Compliance professionals learn from each other. Recently, I had the good fortune of meeting two experienced compliance professionals in Los Angeles for dinner and a thoughtful discussion. I learned a lot from them at the dinner.
One idea we discussed was a new model for compliance – embedding compliance professionals within business units of an organization. Let me try and explain what I learned.
Many companies maintain a centralized compliance office with specific responsibilities assigned to groups or individual compliance staff. That is the model for most compliance offices. It reflects the resource limitations of a compliance office – there are not enough compliance personnel to fan out into an organization.
If you assume that a company dedicates sufficient compliance personnel to the company, maybe another model should be examined. Instead of a centralized compliance office, the company could assign and embed compliance personnel within individual business units. Each unit would have a dedicated compliance staff, consisting of one or more compliance officers.
Co-location of business and compliance staff would foster communications between business and compliance staff, and more importantly, improve the chances that compliance staff would participate in new business initiatives from the inception. Co-location also would increase communications and break down divides which normally inhibit communications between business units and compliance staff.
The challenge for the model would be management of the compliance staff across business units to ensure consistent policies and practices. But consistency is not an end to itself – sometimes flexibility for specific business units or issues may be warranted.
If implemented, compliance managers would have to be vigilant to communicate among the compliance staff. The risk of such a management structure is the loss of control over compliance policies and procedures. The upsides of such a management structure outweigh the possible downsides.
The key factor (besides resources) for a company to consider is the structure of its operations. For global companies, such a design may be challenging. There may be too many moving parts to try and embed compliance professionals throughout an organization.
The best indication of whether this is feasible is the extent to which a global company already embeds other corporate functions in local offices. For example, if legal, auditing or procurement staff is assigned to locations around the globe, compliance can certainly be divided in the same way. If the company does not have sufficient compliance staff to accomplish this task, then the company needs to hire additional compliance staff.
In many cases, the benefits of embedding compliance staff will outweigh the downsides. The closer compliance can “touch” business units which are involved in risky interactions with foreign government officials the greater the likelihood that a business person will avoid potential bribery. This is an idea worth considering.