As most of you know, when I get interested in something I can get carried away writing about it and it has happened again as I have been exploring the intersection of agile concepts for business processes and operationalization of compliance. The more I study agile and how agile concepts apply to the corporate compliance function, the more I see how agile can help to operationalize a corporate compliance function. I again saw the clear implications when I read a Harvard Business Review (HBR) article by Peter Cappelli and Anna Tavis, entitled “HR Goes Agile”. In prior blog posts, I discussed the use of agile in compliance coaching and compliance teams. Today I want to discuss some other areas, that, when you think about them in the context of further operationalizing compliance, you can see such an approach will also help to improve overall corporate culture by imbuing a real sense of doing business ethically and in compliance as a business differentiator for the organization. They are incentives, recruiting and development.


Under Hallmark Six of the Ten Hallmarks of an Effective Compliance Program, companies should reward those who do business ethically and in compliance with the anti-corruption laws such as the Foreign Corrupt Practices Act (FCPA) or even a company’s Code of Conduct. Companies now have a component of their year-end discretionary business dedicated to such an evaluation. However, under agile, this concept would be taken in a different direction so that when employees distinguish themselves with an action; such as an internal report, a coaching insight, a risk-management action or anything else which tangibly improves the operationalization of compliance, a spot bonus can be awarded at or near that time rather than waiting until the end of the year.

The authors noted that “Research and practice have shown that compensation works best as a motivator when it comes as soon as possible after the desired behavior. Instant rewards reinforce instant feedback in a powerful way. Annual merit-based raises are less effective, because too much time goes by.” Moreover, by using such compensation tools, a company can map the impact employees are having on compliance and where they may need development or coaching. This concept of more direct compensation for operationalizing compliance can also be expanded out for a business unit, team, product line or geographic area. 


Agile concepts can also be used in recruiting and hiring to further operationalize compliance. A cross-functional team working together on hiring and inserting compliance into that discussion would certainly work towards emphasizing a culture of compliance. This takes the concept of Human Resources (HR) initiating a discussion about doing business ethically and in compliance and amps it up. By having a team interview prospective hires and  in the interview process, transmit the company’s values, it frames compliance directly into the business discussion at that point and going forward.

Training and Development 

As articulated in the Evaluation of Corporate Compliance Programs (Evaluation), the Department of Justice (DOJ) now expects training to be tailored for employees based upon their risk level and companies to determine training effectiveness. Bringing agile concepts into compliance training can help companies to achieve both mandates. Regarding tailored training, an agile approach uses data analysis to identify the compliance issues required for particular jobs and for advancement and then suggest to individual employees what kinds of compliance and other risk-management training is required for them, given their experience, job duties and interests.

But it is more pervasive than at employee onboarding, as these same strategies can be used throughout an employee’s tenure. The authors pointed to an example where a company used artificial intelligence (AI) to generate such advice, starting with employees’ profiles, which include prior and current roles, expected career trajectory, and training programs completed. The company then “created special training for agile environments—using, for example, animated simulations built around a series of “personas” to illustrate useful behaviors, such as offering constructive criticism.” These same techniques can be used for your effectiveness analysis as well.

Agile can also help in compliance talent identification and development, particularly in succession planning. Typically, employees are identified long in advance of moving up to senior leadership positions and then given assignments in the hope the talent and skills necessary will be developed. However, this may not work out with such a long-term basis as both companies evolve and needs change. Using the agile approach, you can significantly shorten this timeframe by providing more regular but briefer updates on the development of possible successors, such as quarterly or semi-annually, “in contrast to the usual annual updates—and delays appointments so that they happen closer to when successors are likely to step into their roles.”

The examples I have laid out in this three-part series demonstrate the continued evolution of the compliance function. Using agile techniques to innovate compliance can achieve several goals. Obviously, it moves compliance closer to the front lines of an organization, more fully operationalizing it as mandated by the DOJ. It also creates the audit trail required by regulators. But using agile also improves the business process by integrating compliance into the business unit teams. It is this final point which will drive compliance as much as the legal requirements.

Using agile will certainly require compliance professionals to continue to evolve. It will require business skills beyond those taught in law school. For those who embrace these innovations, it will be an exciting time to be in compliance as the profession will move to a more direct business profit generator. No doubt there will be those who want a law school based-rules approach, with no innovation or evolution. However, those persons will be consigned to the dustbin of non-compliance.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2018