This article originally appeared in the FCPAmericas Blog and is reprinted here with permission.
A survey conducted by the Society of Corporate Compliance and Ethics (SCCE) and discussed in a recent International Business Times articlefinds that compliance and ethics professionals are overwhelmingly opposed to a company’s corporate counsel serving as its compliance officer – 88% reject the notion. Why? Respondents state that each position is a full time job and requires different responsibilities. Some compliance officers have also been known to say that they have concerns with the risk of being “captured,” i.e., becoming overly aligned with the sales/deal-making side of the business, at the expense of liability and reputational concerns.
The reality is that, even if the Corporate Counsel and Chief Compliance Officer roles are separated, each will still need to work closely with the other on FCPA issues. In fact, many personnel and offices within a company have essential and distinct roles to play in managing FCPA risks and complying with the law. The following is a selection of departments and individuals whose active participation is instrumental to creating an effective compliance program:
The Board: Directors should ensure that the company prioritizes compliance, including naming a head of compliance and ensuring that the compliance function has a proper budget and that policies and procedures are current.
Chief Executive Officer: The CEO, along with the Board, sets the tone at the top. He or she does this in part by communicating corporate commitment to compliance and in part by rewarding compliant behavior and punishing non-compliant behavior. The CEO also ensures that a compliance framework is in place and properly functioning.
Legal Department: The Legal Department plays a key gatekeeping function, helping to identify and manage business activities that might create FCPA risk. Because of this, the company’s lawyers should be trained to identify red flags and compliance weaknesses. This knowledge is essential when reviewing consulting contracts with vague language or helping to set up new deals. Legal is also involved in other important aspects of compliance, including participating in internal investigations and providing analysis on uncertain compliance situations. Despite the findings of the SCCE study, in many companies the legal department is still in charge of anti-corruption compliance.
Internal Auditor: Internal Auditors conduct compliance reviews and audits and inquiries into potential wrongdoing. They also help ensure that adequate controls are in place, current, and functioning properly.
Managers: Managers help execute compliance functions such as promoting policies, identifying compliance concerns, and responding to inquiries. They can help incentivize employees to take compliance seriously, and discipline employees who do not.
Finance Department: This department is tasked with maintaining books and records and making sure that internal controls are followed.
Business Development/Sales Department: Business development and sales departments often confront high corruption risk situations, including providing gifts, hospitality and travel expenses for government officials, and working with sales agents and distributors. Employees, agents and others involved in this function should be well trained on compliance standards and expectations, and should know who to ask when questions arise.
Human Resources: Human Resources can build background checks into the hiring process to identify corruption red flags and incorporate new employees into existing compliance training programs. It can also link incentives for employees to compliance metrics. It can assist with exit interviews that are sometimes a good source of information for compliance purposes.
At the companies with the most developed compliance programs, leadership on compliance issues often resides with a Compliance Officer, with the support of the Corporate Counsel. Many companies find that its CCO must be independent. At the same time, companies are learning that the CCO must also be in-tune with the concerns of the deal-making side of the business. This way, the CCO can make workable recommendations that the dealmakers see as realistic and ultimately pro-business. Striking the right balance between these concerns is part of the art of being an effective compliance officer.