(And How to Avoid Making Them)
We all make mistakes, and CCOs are no exception. While CCOs are a creative and dedicated bunch, they are often susceptible to these five common mistakes. Probably unsurprisingly, the cure for these ills is more due diligence and more relationship building.
Chief Compliance Officers are fallible – I know that is not a controversial statement. To err is human, and CCOs are members of human species.
With the enormous expectations placed on CCOs’ shoulders, they are bound to make some mistakes. I have seen CCOs who have run into difficulties, and occasionally they have contributed to the problem through their own behaviors.
I thought I would identify some of the common mistakes I have seen. It is hard to generalize, but I have observed some common themes. At the same time, I have met some of most impressive professionals; they are dedicated and creative, and they face difficult challenges each day.
So, here is my list:
#1: Buying CEO Happy Talk
The compliance profession regularly runs into a credibility problem. When joining a company or when seeking major changes in the company’s compliance program, the CEO and other managers often make promises or characterize their commitment to compliance, and many CCOs believe it without pressure-testing the claims and promises.
CCOs should be more skeptical when a CEO’s or senior manager’s assertions sound too good to be true. Many CCOs have been “burned” by these promises, joining the company only to then found out the CEO’s representations were indeed false. In the face of these difficulties, CCOs have no other choice but to speak with their feet and leave. Whenever you see such a short stint on a CCO’s CV, you know the CCO faced some serious problems.
CCOs have to bring more skepticism to the table. CEOs and senior managers have become adept at mouthing the words of compliance and making it sound like they are committed. CCOs listen to their claptrap without questioning or demanding more proof before joining the company. I know it can be difficult in the context of a job search to raise these kinds of issues, but CCOs have to apply their due diligence skills.
#2: Ignoring Corporate Culture
Most CCOs love their compliance controls. They like the “certainty” of a policy, demand performance in accordance with the procedures and then wait to measure compliance with some hard and fast numbers that show how “effective” the compliance program is operating. Of course, compliance controls are important, and rules need to be followed. Everyone understands this basic requirement.
CCOs, however, have to embrace and promote the company’s culture. CCOs often ignore this area or devote little time to developing innovative ways to promote and measure a company’s culture. Granted, it is much more amorphous, but the returns can be significant to the overall business performance. We all know that an ethical culture adds to the company’s bottom line, and CCOs have to be willing to educate the board, the CEO and senior management on this important issue. After getting buy-in, CCOs have to design and implement strategies to promote corporate culture, measure it and address culture issues.
#3: Reinforcing Stovepipes
CCOs have a lot of work and often feel overwhelmed because of a lack of resources and technology. At the same time, CCOs tend to spend time with their staff, working on compliance issues but failing to devote adequate attention to building relationships with natural allies: human resources, legal, internal audit, information technology and security.
Like politicians, CCOs have to schmooze and gain support from natural allies. They have to create win-win solutions, not just a list of demands to make the relationship beneficial to both parties. It means getting out in the company, “walking the halls” and using interpersonal skills to advance the program.
#4: Becoming the Sheriff
If a CCO walks into a room and company officials say (or joke), “uh oh, here’s the sheriff,” that is not a good sign. A CCO who embraces the enforcement aspect of his/her job is doomed to fail – no one will communicate, and no one will trust the CCO to help them solve problems. CCOs have to avoid this trap. A CCO has a lot of power over company employees and discipline. But a CCO has to work hard to become a problem solver, not a Dr. No. Company employees have to feel comfortable to communicate issues to the CCO, knowing that the CCO will solve problems to make sure business managers and employees can do their jobs while ensuring compliance with the law and the company’s code of conduct.
#5: Avoidance and Failure to Prioritize
CCOs face an overwhelming number of tasks and projects. It is hard to prioritize what needs to be done. Under these circumstances, some CCOs will avoid the tough issues that may require serious discussions with senior management and the board, and instead stick to issues over which they have greater control (meaning they can implement a specific initiative without relying on too many folks outside the compliance department). There is a natural inclination for a CCO to accomplish tasks under his or her control without taking the major effort to build internal support and convince senior leaders to make some changes. These initiatives can be frustrating and may result in little change, but CCOs have to stick to priorities, follow the map from its risk assessment and seek to solve some of the larger problems. Priorities are important, and care has to be taken when allocating time, attention and resources to specific projects.
Michael Volkov is the CEO of The Volkov Law Group LLC, where he provides compliance, internal investigation and white collar defense services. He can be reached at 
