Friday, March 5, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

CEOs Must Support Their Compliance Officers

by Avani Desai
August 4, 2017
in Compliance, Featured, Leadership and Career
businessman checking box on chalkboard

Here’s How They’re Failing

The relationship between compliance officers and the company’s top leadership is a hot one these days, and there are specific ways CEOs can be more effectively supporting compliance practitioners. It’s a complex relationship, but one bears improving in many cases. Avani Desai offers insights into just what executives can do better.

When speaking with CEOs and boards of directors, most of the time they say their relationship is with the CEO, COO and CFO and that they have no relationship with the CISO, CCO and CPO.  Ten years ago, this would have been fine, as stock prices, bonuses and shareholder performance measures were all based on the financials.  However, the environment has changed, and there are so many additional factors to a company’s performance.  Take a look at a retail store like Target, which saw a significant decrease in stock price, profits and reputation due to a data breach.

When we saw Sarbanes-Oxley come into effect, they said it was mandatory to have a financial expert on the board, which made sense in that day (and still does), but now I think it is mandatory to have a compliance person on the board, too – someone who understands governance, risk and compliance.

I think CEOs and the board see compliance as something you “do” or a box you check, and that isn’t the case – maybe it was in the area of bank regulations, where you need to check the box, pay the fee and move on. But we’re in a new era now, in which compliance is integral in all we do.  You can’t just “do” compliance like a task or activity, and that mindset needs to be changed by the CEO and board; you have to make it part of your culture to begin being compliant.

This is a dynamic and ongoing process, and it can’t be done once.  I think that is where the disconnect is.  Compliance teams need the resources, money and buy-in from CEO and the board, but the CEO and board think of this as a cost center – until there is a breach and they realize they needed an incident response and disaster recovery plan. They may have had to check the box, but it was never tested or wasn’t open to all the teams, so gaps remained.

CEOs and the board need to change the compliance culture to be a partnership, not a cost center or a check-the-box activity.  They must weave compliance into all aspects of the business and to make sure that when systems are built, the developers and product managers rely on “compliance by design” rather than treating compliance as an afterthought and trying to retrofit compliance into the system.  When hiring leadership, see what experience they have with compliance, how they see it as a positive point in an organization and why they embrace it, rather than setting it on the back burner.

Also, CEOs and the board need to make sure that the compliance officer has a straight line to them, not to the CIO (they have different initiatives and goals, which can be contradictory).  Compliance officers need to have a seat at the table during strategic sessions, large process changes and technology decisions.


Tags: board of directors
Previous Post

Initial Coin Offerings and the SEC

Next Post

5 Ways Boards Must Improve Compliance Oversight

Avani Desai

January 4 - Avani Desai headshot Avani Desai is a Partner and President at Schellman & Company, LLC, the largest niche CPA firm in the world that focuses on technology and security assessments. She is also CEO and co-founder of MyCryptoAlert, a push notification and portfolio app for cryptocurrency. Avani started her career working at a Big 4 accounting firm (KPMG) for over 10 years, where she led a team and oversaw IT risk management and privacy across national service lines. In addition, Avani managed the development of internal and external privacy programs and related practices, leveraging her deep knowledge with health care and emerging technologies, such as blockchain, cloud computing, artificial intelligence, internet of things and virtualization. Now at Schellman & Company, Avani has been focusing on growth strategies, strategic client and market development, industry analysis and new services for the last seven years.  

Related Posts

illustration of man under giant gavel

BitPay’s $507K OFAC Sanctions Violations Settlement

March 4, 2021
Thinking Outside the Tick Box

Thinking Outside the Tick Box: Compliance Training as a Competitive Advantage

March 3, 2021
The facade of the SEC in Washington, D.C.

Prepare Now to Comply with SEC’s Updated MD&A and Related Financial Disclosure Requirements

March 3, 2021
Illustration representing a facial recognition technology scan of a face.

Facial Recognition Technology in the Workplace: Employers Use It, Workers Hate It, Regulation Is Coming for It

March 3, 2021
Next Post
closeup of pilot's epaulettes in cockpit

5 Ways Boards Must Improve Compliance Oversight

OneTrust offers download to demonstrate privacy management leadership
Access realtime data
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence ESG fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights