I am attending the ACI Foreign Corrupt Practices Act (FCPA) Boot Camp in Houston. It is one of the best FCPA events held in Houston annually. It brings together some of the top local compliance talent, together with top national practitioners. One of the presentations was on how to tell your compliance story. It presented several interesting aspects of how to not only communicate your internal compliance story but how to also market compliance within your organization. Céline Gearson, Chief Ethics and Compliance Officer at Cameron International, had an interesting perspective on how she internally markets her compliance function. She termed these as “The Five Golden Rules of What Works”.
1. Socialize, Socialize, Socialize
Gearson believes that it is critical for the compliance practitioner to foster strategic relationships with key stakeholders within your company so that you can explain the compliance function on a one-to-one basis to get their buy-in. The importance here is to build those relationships prior to any compliance program implementation. She specifically mentioned the IT and Marketing departments. Another person I would add is the Corporate Secretary, the reason for this is that the Corporate Secretary has several constituencies within the company that he or she may work with and for. This can provide an opportunity to view a company’s ethics and compliance program and to help shape and direct it. The Corporate Secretary, head of IT or Marketing may be excellent resources to the Chief Compliance Officer (CCO), which may be under-utilized. It might be worth a cup of coffee or short meeting to see what they might think about your ethics and compliance program or how they might be able to assist you in your efforts.
2. Communicate metrics and near misses
Here Gearson said that it is important that the business units understand not only what you are doing from the compliance perspective but also how your actions are helping them do business more efficiently and, hopefully, more profitably. She gave an example of when she demonstrated the length of time required to approve sales agent. From this metric she was able to show how efficient it could be for the business unit if the onboarding of third parties was automated. With this information and the business units’ support, she was able to secure funding for this compliance initiative.
A second component of this rule is to use the investigations, audits and monitoring of compliance to show where the compliance function detected an issue before it became a compliance violation. This could occur in your routine audits or by spot-checking payment requests and invoices from certain third parties, either sales agents or vendors.
3. Create engagement and excitement
The organization in the middle will make or break your initiative so get them involved. So, for Gearson, it is imperative that you engage the employees in the middle of your organization before you rollout any implementation. She gave the example that for Cameron’s Compliance Week celebration, she calls upon employees to create the message. In this manner you can use your Compliance Week event not only as a springboard to internally publicize your compliance program but to foster a closer relationship with disparate groups within your company.
I would add that another part of this rule could be your financial incentives for doing business ethically and in compliance, such as a portion of a year’s salary in discretionary bonuses. While such financial rewards may be given in private, it is certainly true that those employees who are promoted for doing business ethically and in compliance are very visible and are public displays of an effective compliance program. I think that a company can take this concept even further through a celebration to help create, foster and acknowledge the culture of compliance for its day-to-day operations.
4. Become a marketing guru and IT expert
More than getting to know the folks in these departments, you need to know how they work and learn to speak their language. One of the things that you might try is to use social media to assist you. A key component of any effective compliance program is an internal reporting mechanism. The FCPA Guidance states “An effective compliance program should include a mechanism for an organization’s employees and others to report suspected or actual misconduct or violations of the company’s policies on a confidential basis and without fear of retaliation.” The Guidance further discusses the use of an ombudsman to address employee concerns about compliance and ethics. I do not think that many companies have fully explored the use of an ombudsman but it is certainly one way to help employees with their compliance concerns.
But, more than a reporting tool for compliance, there are other ways a company can help employees do business in a compliant manner. One commercial tool is Navigator, developed by the firm of Stroz Friedberg LLC, which the firm calls “a groundbreaking mobile and desktop application that makes your compliance program come alive! It automates clear answers and approval processes, and even offers data analysis for enhanced decision-making. The Navigator app is custom-tailored to each client and offers an array of benefits to any organization seeking easier ways to drive a positive corporate compliance culture.” I have seen this tool and it is way cool.
Yet there are other tools that are available, at no cost, and can be downloaded onto a mobile device such as a smartphone or iPad. These include the O’Melveny & Myers LLP Foreign Corrupt Practices Act Resource Guide, which concentrates solely on the FCPA and is primarily a new vehicle to distribute content it already makes available upon request. This content includes O’Melveny’s FCPA Handbook and In-House Counsel’s Guide to Conducting Internal Investigations. In addition, the app features five resource sections that serve as an interactive, illustrative directory with titles ranging from ‘O’Melveny Authored Client Alerts’ to ‘DOJ Opinion Releases.’
5. Embed your initiatives into business processes
Gearson and several other speakers talked about the need to embed compliance into the fabric of the company. Arvind Sharma, Senior International Trade Counsel, Business Integrity & Compliance at the Flowserve Corporation, said that building trust with the business is the most important issue he faces. The building of this trust comes from the demonstration that the compliance function is not ‘The Land of No, run by Dr. No’ but runs at the speed of business. By such demonstrations he is able to win the trust of the business units and this allows him to embed compliance initiatives into the company’s business processes.
I would add that this also means demonstrating the cost savings that are derived by having business unit employees participate in the compliance function. An example given was regarding third party representatives. Does your company really need all of the sales agents it currently uses? Is there overlap or duplication in the Supply Chain? The answers to these questions can go a long way towards reducing overall compliance risk and adding points to the bottom line. Further, properly trained, a business unit employee can perform some of the underlying due diligence investigation work for any third party business representative. The self-management of the business unit to fulfill these functions can drive down the overall cost of compliance.
I found Gearson’s five rules to be quite useful as starting points for thinking about how the compliance function can interact and work through the business unit to further the company’s goals of compliance. You can use each one of these to begin to lay the foundation for your compliance initiatives going forward.
Filed under: Best Practices,compliance programs,Department of Justice,Ethical Leadership,Ethics,FCPA,FCPA Guidance — tfoxlaw @ 12:01 am
Tags: best practices, compliance, compliance programs, Department of Justice, DOJ, ethical leadership, ethics and compliance, FCPA
© Thomas R. Fox, 2014