I had to go to the dentist yesterday. I went for what I thought was filling repair but I had somehow forgotten that it was a wisdom tooth removal and a filling repair. I know you are thinking either (1) why does someone his age still have wisdom teeth and (2) how could he ‘forget’ he was having said wisdom tooth removed? All I can do is channel my inner-Laura Petrolino and say as improbable as it sounds, both can and do occur, at least with me.
While I was letting the anesthesia kick in for the wisdom tooth removal, my dentist, Dr. Shan Batiste, was talking non-stop to the newly hired dental tech. Since I was both under anesthesia or had dental tools in my mouth, I could not stop to ask any follow up questions and simply listened to their dialogue. I am not sure if it was his first day or just the first time that he had worked with my dentist but she was imparting to him what it was in his interview that led her to offer the position to him. Rather amazingly, I found my dentist had some very interesting insights about the compliance function.
Dr. Batiste said the reason she hired the dental tech was more than simply his technical qualifications. I can attest he did know his way around the dental chair. She was interested in whether or not he was a problem-solver. She said the issues her office faces are varied and wide ranging every day. It can be 10 people in the waiting area who ‘dropped in’ without appointment; to more complicated dental and even medical problems; to financial and insurance issues; to tech issues around things from computer signatures to X-Rays machines. In other words, a wide variety of issues far beyond the technical competence of knowing what tool to use in a patient’s mouth or what the condition of a 40 year old filling might be from a visual inspection.
It struck me that the diverse problem solving requirements are very close to what the compliance professional must do and it pointed to the differences between the compliance discipline and the legal discipline in corporate America. Lawyers are there to protect the company. Such a role can include problem solving but it does not move to the types of solutions that a compliance professional must develop in a best practices compliance program.
One of the leading commentators in this area is Roy Snell, the Chief Executive Officer (CEO) of the Society of Corporate Compliance and Ethics (SCCE). Snell advocates for the compliance profession and one of his insights is that he believes it is the role of the compliance professional to be a problem-solver or as Shell says, stop, find and fix problems. An elegant, if not more direct statement than the one found in the FCPA Guidance that says a best practices compliance program should prevent, detect and remediate or you can consider McNulty’s Three Maxims of “What did you do to stay out of trouble?” “What did you do to find out? and, finally, “What did you do when you found out?”
Corporate compliance should exist to do compliance, not be a paper program run by lawyers. Compliance should be there to solve problems. In many ways compliance is the fulcrum corporate discipline because it touches so many aspects of the corporate world. For a corporation to actually do compliance, it must be done in conjunction with the other corporate functions. I used to point people to gifts, travel and entertainment reporting as a key way to explain how compliance works into an organization.
However, the example I use now is in Human Resources (HR). I use this illustration because it is not immediately self-evident how HR folds into compliance. Yet when I explain the Bank of New York Mellon and Qualcomm enforcement actions and relate the reported facts of the JPMorgan sons and daughters hiring program, listeners grasp how compliance relates to an organization in ways separately and differently from legal. This example from HR demonstrates that internal controls can be used in a variety of ways and for a variety of modes; including the compliance function.
A compliance function requires you to not only have technical competence in the discipline but to have a wider knowledge about the business in which you work. One of the more interesting questions I have heard when hiring for a compliance role is ‘Can you read a spreadsheet?’ because when you submit or propose a compliance solution, you will need to be aware of those costs. Most generally lawyers, in a legal department, are never required to read a spreadsheet nor do they generally provide remedies.
This difference between the focus of the compliance discipline from the corporate legal function is reflected in the structural changes that have evolved the profession into Compliance 2.0. In a recent blog post in the FCPA Blog, noted compliance commentator Donna Boehme gave said, “given the prominent rise of Compliance 2.0, so evident at Compliance Week 2016, there is good reason to believe CCOs will be more likely to find themselves in positions that empower them to design and manage robust, effective programs that are less likely to be the topic of troubling scandal headlines. The healthcare and big-bank industries, Siemens, WalMart and VW are already there.”
So are you a problem solver?