEC Division of Enforcement and Andrew Weissmann, Chief of Fraud Section of the DOJ Criminal Division. Their topic: “Are We Defining Effectiveness Correctly?”
Cohen and Weissmann were clear about the importance of the independence of the compliance function. The issue of reporting relationships, from their perspective, wasn’t as significant as the weight of compliance being able to voice disagreement, deal with conflict, and integrating into the business.
Then they addressed the role of pay and incentives as an important component of compliance and ethics.
Cohen and Weissmann shared how they viewed incentives as an essential part of a culture of compliance, down to the “lowest level of an organization.” They said as part of their work, during investigations or voluntary disclosure, they would be going to the “source of the misconduct and looking up.”
The questions that might follow include “where was compliance,” “what was the company doing with data it received,” and what was the culture at the company that might have tipped someone to “committing a fraudulent act.”
This is a change of focus. When the Fraud Section summoned me in 2007, the questions were “tell us about your crimes, when you did them, who you did them with, and other crimes your observed.” It wasn’t a conversation about compliance, ethics, culture or tone.
The closing panel was “The Maturing of a Profession: The Rise of Compliance 2.0.” It included Keith Darcy and was moderated and led by Donna Boehme.
Donna — a champion of the Compliance 2.0 — talked about the new model of compliance that allows compliance leaders to do “to their job well, with independence, empowerment and subject matter expertise.” She also talked about the “criticality of independence.”
Keith advised attendees to learn the business, and that it’s not one size fits all. He said “understanding the business makes you a better compliance officer.”
That gets back to incentives. What better place to start examining commercial practices and challenges than with a review of growth plans, incentives, bonus packages and variable compensation?
We know that front-line teams don’t report into compliance leaders. They report to their managers who expect, at some level, to have business growth strategy executed in the field. Where those forecasts and incentives are aggressive, especially in low integrity regions, compliance can be an integral part of helping the business to manage those risks successfully, compliantly, and legally.
But that doesn’t happen by itself. It’s about recognizing that business and compliance teams need to emerge from existing organizational silos and embrace that we are all responsible for each other’s work. As Donna Boehme put it, compliance needs to have a line of sight into the business.
Richard Bistrong is a contributing editor of the FCPA Blog and CEO of Front-Line Anti-Bribery LLC. He was named one of Ethisphere’s 100 Most Influential in Business Ethics for 2015. He consults, writes and speaks about compliance issues. He can be contacted by email here and on twitter @richardbistrong. He’ll be a speaker at the FCPA Blog NYC Conference 2016.