Planning for the Compliance Week 2015 conference is well underway—and we’re particularly excited for next year’s event, because it will be our 10th anniversary of holding one of the best conferences available for compliance, audit, and risk professionals.
Hitting that 10-year milestone has put us in a reflective mood here at Compliance Week. So as we put together the agenda for our 2015 conference, we’ve been asking ourselves: Which problems in this profession seem to be unsolvable? What makes them so hard? To my thinking, the five most intractable issues compliance, audit, and risk officers face are these:
How can you maintain a healthy working relationship with your external audit firm, where they can perform a rigorous audit, yet not exhaust you with demands for testing and evidence and ever-higher audit fees?
How can you monitor third parties acting on your behalf, to ensure they follow your standards of good conduct?
How can you secure the proper resources from the CEO and board for a robust compliance program, and the proper respect from other senior business executives so the program actually works?
How can you collect all the data you need from today’s complex, extended enterprise, and then normalize all that information in a way that lets you see the risks you need to know about?
How can you communicate to employees that they must appreciate and support the compliance program’s goals, so your company can achieve that Shangri-La of a strong ethical culture?
In one form or another, all those issues were included in our very first Compliance Week conference back in 2006. We will still have them on our agenda for our 2015 conference next spring. I suspect we’ll still be talking about them at our 20th anniversary conference in 2025. Why?
Part of the challenge, of course, comes from the huge advances in technology that have allowed businesses to do more things, and to do them more efficiently—because once you can do something more efficiently, it’s only a matter of time before “the market” compels you to do something more efficiently. Hence the quest to develop new products, to reach new customers, to launch new mergers, to enter new markets—more than we could ever dream of 50 years ago. All of those things bring new risks, and new ways to manage them.
But that only explains the first four points above. We still have the matter of that last question, about reaching, and winning over, employees.
One of the speakers at our first conference in 2006 was Patrick Gnazzo, then the chief compliance officer at CA, and hired to clean up a huge fraud at CA in the early 2000s that sent its then-CEO to prison. What went wrong at CA? “Well,” Gnazzo quipped, “apparently CA had the unique distinction that we employ actual human beings.”
And there’s the rub, the deepest challenge for compliance officers: How can you instill a sense of pride and discipline in the human beings at your company, so they want to work ethically and drive a terrifically strong culture? Compliance officers have one strong card to play, that people inherently want to be good. On the other hand, the market’s drive for efficiency and profits can treat human beings pretty brutally sometimes. CCOs buffet back and forth between those two forces. You did in 2006, you do today, and you will in the future.
Then again, that’s what makes the job an adventure, right?