This article was republished with permission from Tom Fox’s FCPA Compliance and Ethics Blog.
One of the ongoing battles for any Chief Compliance Officer (CCO) or compliance practitioner is that the business folks usually view compliance as the Land of No, most often populated by Dr. No him or herself. You will have to overcome the natural reluctance of business folks to do anything that they will perceive as a drag on business. While many in compliance see this as a natural tension between the two distinct corporate functions part of this dynamic tension comes from the natural reluctance of people when asked to behave in new and different ways. I recently came across a couple of articles in the Houston Business Journal which laid out some steps the CCO or compliance practitioner can employ to help overcome this tension.
The first was by Danielle Allen, entitled “The Power of Trust and How to Build It.” Allen said, “Companies with high employee trust levels outperform by 186 percent …those with low trust levels, according to the Gallup Organization.” Moreover, “Given these potential impacts, building trust is officially a business imperative.” I can think of no more important area in a company than its compliance function where this could be truer. Allen believes that “the pathway to building trust in business can be less daunting once you understand the five categories that shape trust: integrity, engagement, products/services, purpose and operations. Of these, integrity is most important, followed closely by engagement.” I have adapted these five points for the CCO or compliance practitioner perspective.
Allen defines integrity as your “taking responsibility when addressed with an issue or a crisis; and conducting transparent and open business practices.” Next is engagement, which focuses on how well a CCO or compliance practitioner listens to company employees, how well you treat employees and how well you communicate. Third is around your compliance operations, which Allen feels is delivering consistent results from the compliance perspective and “having a highly regarded and admired top leadership.” Fourth is purpose, which Allen says is how compliance would address concerns in the day-to-day business operations. Do you create programs that positively impact the company and can you partner with third parties to address compliance needs so that everyone moves forward on the same page? Finally, the compliance products and services that you might utilize to deliver the compliance solution. She ends by noting that for compliance to build trust, “stakeholders must develop an action plan that ensures your business is acting with intent, increasing transparency related to business practices and communicating frequently.”
With these building blocks of trust in place, you should now be ready to better manage the resistance you might have from the business folks.
In an article entitled “How to… Manage resistance in a transition,” Mark Hordes details “some steps you can take to help lower fears, knock down barriers and smooth the change by getting key people on board quickly.” He provided three steps to begin, which I have adapted for the CCO or compliance practitioner.
First you should state what remains constant by including the underlying organizational values that you are reinforcing going forward. I often try to emphasize that a Foreign Corrupt Practices Act (FCPA) program is not 100 paces past what a company has in place, indeed it may not even be 10 paces past, but in reality only three paces past where you currently are through your financial internal controls. Second, explain what the change is, why the change is needed and what will be the benefits to the company through the change. Here I try to emphasize that tightening up compliance almost always results in a better-run company because it means better financial controls are in place. Thirdly, you should make sure that everyone understands that senior management absolutely, positively supports your compliance initiatives. If you can get a message from your President or Chief Executive Officer (CEO) to kickoff your compliance initiative, so much the better.
Hordes believes that too much dramatic change at once can be counterproductive. He writes, “A good way to determine if the pace of change is on track is to conduct some focus groups with affected staff and ask them how they are managing the change and what can be done to help them absorb what is happening.” He also suggests a personal connection in doing this can be useful. So activities in the form of lunch-and-learns and personal visits by compliance officers can be quite useful to make sure everything is moving along in the right direction.
Most helpfully, Hordes lays out where you may well encounter specific pockets of resistance and how to classify them to handle the issues they present. Start first with the resistors in the company, those “you believe will actively work at stopping the change” and who want to maintain the status quo at all costs. Second are the “let it happen” people who “are neutral to the change and will neither support nor try to stop the transformation.” Third is the “help it happen” group, who are “willing to dedicate some percentage of their time to help the change move forward.”
Using this information, Hordes offers, “once you have figured out where each of your key stakeholders are, the next step is to create a tactical plan to move them up a level.” You can “try to neutralize the Resistors into the ‘let it happen’ people group.” You should also try to marshal your key stakeholders into a coalition to help you to move forward.
You may already be intuitively doing the items that both Allen and Hordes suggest; nonetheless, if you reflect on each of their techniques, it may provide to you a calculus to put a more cohesive action plan in place. It all starts with trust, but once you achieve trust, you can move forward to affect the change you need to generate to achieve an effective compliance program going forward.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business advice, legal advice or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The author gives his permission to link, post, distribute or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.
Thomas Fox has practiced law in Houston for 25 years. He is now assisting companies with FCPA compliance, risk management and international transactions.
He was most recently the General Counsel at Drilling Controls, Inc., a worldwide oilfield manufacturing and service company. He was previously Division Counsel with Halliburton Energy Services, Inc. where he supported Halliburton’s software division and its downhole division, which included the logging, directional drilling and drill bit business units.
Tom attended undergraduate school at the University of Texas, graduate school at Michigan State University and law school at the University of Michigan.
Tom writes and speaks nationally and internationally on a wide variety of topics, ranging from FCPA compliance, indemnities and other forms of risk management for a worldwide energy practice, tax issues faced by multi-national US companies, insurance coverage issues and protection of trade secrets.
Thomas Fox can be contacted via email at tfox@tfoxlaw.com or through his website 
