Agile is not often a work method associated with compliance programs or the compliance profession. That may be from the heritage that many compliance practitioners came out of the General Counsel’s office or private practice in the legal profession. It may also be that as agile concepts move beyond their original centrix in tech areas, corporate compliance functions have not understood how agile concepts could help transform their practice inside an organization. Over the next couple of blog posts, I will be exploring how agile can transform compliance. Today I begin with coaching.

However, the more I study agile and how agile concepts apply to the corporate compliance function, the more I see how agile can help to operationalize a corporate compliance function. I once again saw the clear implications when I read a Harvard Business Review (HBR) article by Peter Cappelli and Anna Tavis, entitled “HR Goes Agile”. One of the key insights I received from the article was the focus on teams. When you think about that in the context of further operationalizing compliance, you can see such an approach will also help to improve overall corporate culture by imbuing a real sense of doing business ethically and in compliance as a business differentiator for the organization.

Most generally, agile is described as an approach to overall development by which requirements and solutions evolve through the collaborative effort of cross-functional teams and end users. Agile advocates adaptive planning, evolutionary development, early delivery, and continuous improvement, and it encourages rapid and flexible response to change. It “empowers teams to manage projects as needs evolve.” From the compliance perspective, this would work to put both the tools and resources in the hands of those in the front lines who may be the first line to identify and then prevent any actions from violating a company ethos such the Code of Conduct or compliance policies and procedures.

The authors considered Intuit Inc.’s shift to agile and derived some lessons from the efforts to successfully install an agile approach. Some of the key lessons learned were to focus your efforts on early adopters in your company. Do not “waste time trying to convert naysayers.” When moving towards an agile approach, form what Joumana Youssef called ““triple-S” (small, stable, self-managed) teams, give them ownership of their work, and hold them accountable for their commitments.” Further, you should work to quickly train leaders at all levels in agile methods as your teams will need to be fully supported to self-manage their initiatives going forward. Youssef believes that “changing frontline and middle management will be hard, because people in those roles need time to acclimate to “servant leadership,” which is primarily about coaching and supporting employees rather than monitoring them.” Finally, even if you despair, you should “stay the course” as “shifting your organization’s mindset takes persistence.”

One area that sees clear implications for agile in connection with compliance is in the coaching of compliance and the larger issue of a compliance culture in an organization. Not only by coaching middle managers in the organizations requirements but more importantly the compliance solutions you will have to ability to drive compliance down further into your organization. One technique the authors cited to was that of Cigna where managers actually went through coach training. The company created “weekly 90-minute videos that can be viewed as people have time. The supervisors also engage in learning sessions, which, like “learning sprints” in agile project management, are brief and spread out to allow individuals to reflect and test-drive new skills on the job.” Yet in addition to moving the coaching ability to middle managers, it also allowed more peer-to-peer feedback.

This clearly has implications for a 360-degree view of compliance communication best articulated by Dun & Bradstreet, Inc. Chief Compliance Officer (CCO) Louis Sapirman; where he views every interaction by the CCO as an opportunity to communicate a company’s value of compliance and culture of compliance. Now think about how that might work in the situation such as Cigna where colleagues “form learning cohorts to share compliance ideas and tactics. They’re having the kinds of conversations companies want supervisors to have with their direct reports, but they feel freer to share mistakes with one another, without the fear hanging over their heads.”

Another approach can be for the compliance function to act as a coach on-site to help all managers give better compliance information to employees and, more broadly, to develop internal compliance advocates and coaching capabilities. The authors note the “idea is that once one experiences good coaching, one becomes a better coach. Not everyone is expected to become a great coach—those in the company who prefer coding to coaching can advance along a technical career track—but coaching skills are considered central to a managerial career.”

Another approach the authors suggest is to have managers help employees in coaching them in their day-to-day work from the compliance perspective. You can do this by investing in “training supervisors on topics such as how to establish employees’ priorities and goals, how to provide feedback about contributions, and how to align employees’ career aspirations with business needs and learning and development plans. The bet is that building employees’ capabilities and relationships with supervisors will increase engagement and therefore help the company innovate and move faster.”

As innovation becomes imperative in other business processes, compliance must follow. Just as the Department of Justice (DOJ) has evolved in its thinking of what might constitute a best practices compliance program and why the most recent iteration is to operationalize compliance, compliance professionals must also do so from the business perspective. More importantly by operationalizing compliance through an agile approach, compliance functions can increase their detect and prevent prongs by moving the front lines of defense closer to where a violation might occur, the front line of a business.

Tomorrow I will consider how an operationalized team method can forward compliance through an agile approach.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2018