Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Shruti J. Shah
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

Tom Fox: Compliance Lessons from Lindbergh the Engineer

Lucky Lindy is a term that is usually consigned to the history books. Yet to many Americans he was the hero of the 20th Century for his solo flight across the Atlantic.

A recent book explored the flight and more particularly the preparation for the flight, in an elegantly entitled volume, named simply The Flight by Dan Hampton.

The book was the first I had read which focused on Charles Lindbergh the engineer. Not only was it a great read but I found it had some significant insights for the compliance practitioner.

The prime lesson from Lindbergh for compliance practitioners is that a combination of just enough of a technological solution and resources but not overdoing it, can be enough to get the job done.

For Lindbergh this meant eliminating items from his plane, The Spirit of St. Louis, which were not necessary for the flight. This included what many today would consider the bare minimum of a radio. Lindbergh reasoned there would be no radio coverage over the Atlantic so the cost in weight was too high. 

The lesson for the compliance practitioner is straight-forward. There are times when less truly is more. This can be important during an economic downturn or time when your company’s compliance budget is forestalled. It can allow you to focus on the most significant risk to your company and manage that risk.

In the area of data security, I recently heard the Chief Technology Officer at Coca-Cola say there was clearly one greatest data security risk at his company, the formula for Coke. That would receive the greatest and highest protection. All other risks could be managed in other manners.

If your company makes the majority of its sales through third parties, that is your highest anti-corruption compliance risk. Conversely if your sales model is employee based, that presents a separate set of compliance risks which should be managed differently.

Finally never forget the effect you, as a compliance professional, can have on your compliance program. In Hampton’s book he quoted a report from the airplane manufacturer’s chief engineer that the presence of Lindbergh in the design and manufacturing process “was a most important factor in welding together the entire factory organization into one smoothly running team.”

That may be the most important lesson for the Chief Compliance Officer —  be hands on.


Tom Fox is a Contributing Editor of the FCPA Blog. He has practiced law in Houston for 30 years. He’s the creator of the award winning FCPA Compliance and Ethics website. He is the Compliance Evangelist.  His best-selling seminal book, “Best Practices Under the FCPA and Bribery Act: How to Create a First Class Compliance Program” (available from Amazon here) is widely viewed as one of the top volumes on the nuts and bolts of compliance. His latest book is 2016 – The Year in Corporate FCPA Enforcement.

Share this post



  1. Good ideas, especially 4th para (use just enough to get the job done). And that works, if the covered entity is basically honest, wanting to do it right. It's probably a common maximum that every company would like to move compliance costs off their balance sheet wherever possible. Not overdoing it can reduce costs. But if they're outsourcing parts of compliance, then they're buying consultancy services – and that always costs more.

  2. Perhaps there is another aviation analog that anti-corruption and compliance professionals might consider. Instead of relying solely on ethics training for people in positions of authority, pilot training would also be useful. While this may sound odd to non pilots, pilots know that a large part of pilot training is "what do you do when these complex and integrated systems break down" ? A pilot will not waste time saying "that's not right, it's supposed to work" or laying blame on someone. The pilot is responsible for the lives and safety of the passengers and the safety of expensive equipment. The pilot must know what to do in the event of failures, and failures will happen. That is training beyond "just enough to get the job done".

Comments are closed for this article!