The Virtuous Cycle of Compliance
W. Adam Hunt
Inclusive leader helping iconic brands avoid legal, ethical & compliance collisions | Focused on making risk management meaningful | Author | Coach | Core Values = Connection, Integrity, Impact & Excellence
by W. Adam Hunt
What is the simplest yet most impactful way to describe the compliance function to internal stakeholders? There is plenty of guidance regarding expectations of regulators — particularly from a US perspective. But the question I have often asked myself (and others) is how to best distill things like the DOJ/SEC’s Hallmarks of Effective Compliance Programs into an elevator pitch for business leaders? In other words, what’s the most effective way to “sell” the compliance program internally?
I recently came up with a (hopefully helpful) way to explain what I see as the virtuous cycle of compliance. As indicated in the below diagram, it consists of the “3 As” — Awareness, Assistance & Action.
#1 - Awareness
Awareness is the first step in the virtuous cycle. It includes all activities that create internal awareness of the compliance function, personnel, scope & mission. Opportunities for building awareness include training, internal communications, meetings/presentations/1:1s, etc. The point to underscore here is that these efforts all serve as a funnel for the second “A” and everyone can help to build awareness.
#2 - Assistance
The second step in the cycle comes from requests for assistance directed to your team of compliance professionals. These requests can come from an ever increasing variety of channels, and requires the compliance function to be available on whatever platforms internal clients are using (e.g. Slack or Teams in addition to email, phones and hotlines).
#3 - Action
Action is the support provided by compliance professionals in response to requests for assistance. For greatest impact the guidance must be expeditious, understandable, and actionable by your internal clients across the business.
The Virtuous Cycle
The positive feedback loop continues when support provided by the compliance team helps the business avoid distraction and disruption from adverse regulatory actions. This encourages business leaders to proactively engage with the compliance team members going forward, share their experiences with others internally, and generally create more internal awareness.
Compliance as a Business Partner
The main message to convey with this framework is how the compliance team serves as a business partner versus a gatekeeper. It is also an opportunity to highlight that compliance — and flagging potential compliance issues — is a responsibility that is shared by all employees (versus the job of just a single department or function). This is increasingly important as recent regulatory guidance has expanded focus beyond “tone from the top” to greater accountability across organizations.
The main message to convey with this framework is how the compliance team serves as a business partner versus a gatekeeper.
Thoughts?
I would love to get input from other compliance professionals as to whether this framework makes sense, is overly simplistic, and/or could use improvement. One important element to underscore is that this is not intended to cover every element of an effective compliance program. Rather it is a high level way to help communicate the value that compliance can bring to the business in simple and straightforward terms.
*This post reflects my personal perspective as a compliance professional and is intended to serve as an opportunity for discussion and reflection within the broader compliance community.
General Counsel at Orange County Superior Court
3 年Nicely explained, Adam.
CEO @ Ethena | Helping Fortune 500 companies build ethical & inclusive teams | Army vet & mom
3 年This tracks with some great research I saw on the importance of accessibility and applicability (train people based on how issues manifest in their work stream, versus "one size fits all"). Leonard Shen, thought you'd enjoy this!
Enterprise Sales Challenger | Legal & Compliance Aficionado | Former CEB, Gartner | Adventure Enthusiast
4 年Getting all of this right would make an 'awesome' compliance program. Nicely put, Adam. It's particularly interesting to see over the years the increased value compliance is bringing to the business. Bigger tech budgets, a shift for more work in-house, and more-and-more direct reporting lines to the CEO. What a fun time to be in compliance!
Executive | Non-Profit Board Chair | Speaker | DEI Advocate | Advisor | Innovator
4 年Y'all should check this out. It is a very thought provoking approach to building a compliance program and framework.
Vice President/Chief Compliance Officer at Western Digital
4 年I look forward to continuing the discussions and seeing how this all evolves!