One of the world’s greatest actors died over the weekend. It was Max Von Sydow, whose career spanned the great Ingmar Bergman’s black and white films from Sweden in the 1950s, through his starring role in “The Exorcist”, right up to the most recent Star Wars trilogy, as village elder Lor San Tekka in “Star Wars: The Force Awakens”. But it was his work with Bergman that many, including myself, will most remember him for. According to his New York Times (NYT) obituary, with “a gaunt face and hooded, icy blue eyes, he not only radiated power but also registered a deep sense of Nordic angst, helping to give flesh to Bergman’s often bleak but hopeful and sometimes comic vision of the human condition in classics like “The Seventh Seal” and “The Virgin Spring.””
It was the movie “The Seventh Seal” (1958), in which “von Sydow played Antonius Block, a strapping medieval knight who returns from the Crusades to his plague-ravaged homeland only to encounter the stern, ghostly pale, black-hooded figure of Death, played by Bengt Ekerot. To stave off the inevitable, Block challenges Death to a game of chess, and in the long intervals between moves he searches the countryside for some shred of human goodness.” It also provided one of the most endearing screen images of his chess match with death. In that one scene, von Sydow and Bergman, not only tamed complexity but transcended it.
One of the lessons we have learned from various Foreign Corrupt Practices Act (FCPA) enforcement actions over the years is how complexity in business organizations can work to defeat compliance programs. Whether a corrupt employee is working to actively hide a pot of money, which can or will be used to pay a bribe, or an improper payment slips through the cracks; complexity can work to defeat a best practices compliance program. If a compliance function does not have visibility into a business unit, how it does business and where its payments are going; it may be due to design or inadvertent complexity.
Thinking about complexity was considered by Martin Reeves, Simon Levin, Thomas Fink and Ania Levina in their piece “Taming Complexity”. The first thing to understand about complexity is that it is not all a bad thing. Complexity can add to organizational resilience and even flexibility. It can also lead to adaptability, as sustained business and compliance performance requires new offerings and capabilities – which can be created by recombining existing elements in fresh ways. Finally, complexity can lead to better coordination by business units across geographic regions and product lines. The bottom line to all of this is that complexity is not only here to stay but in the increasingly global world of business, it is a necessity. How is the compliance professional going to deal with it going forward?
A company should begin with using simple, common operating principles. This increases the chances that new elements and connections will fit comfortably into the organization and also contains complexity. One way to do so is to run your business on foundational principles, specifically including transparency. If you can move towards both transparency in all of your processes and protocols AND in the human element, so that personnel do not hide information, it can work to reduce complexity or at least make the complex less opaque.
Perhaps counter-intuitively, is relaxing controls. While this may actually sound antithetical to the compliance professional, a deeper analysis reveals this is actually the operationalizing of compliance. Instead of micromanaging each compliance decision, allowing employees the freedom to engage in constant, iterative experimentation can lead to more-powerful compliance outcomes than deliberately designing and tightly managing each step. This is particularly true in organizations whose environments are evolving in unpredictable and unprecedented ways.
The operationalization comes from the emergence of innovations. The more that autonomous small teams and even individual employees are experimenting with new elements and connections, the more options they create for the organization – as long as the innovations are properly codified and made available to all teams and groups. A great example of this was the GeoRegion Compliance Committees. However, a critical element is that employees are required to document and then report their recommendations and predict outcomes. From this point, the compliance function can serve as an enabler and sounding board for the experimenters, incorporating their ideas rather than simply dictating to them.
The fine step will be familiar to compliance professionals, which is to “fix, repair and prune.” While this step is closely akin to prevent, detect and remediate, it does present views not normally used by compliance professionals. It adds a robustness to a mature compliance program. It can work to create a culture that encourages employees to look out for and eliminate obsolete processes. Of course, this requires a true speak up culture and fully functioning reporting system. If you have this it will increase both the “quality and quantity of innovation.” Conversely, if you fail to do so, you might well reach the point where nobody has a complete understanding of your business processes, in other words, things will be too complex.
It is true that complexity in an organization can accumulate “until it is intractable and hard to reduce through incremental action.” If your organization is in that situation, you will need to develop another set of processes to unstick the complexity and recycle resources to reduce the overall complexity. The authors believe, “One way of achieving this is to establish new structures with a finite time horizon, identifying exit strategies in advance. By building in exit options at the beginning, rather than subjecting legacy elements to endless modification, leaders can avoid the accumulation of excessive complexity.”
While the authors believe that most companies say they “prefer simplicity over complexity… the truth is that complexity is increasingly necessary for viability and competitiveness in today’s dynamic, unpredictable business environment.” I would say this is even more true for the corporate compliance function. As compliance moves into the 2020s, a great decade of innovation and change is in front of us. Compliance is no longer lawyer-driven rules and regulations. Compliance is now properly seen and recognized as a business process, it is not simply a business innovator but can also be a profit center.
Compliance is now in an era of brisk innovation and evolution. It is prone to technological change and rapid obsolescence of the lawyer-driven, spreadsheet and word document based compliance programs. Going forward the compliance professional needs to understand that a “package of resilience, adaptability, coordination, and inimitability becomes more attractive than the package of efficiency, understandability, manageability, and predictability.” The key is to learn how to harness complexity on a sustainable basis.
[View source.]
