Tosin Umukoro (email@example.com) is the Director of Compliance for Stryker UK & Ireland.
According to the United States Department of Justice’s Evaluation of Corporate Compliance Programs, effective implementation of a compliance program requires those charged with the program’s day-to-day oversight to act with adequate authority and stature. Sufficient resources, seniority within the organization, and autonomy from management are all factors that prosecutors take into consideration when investigating an organization to ultimately determine whether to bring charges, negotiate a plea bargain, or come to other agreements.
While it is increasingly accepted that a compliance team operating independently can best serve a corporation’s interests, it is also well known that planning the structure of the compliance function is not an off-the-shelf task. Careful consideration of an organization’s unique features and control requirements all affect the optimal compliance structure. A large company, for instance, with several places of business, hundreds of employees, and multiple business units is likely to require specific compliance roles and compliance professionals to be aligned appropriately within the business. Specialist compliance professionals afford business units a dedicated compliance resource, with more knowledge of each unit’s activities and the inherent risks, which can be advantageous for mitigation activities. Smaller organizations, however, can also effectively achieve compliance objectives with one central team.
For most organizations—no matter the size—when compliance objectives are part of the overall mission, they become mutual goals among departments, thereby enabling the formation of alliances between compliance and other functions. These alliances have a synergistic effect on the reach and impact of the compliance program by engaging key stakeholders, accessing specialist skills and capabilities, and/or overcoming the lack of compliance resources. Therefore, it is vital that compliance professionals be strategic about their alliances and allow the functions they partner with to work where they’ll bring the most value.
Establishing the common goal
While the concept of compliance being everyone’s responsibility isn’t necessarily new, the function is unfortunately sometimes still seen as a delay to revenue-generating endeavors. Compliance professionals should, therefore, seek to have a comprehensive understanding of business strategies and priorities to help foster the building of internal relationships necessary for nurturing successful business partnership. Regardless of their size, the most effective compliance functions proactively connect their program goals (i.e., preventing and detecting misconduct and promoting a culture of ethics) to the priorities and objectives of the organization, establishing common objectives that everyone plays a role in achieving.
A best practice approach involves first establishing a methodology to identify, assess, and prioritize compliance risks faced by the organization. These risks can then be integrated into other programs that address strategic, operational, and financial risks. By highlighting (1) the negative effects that noncompliance would have on the attainment of the overall organizational goals and (2) the role each function plays in helping to mitigate those violations, compliance is effectively reiterating the shared ownership of the objectives and the mutual benefits of the organization’s success in reaching them.
This approach can illustrate how even extremely successful compliance programs can be overseen by a department of only one or two compliance professionals. It also helps to reinforce the role of the compliance function as a valued partner that is essential to sustainable business growth.