Many organizations are beginning to think differently about who they are recruiting into the compliance structure. Tosin Umukoro, who came to compliance from a background in medical research, discusses how the skill sets the compliance profession requires can be found even in unlikely places.
Backgrounds traditionally associated with compliance are legal, finance and risk. Although the skills associated with these fields will remain central to the compliance function, they will need to be complemented by experience in other areas as the profession is maturing beyond just enforcement and knowledge of the rules. For compliance professionals to advise the business and impact the culture of an organization, the profession will need individuals with the ability to lead and communicate effectively. These, as well as many other transferable skills, can be developed in other professions. Organizations should, therefore, consider recruiting individuals with these skills and invest in training programs to develop the technical skills also required for success.
It Started with a “Project”
I spent the first eight years of my career in various roles within the research function of my current organization. Although I was very familiar with the company – its history, products, customer base and, of course, its employees – I was brand new to compliance. When people asked why I made the move, I’d share the story of how we had a major revamp of our anti-bribery and anti-corruption compliance program several years back. As my function had significant, paid interactions with health care professionals who also happened to be our main customer base, I was given the responsibility to work with the legal and compliance team to oversee a project aimed at ensuring our interactions were in line with the applicable laws, company policies and industry standards. The 18-month project sparked my interest in the compliance profession. I remember my then-manager telling me it was a great learning opportunity to be involved in a project that would impact the company so significantly. Although I knew it was an “extra” task (as I still had to manage my day-to-day responsibilities), I was fascinated by this team of professionals – mainly lawyers and accountants – who commanded a sort of reverence from the rest of the organization. I was also acutely aware of the scrutiny that my then-team was under due to the inherent “risk” our interactions with health care professionals posed to the company.
Taking the Leap
Following the successful completion of the compliance-related task I was assigned, which involved establishing a process for assessing and contracting with research partners, there was a sense that I’d earned my first compliance stripes. I subsequently moved into a role, still within the research function, that oversaw interactions with the then-compliance team. This experience, together with the credibility I built through my tenure with the organization, afforded me the opportunity to apply for my first compliance role.
Although I knew there would be the need to acquire additional technical knowledge, I’d developed a general understanding of the role while interacting with compliance. I’d recognized the benefit that my knowledge of the organization, my relationships and my soft skills would bring to this role. These, as well as my commitment, dedication and loyalty were recognized during the several rounds of interviews for the role.
The Changing Face of Compliance
Several recent articles have discussed the evolution of the compliance function.[1],[2] Expectations of a compliance professional have matured from one who operationalizes regulations into policies and procedures to one who is skilled in communication and makes connections with all levels of employees in order to influence the company’s strategy.[3] Embedding ethics into organizational culture is a vital aspect of the compliance professional’s role.
Ethics is Everywhere
Although there are varying definitions for research, common to all is the aim to acquire knowledge for improvement and advancement.[4] Just as it is widely known that unethical conduct is bad for business, over the years, research has become increasingly regulated because of multiple incidents of misconduct.[5]
My experience was in the field of medical studies involving human participants. I held several roles, including Clinical Research Manager and Clinical Operations Manager. The historical incidents of misconduct in medical research – including the Nuremberg trials at the end of the Second World War, where Nazi doctors used convicts for experimentation, and the Tuskegee syphilis experiment on African American men – demonstrated that the risks posed to participants of medical research were too high not to be governed.
Moreover, the targeting of poor communities in developing countries for trials by pharmaceutical companies also highlighted that a lack of governance had a disproportionate impact on vulnerable groups of people. This led to the development of codes of ethics and other regimes to manage research participants, guide staff and provide assurance of protection and accountability.[6] The declaration of Helsinki, produced in 1964 by the world medical association, was the first major international code of ethical principles for medical research.[7]
Several similar codes were developed in subsequent years, including the International Ethical Guidelines for Biomedical Research Involving Human Subjects and the European Union’s clinical trial directive. The core principles of autonomy, non-maleficence, beneficence and justice are central to several of the codes of ethics in the field.[8]
Similarly, the U.S. Federal Sentencing Guidelines were developed because of an increase in white-collar crime and the government’s desire to place the responsibility for these crimes with organizations, not just individual decision-makers.[9] In 2004, the U.S. Federal Sentencing Guidelines underwent a shift in overall philosophy from focusing simply on compliance to additionally examining corporate culture.[10]
Recent corporate scandals involving Airbus and Eriksson[11],[12] continue to demonstrate the need for robust compliance programs that include the promotion of ethics within organizational culture. A review of the details of these cases and other similar scandals expose corporate cultures that allowed improper practices to continue for years.[13] This serious, systemic, unethical conduct resulted in some of the highest settlements in FCPA case history.[14]
Common to the ethical codes for medical research and guidelines for corporate compliance programs is the recommendation that ethical conduct is overseen in-house or is self-governed. The U.S. Federal Sentencing Guidelines recommends the creation of the Chief Ethics or Compliance Officer post.[15] It advises that this role be empowered with the authority and resources to perform its duties and have direct access to the governing body. [16] In medical research, it is ultimately the responsibility of the study sponsor (often a pharmaceutical or medical technology company) to ensure that the design and execution of all research is ethically sound.[17] Within these organizations, the sponsor responsibilities are usually delegated to the Research Manager.
Common Personal Characteristics and Portable Skills
There is no denying that conducting medical research and overseeing a corporate compliance program do require different technical skills; however, it is also difficult to deny the value in portable skills that can be transferred from one role to another. The author of a 2018 Forbes article identified seven transferable skills: technical, communication, critical thinking, multitasking, teamwork, creativity and leadership. He advised that no matter what the job or profession, these skills make the difference between success and failure.[18]
I demonstrated several of these skills in my last job, but due to the nature of these roles, there was also a necessity for honesty and strong personal moral principles. A closer examination of both roles highlights the need for similar skills and personal characteristics that may not be initially obvious. With both roles comes the need to be fully cognizant of the regulatory framework in which business or activity will operate. This will enable the professional to provide leadership and effectively deploy his or her responsibilities. This is challenging, as the medical research industry and many businesses both operate in highly regulated environments that are continually evolving. It is vital that both compliance professionals and research managers keep themselves well informed to enable navigation through new and/or challenging situations. Similarly, understanding the motivations of the business or project puts the individual in a better position to anticipate and manage the inherent risks.[19]
The research manager and the compliance professional both play vital roles in empowering and supporting colleagues to achieve goals in an ethical and compliant way, as well as in embedding ethics into daily activities. This requires the ability to effectively communicate at all levels within the organization. Professionals in both roles need to be able to engage with colleagues and other stakeholders beyond just advising on what they can and cannot do. Being well-connected across the organization and able to effectively partner with the business is important both to integrate the compliance agenda into business initiatives and priorities and to impact the organizational culture.[20] In my opinion, this lends itself well to individuals transferring from one field to the other.
Know What You Don’t Know
A favorite quote of mine by American social psychologist Melanie Joy is, “educating yourself means you’re intelligent enough to know that there is a lot more left to learn.” After working in the same function for several years, the opportunity and need to learn and develop in my first compliance role was extremely exciting. I was privileged to work for an organization that invested in my development and training and fortunate to work with mentors and other experts in the field who were able to help “fill in the gaps.”
My avenue into compliance and the examples of so many others[21] is testament to the fact that many of the skills necessary to do the role effectively can be developed in other professions. The uniqueness of the field makes it a challenge to find and attract those who understand compliance, understand their organizations and have the required soft skills.[22] The movement of individuals into the profession is enabled by more and more organizations investing in their existing employees who have shown an interest in compliance and have exhibited transferable skills. This is proving that even professionals with a nontraditional background can be successful in compliance.
[1] “The Changing Face of the Profession,” Compliance Cosmos
[2] “New Horizons: Compliance 2020 and Beyond,” Deloitte
[3] Ibid.
[4] “Research governance: where did it come from, what does it mean?” JRSM
[5] Compliance & Ethics Professional, April 2018
[6] Ibid.
[7] Ibid.
[8] “Ethics in medical research: General principles with special reference to psychiatry research,” Indian Journal of Psychiatry
[9] “The Federal Sentencing Guidelines for Organizations: A Framework for Ethical Compliance,” Daniels Fund Ethics Initiative
[10] “Federal Sentencing Guidelines – An Interpretation,” Corporate Counsel Business Journal
[11] “Airbus pays $4 billion to settle global bribery and trade offenses,” The FCPA Blog
[12] “Ericsson pays $1 billion to resolve FCPA violations,” The FCPA Blog
[13] Ibid.
[14] “Airbus shatters the FCPA top ten,” The FCPA Blog
[15] “Chapter 8: Sentencing of Organizations,” United States Sentencing Commission
[16] Ibid.
[17] Ibid.
[18] “The 7 Transferable Skills To Help You Change Careers,” Forbes
[19] “6 traits of effective compliance officers,” Skillcast
[20] Ibid.
[21] Ibid.
[22] Ibid.