Everyone knows the old saying about how tough cases make bad law. What we’ve also discovered in recent years is that daunting business conditions make for desperate—and ultimately ineffective—compliance. The problem that continues to plague U.S. and global companies is that we have essentially swung from one perilous extreme to another.
We began during the early part of this century in a business environment where compliance programs were often window dressing. There was little if any effort to actually educate key business operatives as to what was required of them to ensure that a culture of compliance would prevail. No one much cared, really, until, to paraphrase Warren Buffet, “the tide went out, so we found out who was swimming naked.” Compliance was often the missing swimsuit. At the turn of this century, some public companies did not even have compliance programs.
Third-party due diligence has skyrocketed. A few years ago, no one was doing due diligence on perhaps all but its most important trading partners, and much of that due diligence was financial in nature, to make sure the investment or partnership would be economically sound. Now, due diligence has taken on an altogether different meaning. Companies are now looking to see whether their partners and subcontractors are compliant with laws and regulations, both with U.S. as well as local law.
For all the progress that has been made to sail a safe course between the twin devils of “no compliance” and “boilerplate compliance,” challenges remain, particularly because the compliance department is still often perceived as a burden to business. The solution is in the numbers themselves. It has been proven that businesses that lack a strong compliance framework tend to be less profitable than ones with a strong compliance backbone. In addition, CCOs can point to litigation avoidance as well as their role in preventing the increasingly astronomical fines levied by regulators on other companies as evidence of incalculable bottom-line benefits. But the cost-benefit of compliance is not limited to just deterrence; indeed, more awareness can be generated out of the compliance department’s contribution to business opportunities.