Catherine Boerner ( email@example.com ), President of Boerner Consulting LLC in New Berlin, WI.
I have found that conducting a meaningful compliance risk assessment can provide reassurance to the compliance officer that concerns are being reported and addressed. I like to start a compliance risk assessment by asking leadership in a questionnaire, often under attorney–client privilege, what they perceive as the most pressing potential compliance risks to the organization or in their department. When compiling these responses, it often creates a list of 75–100 potential compliance risk areas. I believe this process in and of itself strengthens the compliance program by creating awareness and asking leadership to participate in a way they may not have participated in the past. This exercise may also prompt someone to report a compliance concern that they may have not thought to report to the compliance officer. This inquiry allows the compliance officer to focus on what leadership considers the most pressing as opposed to a list of only compliance risk areas the compliance department may see as important.