CCO Reporting to Board: Five Best Practices


report2Chief Compliance Officers need the support of their Board of Directors. The relationship between the CCO and the head of the Audit/Compliance Committee sends an important message to senior management and the entire company on the importance of ethics and compliance.

CCO reporting to the Audit/Compliance Committee has to be structured carefully to promote ethics and compliance. Here are my five best practices that should guide the reporting:

Quarterly Reports — The CCO should report in person to the Audit/Compliance Committee every quarter. If the CCO submits a written report and does not appear before the Committee, the failure to appear before the Committee reflects a defective relationship. The quarterly report is critical for both the CCO and the Committee to hear about compliance performance and challenges.

The CCO should be ready with a robust report on the compliance program, including real and tangible measurements covering culture, major risks, internal investigations, complaints, audits and other relevant topics. Too many Board reports are just riddled with “happy talk,” meaning a rosy picture of performance and future risks. A CCO has to be frank and honest with the Board. Directors appreciate the honesty and feel that they can make a valuable contribution by addressing the problems.report3

Executive Session – Every quarterly report should be concluded with an executive session where the CCO and the Committee can have a frank discussion on any potential issues. It is a valuable opportunity to raise important issues. An executive session demonstrates that the CCO is independent and empowered within the organization, and reinforces the CCO’s direct access to the Board, if necessary.

Sitting In on Other Reports – The CCO should sit in the Committee meeting when other important officers report to the Committee. For example, the CCO should attend the presentations by the Internal Auditor, the General Counsel, and the CFO. The CCO has a macro-view of the company and needs to be informed as to issues in other areas that may be significant and have compliance implications.

The General Counsel and Internal Auditor may sit in during the CCO’s report but should not be present for the CCO’s executive session. Conversely, the CCO should not attend the executive sessions of the Internal Auditor, General Counsel.

Informal Relationship – A CCO should actively maintain an ongoing informal relationship report4with the Chair of the Audit/Compliance Committee. A CCO has to have the ability to pick up the phone and call to Chair to discuss issues that may arise. A weekly meeting for coffee or a meal is important to develop and maintain the relationship.

Annual Report to Full Board – A CCO should report to the full Board once a year. The Audit/Compliance Committee quarterly reports are important but the full Board needs to hear about the challenges and risks facing the company, as well as improvements needed for the ethics and compliance program.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Michael Volkov, The Volkov Law Group | Attorney Advertising

Written by:


The Volkov Law Group on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.