The book Money for Nothing can be summed up in one sentence: The boards running corporations in America today are ineffective. But while that sentence may be accurate, it is not news to corporate compliance and governance officers, so those of you looking for a more substantive analysis or solutions to the governance problems you face might want to read elsewhere.

That’s not to say Money for Nothing (Free Press, January 2010, 320 pps., $27) is uninformative or a dull read. On the contrary, for the non-corporate audience—and that’s most of the people in this country—it is a powerful, alarming look at the sorry state of boardrooms. It strings together one wincing picture of ineptitude after another, and demolishes any impression the lay person might have that board directors are intelligent counterweights to CEOs. The authors, John Gillespie and David Zweig, have deep experience either participating in Corporate America or watching it; Gillespie spent nearly 20 years as an investment banker or CFO, and Zweig was a writer at Time Inc. and Dow Jones before founding Salon.com. They know their stuff and have compiled an authoritative, if depressing, review of boardroom culture. I just fear that most Compliance Week readers already know that stuff, too.

The book opens with several examples of misgovernance related to the financial crisis of 2008. We hear the tale of Stanley O’Neal, former CEO of Merrill Lynch, who let his bank flounder and was finally sent packing in 2007 with a severance package worth $161.5 million. Then comes the story of General Motors, whose board bent like a reed to the wishes of CEO Rick Wagoner even though it ostensibly had many of the “good governance” practices in place, and ended in bankruptcy. More examples follow in that first chapter and then throughout the book; no matter what particular complaint Gillespie and Zweig want to make, sadly, Corporate America has some sorry spectacle to prove their point.

Still, diatribes against arrogant CEOs and witless boards are easy fare for business books. Gillespie and Zweig fire more thought-provoking broadsides at their three larger targets: the incestuous culture of corporate elites that keeps churning out inadequate directors; the cannon of business law in Delaware stacked in favor of boards and against shareholders; and the army of auditors, lawyers and consultants who exist to protect the senior management of their clients at, ahem, all costs. This is the corporate world every veteran executive knows and dislikes, but also tries to ignore because no single person (or company, for that matter) has much power to break out of it. Gillespie and Zweig, however, do a low fly-by of this world and depict its shortcomings in all their ugly detail. It’s enough to make any executive squirm and admit that the world we’ve built does not work as well as it should.

All that said, Money for Nothing illuminates the fundamental problems of the modern boardroom more than it answers them. Gillespie and Zweig depend more on anecdote than data to demonstrate a point, and stir up dismay at our present system more than explain how a new one could be built. Their last chapter does propose numerous reforms—forcing directors to keep more of their net worth in the company; splitting the chairman and CEO roles; proxy access for shareholders—but most of their ideas are nothing a compliance officer hasn’t heard before. A few (a government entity to identify qualified independent directors, for example) border on the outlandish and simply will not happen.

Yet even just illuminating those questions is a worthwhile exercise. How does a board act as both independent monitor of the CEO and a council to advise him or her? How can directors be prodded to take an active role in oversight, when D&O insurance inoculates them from the consequences of bad decisions, but nobody will take the job without insurance? How can companies find strong, independent directors, and then encourage that independence on the board?

Those questions (and many more like them throughout the book) get at the heart of risk management, which ultimately is what corporate compliance and governance executives are paid to worry about. You’re likely to be a bit impatient reading Money for Nothing; you’re likely to breeze halfway into a chapter and find yourself saying, “Yes, yes, I already know this.” But it will also make you ponder, Now what can we do about it? And that counts for something.

Next

Our book selection for April is Switch: How to Change Things When Change Is Hard, by the brothers Chip and Dan Heath. (Broadway Business Press, February 2010, 320 pps., $26.) Expect my review here on April 19.

Meanwhile, leave your own comments about Money for Nothing here, and feel free to suggest other titles for our Compliance Week book club to me at mkelly@complianceweek.com.

Every spring I write an editorial announcing the lineup of our annual Compliance Week lineup. As you might imagine, last year’s conference, in the shadow of recession and financial crisis, had a touch of gallows humor to the whole affair.

I am happy, and more than a little surprised, to report that our 2010 conference will have a much more expansive and energetic tone. In fact, this may well be our best annual conference yet—and I was there in 2007, when the economy and corporate compliance budgets were roaring along like nobody’s business. Still, to my thinking, our 2010 conference has a better agenda, covering more issues, that’s drumming up more enthusiasm and response among the compliance community. This is going to be good, folks.

Let’s start with the basics about the conference itself. As usual, it will take place at the historic Mayflower Hotel in Washington, D.C. This year we have moved it a few weeks early, to May 24-26. We’ll have several hundred corporate financial, legal, risk, audit, and compliance officers gather to debate and discuss critical compliance and risk issues, from FCPA programs and internal controls to risk management and executive pay.

Two of our keynote speakers are among the most important regulators around right now: Luis Aguilar, an outspoken reformist commissioner on the Securities and Exchange Commission; and U.S. Rep. Barney Frank, chairman of the House Financial Services Committee. Yes, some critics disagree with how Frank, Aguilar, and others in Washington are handling the financial crisis—but that’s precisely why we are putting powerful voices like theirs in front of you. They are the ones creating the environment corporate compliance officers must live in, period. Do you want to hear their logic? Do you want to challenge their logic? Our annual conference is your opportunity to do that, and to stay aware of how compliance is changing.

We also have a full complement of speakers addressing the implementation and enforcement of all the rules Washington churns out: Gary Grindler, deputy attorney general and top overseer of corporate investigations at the Justice Department; Lanny Breuer and Denis McInerney, his two top lieutenants; Shelley Parratt, deputy director of the SEC’s Corporation Finance Division, and chief expert on all things disclosure (including the new disclosures about executive pay and climate change that your company is making for the first time this spring). JetBlue’s CEO, Dave Barger, will give a joint presentation with Joel Peterson, chair of JetBlue’s audit committee, about how the airline fosters an ethical culture in today’s world.

But those are the headline speakers. The guts of the conference, as always, will be chief compliance officers talking frankly about the challenges of their jobs. We have dozens of CCOs, risk officers, and internal auditors from the country’s most prominent public companies: Walmart, American Express, TimeWarner, U.S. Steel, Tyco, Johnson & Johnson, Visa, Home Depot, and many more. They will be offering thoughts and ideas about all manner of compliance challenges and will be looking for the same from attendees. This is a peer-to-peer event, where your opinion is as important as any other.

Forking over the cash to travel to Washington and attend the Compliance Week conference is not easy in a bad economy; we know this. Hence we are striving to make this event the most relevant, informative, useful gathering of compliance and corporate governance executives in 2010. We can always deliver news and information to help you do your job, but there is no substitute for the rich experience of meeting with, talking to, and learning from your colleagues—even in an economy like this one.

So if you’re free in the last week of May, please join us. Details, the agenda, speakers, and registration information can be found at http://conference.complianceweek.com.

Yet again, the chorus of Sarbanes-Oxley critics out there have been shouted down by one bald fact: SOX compliance prevents financial restatements.

According to a new study due out this week from Audit Analytics, restatements fell for the third year in a row in 2009, from 923 in 2008 to 674 last year. The restatements themselves were down in every category that matters: average number of days restated, average number of issues per restatement, average dollar losses per restatement. Even the time necessary to calculate a restatement dropped in 2009. Any way the accounting department wants to cut it, the restatement crisis of the mid-2000s has receded. (Compliance Week is working to secure a copy of the report for publication as soon as possible, but I have seen an advance copy personally.)

The causes of restatements in 2009 were largely the same sorts of problems that always dog companies: debt, warrants and equity headaches; accounts receivables; compensation problems. Audit Analytics ranks the top five causes of restatements last year as:

• debt, quasi-debt, warrants & equity (BCF) security issues;
• expense (payroll, SGA, other) recording issues;
• accounts/loans receivable, investments & cash issues;
• deferred, stock-based and/or executive compensation issues;
• liabilities, payables, reserves and accrual estimate failures.

Compliance Week will have a full analysis of the report in the next week or two. The early facts, however, suggest that the Sarbanes-Oxley Act, as much as we all hate to admit it, is achieving its intended goal of making financial statements more reliable for investors. If you want evidence, compare the annual number of restatements between accelerated filers and non-accelerated filers for the past decade. Accelerated filers saw a steady march upward in restatements from 2002 until 2005—the year they first had to start complying with Section 404 of SOX, which requires strict testing of internal controls. From 2006 onward, the number of restatements fell, and continues to fall today.

Non-accelerated filers, however, have been exempt from most Section 404 even to this day. Restatements for that group reached the nosebleed number of 888 in 2006; they have since floated downward to 374 restatements in 2009, but that’s still well above the numbers the accelerated filers have been seeing. And remember, external auditors haven’t yet started any internal controls testing at non-accelerated filers.

The anti-SOX critics say Sarbanes-Oxley is a waste of time and money because it doesn’t prevent financial meltdowns. Well, Audit Analytics’ data shows a decrease in meltdowns since SOX compliance went into effect. The critics also SOX is a waste of time and money because we did all this improvement, and still had a financial crisis in 2008. Again, remember that SOX was passed to make financial statements more reliable for investors, and now we’ve seen fewer restatements since it went into effect.

As maddening as the financial crisis has been, it has largely been a crisis of flawed assumptions and reckless risk management coming home to roost—not accounting fraud. If Congress wants to pass another massive law to remedy the problems of the financial crisis, that’s fine. But it should not start rewriting Sarbanes-Oxley wholesale. That law is working just fine.

Sometimes corporate leaders step up and do the simple, ethical thing, and their tone at the top is a harmonized chorus delightful to hear. Sometimes they do the wrong thing, and their tone is more like a tribal screech of self-interest.

And then there is the messy, jangling, cacophonous governance meltdown otherwise known as Bank of America.

I hesitate to wade through the dueling tales of bad judgment at BofA outlined by the Securities and Exchange Commission on one hand and New York Attorney General Andrew Cuomo on the other. Yes, both regulators accuse the bank of withholding vital information from investors in late 2008 as it struggled to close its acquisition of Merrill Lynch—but the similarities end there. Cuomo essentially accuses BofA’s top leaders of sacking the bank’s former general counsel, Tim Mayopoulos, when he urged the company to disclose Merrill’s rapidly mounting losses in late 2008 before investors voted on the merger. The SEC, in contrast, says the bank’s leadership did act foolishly, but had no intent to hide material facts from investors that should have been disclosed.

That’s the gross over-simplification of all those headlines you’ve been reading for the last few weeks. If you want to dive into the hundreds of pages of court filings related to the case, feel free.

What fascinates (and depresses) me is the apparent lack of concern from senior executives and board directors about the best interests of Bank of America shareholders. If you read through the court filings, the BofA executives come across as manipulating the letter of the law to complete the merger by any means necessary; the boards seemed disengaged, struggling to keep pace with events, and more interested in handicapping who might end up in what role at the surviving entity.

But those two things are not always the same as the best interest of the shareholders, who saw Bank of America stock drop from $35 in September 2008 to $6.50 when the merger closed in January 2009. Those investors also had to swallow $11 billion in losses at Merrill for the fourth quarter alone, while paying Merrill $5.8 billion in bonuses for that, um, memorable performance.

The court documents (I did read them) sift through a dizzying thicket of laws and standards companies must comply with as they struggle through questions about material events and when to disclose them. But to my thinking, Bank of America’s drama embodies the dilemma of the rules-based compliance world we live in—namely, that nobody exercised the leadership to ask, much less answer, the simple question: “If I were a shareholder, would I want to know about this?”

I would want to know. And while Compliance Week’s audience may be full of lawyers and accountants, let’s not kid ourselves: regardless of the law’s specifics, you would too.

That simple, principles-based view of governance is what was missing in the Bank of America debacle. That is why federal judge Jed Rakoff dragged out settlement talks between the bank and the SEC for so long, allowing the settlement to conlude only last week. Shareholders, largely powerless to exercise any control during the meltdown in 2008, wanted some semblance of justice for the merger costs Bank of America leaders forced them to pay. They don’t want dense legal arguments over compliance with the rules; they want simple principles they can understand.

Until corporate leaders understand that and communicate in those simple terms—that is, with a strong tone at the top—expect more fiascos like Bank of America to follow.

*          *          *

And to add a fine coda to this tale, on Friday afternoon Bank of America filed its preliminary proxy statement for 2010. Let’s pluck out a few compensation numbers, remembering that all this was paid out after the Merrill Lynch fiasco closed at the start of 2009 and while the SEC and BofA were sparring with Rakoff in federal court:

• Board director Charles Gifford received $1.78 million in total compensation, including $956,000 worth of aircraft usage, $238,000 in office support, and $293,000 in a tax gross-up for the $956,000 in aircraft use.
• Lewis received a total of $4.21 million in compensation. Wisely, he took no salary or bonus in 2009; $4.18 million of his compensation came from changes in the value of his pension plan, and the rest came largely from $24,000 in financial planning services. (Note to BofA: Quicken Premier is only $89.99.)
• Joe Price, CFO in 2009 and recently re-assigned to run the bank’s consumer banking operations, and who plays a starring role in both the SEC and Cuomo complaints, received $6.12 million in total compensation.
• Chief Risk Officer Gregory Curl, who had been in the running to replace Lewis as CEO, received $10.66 million in total compensation, including $9.3 million in restricted stock. And as everyone on Wall Street already knew, the proxy statement announces that the passed-over Curl will retire at the end of March.
• Brian Moynihan, whom the board ultimately did select to replace Lewis as CEO, earned $6.5 million in total pay last year, including an $800,000 base salary and $5.2 million in restricted stock.

By the way, last year Bank of America cut 6 percent of its workforce, from 302,000 just after the Merrill acquisition to 284,000 by the end of 2009.

Earlier this week I had the privilege of co-hosting an executive roundtable in Atlanta with a dozen ethics and compliance officers, this time with the audit firm Crowe Horwath where the topic was fraud. The discussion was excellent and Compliance Week will have full coverage of it in a newsletter in another week or two, but I do want to share one of our more spirited moments here.

I was curious about the board’s role in monitoring and addressing fraud. In theory, after all, the board sets its tolerance for various types of risk—including fraud—and then executives strive to ensure that the business operates within those boundaries. That implies that boards should be willing to ignore some small frauds to focus on the bigger picture.

So, I asked the CCOs at the forum—is that how it really works?

The answer was a diplomatic but clear “no.” Many boards and audit committees tend to establish a risk tolerance for fraud at zero. Sometimes they do that deliberately; other times they do so by accident, grilling CCOs or internal auditors about every fraud that comes along, and sending the message that they have zero tolerance for fraud. That’s not good, and it’s incumbent on compliance and governance officers to know how to talk board directors out of that attitude.

Roundtable attendees had a few good ideas on that score. One person spoke of how she had a matrix to classify fraud problems by location, management level of fraudster, monetary amount, and so forth. Each element in that matrix carried a certain value, and if the total value was great enough she brought the fraud to the attention of the audit committee. Another executive said he puts an emphasis on “new fraud”—that is, a fraud that happened in some way nobody had seen before, regardless of the dollar amount. That makes a lot of sense, since a new fraud runs the risk of being a control failure, where the next errant employee could run the same scam on a much larger scale. Others said frauds in chronically corrupt nations (that’s a polite way of saying “China”) received priority, or sudden spates of fraud where a flock of immaterial problems could add up to a material headache.

Regardless of the solution that might fit your specific company, I do worry that boards can set an obsessive tone at the top about fraud. The plain truth is that boards can only do so much, and at some point must let executives do their jobs. Part of that job is exercising good judgment on when to bring a matter to the board’s attention—and when to understand that no matter how hard you try to prevent it, sometimes fraud happens.

Yesterday I wrote about executive compensation as a huge part of corporate governance that can sound a terrible tone at the top if handled poorly. Today I want to write about another, often-overlooked part of governance: CEO succession.

We should see some fresh action on CEO succession this proxy season. The Securities and Exchange Commission set the stage for that expanded discussion last fall, when it published a legal opinion paving the way for shareholders to put resolutions about CEO succession into the company proxy statement. Historically, companies had the discretion to omit such questions from the proxy; now they don’t. The first large company to face one of these shareholder resolutions is Whole Foods Market. At its March 8 meeting, shareholders will vote on whether Whole Foods should report on CEO succession annually.

Why am I such a fan of planning for CEO succession? Because it shows that senior management believes survival of the business is more important than the CEO individually—and that demonstrates a strong, ethical tone at the top. It sends employees, customers and investors the message that the company’s leadership (primarily the board) sees the value inherent in the company as something that exists apart from what the CEO wants to do with the company. It sends the message that the company exists beyond that person atop its organizational chart.

Let’s not forget, after all, that employees generally fear that person at the top of the chart. He or she has huge power to influence the worker’s life, because he has the power to eliminate that person’s job, dole out pay raises, assign interesting work, and so forth. Once employees start perceiving the company as little more than apparatus to serve the CEO’s interests, ego and compensation goals, the culture of ethics and compliance that you’re supposed to have is gone. They need to see tangible proof that the leaders view the business as something separate from themselves.

I do wonder sometimes how a governance advocate within the company, regardless of his or her specific title, can prod a reluctant board to develop stronger succession plans. How do you “audit” tone at the top on practical level? How do you then tell senior management that its tone is poor? Is it really the place of the chief compliance officer or chief audit executive to tell the board what steps it should take to rectify the situation? By definition, a company with poor tone at the top won’t take such news well. I wouldn’t want to be the one delivering it.

Much to my surprise, evidence is emerging that companies are hearing the public disgust over bloated compensation. Yes, CEOs and their top lieutenants still earn far too much compared to the average worker, and we’ll continue to see plenty of abuses and piggy behavior for years to come. But I’ve also seen multiple examples of companies reducing the pay packages they are doling out to the brass, especially some of the more odious benefits such as personal use of aircraft or tax gross-ups to cover the cost of the excessive pay a CEO already receives. This is good news.

Genzyme is one company now walking the walk. Last month the biotech business filed a statement outlining substantial reforms to its pay practices, such as pegging more of the top executives’ bonuses to overall corporate performance. Genzyme even invented a nifty new pay metric, “cash-flow return on invested capital;” grossly over-simplified, the CFROI metric should push Genzyme employees to ensure that investments they make will generate the cash flows Genzyme needs to support new products in the company’s pipeline or to make strategic acquisitions. Smart thinking.

Several other companies are doing the same, such as Shell Oil and Eli Lilly & Co. We’ve also seen a flock of studies from compensation consultants lately that have found the overall value of change-in-control agreements are dropping, and fewer companies are offering tax gross-ups to pay any excises taxes that might come due when the CEO decides to collect. (Compliance Week has written about this, but the full article is only available to subscribers.) None of that means victory in the battles to scale back bloated executive pay, but they do suggest a change in the tenor of things.

Ethics and compliance officers walk a somewhat delicate path here. First, compliance officers do have a responsibility to ensure that proxy statements explaining executive pay are in full compliance with Securities and Exchange Commission rules; that can be a complicated task, given the SEC’s new rules requiring even greater detail. But beyond the letter of the law, ethics and compliance officers have a special position where they can (diplomatically) argue for compliance with the spirit of the law—which clearly wants executive compensation to fall from “totally staggering” to “really, really big.”

I have no advice on how you can achieve that at your particular company. But telling your board “everyone else is doing it” has gotten a bit easier this year, and that’s a start.

We’ve got quite a week of compliance and governance news coming up this week, folks. I can’t recall the last time we’ve seen so many different stars in our particular universe align, so perhaps it’s worth drafting a scorecard for the week:

Shareholder activism and disclosure. Remember that investor advisory committee the Securities and Exchange Commission formed last year? Neither did I, so I was pleasantly surprised to see that the committee will hold its third meeting ever on Monday. On the agenda are reports from various sub-committees—including the “Investor as Owner Subcommittee,” which plans to give its views about Regulation Fair Disclosure, as well as reports on plans for environmental, social, and governance disclosure and on financial reform legislation. Hmmm.

Typically the recommendations that these SEC advisory committees make do carry some influence, and SEC Commissioner Luis Aguilar has already hinted that the Commissioner has big ideas for disclosure at least as it pertains to climate change, which is a stone’s throw from the “ESG” disclosure this committee will discuss. So whatever these people are doing is worth watching.

Bank of America smackdown. Sometime this week—possibly as soon as Monday—federal judge Jed Rakoff should make a ruling in the SEC’s proposed enforcement action against Bank of America. I say “should” because at almost every turn, Rakoff has told the SEC to re-check its homework: draw up stronger sanctions against BofA, provide more evidence, and so forth. What was originally a $33 million settlement reached last year was reborn into a $150 million settlement replete with a raft of governance reforms, and should be great fodder for the next season of “Damages.” Probably it will reach a conclusion Monday. Personally I hope not, because it’s the best governance spat going.

Aside from the obvious implications for Bank of America, the rest of the corporate world should watch this settlement to see just how far other parties can push enforcement settlements. The SEC’s new proposal forces governance reforms such as a say-on-pay vote for shareholders, “super-independence” for the board’s compensation committee, and CEO certification that he has reviewed all information in the proxy statement. And the SEC has proposed those reforms because Rakoff told the agency last year to impose stronger sanctions against BofA. If Bank of America becomes an indicator of enforcement actions yet to come, Corporate America could be in for a rough time.

IFRS! IFRS! We pivot back to the SEC for more news on Wednesday, when the commissioners will hold an open meeting to discuss their latest thinking on adopting International Financial Reporting Standards in the United States. The meeting notice is rather cryptic: the SEC will consider ”whether to publish a statement regarding its continued support for a single-set of high-quality globally accepted accounting standards and its ongoing consideration of incorporating IFRS into the financial reporting system for U.S. issuers.” You don’t get much more vague than that.

I suspect the underlying goal will be to dial back expectations that the Commission will move ahead with adoption as originally envisioned in the IFRS roadmap proposed in 2008. That plan called for the Commission to decide in 2011 on whether to require IFRS adoption by 2014, and to allow a select group of large filers to experiment with filing in IFRS as soon as this year. Since then, however, the economy crashed and the SEC has had more pressing issues on its calendar. The select group of large filers who might volunteer to try IFRS conversion never materialized. And the Financial Accounting Standards Board and the International Accounting Standards Board, which keep promising to converge U.S. and international accounting rules by June 2011, still have a huge volume of work in front of them. All that makes speedy progress on IFRS adoption unlikely.

Regulatory reform. Christopher Dodd, chairman of the Senate Banking Committee, may unveil his latest proposal for reforming financial regulation and corporate governance this week. Precisely when this may happen is unknown, but news broke last week that Dodd and the Obama Administration have reached an agreement on creating a “council of regulators” to monitor systemic financial risks rather than one supra-agency. The chairman of the this council would be the treasury secretary, and the vice-chair the head of the Federal Reserve.

Compliance officers should remember several points here. First, a regulator of systemic risk isn’t the major sticking point with the Senate legislation; a consumer financial protection agency is. Dodd’s last proposal died a quick death in November from lack of interest and any hint of Republican support. He has made significant efforts to win support of committee Republicans this time around, but the party as a whole implacably opposes any hint of larger government, which a financial protection agency clearly is. So don’t be surprised if this new bill quickly sinks into the usual Senate quagmire, too.

Second, all this talk of Senate hang-ups over risk regulators still ignores the already-passed House bill, and its provisions to exempt small filers from compliance with Section 404(b) of the Sarbanes-Oxley Act. That 404(b) exemption was not in the first Dodd bill; we’re waiting to see whether it will be in the second one. Either way, reform legislation is still a long, long way from success—and 404(b) compliance goes into effect for small filers on June 15 of this year. As I’ve warned previously, any non-accelerated filer betting that Congress will deliver a permanent 404(b) exemption before that deadline does so at his peril.

For a while now I’ve wanted to start a Compliance Week book club. We get a small but steady stream of books here at CW Central Command examining corporate governance from various angles—some of them quite good, others clearly hitching a brief ride on the governance bandwagon until the fad that propels their pages slips away. Either way, books trying to tackle compliance and governance are a legitimate niche in the best practices and guidance out there, and deserve attention.

So today we’re going to start paying some of that attention. First up is Too Big to Save? by Robert Pozen. (Wiley, November 2009, 480 pps. $29.95)

Pozen attempts nothing less than to diagnose the problems that caused the financial crisis—like, all of them—and propose solutions. Normally I would be skeptical that anyone could do that well, but Pozen has the credentials to try. He’s currently chairman of MFS Investment Management, a $150 billion asset-management firm. He served as economic development secretary for Massachusetts under former Gov. Mitt Romney, and as chairman of the Securities and Exchange Commission’s advisory committee to improve financial reporting in 2007. I also had the opportunity to interview Pozen when he was a keynote speaker at Compliance Week’s annual conference in 2008, and can vouch that whether you agree with him or not, he has a fiercely insightful intellect and practical wisdom worth considering.

That said, this book is not for the timid or unalert reader. The causes of the financial crisis are complex stuff, and Pozen doesn’t shy away from responding with complex prose. He never overwhelms with jargon or bores with irrelevant detail, but the chapters do often feel like passages from the reading comprehension exam on the SAT. They are mentally demanding, but also lucid, straightforward and in plain language. (The chapters also have key points or sentences bold-faced, and a summary at the end recapping main themes. Really, if Pozen had just used high-gloss paper and tripled the price, he could have called it a textbook.) Keep your wits about you and be prepared to re-read complicated points as necessary, and you’ll do just fine.

The first half of the book dissects how the financial crisis occurred, reviewing each contributing weakness in our financial system in turn and then offering ideas on how to fix it. Pozen names all the usual suspects—corrupt mortgage originators, lax regulators, myopic legislators in Congress, shameless credit-rating agencies—but also gives a rich history of how those suspect elements came to be. For example, by everyone knows that the federal government pushed the idea of home ownership to reckless extremes, but how many know that Department of Agriculture tax credits were part of that push? And everyone knows that excessive bank lending introduced terrible risks to our financial system, but how many people know where banks’ capital reserve requirements come from, or why those reserve rules weren’t stronger?

Those questions are the sort Pozen tries to answer (plus many more). He goes beyond simply identifying the culprits that caused our financial crisis, to paint a picture of the policy climate that let those culprits exist and thrive. And remember, that policy climate is what we need to change if we don’t want the world to go through all this again.

Another large portion of the book gives that same analysis to the 2008 bailout of our financial system, and Pozen pulls no punches. He catalogs the long list of programs the Treasury Department and Federal Reserve have concocted to keep the financial system alive, and ultimately dismisses most as flawed efforts that expose the U.S. taxpayer to risks he doesn’t know about and doesn’t deserve. That is not to say Pozen toes the pro-consumer party line; at best, he is a non-partisan critic whose ideas would incense both ends of the political spectrum, which probably means he’s doing something right.

He opposes restoration of the Glass-Steagall Act or anything like it, as well as higher limits on insurance for bank deposits. But he does support more regulation of, say, money market funds (indeed, I read his chapter calling for greater regulation on the exact day the SEC adopted the changes he had advocated), and wants banks to carry contingent reserves to cover surprise loan losses—an idea that would bring scowls from accounting purists since it would allow banks to manage earnings. And while loan securitization has gained a bad name in the last two years, he accepts the bald fact that securitization is vital to our economic prosperity, so we can’t simply dispose of it. Pozen repeatedly demonstrates that his only concern is what works and makes sense, not what is pure or popular.

Only at the end did I find the book start to wear thin, when Pozen shifted gears to talk more about corporate governance challenges in the future and less about financial regulation in the present. Here he sounded all the usual tones, advocating shareholder advisory votes on executive pay and stronger boards of directors, and so forth. He also strove to carve out a middle ground on difficult issues like fair-value accounting or international cooperation to improve the regulatory system—which might be wise, but will not be easy.

Pozen is at his best in the first three-quarters of the book, where he chains together one punishing fact after another about how the financial crisis occurred, giving the reader a precise, vivid understanding of the problem. Then he deftly slips in a few straightforward suggestions about how the system should work, and the reader can’t help but think that this guy is spot-on.

Next

I will try to post a new book review on the third Monday of every month. Next up is Money for Nothing, an indictment of corporate boards by John Gillespie and David Zweig. (Free Press, January 2010, 320 pps. $27.)

Meanwhile, leave your own comments about Too Big to Save here, and feel free to suggest other titles for our Compliance Week book club to me at mkelly@complianceweek.com.

Chief compliance officers may want to re-read that old copy of The Prince and go for the office power grab in 2010. Apparently all the cool kids in corporate governance support you already.

Within the last several months, we’ve seen numerous signs—regulatory settlements, best practices guides, proposed revisions to the U.S. Sentencing Guidelines—that federal regulators and the governance-industrial complex now believe a corporation’s top compliance overseer should report straight to the CEO, if not straight to the board. First was the Justice Department’s settlement with Pfizer Corp. last fall over improper drug marketing. The most interesting part of the deal (other than the $2.3 billion fine) was a lengthy corporate integrity agreement specifying that the chief compliance officer report directly to the CEO and meet with the audit committee of the board at least quarterly. The wording was clear:

“The chief compliance officer shall be a member of senior management of Pfizer, shall report directly to the chief executive officer of Pfizer, shall make periodic (at least quarterly) reports regarding compliance matters directly to the Pfizer audit committee, and shall be authorized to report on such matters to the audit committee at any time. The chief compliance officer shall not be, or be subordinate to, the general counsel or chief financial officer.”

Next came fresh guidance from the Institute of Internal Auditors, calling for a company’s chief audit executive to report functionally to the board of directors and administratively to the CEO; no chief accounting or chief financial officers should block the way. On a mechanical level that may cause some confusion about how an internal auditor can audit the compliance efforts his boss oversees, but the IIA’s broad goal is clear: give audit executives clear access to the top level of the corporation.

Most recent and most significant, however, are the U.S. Sentencing Commission’s proposed revisions to the Federal Sentencing Guidelines. As Compliance Week notes in our latest coverage this week, the Sentencing Commission is pondering whether to allow a company that meets specific criteria to receive credit for having an effective compliance program, even if a high-level executive is involved in the wrongdoing. (Currently, a company in that particular mess cannot.) And the very first criterion the Commission proposes? “The person with operational responsibility for the compliance program reports directly to the board or one of its committees.”

Across all of these developments, the clear intent is to drive home the practical application of everyone’s favorite compliance phrase, “tone at the top.” If you want to demonstrate to regulators, shareholders, auditors and anyone else that your tone at the top is good, giving your compliance point-person complete, unfettered access to the top is part of that tone.

To some extent, Corporate America seems to be embracing that message. Not long ago we saw several polls of chief compliance officers that found a sharp increase in the number of companies appointing a designated, full-time chief ethics and compliance officer—and more companies ensuring that person is only the ethics and compliance officer, with no other title or responsibilities. One of the polls, from the Society of Corporate Compliance and Ethics, also found that 55 percent of respondents said their compliance officer reports directly to the CEO.

Still, I suspect that a majority of CCOs do not report directly to the CEO, let alone directly to the board. And I wonder just how comfortable boards will feel with this arrangement, too; in a world where the board and the CCO have primary responsibility for creating effective compliance programs, the board and the CCO may well have primary blame when a compliance failure occurs. Yes, the offending employee (whether he is a corrupt CEO, an errant plant manager or anyone else) also carries legal liability—but all too often, that person is long gone when his or her misbehavior causes the corporation to crumble, or pays a penalty grossly underwhelming compared to the harm done to the stock price. Regulators, investors and the public will still be standing at the front gate shouting, “Who allowed this to happen?” They’ll be staring at the board, and staring at you.

Heavy is the head that wears the crown, I suppose. But then, anyone who’s read The Prince would know that.