One thing every Chief Compliance Officer (CCO) will face is multiple stakeholders. The more compliance is operationalized the more sensitized this issue will become. Yet the centralized control that many business leaders have is usually not available to a CCO and this is certainly one aspect of the operationalization of compliance. This means one issue a CCO will face is “How to charge up the organization so that we’re maximizing the intellect of all our people?” That question was recently put to Bernard Tyson, the Chief Executive Officer (CEO) of Kaiser Permanente, by Paul Michelman. The resulting answer and much more became a part of the article published in the most recent issue of the MIT Sloan Management Review magazine in an article entitled “The Question Every Executive Should Ask”.

On executive leadership, Tyson called the challenge “multidimensional” by which he meant “Leaders are required to distill the complexities of all the forces, some of which are beyond their control, and then to guide the organization in making sense out of them and delivering on the value proposition, which requires executing on strategies within all this complexity.” His response is not to instruct but “to set the direction and performance expectations, and then to inspire and motivate people.”

Stay Focused on Your Values

Tyson said one of the best pieces of advice he ever received was to “Keep the main thing the main thing.” While for Kaiser Permanente, that mission is healthcare; for the CCO that mission is to do business ethically and in compliance through the prevention, detection and remediation of issues. Tyson said, “Everything we do is through the lens of that mission. The rest is subplot. Yes, there’s going to be a lot of turbulence. The broader conditions change continuously. We don’t control that. But one thing we do control is staying focused on the main thing.”

Interestingly Tyson incorporates the company’s values statement into the hiring process. He said, “That starts with recruitment. Wherever in the organization we are hiring, we need to ask if the employee’s personal mission in life aligns with the mission of the organization. My job is to maintain an environment conducive to attracting people who fit our culture. Making sure we are all clear on the mission is core to that.”

But its more than inspiration and motivation. Today’s employees are an integral part of success and can equally be a part of an ethical or compliance failure. Employees are part of the team that not only are doers but also thinkers. This means you should provide the tools to enable employees to come to the right decision, both in compliance training and compliance support. Yet this is the same message as operationalizing compliance. If you put the compliance system into the functional disciplines within an organization, the employees on the front lines should be able to come up with new and innovative ways of getting things done. By decentralizing both power and information you can benefit from the intellect of a wider variety of inputs from employees.

On Middle Managers

Tyson had some interesting thoughts around the role of middle managers. He believes they have one of the most difficult jobs in any organization, squeezed between being required to do the right thing culturally yet while making their numbers. Middle managers have to deal with both dynamics. Moreover, people usually make it to middle management because they were technically proficient and “When the primary job of a manager was to make sure the workforce had what it needed and did what it needed, these technical skills usually transferred pretty well. Now management is evolving away from directing and toward coaching, facilitating, and creating the right environment for people to excel in their space. Middle managers are again caught between two forces. We are asking them to move away from exercising hierarchical authority and still expecting them to deliver results.”

Tyson believes the company has to work more with middle managers as they are the key to the organizations success. This has led to different ways of training middle managers in the organization and to develop managers with different approaches. This translates into what a CCO should do in terms of overall compliance training for an organization. One of the techniques would be to bring business unit folks into compliance projects so that it expands the relationships of both the compliance function into the business and the business unit folks into compliance.

Freedom of Speech

Probably the most interesting thing which Tyson brought up is what might be termed a speak-up culture but he went far beyond this, calling it a “freedom of speech” culture. These are certainly words you do not hear very often in corporate America. Yet Tyson feels particularly passionate on this point noting, “I believe strongly that we live in a great country and that freedom of speech is, in part, what makes it great. We’re seeing it acted out every day right now in our country, and it’s a beautiful thing. The last thing I want is for individuals who exercise freedom of speech throughout the rest of their lives to feel any different about the freedom to speak inside the organization.”

This concept is about not only the right to tell the truth but also the responsibility to tell the truth. Tyson believes that when “people believe they will be respected for their views, they are more willing to contribute.” By doing so, the organization will benefit from the best thinking of its employees. Tyson puts his money where his mouth is on this issue. He related, “In senior management meetings, when one of my executives feels strongly about an issue and they want to take me on, sometimes they’ll ask, “Freedom of speech?” And I’ll say, “Yes.” And they’ll repeat, “Freedom of speech?” And I’ll say, “Absolutely.” And then they’ll come with it: “I think you’re dead wrong.” They don’t have to sugarcoat it. They just simply put the code out there: “Freedom of speech?””

Each one of the points discussed by Tyson has applicability for the CCO, both in terms of leadership and operationalization of your compliance program. The work which Tyson and Kaiser Permanente does to move decisions, literally around life or death, down to the functional level;  the use of middle management as a key component of a best practices compliance program can be a clear way forward for the CCO to use as a guide. Further, the ‘Freedom of Speech’ concept should point towards greater employee participation through engagement. Finally, staying focused on your core values can help move the entire organization forward at one time, even during choppy seas.

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2017

As you might suppose I read quite a bit. One of the pleasures I receive each month is when the copy of the MIT Sloan Management Review arrives. I also find the articles highly topical and present ways to consider new compliance strategies and technologies, together with insights on leadership. The 2017 Summer edition arrived on Friday so I am going to dedicate this week to considering an article the issue, each day this week, as it relates to the Chief Compliance Officer (CCO), compliance practitioner, compliance profession or a corporate compliance practice. Today I consider an article by Renée Richardson Gosline, Jeffery Lee and Glenn Urban, entitled “The Power of Consumer Stories in Digital Marketing”.

As I often note the customer for a CCO, compliance practitioner, or a corporate compliance practice is your employee. So why not use them to help you market the message of compliance. I can point to one current successful example of using the employee base and that is Louis Sapirman at Dun & Bradstreet, Inc. (D&B), who regularly connects with employees through in-company tweet-ups and other innovative techniques to tell stories around compliance identified using the internal hashtag #DoTheRightThing.

The authors consider a broader use and begin with the basic premise that “When consumers prepare to make purchase decisions, stories can deliver important information and shape the decision and the overall brand experience. With the advent of consumer-to-consumer social media platforms such as Facebook and Twitter, stories can be powerful tools for shaping cognitive processing, recall, brand image, and choice.” The authors found a statistically significant increase of product purchases, “when consumer-based storytelling was employed.” So why not use those same techniques around internal marketing of your compliance function and training on your compliance program?

From their research which led to the article the authors found that customers responded to a story about a brand, when certain factors were present. These included trust in the brand; that consumers saw themselves in the stories and there was a “self-connection” to the brand. Every corporate compliance program should have the employees trust and they should feel connected to the notion of doing business ethically and in compliance, if not the compliance function should fold up the tent and go home. The power of telling stories that resonate with the experiences of employees in the real world is also a well-known and used standard in compliance training. Here you can think of the RESIST training scenarios.

The authors proposed four steps which they advised a company to engage in to implement such a strategy. I found it quite use for the CCO or compliance practitioner to think through when considering this approach. I have adapted the authors’ consumer approach for the compliance practitioner and their employee base.

1.Work with consumers to generate believable and compelling stories. The authors found that by examining “comments on Facebook, Twitter, YouTube, and other social media sites, you should be able to find leads to consumer stories about your brand that you can follow up on. It’s a little like curating an art show: You need to find the best examples and work with storytellers to deliver the right message.”

For the CCO or compliance profession you should mine your data sources to find stories. Even if you are not as tech savvy as the compliance team at D&B, there should be a wealth of other compliance information and data available to you. You can consider hotline reports, remembering that not all hotline reports are of illegal, unethical or fraudulent conduct. It may only be the perception of unfairness or favoritism. Dispelling such faulty acuities can go a long way towards directly improving employee morale. This can be a powerful story and useful to utilize when marketing your hotline.

2.Convert stories into high-quality presentations. A great example here is a video CenterPoint Energy released in 2015 after the Volkswagen (VW) emissions-testing scandal became public. The video featured Scott Prochazka, CenterPoint Energy President and Chief Executive Officer (CEO). He used the VW scandal to proactively address culture and values at the company and used the entire scenario as an opportunity to promote integrity in the workplace. But more than simply a one-time video, the company followed up with a with an additional resource, entitled “Manager’s Toolkit – “What does Integrity mean to you?””, that managers used to facilitate discussions and ongoing communications with employees around the company’s ethics and compliance programs. Finally, as noted by Amy Lilly, Director, Corporate Ethics and Compliance at CenterPoint Energy, the cost for the video was quite reasonable as it was produced internally.

3.Embed stories in your social media mix. The authors related, “Posting videos of customer stories on your brand website means they will be perceived as coauthored by the consumer and the brand. Use true consumer stories and present them through your branded social media channels to maximize impact.” Another way to consider this concept is that short videos are good videos. You can have a series of short videos communicating different aspects of your compliance program. It can range from short messages from your CEO, to videos of your CCO to videos of employees. Employees always tune in when senior management speaks to them internally through a video. Employees want to hear from the President and a message of commitment to the culture values of doing business ethically and in compliance is always a message that will resonate with employees. Finally, employees want to hear stories from and about their co-workers who faced compliance challenges and #DoTheRightThing.

4.Integrate paid media strategies with voluntary sharing of stories on social media. Here the authors focus on the overlap and intersection of professional media strategies with “story-based consumer content generated for social media.” For the compliance practitioner, this translates into an opportunity around training. You can use traditional methods of compliance training, interspersed with videos and other social media uses of your employee base with real world examples of how compliance not only helped them do business ethically and in compliance but also how it made your organization more efficient together with being more profitable.

The authors conclude by noting, “Throughout history, storytelling has been an integral way to convey attitudes and values, and it will remain a key source of information and influence in the digital world. As new technologies such as virtual reality evolve and improve, brands can expect to continue to have new opportunities to use consumer storytelling in their communication strategy.” You should incorporate these concepts and employee-told stories into your compliance message as well.

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2017

The use of data in compliance programs continues to be held up as either a siren’s song or a goal which simply cannot be achieved. Most of the time when compliance practitioners consider how to use big data in a compliance program, it is to obtain more visibility into siloed corporate data to allow more robust compliance oversight and monitoring. However, the basic requirement of the Department of Justice’s (DOJ’s) Evaluation of Corporate Compliance Programs, that a compliance program should be operationalized provides a compliance professional to consider another way to view big data and, more importantly, obtain resources to break down those siloes.

One manner to operationalize compliance is to use big data to improve the internal corporate processes. Compliance is a business process and doing compliance or, in the DOJ’s phrasing, operationalizing compliance means you are moving compliance into your existing or to-be created business processes. As I noted in a prior post, perhaps it is time to ‘reframe the issue’. So why not think about the compliance function’s use of big data as a business process improvement opportunity?

In a recent MIT Sloan Management Review article, entitled “How to Monetize Your Data, Barbara H. Wixom and Jeanne W. Ross considered approaches businesses can take to monetize their internal data. They stated, “Using data to improve operational processes and boost decision-making quality may not be the most glamorous path to monetizing data, but it is the most immediate.” I would also add that it is another way of articulating how to operationalize your data.

The authors note, “Executives often underestimate the financial returns that can be generated by using data to create operational efficiencies. Companies see positive results when they put data and analytics in the hands of employees who are positioned to make decisions, such as those who interact with customers, oversee product development, or run production processes. With data-based insights and clear decision rules, people can deliver more meaningful services, better assess and address customer demands, and optimize production.”

The first step for the Chief Compliance Officer (CCO) is to locate data sources which are needed to or even could operationalize your compliance program. From this point, you should locate data sources which could provide a more robust compliance solution for the company. From there consider how the data could be used in a more robust 360-degree view. Now consider this basic model in the context of gifts, travel and entertainment (GTE) data. Obviously from the compliance perspective, such information is critical to determine corporate compliance with the Foreign Corrupt Practices Act (FCPA) in connection with spending on foreign government officials or employees of state-owned enterprises. A CCO might inquire into who is being entertained and the amount of the spend by company employee or by the recipient. Additionally, if there was a pattern of high spending by one employee or high spending on one foreign official, this might raise a red flag which needs follow up investigation.

Yet the same GTE data could be analyzed for the overall spend to see if there were any suspicious patterns which might indicate expense card abuse. Such indicia might be duplicate payments, spends at just below the threshold for pre-approval or out-of-policy expense reports and out-of-compliance expenses. You could check to determine if an expense is recorded once on a T&E report and then a second time on another expense report or a P-card charge or other type of expense, i.e. double-dipping. From there you can move to determine if they might be an intentional, as opposed to an unintentional, mistake. This could present a significant cost savings or even cost recovery to the company so the data analytics tool could essentially pay for itself. Accounts payable (AP) is always seeking ways for greater efficiency and running such a data analysis is a clear example.

Now consider analysis of your GTE spend in the sales cycle as that same data might also provide insight into your sales cycle forecasting. If your company has a product or service which is complex and requires your customer’s involvement, with activities such as deploying enterprise software, the data could create a better view of “relationships with corporate customers, including what those customers bought, what issues they encountered, and how the company engaged with them.” By looking at your GTE spend on customers over a long period of time, you can help determine if these efforts have resulted in sale (is the spend worth it?), where are the critical junctures in the sales cycle and, finally, how likely a sale closing would be based upon historical data.

The authors suggest such a system of data analysis can help “sales executives more accurately manage their pipelines” because when coupled with “predictive analytics and machine learning to compute the likelihood of a successful sales engagement based on data that the salesperson provided about an opportunity.” Your own data can provide you with “Information about an opportunity’s likelihood of success, along with suggestions on how to advance engagements along the sales pipeline.” This in turn can aid salespeople to prioritize leads and act in ways most likely to achieve their goals. For instance, at “Microsoft salespeople learned how to forecast more accurately (for example, the accuracy of forecasts regarding global accounts has risen from 55% to 70%), which has led to better sales-pipeline data and, in turn, improved pipeline management.”

This example allows you to consider three different uses for your own company data which can improve process in three separate ways. Yet it is all the same data. This means that a CCO can work with other functional disciplines to fund such a project but, equally importantly, you will have more stakeholders that can create a sense of urgency and accountability for the project to acquire the data. It would also provide to the compliance practitioner other process champions within the organization who could provide strong leadership for the lifecycle of the project.

Adding a data analytics feature to your own data can help you to monetize the data in a variety of ways. For the compliance practitioner, it also allows you to operationalize your compliance program by pushing out the data analytics that you would be using into the functional business units. The authors end their piece with the following, “Impressive results from data monetization do not transpire from single “aha” moments. Instead, they stem from a clear data-monetization strategy, combined with investment and commitment.”

Compliance is a process. The DOJ has done the profession a very large favor by requiring us to focus on the operationalization of compliance. Thinking about ways to use and analyze the same data in other corporate functions, such as AP and Sales, is one way to operationalize compliance.

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2017

 

 

 

Of all the discoveries made in the 20th century one of the most tectonic was the discovery of the double-helix structure of DNA, the molecule containing human genes, by Cambridge University scientists James D. Watson and Francis H. C. Crick. According to This Day in History, it was on this day in 1953 that they “determined that the structure of DNA was a double-helix polymer, or a spiral of two DNA strands, each containing a long chain of monomer nucleotides, wound around each other. According to their findings, DNA replicated itself by separating into individual strands, each of which became the template for a new double helix.”

“Somewhat hilariously in his best-selling book, The Double Helix (1968), Watson later claimed that Crick announced the discovery by walking into the nearby Eagle Pub and blurting out that “we had found the secret of life.” The truth wasn’t that far off, as Watson and Crick had solved a fundamental mystery of science–how it was possible for genetic instructions to be held inside organisms and passed from generation to generation.” The formal public announcement was made some two months later with the publication of an article in Nature magazine. Crick, Watson and one other scientist were awarded the Nobel Prize for their discovery in 1962.

I thought about this momentous discovery and its wayward initial announcement when I read a recent piece in the MIT Sloan Management Review, entitled “Why Your Company Needs Data Translators, by Chris Brady, Mike Forde and Simon Chadwick. In their article the authors draw from their work in the field of sports analytics to conclude that there should be a corporate function which bridges the disconnect between data scientists and executive decision makers; what the authors term the data translator.

It is certainly not hard to see how this relates to a Chief Compliance Officer (CCO) or compliance professional as most of us came to the position from the legal department or General Counsel’s office, most usually with legal training only. To say that lawyers are deficient in their ability to utilize data analytics belies a much larger corporate deficiency which exists in what the authors call the “persistent cultural divide between the decision makers on the field and the data analysts who crunch numbers off of it.” The authors later phrased it another way as, “A key issue that emerged from these meetings was the recognition of this consistent disconnect within performance management practice between “big data” analysts and the decision makers they support. This is evidenced by the predominantly dismissive attitude of many executive decision makers (general managers, head coaches, CEOs, COOs, etc.) to both the data itself and those responsible for delivering it — an attitude often born largely out of ignorance or fear.”

This gap between the data analytics professionals, who the authors call “the quants” and the front line decision makers is similar to that in the compliance space, challenging. The authors call this gap the “interpretation gap” and believe it can be filled by “data translators”, who work to bridge this gap. The authors identified four key reasons for data translators.

First is that the person doing the translations needs to avoid what the authors term “data hubris” which the authors cite to David Lazer for the definition. It is “the often implicit assumption that big data are a substitute for, rather than a supplement to, traditional data collection and analysis.” The heart of this condition is forgetting that data interpretation requires a wide range of skills around not simply what the data means but the other information which should be evaluated with the data or what R.C. Buford calls the “alignment of multiple variables – the eyes, the ears, the numbers.” For any compliance practitioner this means considering all of the variables to help determine what the data or sometime the lack of data might mean.

The next is decision-making biases from which the translator “must remain aware that any point of view, even one derived from extensive research and rock-solid facts, carries potential biases.” Another way to consider this is the “overconfidence bias” where “an individual’s confidence in his or her own judgment is at odds with reality.” Another bias the authors consider is the emotional bias which “occurs when the decision maker lets outside noise influence his decisions.” The role of the translator is to eliminate this noise in the interpretive process.

The next identified was the “need for linguistic common ground” where the problem is really one about communication. The reams and reams of data can be numbing when presented in spreadsheet form, which is usually what the quants present. The authors believe that data tells a story and it is that story which should be presented. They advocate “approaches that bring otherwise dry information to life. These approaches include data visualization, process simulation, text and voice analytics, and social media analysis.”

Interestingly, the authors believe that subject matter experts (SMEs) should be the primary data translators because such persons have a “high level of practical experience, which is difficult to acquire on a theoretical basis, and it also lends itself more readily to the storytelling ability that must be an essential skill of the data translators.” This would seem to be the calling card of a compliance professional who not only understands the compliance side of the organization but who also understands the business side of the company.

This is why lawyers in the legal department are generally not suited to provide this type of internal corporate reporting. First they generally do not have a business background and professional business training. This does not give the credibility needed with senior management in areas outside law. Additionally, the law department does not see its role to speak truth to power. Lawyers generally do not say no because they are there to advise, not to prevent, detect and remediate corporate issues. Compliance professionals embody a wider variety of corporate skills and intellectual curiosity.

The authors end their piece with the following, “Bridging the cultural gap between domain specialists and analytics specialists within organizations with an interpretation function performed by a data translator can begin to address the disparity between the claims for big data and its reality. That process begins with recognizing the limitations of what numbers and intuition can do separately.” Just as Crick and Watson discovered the structure of the double-helix and made its connection to DNA as the building block of nature, the role of the compliance practitioner can provide a solid basis for considering the wide range of information available to a corporation from its compliance function. And do not forget the story telling, especially visual story telling.

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2017

tangled-up-in-blueToday, I conclude my tribute to Bob Dylan-Nobel Laureate, by discussing my personal favorite Bob Dylan song, Tangled up in Blue. The time shifts and jumps in the song have always resonated with me. Indeed, it is one of the most beautiful and truly haunting songs I have ever heard.

Neil McCormack, writing in The Telegraph described the song as “The most dazzling lyric ever written, an abstract narrative of relationships told in an amorphous blend of first and third person, rolling past, present and future together, spilling out in tripping cadences and audacious internal rhymes, ripe with sharply turned images and observations and filled with a painfully desperate longing.” He added that the song was “A truly extraordinary epic of the personal, an unreliable narrative carved out of shifting memories like a five-and-a-half-minute musical Proust.” 

Wikipedia said of the song, it is one of the clearest examples of Dylan’s attempts to write “multi-dimensional” songs which defied a fixed notion of time and space. Dylan was influenced by his recent study of painting and the Cubist school of artists, who sought to incorporate multiple perspectives within a single plane of view. Dylan himself said of this style of songwriting, “What’s different about it is that there’s a code in the lyrics, and there’s also no sense of time. There’s no respect for it. You’ve got yesterday, today and tomorrow all in the same room, and there’s very little you can’t imagine not happening.”

The song introduces today’s post which comes from an article in the MIT Sloan Management review by Lynda Gratton, entitled “Rethinking the Manager’s Role”, where she speculated on the role of technology in business and whether such technology will render managers obsolete. Her conclusion was not that technology would make managers obsolete but that they would need to be more skilled than before, going forward. She posits four potential changes for management which all apply to the compliance professional.

First, Gratton believes that “the manager’s role as a coordinator of work would come under increasing pressure. Constant improvements in robotics and machine learning, in conjunction with the automation of routine tasks, make management a more unclear practice. What is a manager, and what is it that managers do? Are we witnessing the end of management?”

Second, there will be a shift at the paternalistic view of what Gratton calls the “parent-to-child way of looking at the relationship between the manager and his or her team.” She goes on to state, “ultimately superseded by an adult-to-adult form. The nexus of this more adult relationship concerns how commitments are made and how information is shared. When technology enables many people to have more information about themselves and others, it’s easier to take a clear and more mature view of the workplace. Self-assessment tools, particularly those that enable people to diagnose what they do and how they do it, can help employees pinpoint their own productivity issues. They have less need for the watchful eyes of a manager.”

Third, Gratton foresees a structural change away from the vertical to the horizontal. Gratton begins by asking the question, “Why learn from a manager when peer-to-peer feedback and learning can create stronger lateral forms of coaching?” She then goes on to state that “technology-enabled social networking is capable of creating robust and realistic maps of influence and power — so no more hiding behind fancy job titles.” Finally, Gratton notes that the rise of platform based businesses such as Uber may well have very large implications for business management going forward, noting, people are “excited about platforms and how they can create a fertile arena for new businesses to be built while also acting as a conduit for flexible ways of working.”

So what does all of this mean for the business manager and even more explicitly the compliance professional? First and foremost, it clearly portends the end of the former model of compliance, which centered the function in the General Counsel’s (GC’s) office. That model has since been discredited as not structured for compliance to succeed. However, I think we are also past these structural changes which developed into Compliance 2.0 and we are now into qualitative changes which portend Compliance 3.0 and beyond. Compliance practitioners will need to be able to read a spreadsheet as compliance goes into the fabric of their organization. Failure to have this basic business skill will render the lawyer-cum compliance practitioner as a professional luddite going forward. Put another way, it is not simply understanding the law but applying it into an ongoing business organization that will separate those who succeed in compliance from those who are stuck in the past.

Gratton sees the skills managers will need in a similar vein. As companies truly become more worldwide in scope the US centric nature will give way to a more horizontal approach. When you add in the incoming millennial workforce you add a generational component as well. The skills called upon will be to manage across time and space all the while supporting “rapid knowledge flows across business units.”

Gratton ended her piece with “this is a very complex form of management — managing virtually rather than face to face; managing when the group is diverse rather than homogenous; and managing when the crucial knowledge flows are across groups rather than within. These are highly skilled roles in terms of both managerial capabilities (for example, how to build rapid trust, coach, empathize, and inspire) and management practices (for example, team formation, objective setting, and conflict resolution).”

The Department of Justice (DOJ) has consistently said that compliance programs must evolve to keep pace with not only changes in business and markets, but changes in technology which increase the manner in which companies actually do compliance. In the FCPA Pilot Program, the DOJ (and most probably its Compliance Counsel Hui Shin), in its section on remediation noted that the Chief Compliance Officer (CCO) would need to evolve far past a lawyer simply writing policies and procedures; to having a CCO and compliance function fully integrated into the business and managing compliance throughout the organization, even if the business units were taking the lead in doing compliance.

As the manager’s role changes in the corporate world, the role of the compliance professional will change as well. Or Bob Dylan said about Tangled up in Blue, “You’ve got yesterday, today and tomorrow all in the same room, and there’s very little you can’ t imagine not happening.”

 

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2016