Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Shruti J. Shah
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

Extending the reach of management’s commitment to compliance

U.S. regulators responsible for enforcing the FCPA have said they often encounter companies with compliance programs strong on paper but weak in practice. The prosecutors sometimes cite management’s failures of omission or, worse, of actively conspiring to circumvent a program.

The DOJ helped focus attention on the issue of management commitment in the recently updated Evaluation of Corporate Compliance Programs guidance document. The guidance says in part,

Shared Commitment – What actions have senior leaders and middle-management stakeholders (e.g., business and operational managers, finance, procurement, legal, human resources) taken to demonstrate their commitment to compliance or compliance personnel, including their remediation efforts? Have they persisted in that commitment in the face of competing interests or business objectives?

The importance of “shared commitment” is widely recognized as a key ingredient of effective compliance. Here in Southeast Asia, the Malaysian Anti-Corruption Commission (MACC) has also focused attention on the same issue.

Earlier this year, the MACC issued its Guidelines on Adequate Procedures, which include the five principles of T.R.U.S.T. Some suggestions for management implementing TRUST in practice include:

Top Level Commitment – how are senior leaders in the organization through their words and actions encouraging the good and discouraging the bad?

Risk Assessment – how has the company’s risk assessment process accounted for risks identified?

Undertake Control Measures – have business units been consulted prior to rolling policies and procedures out? Are those with approval authority or certification responsibilities in relevant processes aware of what to look for, and when and how to escalate concerns?

Systematic Review, Monitoring and Enforcement – how are observations from controls testing reported and action items tracked?

Training and Communication – has the company provided tailored training for high-risk employees that addresses the risks they may face in their area of the business? What resources are available to employees to provide guidance relating to compliance policies?

With all this mind, I asked Richard Bistrong during a “fireside chat” we had in Singapore about the triggers of ethical decision making and the role of management. He talked about management finding and empowering “compliance ambassadors” who can be drawn from different roles from the field.

As Richard has discussed on the FCPA Blog, these compliance ambassadors can be in places far removed from management, yet able to identify compliance gaps and potential vulnerabilities, bringing those issues back to HQ, with recommendations on how to fix them. Unlike more senior managers, compliance ambassadors, embedded embedded in the workforce, are  employees who a peer might turn to for initial support when an ethical problem arises, feeling a greater level of comfort (and less intimidation),  communicating with someone  who has walked in their shoes.

How does a company go about finding such a frontline compliance ambassador? Perhaps it’s the employee you meet when trying identify high-risk corruption touchpoints in their role, who “gets it” with their responses, or proactively asks how they can improve compliance in their function.

Or maybe during a training session, it’s the employee who puts up their hand and shares their experience of a compliance issue they had to deal with in the field. Or perhaps it’s the employee who raised a concern on compliance shortcomings in the past or who joined from another company known for their strong compliance program.

Whichever employees are identified as suitable compliance ambassadors, they can be a key way to magnify management’s commitment to compliance, and help find and plug those inevitable gaps between compliance principles and practice.


Jarrod Baker is a Partner and the Southeast Asia Leader for forensic investigations at Deloitte based in Singapore. He’s a Chartered Accountant and well versed in helping companies develop, implement and monitor effectiveness of their anti-corruption compliance frameworks. He can be contacted here.

Share this post


1 Comment

  1. Thanks, Jarrod. You are right to focus on the management side of compliance and ethics.

    Having field compliance & ethics people has long been a part of smart compliance programs. This draws in part from the field of workplace safety, where it was recognized that safety had to be part of operations or it did not work. If compliance only exists in headquarters then it is just a fantasy.

    On the point about management commitment, often this just means words but no actions. Having the CEO sign a statement written by the lawyers is NOT management commitment. What is needed is for the CEO and other executives to show commitment by their actions. For example, does the CEO personally visit a high-risk location and check on the controls that are in place? Does the CEO praise the local compliance manager? Is the CEO the first person to attend the compliance training (and stay off the smartphone during the entire presentation)? Management commitment is not shown by words, it is shown by actions, big and small.

    Cheers, Joe

Comments are closed for this article!