Every Board of Directors need a true compliance expert sitting at the table. Almost every Board has a former CFO, former head of Internal Audit or persons with a similar background and often times these are also the Audit Committee members of the Board. Such a background brings a level of sophistication, training and SME that can help all companies with their financial reporting and other finance-based issues. So why is there not such compliance SME at the Board level?
An arm of the U.S. government has recognized the need for such expertise at the Board level. In 2015 the Office of Inspector General (OIG) called for greater compliance expertise at the Board level. The OIG said that a Board can raise its level of substantive expertise with respect to regulatory and compliance matters by adding a compliance member. The presence of a such a compliance professional sends a strong message about the organization’s commitment to compliance, provides a valuable resource to other Board members, and helps the Board better fulfill its oversight obligations.
This requirement was set out in 2017 in the FCPA Corporate Enforcement Policy, where one of the criteria to be evaluated in compliance program is “the availability of compliance expertise to the board;”. Finally, in the 2020 Update to the Evaluation of Corporate Compliance Programs, under the section entitled Oversight, it posed the following questions What compliance expertise has been available on the board of directors?
In an article, entitled “Compliance Expertise in the Boardroom”, Mike Volkov looked at it from both a practical and business perspective stating, “I have witnessed firsthand that companies that have a board member with compliance expertise usually have a more aggressive and effective compliance program. In this situation, a Chief Compliance Officer has to answer to the board for the company’s compliance program, while receiving the resources and support to accomplish compliance tasks.”
The DOJ and Securities and Exchange Commission brought this concept forward into the FCPA Resource Guide, 2nd edition. This means that when your company is evaluated by the DOJ, under the factors set out in the 2020 Update and the FCPA Corporate Enforcement Policy, to retrospectively determine if your company had a best practices compliance program in place at the time of any violation, you need to have not only the structure of the Board-level Compliance Committee but also the specific SME on the Board and on that committee.