More and more the issue of corporate culture is coming to the fore in the area of compliance. It works for all levels of a company, literally from the Boardroom to the shop floor. The Department of Justice (DOJ) and Securities and Exchange Commission (SEC) recognized this when they noted in their 2012 FCPA Guidance that “A compliance program should apply from the board room to the supply room—no one should be beyond its reach.” Yet culture can provide more than simply an ethical foundation, it is also a part of the business foundation of an entity.

This point was emphasized in a recent New York Times (NYT) Corner Office article, entitled “Corey E. Thomas of Rapid7 on Why Companies Succeed or Fail”, where Adam Bryant interview Corey Thomas of the national security firm Rapid7. In this piece, Thomas considered why companies with smart, dedicated and motivated employees can still fail. He began by stating, “the culture of a company can make a huge difference. The culture can accentuate the collective, or it can be a distraction. If it’s a distraction, it can make everyone worse than they would be, either individually or in small groups.” Thomas believes this is because “smart and talented people have the capability to do some really phenomenal things or some really destructive things. And so culture ends up mattering to a huge degree.”

Yet it is even more sophisticated, as part of culture includes cohesiveness. Thomas noted, “Do the culture and the people and the company’s business line up and make sense? Sometimes you find significant inconsistencies. You might have a group of hard-charging, goal-oriented people, but what if their job is to figure out a market solution? Maybe they can’t do it because they’re better at executing than at being creative. So the teams need to be cohesive, but they can’t be monolithic, because teams with the same kind of people miss more. More diverse teams can see around corners because they have different perspectives.”

This type of diversity, which lends itself to being able to “see around corners”, is one of the strengths of a best practices compliance program. The reason is listening. Listening is a key leadership component and there are certainly many ways to listen. You can sit in your office and wait for a call or report on the hotline or you can go out into the field and find out what challenges employees are facing. From this you can work with them to craft a solution that works for the company and holds to the company’s ethical and compliance values.

Louis Sapirman, the Chief Compliance Officer (CCO) at Dun & Bradstreet (D&B), has discussed his innovative use of a tool called Chatter, which he uses to engage D&B employees in a manner similar to Twitter in a virtual worldwide Tweet-up. He has created an internal company brand in the compliance space, using the moniker #dotherightthing, which trends in the company’s Chatter environment. He also uses this hashtag when he facilitates a Chatter Jam, which is a real-time social media discussion. He puts his compliance team into the event and they hold it at various times during the day so it can be accessed by D&B employees anywhere in the world.

He said that he ‘seeds’ Chatter Jam so that employees are aware of the expectations and to engage in the discussion respectfully of others. When they began these sessions he reminded employees that if they had specific or individual concerns they should bring them to Sapirman directly or through the hotline. However, he does not have to make this admonition any more, as everyone seems to understand the ground rules. Now this seeding only relates to the topics that each Chatter Jam begins with going forward. Sapirman emphasized that these events allow employees the opportunity to express their opinions about the compliance function and what compliance means to them in their organization. One of these discussions was around the company’s Code of Conduct. He said that employees wanted to see the words “Do The Right Thing” as the name of the Code of Conduct.

Using such tools a CCO can move towards Thomas’ next key ingredient of a successful corporate culture; which is trust. Thomas said, “I’m obsessive about the culture that we create specifically around trust, and this is an adjustment for some people when they come here. If you join our team, there’s trust by default here. That means you trust in the competence of your teammates. You trust in their intentions and what they’re saying. At some companies, the culture is that trust is earned over time, but that means if everyone in the organization says you have to earn trust, the amount of energy that actually goes into the trust-earning process is a distraction from our mission.”

This part dovetails into what Barbara Brooks Kimmel, Chief Executive Officer (CEO) and Cofounder of Trust Across America – Trust Around the World, continually reminds us of from her site. Moreover, Kimmel finds that trust is good for the bottom line. As reported in its White Paper, “Return on Trust: The “State of Trust” 2016”, Trust Across America found “During the three-year period from February 2013-February 2016 America’s most trustworthy public companies outperformed the S&P 500 according to the actual composite audited performance shown below and reprinted with permission of Facts Asset Management, LLC. This was not a “test” but rather “real” money under management, followed by an independent audit verifying the returns. Trust works as a business strategy.”

I found the Thomas interview fascinating as it moved corporate culture to the forefront of the business of an organization. A CCO can help to facilitate this moving forward by working to inculcate the right type of culture in their organization, which follows the DOJ’s Evaluation of Corporate Compliance Programs (Evaluation) discussion of how operationalization of compliance is a further way of thinking about moving compliance and culture more deeply into a company.


This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2017