Printer Friendly, PDF & Email

Separating compliance and legal: Part 1, Best practices for defining expectations and responsibilities

Jack Rovner ( is an attorney and the co-founder of Health Law Consultancy, a Chicago-based boutique health law firm.

Part 1 of this article presents cautionary tales that expose how conflicting expectations and responsibilities can reap adverse consequences for the CLO, the CCEO, and the organizations employing them.

Part 2 of this article will review practical considerations why a compliance function separate and independent from legal can and does serve corporate interests and is the “best practice” for an effective corporate compliance program. Part 2 will appear in the February 2020 issue of Compliance Today.

The good reasons are many for keeping the compliance department separate from the legal department and employing a chief compliance and ethics officer (CCEO) as a member of senior management to lead the compliance function independent of the organization’s chief legal officer (CLO) and the legal function. Among the most important reasons are the distinct expectations and responsibilities associated with these functions. The CCEO is expected to be the corporate conscience—vigilant against company officers and employees straying from the ethical; prompt to correct compliance transgressions; and champion of self-disclosure to government regulators, if not to the public. The CLO is the organization’s confidential adviser, expected within the bounds of professional ethics to defend the corporate interest and mitigate corporate exposure to government regulators and the public. Indeed, lawyers’ ethical obligation is to zealously represent their clients’ interests within the bounds of the law.

These distinct expectations and responsibilities, if combined, are fraught with potential conflict. The CLO’s role and responsibilities include furnishing legal advice and guidance to the organization—processes protectable by the attorney-client privilege and focused on minimizing, if not avoiding, organizational risk to legal liability. The CCEO’s role and responsibilities encompass implementing, managing, and overseeing an effective compliance program throughout the organization, and identifying and remediating compliance deficiencies—processes outside the attorney-client privilege that may not be subject to any privilege from disclosure. To avoid conflicting expectations and responsibilities, compliance program “best practice” separates compliance from legal.

This document is only available to members. Please log in or become a member.