The practical utility of having a firm definition of "Compliance"

There is a lot of argument around the definition of Compliance. But we could say: no matter these disputes, because fortunately defining Compliance is useless! Indeed, one could believe that "to define" is a school exercise, a matter of introduction in a student dissertation. Useless because it would be only theoritical (therefore, it is useless) and because it is too general (therefore, it is useless). This is why we should move on to what would be serious matters, namely the technical and positive study of concrete cases: for instance, a case of corruption, a reading of text on the protection of personal data, an analysis of a code of conduct, etc. At last something concrete! Finally solid! One could well do to leave the professors and other theorists to their games, even their childishness, of defining the concept of Compliance, to move towards "technical" and "pragmatic".

But on the contrary to understand and to manipulate the Compliance tools, it is so efficient to have a firm, clear and simple idea of what Compliance is. Because every technical rule and concrete solution depend of this definition. Moreover, the future of this new and so powerful area that is Compliance depends of this definition we decide to give it.

IF WE WANT TO DEAL WITH NEW GLOBAL RISKS, WE NEED A LARGE DEFINITION OF COMPLIANCE BY "MONUMENTAL GOALS" AROUND HUMAN BEINGS

It is admitted that the national and international legislations about corruption, money laudering, but also antitrust or personal data and climate change, put in place Compliance mechanisms, such as Compliance programs, extraterrioriality effect, deals, whistleblower, etc. These technics give to private enterprises a new responsability : to fight against global dangers, to protect everyone, maybe to save the planet. Compliance could be a sort of New Deal between public authority and private sector, between Politic and Market, except that the consent of enterprises is not required.

This is why Compliance is so often contested by firms because Compliance cannot be simply defined as the obligation to comply with the legal rules : everyone must respect Law, companies as myself, but I am not obliged to save the planet or to give information about criminal behavior around me.

These so specific obligations generated by Compliance, for instance the obligation to inspect by internal review for searching the violations, or to educate others, or to denounce, or to organize an equality between men and women, etc., are so strange and so new...

They are so strange because this is the State duty to educate people, to look for infractions, to collect and diffuse information, to preserve the financial market solidity, although the sole duty of us, companies as myself, is to follow the rules, not to concretize them. Why this new conception of this Compliance system where enterprises must concretize these rules ? Why these rules and not others ?

Because it is easy to understand that it is efficient to ask enterprises to concretise themselve the rules, not only to follow them. But why not have put this system before ?

Because the world is full of new dangers and the recent history gave us some terrible lessons about them. These new dangers are systemic : they are the risk of systemic failure, in financial and banking area, in environmental area, in digital area, in health area. History shows us a State alone is not able to stop this sort of crisis.

We don't have any legal or political set of mechanics powerful enough to do it, because the enterprises don't have the tools and the purposes to do it and the states don't have the geographic and by the way the normative dimension to do it. This is why the first historic manifestation of Compliance was in the US just after the 1929 crisis, by the creation of the SEC.

But we face new dangers : propagation of virus, environmental disaster, which ignore frontiers. It is impossible to fight against them if we don't us this new system of Compliance, using entreprises as weapons for the global general interest. Not all entreprises, only those are in position to achieve these goals : the "crucial entreprises", such as banks.

Only these goals can explain and justify these new mechanisms. It is not satisfying to just give a list "à la Prévert" of these purposes. One about Criminal Law, one about Antitrust Law, one about Labor Law, one about environmental Law, and so on... By the way, if we do so, how can we be "specialised" in Compliance ? How to learn so many rules ?

Maybe it is why I often read "Compliance is very complex" and the sentence after is "we must put all these thousand of regulation in a machine which could stock them and at the end of the day could decide for us what to do". If we do that the result will be : the Humans will be nowhere and the decision will be always "do nothing".

But on the contrary we must find a definition which doesn't lead to the disparition of the human decision and which preserve the capacity of the firm to take risk, to undertake.

A definition which put the human not outside the system by a mechanical Compliance system, but on the contrary in the center of the Compliance.

What is common to these goals are two substantial qualities. Firstly, they are "monumentals". Save the planet..., eradicate corruption around the world..., obtain the equality between humans..., it is not at all a question of "respect of every applicable rule" (some define Compliance like that) : it is a political definition for a monumental pretention, a sort a dream (for instance the dream of an effective equality). This monumental pretention has a political dimension, this is why public bodies are the first normative source of Compliance Law. More the dangers are important and more these pretention must be proclamed. And now, the dangers are so real.

Secondly, these monumental goals are not so diverse. They appear so because we see them through every traditional branch of Law (Contract Law, Corporate Law, Criminal Law, International Law, etc.) but if we detach our mind from this classic knowledge - it is so difficult because we learned so many legal rules -, we see that every set of Compliance solution is alway made to protect human beings.

Indirectly when the purpose is the protection of the systems, financial and banking systems, economic and social systems, natural system, health system, which is more the American conception ; directly when the purpose is the protection of the individuals, through their data, which is more the European conception.

So, the Compliance definition could be built by this simple Monumental Goal : the protection of Human Beings. This gives the unity of Compliance technics, explains why Compliance doesn't concern every rule, why it obliges only powerful entities.

More importantly, if we adopt this substantial definition of Compliance by its Monumental Goals around the direct and indirect protection of Persons, this new branch of Law will be the new humanism for the future.

_________________________________________________________

One reference : Frison-Roche, M.-A., The dreamed Compliance Law, 2020