Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

This is subscriber-only content, you are viewing with temporary unrestricted access. For full access, begin your free, no obligation 5-day trial.

Why Compliance Reporting to GC Still Exists

Jaclyn Jaeger | February 25, 2014

Enforcement agencies have been pushing companies for years now to separate their legal and compliance roles—and that idea sounds great in theory. The reality, however, is that ethics and compliance issues still rest heavily on the shoulders of general counsel.

So says the Association of Corporate Counsel's annual chief legal officer survey, where compliance and ethics issues ranked as the top concern among 88 percent of 1,200 legal executives polled. That finding is in line with last year's survey, in which 87 percent of respondents ranked ethics and compliance issues as their top concern.

“We find that ethics and compliance issues are weighing heavily not only on the minds of chief legal officers, but also boards of directors and senior management around the world,” says Veta Richardson, president and CEO of the ACC.

The intensified focus on ethics and compliance issues has a great deal to do with an unforgiving regulatory and enforcement environment, “which is, of course, causing concerns at the board level, which flows down through the organization,” says Gregory Cannon, associate general counsel and chief compliance officer at CSG International, a business support solutions and services company.

Cannon is hardly alone. In the ACC survey, 83 percent of in-house counsel ranked regulatory and legislative changes as the second-highest overall concern after ethics and compliance issues. Information privacy ranked as their third biggest worry, at 79 percent.

At a global company such as CSG International, which operates in 35 countries with more than 3,500 employees, the legal team helps to identify potential risks with respect to business transactions, develop policies, ensure conformance to company policy in business dealings, and provide legal advice on compliance with specific laws and regulations, Cannon says. “Both groups have a significant responsibility to mitigate risks potentially impacting the corporation and work very well together to perform that important function,” he says.

TE Connectivity, a maker of electronic connectors, components and systems, is another company in which legal works in close partnership with senior management. “The value we add arises out of our close understanding of the business operations,” says Christine Stickler, assistant general counsel and chief ethics and compliance officer at TE. “We can proactively address risk and offer solutions to ensure compliance with all policies, law, and regulation and protect the top-line growth so that the business can deliver superior results for our shareholders.”

When asked to rank business issues according to the priorities of their law departments for the coming year, “staying aware of company business activities that may have legal implications” ranked as the top priority. “Every general counsel has, right in the heart of their responsibilities, the responsibility for compliance,” says Tom Bishop, general counsel, corporate secretary, and chief compliance officer at Georgia Power Co.

Aside from regulatory and enforcement matters, legal often plays an important role in other areas as well. At financial transaction processing and settlement company Airlines Reporting Corp., for example, “legal, with input from HR, drafts all compliance policies with an HR-bent; drafts all policies of a general legal nature; and consults with security on policies in that area,” says Kathleen O'Neill, general counsel and chief compliance officer at ARC.

Those responsibilities are in addition to legal's other roles of keeping the company up-to-date on changes in the law, and supervising compliance training, “other than security which is shepherded by the security staff,” says O'Neill. 

According to the ACC survey, top priorities identified by in-house counsel included “staying up-to-date and well informed on changes in law,” which moved up in importance since last year and now ranks equally as important as “keeping management apprised of legal developments.”

Reporting Structures

Even though the U.S. Sentencing Guidelines—along with an abundance of corporate integrity agreements from numerous federal agencies—explicitly encourage chief compliance officers to report directly to the board, not all companies are hurrying to achieve that transition. “I'm not sure one size will ever fit all,” Bishop says.

“We find that ethics and compliance issues are weighing heavily not only on the minds of chief legal officers, but also boards of directors and senior management around the world.”

—Veta Richardson,
President and CEO,
Association of Corporate Counsel

According to the ACC survey, 36 percent said the compliance function reports into legal, while 30 percent report to the CEO and 29 percent report to the board of directors. And only 17 percent of respondents indicated the compliance functions have been centralized within the role of a chief compliance officer.

In many companies, separating the legal and compliance roles just isn't practical.  “In many cases, it's simply due to the size of an organization and the need to maximize resources,” Cannon says. “In other cases, it could be a strong need for a general counsel to have full control over an organization's risk universe.”

At a small, privately held company such as ARC, “a full-time compliance staff is hard to justify,” O'Neill says. “So, as general counsel, I also serve as CCO and make use of the legal staff and others for training support, among other things.”

Other companies, such as CSG International, have a hybrid legal and compliance function. “As chief compliance officer for CSG International, I report to the audit committee of the board,” Cannon says. “As an associate general counsel in the legal department, primarily working on securities and corporate secretarial matters, I report to our general counsel.”

That reporting structure works well for CSG, Cannon says, because “as a relatively small public corporation, we have to make the best use of limited resources, and there's a natural synergy between legal and compliance in that both groups have risk mitigation as one of their primary functions.”

To make use of the company's limited resources, the legal, finance, and HR staff for their respective geographical regions act as “compliance deputies,” explains Cannon. “We work closely with those folks to answer questions, research compliance laws and regulations, and perform investigations as required.”

What's Keeping CLOs Up at Night?

The chart below from the ACC asked chief legal officers to rate past and future issues for the next 12 months and the past 12 months as extremely important, important, or somewhat important.

Source: ACC.

TE Connectivity operates in a similar vein. Both the commercial and compliance teams report to the general counsel “and are closely aligned to support our company's strategic objectives,” Stickler says.

The company has a team of compliance counsel in the Americas, EMEA, and Asia-Pacific, who oversee ethics and compliance matters within their respective regions, working with local compliance counsel and compliance managers, Stickler says. “As a team, we work together to implement the company's global compliance programs while supporting the growth of our business organizations.”

Limited resources aside, many corporate lawyers say benefits can be gained from the compliance and legal functions being combined. “My concern would be if you separate them, you run the risk of diluting one message, or the other,” Bishop says. “I think the business benefits from having a strong focus on both.”

Stickler agrees. By having the general counsel and the chief ethics and compliance officer working together as a leadership team, “we can better understand the compliance risks to the business and tailor the compliance program to increase its effectiveness and utility,” she says.

“Each organization is really different and evolves at a different pace, depending on its unique culture, business priorities, and risk factors,” Cannon says. “The key is finding the model that provides the best opportunity and support for compliance to be successful in the organization.”

Order a Reprint