When Forrest Deegan first joined clothing retailer Abercrombie & Fitch Co. in 2012 as its first-ever director of compliance, he never could have imagined the many unexpected twists and turns that would come his way.

Deegan is a lawyer by training. Earlier in his career, he worked as an associate in the D.C. office of law firm Arnold & Porter, where he found himself almost exclusively working with corporate clients, helping them strategize and develop their compliance and training programs. Loving that work, he knew he had found his new calling.

Deegan would join A&F at a transformational time in the company’s 126-year history. Founded in 1892 by David Abercrombie as a hunting and fishing equipment store, the brand was eventually renamed Abercrombie & Fitch in 1904 to reflect the name of its co-founder, Ezra Fitch. A&F would continue to expand its stores throughout the years, creating the Hollister brand in 2000, but remained a U.S. retailer for most of its existence. Today, A&F has nearly 900 stores in 20 countries across the world and is 40,000 associates strong.

You were hired at A&F in 2012 as its first-ever director of compliance, but things didn’t exactly go as planned at the start. Tell me about that.

About Forrest Deegan


Title:  Chief Ethics and Compliance Officer, Abercrombie & Fitch Co.


About Abercrombie & Fitch:  Global retail company A&F has 886 stores and approximately 40,000 associates worldwide. Its fiscal year 2017 revenue was $3.4 billion.


Location: New Albany, Ohio


Years of experience: 10+


Areas of expertise:  Anti-bribery, anti-corruption, building and leading a global ethics and compliance program


Quote: “Whenever you find in-house compliance folks, you will find people who are passionate about their work and eager to learn from others. We are, in a sense, all in it together.”

Originally, my focus was to be on compliance related to anti-bribery and anti-corruption, but an unexpected departure during my first weeks resulted in my serving as the main in-house lawyer on A&F’s first joint venture in 2013 and then on its first franchise in 2014. Up until 2014, A&F had directly owned all its stores, including all its international stores, which was very different from many other retailers. 

So, when I arrived at A&F, instead of focusing exclusively on building an anti-corruption program, my first two years at the company were a crash course in learning about A&F’s business and then incorporating a franchise strategy, which gave me the opportunity to learn more about the company and be a service to the teams in helping build out these new business structures.

How did serving as A&F’s deal lawyer at the start help you in your current role?

The two biggest benefits from that experience were getting a holistic perspective of the company’s operations and gaining a measure of internal credibility with business functions that were unaccustomed to working with legal and who’d never known a corporate compliance officer. Both those benefits really helped me when we looked to expand the concept of corporate compliance at A&F beyond anti-corruption to a more overarching role.

During that timeframe, when we were working on that first franchise, A&F hired its current general counsel, Robert Bostrom. After the franchise work was done, and with Bob’s leadership and the support of the board and management, we embarked on developing our corporate compliance program.

How was the compliance program at A&F structured?

Our approach to building the program was two-fold. First, we took a very purposeful and risk-based approach to determine our oversight priorities. Second, we sought to leverage existing compliance expertise as we structured the program.

Our team is lean, but we have support in our Ohio office and our office in Shanghai. We also have co-reports that are embedded within the business. Some of those co-reports are embedded compliance officers who own existing functional compliance programs, such as trade compliance, sustainability, merchandise regulatory, and our stores’ health and safety team. The other co-reports are members of the compliance support network and are based in functions that support our work more generally.  These are teams that do not have compliance in their job title—such as asset protection, IT, and procurement—but where they serve as quarterbacks for how their functions support our corporate compliance work.

For the embedded compliance officers, the focus is on standardizing and enhancing their documentation to ensure that its tracked consistently and that any issues are escalated, resolved and reported. With the compliance support network, the idea is to help organize and prioritize the compliance work that is happening across those functions. Our IT function, for example, has both systems expertise and subject matter expertise. When you’re tackling a topic like third-party risk management, you need access to both types of expertise, because not only do you need to understand and address the potential info sec risks for our third parties, but also understand and update the IT systems that our third parties touch from selection through contract through payment.

Both types of co-reports have really benefited from this risk-based approach that builds upon our existing strengths. Another benefit to my time at A&F has been working closely with cross-functional teams; the culture here supports collaboration, and these teams enjoy working cross-functionally, while learning from others, and we’ve seen a growing appetite from them to support larger projects.

What were the challenges of standardizing A&F’s approach to compliance across different functional groups?

Creating a corporate compliance program at a retailer requires a great deal of internal buy-in and collaboration. Because you don’t have a central pillar of command or “highly regulated” mandate to your work, you sometimes need to work harder to make your case and prove your worth. I call it creative persistence.

How do you envision A&F’s compliance program progressing?

Through the compliance charter established last year, the compliance program has a mandate from the board to take the work we’ve done from pencil to pen. The mandate we have from the board is three-fold:

The first mandate is ensuring that we’re telling our story by continuing to improve our reporting across all areas with analytics, so that the right information is getting to the right people, whether they’re in the field or at our home office. The leadership approach to enterprise risk has also changed. They, too, see the benefit in breaking down those siloes and getting the right information to the right people. It’s been a collective effort internally to take a more holistic approach to how we look at and support our customers, our associates, and our business. The way we do that has fundamentally changed.

The second mandate is around training and policy development and enhancements. The code of conduct is a great example of that. Our current code is a more reader-friendly, in comparison to the old code. It was a document that existed because it had to exist. We rewrote the code to be more accessible for the audience and organized it around our core values.  We’ve also made it user-friendly, with relevant examples and actionable guidance. We’re taking this user-friendly approach to all of our policy development and training. You’ve got to meet people where they are if you want to move the needle.

The third mandate has to do with culture. At A&F, people are very passionate about the brands they work on and the work that they do. The key is to tie the corporate compliance initiatives to that passion—why people work at A&F.  People are proud to work at A&F, and our role is to help provide the tools to our associates so we can protect our brands. It’s that idea of continuing that path of ensuring we’re instilling concepts of transparency and accountability throughout, making sure everyone understands that we all have a role to play. I want everyone to be able to answer the question ‘What is my role in protecting the company and promoting our values as a brand?”

We hosted a work-team based “Compliance Trivia” event on campus and the response was amazing: We had more than 200 associates attend and participate in their work teams. It was a fun and engaging way for people to learn more about our compliance program and policies with their colleagues.

What other initiatives have you been working on?

In the past year, we’ve also started a legal compliance and compliance design internship program. I was overwhelmed by the number of applications for the legal compliance internship. It took me 10 years to get in-house to do this stuff full time and it took my last hires 5 years to get in-house. The fact that my next hire could be straight out of school reflects just how quickly the concept of corporate compliance has developed and how dynamic this field is right now.

The growing scope and reach of our program is also what led to our compliance design internship, which helps us translate our compliance deliverables into accessible and actionable content that helps drive understanding and engagement. The next logical step is expanding the internship program to include instructional design; that’s my goal for next year.

Since we started our compliance internship program, I’ve had the opportunity to meet and work with several university chief compliance officers, including those at the University of Texas at Austin and The Ohio State University, and have started collaborating with them on developing a pipeline of future compliance talent. Both schools have taken notice of this evolving career path and what it means for their students and their curricula. I’m passionate about engaging with universities because the more that students learn about the concepts of compliance and integrity and how they intersect with all types of business, the better equipped they’ll be to support our overall compliance efforts regardless of where they end up.

What has been one of the most rewarding things about being in the compliance profession?

I’ve grown into this role during a fascinating time in retail. One of my favorite things about being in-house is the incredible camaraderie I’ve found with other in-house compliance professionals.  I am a founding member of the East Coast Retail Compliance Roundtable (E-CR2), which consists of in-house retail folks. Abercrombie & Fitch Co., Under Armour, L Brands, J. Crew, and Marc Jacobs are all founding members.  We get together twice a year at each other’s headquarters to talk about our programs and the compliance issues most relevant to us. I am also on the Leadership Team for RILA’s Compliance Counsel, whose biannual meetings in D.C. are a highlight of my year.

Whenever I travel for work, I seek to gather local compliance professionals together, organizing events in the past year in Boston, Shanghai, and Austin. What I always find remarkable is how easy this is to do, to connect with the compliance community. In Shanghai, for example, we pulled together a forum with 20 locally based counsel for international companies on just two weeks’ notice. Wherever you find in-house compliance folks, you will find people who are passionate about their work and eager to learn from others. As corporate compliance expectations grow and evolve, we are, in a sense, all in it together. We are all trying to figure out what works and what doesn’t work, together. We’re on the same journey.