Tom Fox: I welcome you to Episode 3 of Compliance Man Goes Global podcast of FCPA Compliance Report International Edition. As always, I am joined by Timur Khasanov-Batirov, a practitioner who focuses on embedding compliance programs at high-risk markets.
In this Episode, we will focus on organizational challenges, which сcompliance practitioner faces in the process of implementing corporate compliance program. To make the podcast handy and more appealing we attach an illustration from Timur’s Compliance Man illustrated series which is posted with this podcast.
In each podcast, we take two typical concepts or probably misconceptions (conventional wisdom n Texan parlance) from in-house compliance perspective. We check out if these concepts work in emerging markets and jurisdictions. For each podcast, we divide the roles. One of us advocates the particular concept identifying pros. The second will provide arguments finding cons and trying to convince audience that that we face a pure myth. As a result, we hopefully will be able to come up with some practical solutions for in-house compliance practitioners can use in their company going forward.
Corporate Concept #1. On practice compliance program is something, which is needed solely to compliance folks. Nobody else in corporation really cares. Tim, do you have arguments based on your in-house experience, evidencing that such assumption exists and has supporters among corporates?
Tim: While I do not personally think that this statement is right, nevertheless I believe there is several pros, which demonstrate that such assumption takes place on practice:
By analogy with other departments which deal with assigned areas of responsibility as Sales or Finance Compliance department in views of ordinary personnel is responsible for Compliance. That simple. Consequently, per this corporate theory Compliance department should oversee Compliance whatever it means;
You might face the theory that management and compliance are not sitting in the same boat. This could be clearly seen in budgeting process for instance. Compliance folks are viewed by top management as just subordinates like others. Compliance department asks for money as others. It is not a big deal to reject these requests in the same way they reject request from any other unit;
Business leaders are not aware that per regulatory expectations (i.e. Evaluation of the Corporate Compliance Programs by DOJ) it should be them not solely compliance team who should be modeling proper behavior to personnel. Consequently, they guess that Compliance teams is the only player to name when you refer to corporate integrity or regulatory expectations.
Tom: OK, let’s see how we as compliance practitioners can fight this conventional wisdom. Here are cons:
The trick is that people do not see the difference between compliance as in-house function and organization’s obligation to act properly. As in-house department compliance team can facilitate the process, implement measures aimed raising integrity level, set controls, advise, teach and etc. However, compliance team not in position in 100% cases to prevent someone from wrongdoing if she intentionally wants to break the rules.
I think that what is depicted in the beginning of the Episode 3 of Compliance man series when Ms. Corporate is not acknowledging that both she as a manager and compliance team are on the same boat (or yellow submarine if we remember classical song) is something which you could face on practice. If top manager understands that, she has even more stringent obligation than even compliance folks in embedding integrity she will more attentively review budget requests you have mentioned and will not isolate her from corporate integrity efforts. So, I believe the biggest challenge and top priority for in-house compliance team is to prove its use to business as a safeguard and trusted advisor.
Corporate Concept #2- “In-house compliance team never possess sufficient resources
This is controversial concept regarding the resources the compliance personnel need to effectively implement the corporate compliance program. Tim, will you support this commonly repeated complaint from in-house compliance community?
Tim: It looks to be a very controversial statement, which in my view might easily become subject to speculations in internal discussions between management and compliance department. I am ready to recall arguments encouraging us as in-house community to decrease the number of complaints on lack of resources.
If the standard to be followed is duly defined in organization, for instance compliance with FCPA based on 10 Hallmarks you can at least roughly estimate resources you need rather than exclaiming constantly without any justification that Compliance department is suffering due to lack of resources. By the way, risk assessment could be a very powerful instrument in assessment hot spots for which you need resources. It will prevent you from boiling the ocean by conducting activities of low added value and consequently will prevent waste of resources.
Innovations, innovations, innovations. I know Tom that you touch this topic frequently, which in my view is very important for compliance profession. From innovations in methods of doing things to new technologies things have been changing. Nowadays, many technologies become available literally for free. Sometimes compliance people just do not know about that. For instance, my children taught me how to make a video with special effects using a smartphone. 10 years ago, to make a compliance video for personnel was a big project, which required budget and engagement of dedicated agency.
Tom: My concerns regarding the topic of availability of resources to in-house compliance are the following:
Lack of resources in even obvious compliance tasks as Due Diligence is one of the things that compliance community means when they refer to lack of resources.
Budget limitations is something that Compliance department would face as any other unit. So, there is no way to escape the situation when you get less than you asked for.
What resources you can you received? Compliance Man got a magazine with picture of Ms. Corporate on the cover from her. Is that what you need? For importantly, what are you going to tell the regulators. I often cite the story told by Stephen Martin, a partner at Arnold & Porter. When he worked for the Department of Justice he would ask a CCO how much money his company spent on yellow sticky-notepads. Then he would ask how much was spent on the compliance program? If it was more on the notepads, he would ask which was more business critical to complying with the law. The bottom line is that whatever your compliance budget is, you must be prepared to justify it to regulators.
Tim: Agreed, Tom. As key takeaways from today discussion, I think we can mention the following ones:
- A compliance practitioner should clearly understand his role in organization along with role of key stakeholders in implementation the corporate ethics program;
- A compliance practitioner should understand the standards and applicable laws to be followed by organization along with resources he need to reach the abovementioned requirements.
Join us for the next episode of Compliance Man Goes Global episode on the FCPA Compliance Report International Edition. Come and bust more corporate compliance myths with us.