Compliance is a Team Sport……
October 14, 2019, Paul Brown, Partner
In many corporations, those who produce revenue (sales) and those who fuel sales by producing differentiated intellectual property (product/service teams) are celebrated as the lifeblood of the enterprise. As another fellow executive once said to me “either you make it, or you sell it – otherwise you’re just overhead”. While truly deserving in many cases, those functions also benefit from having clear individual metrics and objectives that can be easily measured …. did we make the revenue number? How many new logos did we add this quarter? How many new offerings did we roll out to customers this year? How many patents did we produce this year?
What about those people in the organization responsible for compliance? Have you ever seen the annual President’s Award for your company go to those who keep your company OFF the front page of the Wall Street Journal or by NOT getting a big fine? If you have, take a huge bow and let me know who you work for! In reality, no single functional organization OWNS compliance. Yes, Legal is usually on the front end of defending whether an organization is compliant and the IT organization plays an equally visible role in introducing a range of technologies & policies to “get” compliant but neither OWNS the end-to-end resources or knowledge pools required to truly understand your current ability to “be compliant”.
In a world where continually changing and expanding customer expectations get combined with the complexity of a changing IT landscape, cyber threats, third party dependencies, and a distributed global workforce, this is not a sport for the faint of heart or cash-strapped! While that statement seems like a great reason to stay in bed, here are a few leading practice design points to consider:
1) Objectively view, staff and fund your Compliance team as something you are standing up to play in largely never-ending game. You are well-served to share the accountability for your compliance obligations to those closest to the action across functional organizations supported by a Program Executive & a named & active “C Suite” Sponsor. The Sponsor’s role is critical to driving needed dialogs on funding & accountability and visibly demonstrates to your clients that compliance is long term investment you are making on their behalf.
2) Drive equal responsibility within your team structure for capturing who you have compliance obligations to, what specifically is required to clearly demonstrate compliance and how to operate a repeatable system capable of meeting 100% of your obligations. Those “demand” and “supply” leadership roles have the responsibility to fan out within the organization to drive the hard conversations, seek clarity from those with deep domain knowledge and raise funding decisions needed to meet new obligations & continually look for efficiencies.
3) Drive the discipline into your team to develop, document and share “compliance blueprints” that map critical inputs, dependencies and functional responsibilities for meeting an obligation, make required reporting to your clients MUCH easier and it future proofs processes that can sometimes be tied to specific people or point in time. This step will require you to develop a common blueprint structure that can then be customized at a granular level for the differing types of compliance obligations you may have (GDPR, Federal FAR, DFAR, Cyber, customer-specific obligations, etc.)
4) Challenge your Senior Staff to use compliance as a development opportunity for High Potential employees who you are seeking to expose to the business outside of their functional role. There is huge leverage to be gained by exposing this talent pool to the cross-functional interlocks needed to meet obligations and hard decisions needing to be made to meet customer demands.
5) Give your compliance team the President’s Award in 2020…. Ha! (just seeing if you are awake!) No really…. find a way to celebrate and recognize the efforts of all of those who wake up every day with an obligation and passion for doing the right thing to keep your customer revenue flowing and your reputation the best it can be! You’ll never realize how much one employee can make a difference until they walk out the door…do not let that happen!
In summary, as your revenue and success in new markets grow, your compliance obligations will also expand. Creating and driving a consistent and sustainable approach for handling any compliance obligation is time well spent and will prove to be more efficient than scrambling to stand up capabilities quickly when a new requirement arises.