Printer Friendly, PDF & Email

Compliance and the board: Challenges and best practices

Brian D. Annulis ( is Senior Managing Director, Sarah M. Couture ( is Managing Director, and Kayla M. Teune ( is Senior Associate at Ankura in Chicago.

Chief compliance officers (CCOs) understand the importance of creating a culture that identifies and mitigates risks. In fact, not having a culture that timely identifies risks and escalates them was in the top 10 risks according to “Executive Perspectives on Top Risks in 2019.”[1] One of the first steps in establishing a compliant culture is educating and involving the governing body/board in compliance. Guidance documents from both the U.S. Department of Justice (DOJ)[2] and the U.S. Department of Health & Human Services Office of Inspector General (OIG)[3] discuss the importance of a culture of compliance being driven by organizational leaders, or “tone at the top,” and creating and fostering a culture of ethics and compliance with the law.[4] Additionally, the U.S. Federal Sentencing Guidelines indicate that the company’s “governing authority shall be knowledgeable about the content and operation of the compliance and ethics program and shall exercise reasonable oversight.”[5]

Although it is clear that board needs to be involved, it is common for CCOs to struggle with what the compliance–board relationship should look like in their organization. The reasons a CCO may have difficulty fostering a meaningful board relationship may include:

  • The CCO having limited access to the board in general;

  • Not knowing the best way to engage the board and help board members understand their compliance oversight responsibility;

  • Being unsure of the balance between information overload and not enough information when reporting to the board on the compliance program;

  • Being unsure of the best way to educate the board on compliance and which compliance topics should be included;

  • Lack of certainty as to whom to engage with on the board and how frequently;

  • Compliance may not be a priority in the organization, so the CCO may not get adequate time with the board; and

  • Compliance being looked at as a regulatory necessity to check the box vs. a valuable business partner that reinforces a positive corporate culture.

This article is intended to share a road map on how to effectively create and manage board engagement and interactions to strengthen your compliance program and overall corporate culture.

This document is only available to members. Please log in or become a member.