"Culture drives great results.” ~Jack Welch
“Treasures of wickedness profit nothing: but righteousness delivereth from death.” ~Proverbs 10:2
Recall the last time you engaged in your organization’s annual budget process. If you are like many Chief Compliance Officers, your Chief Financial Officer probably wasn’t offering huge increases in your budget. In fact, you were likely asked (or told) how much of a budget reduction target you would be expected to achieve in 2014. It’s enough to make you want to declare, “Really?!?”
In this era of exponential increases in domestic and international regulatory compliance obligations, we are planning strategically to meet the monitoring and reporting challenges with enhanced governance, efficient technology applications, and increased staffing. Yet we are frequently challenged financially to justify our alleged expense-side burden on the income statement, while our revenue-producing friends across the income statement aisle often escape the budgeting process unscathed—or even emboldened. We must partner with them.
Why do I believe that we must engage our colleagues in Sales & Marketing to share our commitment to enterprise-wide regulatory compliance? Well, it certainly begins with the “tone at the top” set in the C-suite, thus implying that all production, revenue, and administrative leaders must be equally and uniformly committed to your organization’s Code of Conduct. And while I am not implying that our Sales & Marketing employees are solely responsible for regulatory fines and sanctions, exposure to the marketplace does generate the overwhelming volume of regulatory action for any organization.
So, let me ask you a few questions…
· What product or service does your organization sell?
· What is the profit margin on each unit sold?
· How many units must you sell to recover the income consumed by a large regulatory fine, attendant civil litigation, and associated loss of revenue from brand reputation depreciation?
Apply that calculation to the recent J.P. Morgan Chase $13 billion U.S. Department of Justice settlement. Someone at that bank is going to have to sell a slew of mortgages and auto loans to recapture that lost revenue!
So, let me ask you a few more questions…
· What is the aggregate cost to invest in training each of your employees to comprehend and practice ethical and compliant behavior appropriate for their job classification at your organization?
· What is the aggregate cost to invest in implementing appropriate internal controls and continuous monitoring systems to prevent, detect, and mitigate compliance failures at your organization?
· Is the sum of those two investments less than the cost of a large regulatory fine, attendant civil litigation, and associated loss of revenue from brand reputation depreciation?
Notwithstanding the painful financial cost of fines and litigation, salespeople viscerally understand the burden of attempting to sell a product or service that has become a perceived societal pariah. [Think Arthur Andersen…Enron…the Ford Pinto.]
When we train our Sales & Marketing colleagues to understand pertinent consumer protection regulation and encourage those colleagues to leverage management, the Code of Conduct, and your Compliance team to detect, report, and mitigate compliance risks, everyone wins. Let’s face it…sales incentives and corporate bonuses are larger for everyone in the company when left undiminished by preventable costs of fines, litigation, and lost sales. And that, my friends, is why Sales & Marketing should care about regulatory compliance.
Friday, November 22, 2013
Tuesday, November 5, 2013
Regulatory Compliance: Tear Down That Ivory Tower!
I recently ran into a Compliance colleague, “Jill”, whom I hadn’t seen in a while. As we exchanged pleasantries, Jill explained how busy she has been at her organization, to a point where she “couldn’t even get out of her office for lunch most days.” I understood her sentiment, but I challenged Jill’s premise that her most effective oversight of her Compliance Management Program was being accomplished sitting at her desk with her nose to the proverbial grindstone.
“What do you mean?”, Jill inquired.
“For starters, how are you assessing the compliance culture within and across your organization?”, I responded. I waited for the predictable response.
“I receive reports from each department head on a quarterly basis. I meet with those same department heads at least annually as we update our risk assessment. “ And then she punctuated her response, “I always know what is going on from a Compliance perspective.”
We visited for a few more minutes before continuing on our respective journeys. I have the utmost respect for Jill, and the many colleagues with whom I’ve engaged in similar conversations over the years. But I was reminded again that day that differing viewpoints pervade our Compliance Management profession.
I liken the practice of our craft to that of a world traveler. In fact, given the international nature of Regulatory Compliance, many of us have become world travelers from time to time. But one cannot truly experience traveling the world by reading other people’s written accounts of foreign lands. Similarly, Compliance professionals cannot simply read stacks of reports, formally engage depart heads once or twice annually, and conclude that they have traveled the organizational “globe”.
We’ve got to come down out of our ivory towers. In fact, we’ve got to tear down our ivory towers in the Compliance Department and never return to our old ways. Instead, let’s engage leaders at all levels across our organizations as often as possible. Informal dialogue that may occur within the context of a scheduled project meeting, or a chance meeting in the hallway, can often generate useful information that lends itself well to a holistic risk assessment.
Leaders want to tell you what concerns they are facing, and when those concerns signal regulatory compliance exposure, you have an opportunity to collaborate further toward a resolution. Internal Audit provides another natural source of regulatory compliance risk data gleaned from its expansive reach throughout your organization. Regulatory Compliance also finds a natural ally in the Information Technology Department, where governance, risk management and compliance looms large over an ever-evolving landscape. Compliance professionals grow to become trusted confederates with leaders of lines of business, Internal Audit and Information Technology.
So join me! Grab your water bottle or coffee cup, and explore your organization more freely. Engage others daily and take a more genuine interest in the regulatory compliance challenges facing your fellow leaders. Collaborate with them to develop lasting compliance solutions. Your risk assessments and resultant regulatory compliance program will flourish, producing more meaningful results for the entire organization. You won’t want to return to the ivory tower.
“What do you mean?”, Jill inquired.
“For starters, how are you assessing the compliance culture within and across your organization?”, I responded. I waited for the predictable response.
“I receive reports from each department head on a quarterly basis. I meet with those same department heads at least annually as we update our risk assessment. “ And then she punctuated her response, “I always know what is going on from a Compliance perspective.”
We visited for a few more minutes before continuing on our respective journeys. I have the utmost respect for Jill, and the many colleagues with whom I’ve engaged in similar conversations over the years. But I was reminded again that day that differing viewpoints pervade our Compliance Management profession.
I liken the practice of our craft to that of a world traveler. In fact, given the international nature of Regulatory Compliance, many of us have become world travelers from time to time. But one cannot truly experience traveling the world by reading other people’s written accounts of foreign lands. Similarly, Compliance professionals cannot simply read stacks of reports, formally engage depart heads once or twice annually, and conclude that they have traveled the organizational “globe”.
We’ve got to come down out of our ivory towers. In fact, we’ve got to tear down our ivory towers in the Compliance Department and never return to our old ways. Instead, let’s engage leaders at all levels across our organizations as often as possible. Informal dialogue that may occur within the context of a scheduled project meeting, or a chance meeting in the hallway, can often generate useful information that lends itself well to a holistic risk assessment.
Leaders want to tell you what concerns they are facing, and when those concerns signal regulatory compliance exposure, you have an opportunity to collaborate further toward a resolution. Internal Audit provides another natural source of regulatory compliance risk data gleaned from its expansive reach throughout your organization. Regulatory Compliance also finds a natural ally in the Information Technology Department, where governance, risk management and compliance looms large over an ever-evolving landscape. Compliance professionals grow to become trusted confederates with leaders of lines of business, Internal Audit and Information Technology.
So join me! Grab your water bottle or coffee cup, and explore your organization more freely. Engage others daily and take a more genuine interest in the regulatory compliance challenges facing your fellow leaders. Collaborate with them to develop lasting compliance solutions. Your risk assessments and resultant regulatory compliance program will flourish, producing more meaningful results for the entire organization. You won’t want to return to the ivory tower.
Subscribe to:
Posts (Atom)