Chief compliance officer reporting to the appropriate board of director’s compliance committee has to be structured carefully to promote ethics and compliance.
Here are The Man From FCPA’s five best practices that should guide the reporting:
Quarterly Reports — The CCO should report in person to the compliance committee every quarter. If the CCO submits a written report and does not appear before the compliance committee, the failure to appear before the committee reflects a defective relationship. The quarterly report is critical for both the CCO and the committee to hear about compliance performance and challenges.
Executive Session – Every quarterly report should be concluded with an executive session where the CCO and the compliance committee can have a frank discussion on any potential issues. It is a valuable opportunity to raise important issues. An executive session demonstrates that the CCO is independent and empowered within the organization, and reinforces the CCO’s direct access to the board, if necessary.
Sitting in on Other Reports – The CCO should sit in the committee meeting when other important officers report to the compliance committee. For example, the CCO should attend the presentations by the internal auditor, general counsel, and the chief financial officer. The CCO has a macro view of the company and needs to be informed as to issues in other areas that may be significant and have compliance implications.
Informal Relationship – A CCO should actively maintain an ongoing informal relationship with the chair of the compliance committee. A CCO has to have the ability to pick up the phone and call to chair to discuss issues that may arise. A weekly meeting for coffee or a meal is important to develop and maintain the relationship.
Annual Report to Full Board – A CCO should report to the full board once a year. The compliance committee quarterly reports are important, but the full board needs to hear about the challenges and risks facing the company, as well as improvements needed for the ethics and compliance program.