Some of the most interesting innovations in compliance come from folks who do not have a background in either compliance or legal training. I have found it is because their perspective is so different that they spot things that we legally trained compliance professionals often do not spot. That insight was reinforced when I recently interviewed Valarie Charles, Chief Strategy Officer of GAN Integrity Inc., (GAN), for an upcoming podcast series, sponsored by GAN. In my interview, Charles had some great insights into forward thinking in compliance.
Charles has worked in private practice as a white-collar defense lawyer and as a Chief Compliance Officer (CCO). While in-house, Charles tended to view technology as a tactical solution to an issue. She did not see it as a strategic solution and frankly did not understand the power of tech in compliance. However, after her move to GAN she began to see how technology could bring a much larger strategic focus to compliance, for example in such areas a tech solution for compliance integrated into the company’s overall risk management strategy, leading to integrated reporting and an entire infrastructure of the tech solutions tied to the corporate structures.
We explored how Charles perceives that technology has changed the way(s) she considers compliance. She began by noting how much more advanced and mature the financial sector has been in developing and embracing tech than compliance. This extended to corporate financial disciplines so that now there are integrated standard-bearer platforms. Good technology can import and export data easily that allows greater movement of information with more transparency between business units. She noted that Human Resources (HR) has also benefited greatly from tech solutions.
She contrasted those examples with the corporate compliance function, which she believes has been hamstrung by the lack of an integrated tech solution. Tech for compliance has been fragmented. Typically, it has been the norm for a compliance professional to go to one vendor to purchase technology to roll out policies and procedures, another vendor for e-learning and surveys and yet another to register conflicts of interest, gift giving and receiving. Of course vetting your third parties is another set of vendors as is hotline and case management software.
She stated, “if you can’t tie together the critical components of the program into one integrated system that talks to each other and can easily be checked out or have data flowing to and from the other business units, you’re kind of still an odd guy out.” If there was such a tech solution, it would elevate the compliance profession.
Charles believes the most effective and forward thinking compliance professionals are those who consider how not only will compliance impact an organization but also how a compliance program should integrate into the company’s overall business strategy. She explained that this means considering “everybody from ops people to sales folks to the marketing team. You should really try to understand how the business flows and sort of how do you put these gates, how do you put these processes, procedures, and controls in places that will meet your goal of keeping everybody safe and the company, but doing it in a way that will slow down the company as little as possible.”
A CCO can begin to accomplish this by having conversations with the corporate functions and business operations to understand how any changes from the compliance function will impact the day-to-day processes of the organization. If you do this spadework and take the concerns of those you talk to into account, Charles believes it will be much easier for you, as CCO, to get senior management buy-in for changes, upgrades and/or enhancements of your compliance program.
This research is effective is for a couple of reasons. First by garnering buy-in from other corporate disciplines, it makes those disciplines feel like they were a part of a team effort or at the very minimum their concerns were listened to. Which leads directly into a key (if not thekey) skill of any senior business leader, including a CCO, which is listening. Yet listening is even more important for a CCO or compliance practitioner because of the collaborative nature of the compliance function. But information is a two-way street so you must not only listen but also educate your corporate partners in finance, internal audit, HR and internal controls.
From such discussions, Charles believes you can determine the types of controls that would be effective for compliance. Such controls could be incorporated into policies and procedures or internal controls. She noted, “there’s an art to looking at the flow of a business and placing controls in those specific spots. If you are able to listen and process other people’s goals alongside your own and then marry those concepts together, it creates something that works for everybody and everybody can push for it. You listen to a bunch of ideas and then crunch them out in a way that people can understand and see the results.”
Another interesting observation by Charles was that she views the compliance profession as the “true partners of the business.” She contrasted this with a corporate legal department, which exists to protect the company. Compliance is there to prevent, detect and remediate, which means to enhance a business process through the lens of compliance. Charles stated, “compliance has the creativity and flexibility that the legal team doesn’t always have. We can utilize that to align ourselves with business goals in a way that the business team can understand.” This means that if a CCO or compliance function sees something that is not working, it can make a change. The more a compliance team focuses on dynamic and changing risks, the more it will appear as a way to respond to business needs. Equally important, such an approach not only anticipates but also supports the continuous improvement model of compliance. As you garner feedback and data from your compliance program you can use that information to improve your overall compliance process.
Charles concluded by noting that execution is a key element and this is where the rubber meets the road. After you have listened, designed or enhanced and received senior management buy-in, did you, as the CCO or compliance function, execute on your long-term strategy? At the end of the day, you will be judged on how you executed your strategy.
Follow the insights on forward thinking CCOS and move to a more tech based compliance strategy.Click to tweet
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at firstname.lastname@example.org.
© Thomas R. Fox, 2018