The steady stream of reports regarding corporate misconduct raises many questions, not least of which is how boards of directors seem so oblivious and negligent in their fiduciary and oversight responsibilities.

The days of board members holding a largely ceremonial position are long gone. In the modern business world, director responsibilities have evolved far beyond business unit concerns and the fight for ever-increasing profitability to include being a “good company” that is in regulatory compliance.

Amid growing board responsibilities, and as a key member of the risk mitigation team, the chief compliance officer’s visibility and influence at the board level has never been more crucial.

A session at the recent Compliance Week 2017 conference in Washington D.C. looked at ways compliance officers can clearly and effectively communicate the issues that keep them up at night to directors.

When does information need to go to the board? How does the chief compliance officer best keep directors informed and active in order to meet their fiduciary duty and, in the event of a problem, assure federal agencies that they are executing appropriate oversight?

Those were among the questions posed by Brett Ingerman, a partner at global law firm DLA Piper.

“In the word of chief compliance officers, you really need to assess the compliance background of the people who sit on your board,” said Suzanne Rich Folsom, general counsel, chief compliance officer, and senior vice president of government affairs at U.S. Steel.

In her experience, companies and their boards fall into a particular groove. “Some will embrace what you want to share with them, others may not think it is important to have the volume of comprehensive information that the CCO needs to have,” she said.

Folsom’s advice: Assess each board member and “figure out how you are going to make sure that you approach them and bring them around, especially for those who may not have a familiarity on understanding as to the level of compliance reporting you need to share.” Additional training for directors may be needed.

George Mitchell retired from the Senate and as Senate Majority Leader in 1995. Since then, he has served as a board member for numerous companies and has seen “a “dramatic change in attitude” over the years when it comes to being involved in compliance discussions.

Those discussions, once largely ignored, have become increasingly robust. While compliance was once seen as “not an integral part of the business,” it is now viewed “as just as much an integral part of the business as production, marketing, and sales.”

“The most significant factor has been the gradual but substantial change in tone at the top,” Mitchell said. Business managers at all levels are looking to top-level leadership for guidance and establishing the character of the enterprise.

“It has been, in some cases, a difficult journey to change old habits and to get them thinking about compliance,” he added. An attitudinal incentive is the speed by which social media can spread ill-serving reports of corporate malfeasance.

“Reputation can take years to build, but with a single incident, in an instant, it can be destroyed,” Mitchell said. “That means compliance is more essential than ever before as the pace of change accelerates.”

Board members, he explains, must regard compliance “as essential to the reputation and business practices of the organization.”

“In the word of chief compliance officers, you really need to assess the compliance background of the people who sit on your board.”
Suzanne Rich Folsom, CCO, U.S. Steel

Meanwhile, Folsom noted that the board relationships crucial to a CCO’s success need to be cemented early on. “If you are being interviewed to be the CCO of an organization—whether it is a standalone position or under general counsel—and they don’t offer you the opportunity to meet the board member who is responsible for the committee compliance reports to, whether it is audit or a standalone governance and regulatory compliance committee, that should raise a red flag,” Folsom said.

“You should ask to meet with the chairman of that committee, then you will be able to ask questions and really get a sense of the true commitment of the board to compliance within that company,” she added.

But convincing the board to provide additional resources to really invest in a compliance program, instead of just giving it lip service to satisfy the notion of good “tone from the top” is also important, Ingerman said.

To make his point further, Ingerman referenced a recent evaluation of corporate compliance programs released by the Department of Justice. He noted that board oversight is a part of that checklist and that the Department of Justice will ask difficult questions if they come calling about your compliance program.”

“Are there executive sessions or private meetings between the CCO and the chair of the audit committee, the chair of the regulatory risk committee, or the chairman of the board for that matter?” Ingerman asked. “What access does the CCO have to the board of directors? Is the board being trained on not only the high risks, but the program itself?”

Among the most fascinating things to develop during the past 12 months, Ingerman cited responses from his firm’s clients “about how they convince their boards to invest in the compliance program.”

“For years, we have been scaring our boards. ‘One bad mistake and the share price will drop and the reputation will disappear, and decades of goodwill will evaporate,’ ” he said. “That’s all true, but those are ‘it will never happen to me’ moments for your board. One thing we are seeing, particularly with global clients, is that having a robust, U.S.-based compliance program actually gives them a market advantage.”

International companies accessing U.S. capital markets, and perhaps even European capital markets, “are going to those financial institutions and laying out their U.S.-based compliance program,” he said. “They view it as a competitive advantage. Some say they are getting better rates on their financing, and more options.”

Rather than the traditional scare tactics deployed by CCOs, they can more easily show that there is a “market advantage and business justifications for investing in a robust compliance program,” Ingerman said.

Mitchell, however, raised the dilemma inherent in that approach. Globally, “actions that are plainly illegal, or at least suspect, in this country are widely accepted.” Multinational corporations will face ethical challenges.

“The American market is so big for most of them that they have to do business here,” he added, speaking of many multinationals. “They don’t like the notion of having to comply with American standards of what is ethical. It imposes upon them the burden of establishing that standard around the world if they want to have a uniform standard of ethical practices and legal compliance.

“It is a special burden to make sure companies are aware of implementations in regions where what we consider inappropriate is customary and longstanding. You need to do it in a way that is effective and appropriate and yet not insulting or condescending to those who have been brought up in a different way.”

Folsom said that “one size does not fit all” when it comes to determining reporting lines for the CCO. She is both general counsel and CCO, a combined role that federal regulators frown upon and excoriate in deferred prosecution agreements. More important, however, are the characteristics a CCO possesses: honesty, integrity, and courage.

“You can be a bright person and you can put in place a great compliance program that is doing all the right things, but if you don’t have the courage to speak up, whether it is for resources or when there is something challenging that management doesn’t want to raise to the board,” she said. “Sometimes the board doesn’t want to listen to what you have to say. You need to have the courage to do the right thing. You need to walk into the role with integrity and the highest ethical standards.”

When communicating to the board, Mitchell said, “you need to be innovative, devise the right message, and keep the message fresh.”

Mitchell worked with DLA Piper’s Ingerman on an independent investigation into alleged illegal use of steroids and other performance-enhancing substances in Major League Baseball. He recalled seeing, prominently displayed in locker rooms, signs that warned against gambling. The problem: Over time the ethical warnings faded into the background.

“The first year, signs went up and everybody read them. Then they were forgotten,” he said. The lesson for CCOS is to constantly refresh their message and find creative ways to bring issues to peoples’ attention. Otherwise, all that breakroom signage devolves into ineffectiveness.

Folsom stressed the importance of understanding each director’s expertise, background, and priorities. “If there is a compliance issue somewhere in the world at another company, and you know a board member has an interest in that industry or worked in a particular country, I’ll send that article to them to see if they might find it of interest. That is really helpful in piquing their interest and creating an additional opportunity for a dialogue.”