In my third year assembling a list of standout ethics and compliance moments, I’ve learned the best place to find inspiration is in our annual assessment of ethics and compliance failures.

What better way to determine the impact of compliance at a company than to take a close look at how it responds to adversity? This year’s list features no shortage of head-scratching representatives at quick glance, but each choice has its merits.

Here are five compliance-oriented triumphs that encouraged us in 2021:

Meta Platforms

Meta logo

The company formerly known as Facebook has no business being on a list of compliance winners, but there’s no denying the positive impact its naming its first chief compliance officer could have for the profession.

Henry Moniz was appointed to the position in January—a move at least a decade overdue, since Facebook went public in May 2012. Moniz, the former CCO at ViacomCBS, reports to Meta General Counsel Jen Newstead, with a dotted line to the audit and risk oversight committee of the board of directors.

His tenure in the role is not off to the best start, with Meta’s dirty laundry exposed by whistleblower Frances Haugen during Senate testimony in October, but Moniz’s credentials indicate he’s more than up to the task. His success will likely depend on the buy-in he receives from CEO Mark Zuckerberg, who should be empowering him at all costs at this rate.

Doing so could only help the embattled tech giant—in addition to raising the profile of compliance as a difference-maker.


Colonial Pipeline

Colonial Pipeline logo

Companies can prepare for how to respond to a ransomware attack, but nothing can simulate the panic that sets in when the real thing happens.

Colonial Pipeline in May found itself in this situation, forcing CEO Joseph Blount to make a difficult decision. He paid a $4.4 million ransom in bitcoin, hoping to keep the key fuel provider for the East Coast running without interruption. But ultimately, the company was unable to avoid a six-day shutdown that left thousands of gas stations without fuel.

The Department of Justice was able to seize approximately $2.3 million worth of the bitcoin from the extortionists thanks to Colonial Pipeline’s quick disclosure of the incident to the Federal Bureau of Investigation, but we’d like to focus more on Blount’s leadership displayed during the crisis. He made the tough decision, and he stuck by it in subsequent interviews.

“I didn’t make [the decision] lightly. I will admit that I wasn’t comfortable seeing money go out the door to people like this,” Blount told the Wall Street Journal. “But it was the right thing to do for the country.”

Transparency is key when your company is the victim of a cyberattack, and Blount explaining his rationale in the moment to pay the ransom is valuable insight that company leaders can learn from if they are ever in the same situation.


Capital One

Capital One logo

Getting fined $390 million for anti-money laundering (AML) compliance failures is no joyful matter, but things could have been so much worse for Capital One back in January.

The bank was punished by the Financial Crimes Enforcement Network (FinCEN) after admitting to engaging in both willful and negligent violations of the Bank Secrecy Act. Capital One was aware of compliance and money laundering risks associated with a group of about 100 check cashers, ignoring warnings from regulators, criminal charges against members of the group, and red flags raised internally, and failed to file thousands of suspicious activity reports.

A financial institution the size of Capital One might have been expected to receive a more significant penalty, but the bank was lauded for its remedial actions. In addition to cooperating and admitting its failures, Capital One has more than tripled its AML staff and resources since 2014, back-filed thousands of missing reports, and voluntarily exited the check-cashing business where the deficiencies took place.

Monetary penalties are often shrugged off as the cost of doing business, so it’s encouraging to see Capital One make such a diligent effort to fix its flaws. Those improvements no doubt lowered the bill from FinCEN.


Proactive ESG efforts

ESG vector

It’s no secret mandatory disclosures regarding companies’ environmental, social, and governance initiatives are a matter of when, not if.

The Securities and Exchange Commission (SEC) has made it abundantly clear it wants proposed rulemaking on the matter on the books in the immediate future. Any company that is not yet preparing metrics on how it measures its climate change impact, human capital, board diversity, and more runs the risk of falling behind the fast-tracked legislation.

Proactive compliance is always a good bet, so companies like AIG, Marsh McLennan, and Robinhood that published their first ESG reports this year deserve a nod. So do Murphy Oil and Marathon Oil for adjusting their executive compensation frameworks to better align with their ESG targets.

Also worth recognizing are the activist investor groups pushing businesses to take ESG more seriously. The underdog story of Engine No. 1 and its board seat win at ExxonMobil in June was described as a “tipping point for companies unprepared for the global energy transition.” Time is running out on those firms.


Commodity Futures Trading Commission

CFTC logo

The CFTC’s whistleblower program often exists in the shadow of its more successful counterpart at the SEC. While the SEC’s program has awarded more than $1 billion since it was formed in 2012, the CFTC’s program paid out approximately $123 million since its formation in 2014—until Oct. 21.

That’s when the CFTC broke the bank on what is considered to be the largest-ever whistleblower award to an individual at nearly $200 million. The whistleblower, whose identity was not revealed, is believed to have exposed Deutsche Bank’s manipulation of the London Interbank Offered Rate (LIBOR), which resulted in a $2.5 billion enforcement action.

Where the CFTC really deserves credit is in the fact the agency nearly crippled itself by issuing the award. It took an act of Congress to give the program the funds it needed to make the payout without going broke.

So, kudos to the CFTC for not backing down on its commitment to paying whistleblowers their fair share, even when it’s far beyond any figure it imagined when designing its program.