I began my in-house legal career at a large energy services company where the law department felt it was the only thing stopping the business folks from destroying the company. That is one of the more extreme examples of the ‘protect the company’ mindset of many corporate lawyers. One of the reasons I was so attracted to the compliance function is that collaboration rather than ‘circling the wagons’ is critical to the mission of a corporate compliance function.

Early on I was further intrigued when Leonard Shen, now the Senior Vice President (SVP) and Chief Compliance Officer (CCO) at Visa, in a presentation to Compliance Week, discussed an approach he used to communicate the message of compliance, when he was CCO at his prior employer PayPal. Shen was enhancing PayPal’s compliance program and to do so he used an approach which worked to internally market the compliance initiative and provided information from employees which could be used to form the basis of the enhanced compliance program. Shen and his compliance team traveled to multiple company locations, across the globe, to meet with as many employees as possible. Many of the meetings were town halls. Shen and his team listened to their compliance concerns and more importantly took their compliance ideas back to the home office.

From this engagement, the team received several thousand employee suggestions regarding enhancements to the company’s compliance program. Shen and his team winnowed down this large number to a more manageable number, somewhere in the range of a couple of hundred. These formed the basis of a large core of the enhancements to the existing company compliance program. After the enhanced compliance program was rolled out formal training began. During the training, the compliance team could give specific examples of how employee input led to the changes in the enhanced program. This engaged the employees and made them feel like they were a part of, and had a vested interest in, the company’s compliance program. This employee engagement led to greater employee buy-in.

Louis Sapirman, the CCO at Dun & Bradstreet, Inc. (D&B) took another approach to bringing employees into the compliance enhancement process. He has discussed his use of the company’s internal social media platforms and channels to not only market compliance, but also to obtain input from employee-stakeholders that he incorporates into the company’s award-winning compliance program. Sapirman has related that compliance sponsored internal tweet-ups called ‘Chatter-sessions’ allow employees the opportunity to express their opinions about the compliance function and provide input back to the compliance organization. One of these discussions was around the company’s Code of Conduct and he was able to use employee input going forward.

In this month’s MIT Sloan Management Review, there is an article by four researchers who took this a step further, as they considered internal corporate crowdsourcing, to enlist new ideas from employees, to open new sources of innovation. In the article, entitled “Developing Innovative Solutions through Internal Crowdsourcing, the authors noted, “It allows employees to interact dynamically with coworkers in other locations, propose new ideas, and suggest new directions to management. Because many large companies have pockets of expertise and knowledge scattered across different locations, we have found that harnessing the cognitive diversity within organizations can open up rich new sources of innovation. Internal crowdsourcing is a particularly effective way for companies to engage younger employees and people working on the front lines.”

The authors found some common pitfalls which led to failures in the companies they studied. These included only using the technique for incremental steps going forward, lack of anonymity, running the project as a competition and not a collaboration and not providing feedback or any information on what happened to the ideas. The authors provided seven key elements companies should use to aid in moving such an effort forward. I have adapted these for the CCO and compliance practitioner.

  1. Keep the focus on innovation. You should use this technique for long-term initiatives and not short-term improvements. Establish the grounds for employee creativity with criteria such as (1) ability to meet employees’ unmet needs, (2) delighting the employee, (3) the solution’s newness, (4) marketability, (5) commercial viability, and (6) scalability.
  2. Give internal crowdsourcing participants slack time. If your company wants you focused solely and only on your day job, it will, by definition, limit your participation in a company crowdsourcing project to nights and weekends. This may not be when and where you do your best work. Companies must arrange to allow employees the time and space during working hours to participate meaningfully.
  3. Allow for anonymous participation. As the authors note, when organizational identities are revealed in an internal crowdsourcing project, “some individuals may feel compelled to defend their formal positions.” Companies need to ensure participants “feel safe about contributing knowledge, regardless of their seniority or role in the company.”
  4. Take steps to ensure that company experts don’t exert their influence too heavily. Internal company experts will have their ideas given additional heft if their identities are known. This can have the unintended effect of intimidating others or lessening their voices in the process. The authors believe “For internal crowdsourcing to produce innovative outcomes, efforts should be made to keep the process open to diverse perspectives.” They feel the best approach is to have the company’s internal experts “operate as moderators and to do what they can to encourage others.”
  5. Use a collaborative process for internal crowdsourcing. Much like Shen’s ‘Engage and Educate’ tour and Sapirman’s use of social media to communicate with and obtain information from D&B’s employee base, use of an internal crowdsourcing project has the positive by-product of engagement, stating, “It’s also to build a system through which people within the organization share knowledge, learn from one another, and offer pertinent knowledge for use in new solutions.” If you can engage your employees in compliance, you will not only have a better chance of keeping them engaged, but you will also more fully burn compliance into the fabric of your organization or operationalize compliance in your organization.
  6. Design platforms that facilitate shared development and evolution of solutions. A key to internal crowdsourcing success draws inspiration from open source software. It is that employees need to see what other employees have contributed so they can build upon it. You must find a way to share knowledge among the employee base on an ongoing basis. The authors found three major benefits to such an approach: “(1) knowledge sharing among the crowd across a variety of knowledge types (not just ideas); (2) the opportunity for coevolution of solutions by the crowd; and (3) the degree to which feedback from the crowd helps to refine ideas.”
  7. Be transparent about plans for follow-up post-crowdsourcing. Not surprisingly, one major defect around internal crowdsourcing projects is lack of follow-up and lack of transparency for the employee participants. Simply put, employees not only want to know the results but they also want to know if their ideas were used. This can be a powerful motivator for future participation or the opposite. Companies need to make the process open and fair.

I was very much intrigued by the authors research and recommendations. By internally outsourcing compliance function enhancements, a CCO can increase employee engagement in compliance. The entire process draws from your diverse employee base which brings both organizational learning and knowledge diffusion into the continuous improvement of your compliance program. Just as the data in your organization is your data, so you should not only utilize it but monetize it; your employee base can be a large and untapped source of information which can more readily be implemented and have a more rapid impact on your compliance program going forward.


This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2017