Lately, compliance executive Jennifer May has been feeling uneasy, seeing signs that the hard-won independence of ethics and compliance programs is being quietly eroded. She examines conversations about budget consolidation, organizational charts being redrawn and wholesale dumping of entire teams — subtle but unmistakable signs that some companies might be viewing E&C as “nice to have” rather than “must have” — and asks whether we’re experiencing a dramatic backslide or a stubborn persistence of outdated structures that create real problems for real people trying to do important work.
Lately, I’ve been feeling uneasy. I’m seeing signs that our profession might be sliding backward. The hard-won independence of ethics and compliance programs is being quietly eroded. The question keeping me up at night: Are E&C functions losing ground?
I’ve been in this industry for over 25 years. I’ve watched compliance grow from an afterthought, buried in other departments or tacked onto someone’s already full plate, into its own respected corporate function with dedicated budgets, specialized staff and a seat at the table.
I needed to know if I was reading the tea leaves correctly, so I did what any concerned professional would do: I dug into the research and reached out to a trusted colleague. What I found was more nuanced than I expected, and it’s a conversation we all need to be having.
What I’m worried about
Let me be clear about what sparked this concern. Over my career, I’ve seen our field mature into something powerful: independent teams focused on risk identification and mitigation and the operationalization of policies and procedures. We became strategic partners, not just compliance cops.
But recently, I’ve noticed a shift. Conversations about budget consolidation. Organizational charts being redrawn. Wholesale dumping of entire teams. Subtle (or not so much) but unmistakable signs that some companies might be viewing ethics and compliance as “nice to have” rather than “must have.”
But am I being paranoid? Or is something real happening?
The uncomfortable truth: Most of us still report to legal
Here’s what the data actually shows, and it’s not pretty.
According to Ethisphere’s 2025 research, 71% of ethics and compliance teams on Ethisphere’s most ethical companies list are housed within legal departments, typically reporting to the general counsel. Only 23% report directly to senior leadership, like the CEO.
Think about that for a moment. Even among the best companies — the ones recognized for ethical excellence — nearly three-quarters keep compliance under legal’s roof.
And here’s the kicker: It’s causing real problems. CCI’s 2025 survey found that compliance officers reporting to legal departments show the highest dissatisfaction rates, with 27% rating that structure as ineffective. That’s more than double the rate for any other reporting arrangement. These same officers report significantly higher job-related stress and lower job satisfaction. Bonus.
“When the compliance officer reports to the chief legal officer, it signals, fairly or not, that compliance is simply an extension of the legal department,” notes Laura Sauber, industry expert and CEO of Sauber Consulting. “It influences how or whether people raise concerns and what they expect from us. It can shift the perception of the compliance officer’s authority narrowly onto what is legally compliant rather than what is the right thing to do.”
We’re not just talking about organizational charts here. We’re talking about the well-being and effectiveness of the people doing this critical work. The pressure isn’t just structural. It’s financial, too.
A BarkerGilmore survey indicated that 80% of chief compliance officers say inadequate resources or staffing impact their performance. Four out of five of us are trying to do critical work with one hand tied behind our backs.
Add to this a cooling hiring market. Barclay Simpson’s 2025 salary survey shows that compliance recruitment has been subdued over the past year, with hiring activity declining and, unfortunately, redundancies becoming more common. There’s also been a rise in offshoring operational compliance jobs.
When I look at these trends together, I understand why my gut was telling me something was off.
Why Compliance & Legal Still Need to Break Up
Putting compliance under legal can create conflicts neither can resolve
Read moreDetailsBut wait, there’s another side to this story
Before we all start updating our resumes, here’s what’s encouraging: The evidence doesn’t support a backslide so much as a stagnation with some really important countervailing forces at play.
The US Department of Health and Human Services’ Office of the Inspector General’s November 2023 compliance program guidance couldn’t be clearer: “The compliance officer should not lead or report to the entity’s legal or financial functions, and should not provide the entity with legal or financial advice or supervise anyone who does. The compliance officer should report directly to the CEO or the board.”
Healthcare is leading the way here, showing us what’s possible when regulatory expectations meet organizational reality. Will we see regulators for other industries follow suit? Will companies play the “wait and see” game or be proactive about it?
Here’s something else that genuinely excites me: Nearly 90% of CCOs report broader responsibilities than three years ago, according to PwC. We’re evolving from rule enforcers to strategic advisers and thought partners to the C-suite. That’s not the profile of a profession in decline. That’s growth.
Other data over the past few years point to increased compliance spending and more regular updates to corporate codes of conduct.
These aren’t the metrics of a field being dismantled. These are the metrics of a thriving and maturing profession.
The thing everyone gets wrong about reporting structures
Here’s what I’ve learned from diving into this research: The reporting line matters less than we think, and more than we realize.
Let me explain that paradox.
What matters most isn’t where your box sits on the org chart. What matters is whether you have unfettered access to senior leadership and the board. Since 2010, regulators have been crystal clear that compliance officers need unrestricted access to the board or the chair of the oversight committee, with nobody filtering the information or message.
That access is non-negotiable for effectiveness.
At the same time, where you sit does matter for day-to-day effectiveness and well-being. Remember those dissatisfaction and stress statistics? They’re real. The structure affects how we do our jobs, how we’re perceived and whether we can truly speak up when we need to.
What this means for all of us
After sorting through all this research, here’s my honest take: I was right to be concerned but maybe not in exactly the way I thought.
We’re not experiencing a dramatic backslide. Rather, we’re experiencing a stubborn persistence of outdated structures that create real problems for real people trying to do important work. As Sauber astutely noted, “If an organization chooses to house compliance under legal, the board and management should understand it is not a neutral decision. It introduces risk, and they should have the opportunity to consciously accept that risk.”
The good news? The momentum is in our favor. Regulators are on our side. Our responsibilities are growing. Investment is increasing. The job market, while cooling, remains stable with 3% projected growth through 2034.
The challenge? Translating regulatory expectations and professional best practices into actual organizational change. That gap between what should be and what is — that’s where we need to focus our energy.
So, what do we do about it?
If you’re a compliance professional feeling the squeeze of reporting through legal, know that the data validates your experience. You’re not imagining the challenges. Push for that direct board access. Document the impact of your structure on program effectiveness. Use this research to make the case for change.
If you’re a leader making decisions about compliance structures, take a hard look at that 27% dissatisfaction rate for legal reporting arrangements. Ask yourself: Is this structure serving our compliance objectives, or just our organizational convenience?
And if you’re in healthcare, keep leading the way. The other industries are watching and learning from your example.
What we do next matters
We’ve built something important over the years — ethics and compliance functions that truly serve their organizations and protect stakeholders. We’re not losing that. Not yet, and not if we stay vigilant.
But we can’t be complacent. The structures we operate within matter. Independence matters. Access matters. Resources matter.
The question isn’t whether ethics and compliance has a future, because clearly it does. The question is whether we’ll have the structural independence and support we need to do our jobs effectively.
That’s a question worth fighting for.
Jennifer May is founder and CEO of May Solutions Group and CEO of Broadcat, a compliance training provider. She formerly was the chief compliance officer at University of Missouri Healthcare. 
