In case you missed it, the era of corporate governance is nearly over. Now we are smack dab in the middle of the era of compliance. That's not to say that governance isn't important, but most of you already have a handle on the importance of good governance--even if regulatory agencies provide you with little more than a moving target. The challenge with compliance is that it's even more ill defined than good corporate governance was three years ago.
Part of the problem is that there is some confusion in corporate America as to who should hold the title of corporate compliance officer, which department should fund compliance programs and how companies should implement compliance procedures, strategies and tactics. There also is the question as to what role in-house lawyers should play.
First and foremost, it's crucial that companies understand creating an ethical workplace and running a "compliant" company are two very different things. Most in-house lawyers understand that. But what they perhaps don't understand is the best way to create a compliant company. The most frequent comment I hear is, "We know that compliance is important. We know that infrastructure that allows us to be compliant is essential. We know that having clear benchmarking tools and resources is a necessity, but where do we go to find out how to do all that, and make sure we are doing it the right way?"
There are many companies and consultants that have evolved into experts in this area or were born anew to solve this problem; a Google search of "corporate compliance" yields 45,700,000 hits, maybe not as many as "Michael Jackson Trial," but still an overwhelming number.
For years CLT has written about various compliance issues of concern to the in-house bar, and about companies that offer training programs. Those companies can provide the tools necessary to develop a strong compliance program (and law firms can offer advice on the topic), but they can't run it and oversee it. In order for compliance to work, someone in the organization has to take ownership over it. And that creates some questions:
>Should the top corporate compliance officer (CCO) come from the legal department?
>Where does the CCO turn to build the necessary framework to do his job?
>Who does the CCO report to?
>How do you build a budget for a companywide compliance program?
In my interactions with groups and individuals who are trying to address these questions, I came across an organization that is solving a significant portion of these problems--the Open Compliance & Ethics Group (OCEG).
OCEG is a non-profit founded to provide companies with the tools and resources necessary to benchmark their programs and improve existing programs. Their mission isn't limited to just grappling with compliance issues, but also to bolstering companies' compliance, risk-management and
governance initiatives so that the businesses can drive performance. OCEG worked with law firms, business leaders and academics to design its benchmarking frameworks.
OCEG has successfully built tools that allow companies to measure how well they are doing against the backdrop of external benchmarks. The guidelines they provide are scalable and practical, and can help CCOs better do their jobs.
We have already begun working with OCEG to help them share their story, knowledge and expertise with in-house lawyers and compliance officers. While I tend to shy away from overt self-promotion in this column, the fast-changing regulatory and compliance space has made is necessary for us to focus a lot more on the compliance field. And OCEG can help us accomplish this.
This is a topic of huge importance for you, our readers. As we continue to serve your needs, the best way we can do that is to hear what your challenges are. And even better, how you've successfully solved those challenges. I invite you to share your thoughts and experiences via e-mail about this topic.
Please let me know what you think by e-mailing me at firstname.lastname@example.org.