Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.

Get updates on Compliance Week offerings, including new features, databases, research, and other resources, along with announcements of upcoming Webcasts, conferences, seminars, CPE/CLE opportunities and more.

Published every Thursday, Compliance Week Europe offers a condensed summary of risk, audit, and compliance news either originating in Europe, or of special interest to European compliance professionals. This newsletter will follow developments by the European Commission, as well as those of national governments across the region, or any U.S.-based news that might have consequence across the Atlantic. Frequency: weekly; Thursday a.m.

A fresh edition of Compliance Week delivered via e-mail and online every Tuesday morning, relentlessly focused on the disclosure, reporting and compliance requirements of our 25,000+ paying subscribers.

Published every Friday, Compliance Weekend was launched at the behest of subscribers, and offers a quick Plain English review of the week's key developments. We hope you enjoy this supplement to Compliance Week's Tuesday edition.

Walmart Outlines Compliance Reforms (Part I)

Matt Kelly | April 23, 2014

For more than a year, the compliance community has wondered exactly how Walmart would revamp its ethics & compliance operations to recover from the black eye the company received when news broke of extensive bribery activity in Latin America and elsewhere.

Well, now we're getting some answers.

This week Walmart filed its annual proxy statement, and included a “Global Compliance Program Report” giving a detailed review of its compliance reforms so far. The man making those reforms is Jay Jorgensen, Walmart's global chief compliance officer. Jorgensen took the job 15 months ago with the task of rebuilding Walmart's compliance program, and rebuild he did. Jorgensen sat down with me for an interview on Tuesday and outlined what he's been doing. (He'll also be speaking at our Compliance Week 2014 conference next month, if you want to hear the tale straight from the source and ask him about it.)

First, Jorgensen had to create a new, centralized structure for Walmart's compliance operations that answered to him at central command in Bentonville, Ark. Unto itself, that wasn't a hard conclusion to reach—locally focused compliance operations, subordinate to the wants of local business units, were what got Walmart into trouble in the first place. On the other hand, Walmart is an enormous operation sprawled around the world: 2.2 million employees, approaching $500 billion in annual revenue, a mammoth e-commerce operation, thousands of stores in more than a dozen countries.

“If you're doing business worldwide, by definition you can't share compliance values everywhere in the world, because everywhere in the world has slightly different compliance values,” Jorgensen said. Still, he had build something that gave him a global view into compliance activity and let him send out consistent compliance goals and missions out to all corners, while letting local markets respect local culture and values.

So Jorgensen's big decision No. 1: split compliance and legal into separate departments. Previously, each country where Walmart does business had its own chief compliance officer, who usually was also the general counsel, and that person reported into the local country's CEO.

Now each market (Walmart has a 12 major ones) has its own country CCO, who is not the general counsel. That person sits with the country CEO, and serves on the local executive management committee, but he reports into one of three regional chief compliance officers for Walmart's main overseas divisions: Latin America, Asia, and EMEA. The three overseas regional CCOs report into a new position: the international chief compliance officer. That person is Daniel Trujillo, a great guy who previously headed compliance at Schlumberger and has extensive experience in Latin America, the heart of its bribery problems. Trujillo then reports to Jorgensen, along with the U.S. chief compliance officer. (Walmart's e-commerce operations, based in San Bruno, Calif., has its own chief compliance officer as well.)

Jorgensen knows the compliance community debates whether compliance should or should not be part of the legal department. He comes down squarely on the latter. “The chief compliance officer can't be buried in the organization. She can't be wearing half a hat,” he said. “They need to be independent, senior executives, who all report back into Bentonville.”

Jorgensen cloned that staffing approach with his anti-corruption team: country leaders, reporting to regional leaders, reporting a global anti-corruption leader, reporting into Walmart central command. He also has a vice president of sourcing, who is in charge of ethical conduct among Walmart's suppliers.

“So the whole structure is worldwide and reports back into Bentonville,” he said, “yet the Chilean [compliance director] is still a Chilean, for example … and you still have that local tie.”

OK, revitalized compliance structure in place. Next up, the company had to decide exactly what that group would do, and find the people who knew how to do it.

Jorgensen worked on two fronts. With his new compliance leaders, he could review exactly what tasks each one believed were important for his or her country. Opinions varied greatly: one country listed only six core missions; another had 22. Meanwhile, he worked with Walmart's senior leaders in Arkansas to decide what the company wanted its compliance responsibilities to be, across the whole enterprise.

The most important soul-searching happened during a week-long discussion among senior executives, kicked off by then-CEO Mike Duke. (Duke stepped down as CEO in February.) And let's be honest, a scandal like Walmart's Mexican bribery allegations is a wonderful way to focus the corporate mind. Duke told all senior leaders that the company needed global consistency in how it approaches compliance. “Without that consistency, we can't take it to the next level,” Jorgensen said.  

Ultimately the company decided on 14 core responsibilities for the compliance department. Most were pretty standard: anti-trust, anti-corruption, anti-money laundering, labor, environment, privacy, food safety, licenses & permits (very problematic for Walmart before) and so forth. Not everything originally considered made it onto the final list. Tax, Jorgensen said, was one example where the company decided its tax compliance team worked well enough already, and remained separate.

With that mission statement from the Bentonville senior team, and the centralized structure to reach across Walmart's global operations, Jorgensen could then scout subject matter experts for those 14 responsibilities. The company now has a worldwide SME for each (with “PhD-level” expertise, Jorgensen said), and each market has the best SME it can find locally, plus access to that global expert.

In total, either through new hires or re-assigning existing Walmart staff, the company now has about 2,000 people working in compliance, he said. The cost to Walmart so far has been north of $100 million on new personnel and financial controls alone—plus more spending to come, and all of that is separate from the ongoing costs of the Foreign Corrupt Practices Act investigation. That probe has now cost the company $500 million.

That's one part of Walmart's reform mission: staffing and structure. On Friday I'll follow up with the rest of my interview, where Jorgensen discussed that fabled goal of tying executive pay to compliance objectives.