Within the past decade, national scandals such as the Madoff Ponzi scheme, the AIG bailout, the Lehman Brothers bankruptcy and the “too big to fail” bailouts by the government have sorely tested shareholders and government. These scandals left the country reeling and wondering “where were the regulators?” Largely in response to these scandals, new governmental rules and regulations are now challenging organizations as never seen before. Increased government scrutiny and investor demands for transparency are increasing. Government and shareholders more than ever are demanding that organizations demonstrate a commitment to compliance and ethics.
In order to meet the increasing demands of government and shareholders, for many organizations, the role of the Chief Compliance Officer (CCO) is evolving and taking on greater importance. Traditionally viewed as a compliance cop, the CCO is being called upon to champion corporate integrity, accountability and ethics. Increasingly, CCOs are now responsible for instilling a “culture of compliance” within the organization.
Today, a CCO is likely to be a senior corporate official in charge of overseeing and managing compliance issues within an organization, ensuring, for example, that a company is complying with regulatory requirements and that the company and its employees are complying with internal policies and procedures. In highly regulated industries, such as health care and securities, the appointment of an independent CCO is mandatory.
Historically, corporations handed compliance oversight over to their general counsels. Today, the smart trend is to separate the legal and compliance responsibilities due to the inherent conflict in the roles. As far back as 1998, the Office of the Inspector General encouraged corporations to establish a truly independent compliance officer, noting in a guidance document for hospitals that:
“Freestanding compliance functions help to ensure independent and objective legal reviews and financial analyses of the institution’s compliance efforts and activities. By separating the compliance function from the key management positions of [G]eneral [C]ounsel or chief hospital financial officer…, a system of checks and balances is established to more effectively achieve the goals of the compliance program.”
Several years later, in June 2004, Lori Richards, Director of the Office of Compliance Inspections and Examinations at the Securities and Exchange Commission, spoke at the Investment Company Institute (ICI)/Independent Directors Council Mutual Fund Compliance Programs Conference, cautioning against placing the compliance program within the Legal Department or report through the General Counsel:
“Intertwining the corporate legal duties and duties of the compliance officer may create conflicts not only in the implementation of the compliance program but also in the examination of the program.”
A system of checks and balances is important to the creation of a “culture of compliance.” Richards went on to quote Paul Roye, Director of the SEC’s Division of Investment Management, who told a gathering of ICI professionals:
“True reform must also rest on the establishment and nurturing of a culture of fiduciary responsibility that comes from within the industry, not just one that is imposed from the outside through regulation or legislation.”
For a CCO to be tasked with the establishment of a “culture of compliance,” it is essential that the CCO have the autonomy, resources and support of the Board of Directors. A seat in the C-Suite is also a prerequisite. This show of support and visibility gives the CCO the credibility within the organization to carry out the compliance goals.
The evolution of the CCO’s role has been dramatic over the last decade, from cop to senior executive, and the role of the CCO will continue to evolve through best practices and a changing business and regulatory landscape. While the evolution is viewed as positive by all, the true test for a CCO is the corporation’s ability to avoid scandal and prosecution.
