With a combined 64 years experience in compliance, these four chief compliance officers reflect on how the profession has evolved over the past decade-plus and what challenges lie ahead.

Meet the CCOs




Ryan Specialty Group

SVP, Global Chief Compliance Officer

Years in compliance: 20





Chief Ethics and Compliance Officer

Years in compliance: 14




USA Financial

Chief Compliance Officer/Chief Legal Officer

Years in compliance: 13





SVP & Chief Compliance Officer

Years in compliance: 17


  1. What advice would you give your younger self as you started in compliance?
  2. What has changed most since you began in compliance?
  3. What has changed least?
  4. What single development has most impacted compliance?
  5. What will be the biggest challenge facing compliance in five years?

Their answers are below.

1. What advice would you give your younger self as you started in compliance?

MICHAEL BLACKSHEAR: It is OK to fail. It is OK to fall. It is OK to make mistakes … as long as you remember to learn from those failures.

JILL MASON: Know the business. Know the business. Know the business.

ANDREA MCGREW: Being a great CCO is about building bridges, not walls. A my-way-or-the-highway approach does more harm than good. A cooperative compliance approach increases adoption and adherence. Some things are non-negotiable, of course. But a partnership mindset can be the difference between a combative relationship or a cooperative one. Mission over ego.

LEONARD SHEN: Relax and treat every challenge/problem as a positive learning opportunity, making you a stronger professional and person. The stress of the moment will pass and leave in its wake a wiser, more capable person.

2. What has changed most since you began in compliance?

BLACKSHEAR: Compliance, and the senior CCO role, has evolved from a support function to that of strategic partner and key member of management, sharing the responsibility for helping define the firm’s growth strategy. Compliance is no longer considered just a passenger to corporate strategy, but a key driver and change agent to support a strategic vison.

MASON: The biggest change is who is doing the job.  When I started, a CCO was typically an attorney, a career regulatory professional, or someone with several corporate titles, with CCO thrown in. Now it is a stand-alone profession where compliance teams have varied backgrounds—like audit, legal, accounting, commercial operations, learning, behavioral studies, and public speaking.

MCGREW: Investors are more savvy. They are better informed, and they ask better questions. The challenge is making sure we’re giving clients the increased information they want but in a digestible format.

SHEN: The global regulatory environment has become more intensive, with higher expectations, articulated in more granular and prescriptive guidance and enforcement actions, across a wider range of countries.

3. What has changed least?

BLACKSHEAR: People are the greatest asset to an organization. People create the greatest compliance risk to an organization. People make mistakes, engage in intentional unethical acts, and are subject to extreme pressures to perform. These were my observations 20 years ago, and it has not changed. The importance of a compliance framework, safeguards, and “rules of the road” helps to develop the necessary internal controls to manage people’s behaviors.

MASON: Truth continues to be stranger than fiction.

MCGREW: Balancing competing business and compliance interests has been present from my first day and will be around long after I’ve left. Succeeding as a CCO means considering the business interest of the firm in light of compliance rules and finding a middle ground so that leaders are happy and the firm remains compliant.

SHEN: The core elements of a robust compliance program have remained the same, albeit with more sophisticated and varied tools and best practices. I have carried that same vision of the core program elements through four different Fortune 100 companies over 17 years and not seen it change in any material way.

4. What single development has most impacted compliance?

BLACKSHEAR: The cultural mind shift that doing the right thing makes good strategic sense. Data reflects that a company with a strong reputation of supporting “a greater good” culture, results in higher profit margins, stronger employee retention and morale, and builds trust and loyalty with customers.  

MASON:  There has been a huge change in perception of the compliance function. It is evolving, from “outsider” to trusted business partner. In many cases, the role was originally foisted upon a company by the government, resulting in an understandable tension, even hostility. Compliance now generally has a welcome seat at the table and is frequently looked to for critical input and advice.

MCGREW: Technology, without a doubt. It’s changing how investors interact with firms and financial advisers in our industry. Compliance professionals must be on their toes when it comes to information sharing, cyber-security protections, and communication supervision.

SHEN: Companies have recognized the criticality of a robust compliance program, making it easier to drive change because the water level has generally risen on expectations and norms.

5. What will be the biggest challenge facing compliance in five years?

BLACKSHEAR: Data privacy, compliance agility, financial crimes, and maintaining customer trust. I am excited about the future and look forward in helping shape and transform the compliance dialogue, in hopes to inspire others to join a forever-evolving, exciting, and growing field.

MASON: The demand to execute the function in a smarter way. As boards continue to get more savvy about risk management, the compliance function will be challenged to focus more on metrics, data analytics, and identifying and monitoring the riskiest areas of each organization.

MCGREW: Cyber-security is our biggest challenge now, and it will be even more so in the next five years. We’re fighting for the safety of our investors’ information, and our opponents are faceless, nameless ghosts (who are smart, sophisticated, and patient as well). Anticipating the myriad ways our clients will be threatened is an incredible challenge, but we cannot fail.

SHEN: Presumably there will be a recession or significant economic downturn, which will create economic pressure to cut corners or not invest in a robust compliance infrastructure. We will need to have embedded enough controls, incentives, and culture before the next economic downturn to minimize that risk.