The intersections of compliance and Human Resources (HR) continue to grow and become increasingly important in any best practices compliance program. One key area where compliance can play a key role is in succession planning at the executive level, right up the CEO. A.G. Lafley and Noel M. Tichy, in an article, entitled “The Art and Science of Finding the Right CEO”, discussed the issue of succession planning at Procter & Gamble (P&G). Many of the concepts and issues that Lafley discusses within the context of succession planning in general are applicable to the concern of compliance within this area.

Lafley makes clear that succession planning is just as important as governance, enterprise risk and strategic oversight. In other words, it is just as important. Sadly, many companies fail to give it the attention it requires. Indeed, in a PricewaterhouseCoopers (PwC) survey, cited in the foreword, nearly one-half of the more than 1,000 directors gauged reported dissatisfaction with their companies’ succession plans. Imagine what that number would be if they took into account the compliance aspect of succession planning.

Borrowing from Lafley, I have adapted an analysis of some of the characteristics that should be considered in succession planning from the compliance perspective. Lafley makes clear that succession planning does not begin at the time a CEO decides to retire. It should be at the time that a CEO is hired. This is to prevent a decision at the last minute or, worse yet, “to be left with effectively no decision.” As well as the process being started at the time of hiring it must also fully engage the Board of Directors. Lafley provides several key points, all of which are applicable to the compliance component of succession.

Lafley defines the criteria that the evaluation process is an ongoing, not episodic process. In addition to a “broad and deep pipeline of qualified leaders” the candidates should be put through a variety of roles. In the compliance context, this would provide an opportunity to review the initiatives and responses in several different areas. In addition to running large and small business units, such candidates should oversee several different functions, as broadly as the CFO to HR.

In many ways, evaluating a compliance criterion is as much an art as it is science. However, Lafley states that a specific list of “must-haves” is appropriate. It is not as simple as whether there was a violation or not. It is broader than that binary calculus. Paul McNulty’s three Maxims for evaluating a corporate compliance program are: (1) what did you do to prevent it; (2) what did you do to detect it; and (3) what did you do when you found out about it? Compliance for the CEO candidate is more than the third prong. How did you inculcate compliance into the business unit that you are managing? What controls did you put in place? And then what did you do when you found out about it? Indeed, former DOJ Compliance Counsel Chen, remarked about the importance of ‘facetime’ by a CCO with a President or CEO.

Moreover the recent FCPA enforcement action, involving Barclay’s and its hiring issues points towards the need to follow established protocols, even in HR. If you have a process in HR for evaluation around succession planning, that process should be followed. If any exception is made, it is incumbent the exception be documented, justified, then reviewed and approved by an appropriate level of management.

Lafley defines this as “how the future might look”. You might explore a new geographic market with a candidate or a new product line, either of which might bring new compliance challenges. Being a part of a team to perform a risk assessment might indicate that new or different compliance safeguards need to be considered. Should monitoring, through continuous controls monitoring or other more sophisticated tools, be utilized as the compliance program evolves be considered?

Lafley points out that the choice of “a successor isn’t a done deal until the votes are cast and the announcement is made.” He advocates continuing to provide challenging projects, which would include those in the compliance arena, can continue to provide feedback and guidance from the compliance perspective. As one division President once told me “You are always being evaluated.” And so it should be. The selection of a new CEO is a substantial investment by a large company. Having the right person in the position from the compliance perspective is an important element in an overall evaluation. Remember – it all starts with the “Tone from the Top”.

Every time I perform a risk assessment and speak to the company’s HR lead, they immediately understand the role than can play in moving forward a company’s compliance program. Even if the HR role is limited in the hiring process, they can ask potential candidates their views to determine underlying business ethics. HR can also begin the compliance inculcation process, even pre-hiring, by talking about the company’s values in the interview process. This sets an expectation that can be built upon if a candidate is selected and in every HR touch point going forward, including looking at employees in the succession planning process.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2019