Compliance resistance: The risk of sacred cows in an organization

Ursula Schmidt (, is owner of the consulting firm Schmidt Advisory in Luxembourg. She formerly served as Executive Vice President, Audit & Compliance, at RTL Group SA.

As a compliance professional, have you ever been confronted with blatant, open, persistent resistance? Not just that one occurrence of, “Oops, I wasn’t aware of the new travel and expense policy,” but rather, “The new travel and expense policy doesn’t concern me; it’s just for staff”? And, although you consider your company a well-organized one with a sound attitude towards risk and overall good processes in place, this blunt refusal to comply with internal rules doesn’t seem to astonish anyone. If you talk to staff, you hear consistent stories, like, “He has a special agreement with the CEO about his expenses,” “We have been told to reimburse everything he submits,” or worse: “Yes, the amounts are huge, but he doesn’t like to be questioned about anything.” If this sounds familiar, chances are you just met a sacred cow.

So, what’s the massive difference to someone just being a little grumpy about compliance rules and simply not liking compliance overall? “Sacred cow status” in compliance typically means that there are three things present in an organization: 1) There is strong resistance to being criticized or even questioned about certain practices—something is “off-limits” for compliance; 2) there are seemingly common beliefs that such practices are normal and to be accepted; and 3) common beliefs or practices tend to be entrenched—sacred cow status isn’t gained overnight.

The concept of sacred cows is thought to have its roots in Hinduism, where cattle are venerated as special animals.[1] As an idiom, sacred cows have some characteristics that mirror well what we may observe in an organization if compliance faces a roadblock: common ideas, beliefs, or practices that are immune to being challenged, appear to be generally supported, are often rooted in tradition, and are hard to change.[2]

Sacred cows in an organization can bear a variety of risks, are sometimes difficult to spot, and, once identified, are hard to weed out. Hence, for a compliance professional, it is crucial to be aware of the risks and triggers that can lead to sacred cow status and have a few strategies at hand in case a sacred cow gets out of her shed.

This document is only available to subscribers. Please log in or purchase access.