Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

Is your company’s management model a compliance risk factor?

There are two basic management models to choose from: centralized or dispersed. Every global company leans toward one or the other. But for compliance, is one model better and one worse?

At a company I came to know, the CEO went all in for centralized management at HQ. In other offices, managers didn’t manage anything; they took orders from HQ and reported back.

What happened? HQ’s one-size-fits-all solutions left managers in the field feeling marginalized and frustrated. Some sensed impending disaster and left. It wasn’t long before the final collapse.

There weren’t compliance issues but I saw how there might be. It could have come from the top down. Or, the desperate field managers could have justified all sorts of self-help. Compliance doesn’t seem as important when bad decisions from leadership are killing morale and threatening livelihoods.

What about the other extreme — dispersed management with significant autonomy in the field?

Dispersal is usually associated with physical distance. But during the early days of globalization, one commentator said distance isn’t just about geographic separation. “Distance also has cultural, administrative or political, and economic dimensions.”

“Distance” in its various forms permeated another company I knew. The company designed and built major construction projects. The projects took years to complete and nearly everything happened in situ, so management dispersed to be near the customers and the projects. HQ shrunk in importance, while regional and country managers wielded oversized power and control.

The compliance group at HQ was constantly concerned about risky relationships field offices formed with agents and local partners. The HQ group knew how to run an FCPA compliance program, but it barely had enough juice in the dispersed organization to be heard.

Did something like that happen at ABB? In the 1990s, the company announced its new business model: “being local worldwide.” The model worked commercially — ABB’s power plant operations grew — but not for compliance.

ABB eventually became the first three-time FCPA defendant. It paid the DOJ and SEC a combined $537 million for resolutions in 2004, 2010, and 2022. The feds cited FCPA violations in Nigeria, Angola, Kazakhstan, Iraq, Mexico, and South Africa.

Before ABB had FCPA problems, a 1999 case study about its then-admired globalization model said local operating units retained “an amazing variety of combinations of functional differentiation, decentralization, and segmentation along product lines.

Did ABB’s “amazing” management dispersal contribute to the compliance problems? Were field units able to overwhelm the compliance department at HQ? I don’t know why it happened. But three FCPA enforcement actions in under two decades indicates a chronic compliance problem that ABB’s leaders wouldn’t or couldn’t fix.

* * *

Those are extreme examples, but I think they illustrate the point I’m coming to. Both centralized and dispersed management models can become FCPA risk factors if taken too far.

With centralized management, the risk is that a top-down tolerance for corruption infects the entire organization, on the scale of Siemens in the early 2000s. There’s also a chance with honest but overbearing centralized management that frustrated field managers will take matters into their own hands and abandon compliance.

With dispersed management, “distance” can transform some field managers into figures resembling Colonel Kurtz, the character from Joseph Conrad’s book Heart of Darkness and the movie Apocalypse Now, whose loyalties shift as he travels deeper into foreign territory. Kurtz-like managers begin identifying less with their own company and more with outsiders, specifically with intermediaries who think of compliance very differently, if they think of it at all.

Richard Bistrong’s personal account of the Colonel Kurtz syndrome is harrowing, and it’s a theme that runs through the popular Mastercard co-produced compliance training videos many global companies use today.

* * *

Either management model — centralized or dispersed — can be an FCPA risk factor when taken to extremes. Conversely, organizations that balance HQ and the field with the right mix of mutual accountability provide the best environment for compliance groups to operate in. That’s the goal.

Share this post


Comments are closed for this article!