Over the next several posts we will now turn our attention to the evolving role of Corporate Compliance and Ethics.
Regulations, ethics, and integrity are challenging the organization like never before. Governments are increasing scrutiny of organizations, stakeholders demand transparency, clients want assurance the organization is reputable and upholds their values, and business partners require commitments to compliance and ethics.
The role of the chief ethics and compliance officer (CECO) has changed: it has evolved from various compliance areas to become a strategic pillar of the enterprise. The CECO in the 21st century has more to do than find and fix problems and ensure compliance requirements are met. Today’s CECO has to ensure compliance risk is understood and managed, that organizational obligations are more than written policies but part of the fabric of business operations and interactions, and that there is a strong corporate culture that ensures social responsibility as part of the ethical environment. A strong compliance program is based on values, but requires a risk-based approach to understanding and prioritizing limited resources to combat risk.
CECOs are climbing the corporate ladder to a higher status. What was scattered across business functions — with a concentration in legal — is now coming of age as a senior executive role. With the burden of increased scrutiny, oversight, and ethics the CECO is often reporting directly to the board of directors and senior executives.
Yesterday’s compliance program will no longer work. The 21st century demands a robust compliance program to manage the breadth and depth of ethics and compliance risk that bears down on the organization today.
This is the beginning of my thoughts to start the discussion, please expect several more posts over the next few weeks as I share more deeply my research and insight into the evolving role of corporate compliance and ethics. I would love to hear your thoughts as well – please share them.
For those that cannot wait for all of my upcoming posts – you can read my thoughts and perspectives in my most recent written report: Compliance Risk Management in the 21st Century.
LinkedIn Groups
Group: Corporate Integrity (GRC)
Discussion: Corporate Compliance: From Finding and Fixing Problems to Compliance Risk Management
Michael, I agree with your initial thoughts and am interested in learning more about how others identify and prioritize risk in their organizations. Thanks!
Posted by Jodie
LinkedIn Groups
Group: TRUSTe
Discussion: Corporate Compliance: From Finding and Fixing Problems to Compliance Risk Management
Hello Michael,
I worked in finance in the legal and compliance department for over 15 years. I have seen the change in the significance of the role of a CCO and CECO. I look forward to your ideas of establishing an ethical corporate culture in the financial world. Ethics and Wall Street…almost sounds like an oxymoron. After the beating they have taken over the years and the lack of trust (look at the protests currently occurring), ethics is what is needed. The hard part is to change corporate culture and make everyone buy into the firm’s program.
Good Luck!
Felix
Posted by Felix
Felix,
You hit the nail on the head – culture is the single greatest hurdle or champion (on either side) for compliance and ethics.
LinkedIn Groups
Group: Risk, Regulation & Reporting
Discussion: Corporate Compliance: From Finding and Fixing Problems to Compliance Risk Management
I hope ypu are right.
I still find that I have to “fight” as an auditor for transparency in reports to the board of directors, and even for receiving data & documents, although I am an auditor in a bank, which is supposed to be “heavily’ regulated.
Posted by Daniel
LinkedIn Groups
Group: Risk, Audit, and Compliance Executives (RACE)
Discussion: Corporate Compliance: From Finding and Fixing Problems to Compliance Risk Management
Great beginning article for discussion. I would also go on to suggest that today’s corporations must consider more than simply American ethics. As many more companies go global, ethics and compliance departments must also consider foreign business cultures and customs; which if not acknowledged and understood, could lead to compliance issues and / or lost revenues. Simply not knowing an employee or business partner felt offended or slighted by our certain actions, does not, in today’s world, constitute an easy or free pass.
Posted by Scott
Scott,
Yes – an understanding of international ethics and culture is very important in this day and age.
LinkedIn Groups
Group: Corporate Integrity (GRC)
Discussion: Corporate Compliance: From Finding and Fixing Problems to Compliance Risk Management
Chief ethics officers should report directly to the CEO not the Chief Compliance officer, meaning they need to be distinct and separate enitites.
Posted by Frank
Frank,
I would love to hear your argument why ethics should not be part of the compliance role. I see more and more CECO’s and to date I have not heard a convincing argument to keep ethics and compliance separate. Too many Chiefs ends up making the C role irrelevant as so many run around with the title.
LinkedIn Groups
Group: Corporate Integrity (GRC)
Discussion: Corporate Compliance: From Finding and Fixing Problems to Compliance Risk Management
Should the Chief Compliance Officer and the General Counsel of a company be the same person? Thoughts?
Posted by Minel (Ana Melita)
Minel,
While I do not see the need to separate compliance and ethics, I do see the argument to separate legal and compliance. Legal has the obligation protect the organization which can mean denial and withholding information. Compliance is focused on finding and address exposures and requires more openness and less barriers that legal may impose on it.
Right now I see about 40% of compliance functions reporting into legal and another 40% to the CEO and board. The remaining 20% scattered in other areas (e.g., finance, audit).
LinkedIn Groups
Group: Chief Compliance Officer
Discussion: Corporate Compliance: From Finding and Fixing Problems to Compliance Risk Management
I’ve not seen anyone called a CECO before, are there some examples ? Thanks.
Posted by Sharon
Sharon,
I see you are from the Middle East. The CECO function is in a lot of U.S. organizations and I have not seen as much focus on an integrated role of compliance and ethics internationally. AARP, CUNA Mutual, Royal Caribbean Cruises, Abbott, Access Systems, Dell, Enbridge, Fresenius, Hospira, McKesson, EOD, Allstate, Gemelological, General Mills, Archer Daniels Midland, Baxter, Google, Bechtel, Chubb, Proctor & Gamble . . . are just a few of several on my contact list that show integrated ethics and compliance roles.
LinkedIn Groups
Group: Society of Corporate Compliance and Ethics (SCCE)
Discussion: Corporate Compliance: From Finding and Fixing Problems to Compliance Risk Management
Wonderful article and thank you, Michael, for bringing this topic up for discussion. I have for the past five (5) years speaking to colleagues of my frustration in getting our financial industry leaders to understand the challenges of the 21st century business environment and the need for COs to broaden their experiences in ethics, risk, fraud and crime prevention. It seems as if compliance is morphing into more complex forensic specializations and I look forward to hearing more from you in the weeks ahead.
Posted by Athena
Pingback: Regulations and a Demand for Integrity Bear Down on the Organization | Corporate Integrity