The Compliance Week 2012 conference is now part of history, and we had a fantastic three days of panel discussions, keynote addresses, product demonstrations and case studies. More than 450 people attended, and you can read plenty of coverage of the event in this week's newsletter and our print magazine arriving on your desks in July.
One of the most informative conversations I had, however, happened at a private breakfast with a half-dozen chief compliance officers from various large companies in the United States and abroad. The subject: where good compliance officers come from.
Nothing should be more pressing for chief compliance officers. Consider that the Labor Department expects the number of compliance jobs to jump at least 15 percent by 2020, while the Society of Corporate Compliance & Ethics found that 60 percent of compliance officers have considered quitting in the last 12 months due to job-related stress and frustration. Put those two trends together, and you have the recipe for a dire shortage of skilled labor in coming years—labor that you, the chief compliance, audit, or risk officer, will be looking to hire.
So I asked these half-dozen conference attendees to sit down with me over breakfast and explain why workforce development is such a challenge for this field.
The problem has its roots in two fundamental tensions, they told me. First is the lack of any sweeping, cross-industry standards for compliance professionals. Lawyers need an advanced degree from a law school and a license from the local bar association—but once they have them, the legal tasks most companies face (lawsuits, investigations, document preparation) are largely the same from one company to another. Accountants need a degree in accounting and a license from the state accounting board—but once they have those, the financial reporting tasks they face are largely the same as well.
Compliance officers need, well, nothing, as far as professional certification goes. And the tasks they do on a daily basis can be as diverse as the types of businesses living under the sun. After all, regulators foremost want you simply to meet your regulatory compliance burdens; the details on how you get that done are your concern, not theirs.
That leaves chief compliance officers stuck. An ideal solution, someone at the breakfast said, would be a “professionalized” discipline of compliance, where workers could transit from one company to another more easily. The reality, however, is a discipline so company-specific that each compliance officer must be “home-grown” to understand the company's unique problems, processes, and resources. That takes time and money, and leaves companies struggling to keep pace with new risks and regulation.
The second tension is equally frustrating: that regulators, for all their talk to the contrary, really do have certain expectations about how compliance functions should look and feel—and that can affect how you structure your compliance operations, in ways that might not necessarily make sense for your business.
For example, Procter & Gamble famously has no chief compliance officer. Rather, as CEO Robert McDonald explained at our conference last week, the company has a compliance function overseen by several high-level executives who form a compliance committee, with McDonald himself as the chairman. At lower levels, P&G employees rotate into the ethics & compliance function for a few years, and then rotate out to other parts of the enterprise—all so they can be ambassadors preaching the gospel of ethics, compliance, and the “Procter & Gamble way” to the entire organization.
That makes a lot of sense. Regulators talk about wanting to see a “culture of compliance” all the time, and this is how you can achieve that: by instructing a cadre of executives at the central headquarters on the company's principles, and then dispersing them throughout the organization. In other words, compliance is a phase of your career that you go through.
In the real world, however, regulators want to talk with compliance officers who see the job as something you arrive at. You spend a few years in the legal or accounting department, maybe you've dabbled in HR management, or perhaps you're an internal auditor—however it happens, you somehow find yourself working in compliance. Then you stay there, and 10 years later you're the chief compliance officer for your organization, hiring and cultivating a line of junior officers behind you. That's the type of compliance function regulators want to see.
From a regulator's perspective, that makes a lot of sense too. When you have a nasty issue crop up—let's say a bribery investigation that spans multiple countries over multiple years—the Justice Department does not want to see a steady stream of compliance executives rotating in and out of the function; it wants to see a steady hand at the rudder, someone with enough authority and independence to take the investigation wherever it may need to go.
How can chief compliance officers reconcile those two views? Not easily, according to the half-dozen I met over breakfast last week. One made a compelling argument that the P&G approach of “distributed compliance” achieves the spirit of effective compliance that we all want to see. Another praised that person's argument, and then pierced it with a simple: “I need a strong, clear chief compliance officer role, because it won't pass muster with regulators otherwise. It just won't.”
Our breakfast ended inconclusively, and Compliance Week plans to revisit this issue of workforce development for compliance officers much more often in the future. Because, as the above tensions show, even just shaping the career path of compliance officers is—like everything else in this business—fraught with ambiguity.