Compliance officers are rarely popular people in any organization, even when things are in a steady-state. When it’s time to critique a member of the leadership team, it can test the resolve of the leadership team to demonstrate their commitment to the ethics and compliance program. For the compliance officer who must deliver the message, the experience can range between uncomfortable and terrifying.
In a recent episode of our Fraud Eats Strategy podcast, I discuss strategies for critiquing organizational leadership with former Tyco and Johnson Controls Chief Compliance Officer Matt Tanzer.
He shared an experience in which he had to critique a member of the leadership team from his time as chief compliance officer at Tyco. Tyco had a new senior executive who joined the company and Matt was tasked with sitting down with that person and ensuring that he satisfied the corporate compliance guidelines regarding outside business interests and conflicts of interest. The officer owned several consulting businesses which were at variance with the conflict of interest policy. Matt had the unfortunate and perilous job of informing the senior officer that he would need to resign from his position at two of these entities. This was not welcome news to the new employee and he was not too happy about it. Nevertheless, he said that he understood and that he would resign from the two companies. Matt decided not to insult his integrity by asking him to confirm in writing when this was done. He simply accepted his assurances at face value trusting that he would do the right thing. In hindsight, that was a mistake. About a year later, Matt was contacted by internal audit about the executive and his outside business interests. In the ensuing conversation, it was quite clear that the executive had not resigned from his positions as agreed and it had caused a problem. By avoiding the uncomfortable conversation of asking the executive to provide written confirmation that he had resigned from the 2 positions, he ended up instead up having an uncomfortable conversation with internal audit a year later.
Matt shared some advice on how compliance officers and in-house counsel can strike the right balance between carrying out their duty while still not derailing their career in the process. It is a delicate balance. As a chief compliance officer, it’s your responsibility to make sure that all compliance and ethics policies are adhered to, especially by senior management who set the tone and example for the company.
He listed a few guiding principles.
Never swim alone. Always enlist support before you take an action that might be controversial. Make sure the general counsel has been briefed beforehand on the issues at hand and the steps you about to take and make sure you have their support. The last thing anyone would want is for their boss to be blindsided by some compliance issues affecting one of their C-suite colleagues. Make sure they’ve got your back before you take any action.
Always be professional. Don’t let emotions or power struggles interfere in the process of correcting a problem. Senior leaders are often very powerful. They’re accustomed to getting their way, and they often don’t respond well to being challenged. It is critical to stay calm and professional in all dealings with them and let the facts and the policies carry the day. Understand that compliance is not all-powerful and you can be beaten down pretty quickly if you’re perceived to be on a power trip.
Be humble but firm. Maintain a dose of humanity, empathy and understanding. Everyone is human and we all make mistakes. Carry out your responsibilities with humility but don’t let yourself be steamrolled. Be insistent that the rules be followed and that compliance requirements are met.
The DOJ’s recently updated guidance on the evaluation of corporate compliance programs asks what the company has done to internally communicate its position on misconduct and when an employee is terminated or disciplined for failing to adhere to compliance policies. For situations when leadership does not favor this type of transparency, Matt offered this advice. During a time at Tyco when the company had a whole series of compliance breakdowns, he was providing regular briefings to the audit committee and senior management on the various investigations that were ongoing. These senior-level people understood what had happened, who had been terminated and the results of these compliance failures. Matt felt it important for the rank and file employees to have the benefit of this same information. He believed that it would communicate that there was a robust compliance program in place, issues which were coming to light and that there were consequences. This was met with opposition by a member of the law department out of fear that the company would be sued by individuals who might be identifiable in those scenarios. Ultimately, after months of discussion, they could publish these types of stories monthly in a newsletter. They called it True Compliance Stories. Employees loved reading it. Compliance could track how many times it was downloaded from the intranet and people would discuss it at meetings. This newsletter and its popularity helped to change the culture and reinforce compliance within the company. There’s something in the compliance world called organizational justice which is very important to an ethical culture. Organizational justice means that people feel that the “do-gooders” are going to get rewarded and those who don’t adhere to the code of conduct are going to suffer the consequences.
One of the litmus tests that the government uses in determining whether a compliance program has been operationalized is whether and to what extent the company has exited problematic customer or third-party relationships that could not otherwise be remediated. Decisions like this can and often do negatively impact the business units who are counting on the revenue attached to that customer, distributor or sales agent. Inevitably, there is a business head who may feel like compliance is interfering with their business. To head off these situations before they threaten to disrupt the overall compliance operation, it’s critical to have senior management’s support for the broader compliance program. Before you adversely impact a business unit, you need to have top management buy into the principles and objectives of the compliance program if you’re going to survive the complaints of a business manager who feels that his business has been negatively impacted by these compliance requirements. In Tyco’s anti-bribery program, they required third-parties to complete a questionnaire as part of compliance due diligence. A third-party in Pakistan responded “yes” to the question “do you pay bribes in order to help generate business?” The company had no choice but to terminate that third-party. Compliance went to the business leader and explained that the third-party relationship had to be exited. It was not welcome news since there was a fair amount of revenue attributable to the third-party. Fortunately, Tyco’s compliance team had built a lot of support throughout senior management who concluded that it was not worth the risk of keeping a third-party that has acknowledged the payment of bribes.
Being a compliance officer isn’t for the faint of heart. Unpopularity comes with the territory. It requires the backing of senior leadership, a strong compliance program, continuous communication and a willingness to deliver hard truths and withstand the associated backlash.
To hear the full Fraud Eats Strategy podcast episode with Matt Tanzer, click here.
Note: The postings on this site are my own and do not necessarily represent FTI Consulting’s positions, strategies or opinions