Generational Equity Provides Insight on Middle Market Compliance Program Development

(This article was contributed to Corporate Compliance Insights by Generational Equity, one of the nation’s leading middle-market mergers and acquisitions companies. Generational Equity can be contacted by email at info-us@genequityco.com.)

———-

Insight on Middle Market Compliance Program Development

by Generational Equity

There have been many important and interrelated trends that have emerged over the past decade, as the American economy has gone from the heights of the tech boom that defined the “Roaring 90s” to the lows of the GM and Chrysler bankruptcy that are sure to define the end of the 00s.

In between these two economic landmarks, we have faced countless examples of fraud, incompetence, and malfeasance from the likes of Enron, WorldCom, Bernie Madoff and a litany of others. In response, the White House, the Department of Justice, and the SEC, among others, are all scrambling to bring corporate boardrooms and economic markets back into something that resembles a controlled equilibrium. As a result, new regulations and laws have come into being while regulations passed long ago, but considered relatively toothless before, are now being enforced with far more vigor and focus; one example is the FCPA.

The consequence of all of this is that the importance of corporate compliance has never been greater. There is an unavoidable onus on business executives to develop fundamentally sound compliance programs. In addition, for executives of companies with operations in multiple geographic locations, it is imperative that they also develop fundamentally sound strategies for compliance communication.

However, for many middle market companies that are just trying to keep their heads above water during the recession, funding such compliance initiatives can prove difficult. How, then, can middle market companies ensure that they cost-efficiently maximizing their spend when it comes to investing in compliance communication? This article outlines a few specific strategies.

Designate a Chief Compliance Officer – and Pay Him or Her

Compliance is a team effort and requires buy-in and participation from all to succeed; and, as explained by the AHCA in its tenets for building an effective compliance program, a winning and cohesive compliance program requires a leader and oftentimes a designated compliance committee that is accountable and responsible for the development, operation, and monitoring of the compliance program.

Although you do want to overspend for a compliance officer, hiring or promoting the right person with the right experience and the right mentality is of paramount importance and is worth paying market value to have, unless circumstances dictate that you must do otherwise. An ineffective compliance officer will have minimal benefit and might even create ineffective compliance initiatives in your company that prove costly to reverse. Even worse, an ineffective compliance officer may end up leaving you liable for fines or lawsuits if they perform poorly.

Make sure that your designated compliance officer reports to and is accountable to the company’s executive leaders, and that he or she has the track record and experience to succeed – just know that you might have to pay for it, but that it is a worthwhile investment and will probably save you money in the long run.

If you are not immediately ready for the step of identifying and hiring a Chief Compliance Officer, whether for financial reasons or because your compliance program has not yet evolved to such a level, consider forming a voluntary compliance committee with an elected chairperson. This will allow your compliance program to get on its feet and grow organically. Then, once you are in a better position to identify and invest in hiring a full-time compliance leader, you will better understand what skills and personality traits will be the right fit for your organization.

Invest in Your Code of Conduct

Sven Erik Holmes, the Executive Vice Chair of Legal Compliance for KPMG, penned “The Road to a Model Ethics and Compliance Program” for Ethisphere in which he perfectly summed up the importance of the Code of Conduct:

“A key element of any ethics and compliance program is the code of conduct, which sets forth the organization’s core values, ethical standards and expectations. Because of a code’s critical role, it needs to be clear and relevant to every person in the organization.”

We all know that when it comes to training or consulting, one-to-many is a much more efficient strategy as compared to one-to-one. Your Code of Conduct is unquestionably the most consistent and relevant one-to-many opportunity you will have to communicate your organization’s ethics and compliance values to every person you employ, and even to those outside of the organization.

In some cases organizations will push back on a Code of Conduct as they feel it is too rigid of a concept for their corporate culture. In this case, the elements of a Code of Conduct can be outwardly communicated to employees and partners through a defined corporate mission statement, a business values document, or even documented best practices. Regardless of how you communicate it, do not take the development or revision of your Code of Conduct lightly.

Enlist a point man or woman for the writing or revision process – probably the Chief Compliance Officer or the compliance committee chairperson – and then help he or she solicit insight and input from other key decision-makers and tone-setters in the organization. Encourage a collaborative and cooperative process. Then, once the code is completed, ensure that the “tone at the top” matches the “tone in the code”.

Nothing creates an environment of ethics and compliance focus more effectively than a Code of Conduct and a tone from management that are in line and in sync. Similar to your investment in an effective compliance officer, investing in the Code of Conduct may cost more now, but may very well end up saving you in the future.

Be Prudent, Strategic, and Targeted with Training and Information

As mentioned above, every person will receive a Code of Conduct or your organizations’ defined business principles or best practices, which will communicate the overall values, norms, and expectations of the organization. More than likely, when it comes to issues of ethics and compliance, the Code of Conduct will be one of the only pieces of communication and information received by everyone.

Or, to be more apt, it should be the only one received by everyone.

The reason is that one of the hidden costs of an inefficient compliance programs is the cost of too much information, as explained by Scott Mitchell in a recent Compliance Week article.

As explained by Mitchell, many compliance training initiatives can get bogged down by legalese, when all an employee really needs to know is more general information about how to spot a potential problem and how to handle it. Additionally, the manager of department that operates solely in the U.S. does not need the same level of FCPA training as a sales manager whose territory includes Asia, Eastern Europe, Latin America, and Africa.

The key idea is that a “one-size-fits-all” approach is inefficient for two reasons:

1. It is more costly.
2. Too much information leads individuals’ retaining less of the information that is actually pertinent to their day-to-day activities.

Mitchell suggests segmenting jobs by their relevance for a particular risk level. From the example above, is the U.S.-based department manager is not exposed to international deal-making, then his or her position has little to no relevance for FCPA risk. The international sales manager, on the other hand, has a high relevance or FCPA risk, and thus should receive training and communication regarding the FCPA.

Once again, this strategy of preemptively identifying risk relevance is another strategy that may require a greater investment of time and other resources upfront. However, it will help you eliminate costly inefficiencies in your compliance training and communication strategies before those potential costs become sunk costs.

Define and Trust Your Response Strategy

Most of the tips and advice found about compliance these days relates to preemption, and with very good reason. And effective compliance program should be focused on preventing potential problems before they become real problems that can cost organizations real money. However, all of the preemption in the world cannot prevent every problem, which is defining and response strategy that you trust is so important.

In the article cited above by Mr. Holmes from KPMG, there are three steps defined for responding to compliance and ethics issues:

1. Identification
2. Investigation
3. Remediation

Setting up an anonymous compliance and ethics hotline is one of the easiest and most cost-effective methods for encouraging company-wide identification of possible compliance and ethics issues. Encouraging participation can be challenge, but that is where the synergy between the Code of Conduct, the tone at the tone, and your company’s overall compliance and ethics culture comes into play.

As soon as potential issues are identified, it is then important to have standard procedures for investigation that get underway immediately. If there truly is a problem, the earlier it is fully understood the greater your chances of mitigating whatever it may be. Once again, being proactive can save time, money, and trouble down the line.

Finally, make sure that you take specific steps towards remediation once weak spots in your compliance program or culture are identified. Solving the specific problem is clearly of paramount importance, but do not forget the necessity to making whatever changes are needed to prevent the problem from coming up again in the future.

For many middle market organizations, especially those operating in multiple geographic locations in today’s uncertain economic climate, ethics and compliance can be a tricky area – not because you do not understand its importance, but because you most likely do not have unlimited resources with which to invest. However, unless dire circumstances dictate otherwise, you will more than likely save money in the long-term by efficiently investing in the short- and mid-term on developing a solid ethics and compliance foundation that truly operates as a preventative barrier against the potentially crippling effects of ethics and compliance problems down the road.

***********

About the Author: Generational Equity

Generational Equity is one of the nation’s leading middle-market mergers and acquisitions companies, providing private business owners with the information and expertise they require to exit their business successfully. A unique, four-phase approach that includes education, financial analysis and reporting, sales documentation and deal-making ability combine to offer business owners an unparalleled level of commitment and experience, all focused on helping to release the generational equity and wealth in every business.

Generational Equity has more than 300 professionals and affiliates nationwide and is headquartered in Dallas, with affiliate offices in New York, Chicago and Irvine, Calif. For more information, contact Generational Equity at 877-213-1792 or info-us@genequityco.com, or visit the Generational Equity website.

Tags: chief compliance officer, code of conduct, Compliance, ethics and compliance, Generational Equity