Menu

Beth Haddock

About Beth Haddock

Posts by Beth Haddock:

African American Businesswoman Giving Presentation To Executive

8 Elements for Effective, Sustainable Compliance Programs

, , , , ,

The end of summer and the arrival of fall marks a return to school and a regular schedule for our country’s youth. It also marks a return to a more traditional work schedule for many adults and perhaps most compliance officers.

And not unlike the turn of a new year, the return to school and work can be viewed as an opportunity to review, reconsider, and retool one’s approach to life, and to managing compliance.

With that in mind, compliance officers returning from summer vacation might consider taking a pause and consider ways to increase effectiveness and efficiency.

The following eight strategies, the core of my book Triple Bottom-Line Compliance: How to Deliver Protection, Productivity, and Impact, can be a catalyst for more effective and sustainable compliance programs. The present time is a great opportunity to learn about and apply the following eight key elements.

  1. Align – To achieve sustainable governance, take a longer-term approach. Look to align interests and incentives to win wider engagement and avoid repeated compliance deficiencies.
  2. Verify – Build trust-but-verify cultures using a Triple Bottom-Line Compliance System including
    • Protection: Surveillance to search for and find red flags
    • Productivity: Being analytical, looking at things holistically, connecting the dots, and knowing business patterns as well as individuals’ traits
    • Impact: collaborating with others in the organization to double-check any findings to make sure they reflect a real or potential compliance breach and if so, going directly to the source of the risk as an advisor and an educator
  1. Serve your Client – Build strong relationships and possess superior communication skills. Compliance Officers that are also business leaders, strategists, project managers, and influencers are able to get more done for their clients.
  2. Network – The day-by-day workflow of questions, issues, projects, and resolutions may lead to conflicts of interest and a crisis. Manage your professional brand and reputation.
  3. Build legal alliances – The Legal department can provide important and strategic relationships but it’s up to the compliance officer to keep them on board with Triple Bottom-Line Compliance. A compliance officer must think ahead, educate lawyers, and advocate for taking a longer-term view when needed.
  4. Master diplomacy – Master be diplomacy and understanding many different stakeholders. Be the resource not only finds problems but fixes issues.
  5. Be your true north – “True North Ethics” means there is an authentic fit for a compliance officer within an organization. Align with and believe in the culture, the organization, and the business efforts you serve. Without such an alignment the compliance officer may be too focused on protection and may struggle to lead the rest of the organization regarding positive business ethics when faced with conflicts of interests.
  6. Brand yourself and contributing – Act like a leader and be perceived as one who builds relationships with FOCs, lawyers, and regulators while delivering Triple Bottom-Line Compliance. A strong compliance officer should be clear, definitive, and decisive but may only be so after listening to, collaborating with, and explaining why the regulatory requirement is as it is.

These eight strategies are part and parcel of the “Circle of Compliance.” The circle demonstrates the way a compliance program can protect and add value.

You can learn more about the Circle of Compliance and how to implement it in your own compliance practice in my book Triple Bottom-Line Compliance: How to Deliver Protection, Productivity, and Impact. Click here to download chapter 5 about the power of Networking, for free.

After you read the chapter, don’t forget to apply what you learn and take advantage of your existing and growing circle of influence at back-to-school events, fall parties, and other environments where your positive influence can be felt.

To learn more about how you can innovate with compliance, contact my office today. If you would like to read about my philosophy and how to support business growth so there is measured and informed risk-taking, here’s a look inside my book.

Investors

How Can a Triple Bottom Line Compliance Approach Help Protect Investors?

, ,

  1. Conflicts are Avoided or, When Appropriate, Disclosed

The SEC fined a regional advisory firm this month for selling investments without proper disclosure and raising questions about whether the investments were made for the benefit of the advisors, instead of the investors.  It’s, unfortunately, a reminder that recommendations to seniors, retirees or other vulnerable investors should be carefully reviewed.  If you are considering a new compliance notice – this is a good case to distribute. Read on to understand how a sustainable governance approach can protect investors – especially as one considers the Securities and Exchange Commission’s (SEC) Regulation Best Interest.

On Sept. 14, 2018 the SEC charged Indianapolis-based investment advisory firm Steele Financial Inc and its sole owner Tamara Steele with selling approximately $13 million of high-risk securities to more than 120 advisory clients, many of whom are current or former teachers or other workers in public education, without disclosing that she and her firm stood to receive commissions of up to 18 percent from the sales.

The SEC alleges that between December 2012 and October 2016 Steele Financial Inc. and Tamara Steele sold to advisory clients and other investors more than $15 million of the securities of Behavioral Recognition Systems Inc. (BRS), a private company previously charged with fraud by the SEC.  Ms. Steele and Steele Financial received commissions of cash and warrants from BRS that were worth more than $2.5 million.  Steele and Steele Financial allegedly targeted their own advisory clients who generally did not invest in individual stocks, selling more than 120 clients approximately $13 million of BRS securities without disclosing that the defendants were receiving commissions from BRS.  The complaint further alleges that the defendants created false invoices and took other steps to conceal their involvement in selling BRS securities. The SEC stated it believed that Ms. Steele took advantage of her clientele including “clients whom she herself described as ‘two-pension, two Social Security families.”

Many conflicts of interest can be mitigated with disclosure.  In other situations, such as with the Steele Financial case, disclosure may not be adequate. Compliance should help the business review compensation incentives to avoid conflicts and allow a business to grow sustainably and serve its clients.

  1. Technology is Used to Eliminate or Minimize Bias

I recently interviewed Jasmin Sethi, a veteran legal and compliance expert with a history at the SEC and Blackrock, and now her own fintech company, for insights about the power of technology to mitigate bias in investment recommendations and Regulation Best Interest.

We discussed the arguably thin, but crucial, line between screening investment recommendations against the current “reasonable basis” standard for broker-dealers and the standard proposed under Regulation Best Interest.  We also discussed the tremendous opportunity to manage or avoid conflicts of interest by using technology. For instance, compliance officers can help the business calibrate algorithms, portfolio modeling tools and other financial analysis tools to ensure they operate as intended providing objective investment analysis.

  1. Regulatory Priorities, Economic Trends, and Industry Developments Are Proactively Considered

Please listen to my third podcast to hear a thought leader share her insights. It will help you develop your strategic approach for this important issue that is likely to lead to new regulatory requirements. It will also help you confirm your governance and incentives are designed to avoid situations like that experienced by Steele Financial.

For more on how you can take steps to protect your investors, check out my book, Triple Bottom-Line Compliance: How to Deliver Protection, Productivity and Impact.

Insider Trading

Ask Beth: How Can A Compliance Officer Make a Sustainable Impact Preventing Insider Trading?

, , , , ,

A first step towards preventing insider trading is managing non-public material information. Compliance officers that don’t stop there and also test the technology behind related regulatory reporting and surveillance and train employees to combat Fudge-Factor Thinking can bring more sustainable value.

On Sept. 13, 2018, the Securities and Exchange Commission (SEC) announced that Cowen Execution Services LLC (formerly Conergex Execution Solutions LLC) will pay $2.75 million to settle charges that the broker-dealer firm provided the SEC with incomplete and deficient securities trading information known as “blue sheet data” because of coding errors. Blue sheet data is used by the regulators to detect illegal trading practices and firms can use the same data analytics for their own trading surveillance programs. The technology is powerful. As the Cowen case shows, so are coding errors that go undetected.

The coding errors occurred over a period of nearly four years which caused, according to the SEC, approximately 29 percent of Cowen’s submissions to contain deficient customer identifying information and other errors involved trade details. Although the firm was previously sanctioned in March 2012 for deficient blue sheet submissions, the order found that the firm did not take reasonable steps to ensure that its blue sheet submissions to the SEC were accurate and it failed to identify the deficiencies during this period.

As the fourth quarter approaches, compliance officers should consider not just completing an annual review of policies, but also testing core technology such as trading reporting, regulatory submissions or algorithms within investment software. Compliance has an opportunity to protect the firm and add-value to the business operations by helping find errors before they have a bigger impact.

Just over ten years ago, a young hedge fund manager named Tom Hardin was swept up in a much bigger insider trading scandal that involved the Galleon Group, at the time one of the largest hedge funds in the world with over $7 billion under management.

On the way to pickup his dry-cleaning, Tom was approached by the FBI regarding his own illegal trades. Tom agreed to cooperate as an informant helping the FBI build more insider trading cases including a one against the Galleon Group insiders.

I recently interviewed “Tipper X” Tom Hardin on my podcast.  In the interview, he provides insightful tips about how to prevent insider trading. We also discussed the power of using behavioral incentives to drive good business decisions and combat Fudge-Factor Thinking.

Fudge-Factor Thinking, the behavioral economics term that describes when people use common rationalizations to justify unethical behavior, comes into play more significantly than it should.  Tom used it when he placed a trade he thought would be fine because there weren’t any real victims and it was the way he thought everyone secured an “edge” trading the capital markets. His training didn’t involve behavioral incentives. He recalls simply being told, “Don’t email anything you don’t want on the cover of the Wall Street Journal”.  Today, his advice to others is more pragmatic. He encourages compliance officers to have an open door, be there to answer questions and challenge Fudge-Factor Thinking. His training wasn’t adequate. He didn’t have a mentor.  He tells a compelling story any compliance officer who doubts the impact of engaging training or his or her individual contribution should listen to. For more information, you can listen to my podcast here.

Compliance officer technology

Three Mid-Year Takeaways for Compliance Officers

,

In its first six months, 2018 has proven to be a time of innovation and change for both fintech and regtech. Compliance officers and others have had to strike a balance between embracing new technology and strategic advice so clients are informed. Only in this way can they take the measured risks needed to support innovation. Though many trends affecting the industry are worth keeping an eye on, three stand above the rest.

1. It’s Still About Conduct

Words like cryptocurrency or blockchain were unknown ideas only a few years ago. Now, fortunes may be won and lost on their successes and failures. SEC Chair Clayton has taken strides in the past year to cement his organization’s understanding and position on the future of these technologies – so much so that the SEC just appointed Valerie Szczepanik as its first ‘Crypto Czar.’ Szczepanik affirms that the SEC does not intend to rein in technology, but instead to continue to regulate conduct. https://www.sec.gov/news/press-release/2018-102

2. Regtech is Growing. Be Curious and Get up to Speed.

The momentum we’ve seen in the past few decades has been an amazing testament to how quickly trends evolve today – and they are only getting faster. It was not so long ago that the smartest computer in the world could barely win a game of chess. Currently, we can fit the world in our pockets, and we trust machines to make the most sensitive trades on Wall Street. Though the genie is out of the bottle, so to speak, there will always be a human element to all of this.

The automation afforded by innovations such as blockchain or AI is certainly improving efficiencies for COs. Beyond simplified surveillance, there are benefits to gain within compliance program including workflow, agility, speed, integration, and analytics. For a great overview of this topic, I’d recommend “Regtech is the new Fintech.

3. Technology Cannot Replace Sound Judgment.

Experienced compliance advice is needed more than ever.  As companies innovate with new products, services, and business models, experienced compliance officers are crucial to their success. Without them, business may grow too quickly. In the excitement of rapid growth, compliance and governance mistakes can arise.

Betterment is a useful case in point. This June, the industry leader and freshman fintech robo advisor was hit with both corporate and executive fines for what Finra cited as window dressing.

This spring, Chief Justice Roberts delivered a commencement address to his daughter’s high school class. In his remarks, he lamented about the difficulty in striking a balance between the power of technology and human attributes like curiosity and analytical thinking –  perspectives and skills that are key to the success of compliance officers, lawyers, and other risk professionals. Chief Justice Roberts offered this warning: “beware of the robots.” He was not referring to the robots of some remote future, but to the machines with which we interact every single day.

Chief Justice Roberts did not paint a dystopian picture of the future; he simply cautioned that technology does not just influence the decisions we make, but how we come to make decisions.

Yes, tech is key to our innovation. We can’t innovate, though, if we let the tech steer us away from our own analytical development. Tech is a tool  – use it that way and remember if you understand the technology you will be better positioned to advise on risks and internal control issues. No matter how advanced the tech innovation, planning, strategy and other analytical skills will be needed.

To learn more about how you can innovate with compliance, contact my office today. If you would like to read about my philosophy and how to support business growth so there is measured and informed risk-taking, here’s a look inside my book.

compliance network

Build Influence with a Friends of Compliance (FOC) Network

We have been recently reminded of the power and influence of social networking with Facebook data breach investigations.  The Harvard Business Review also recently published an interesting article about how to balance the benefits and downside of workplace friendships.

Social networking for Compliance Officers (COs) is key to building their influence — the influence that’s needed to deliver results in their high-performing jobs. In a given day COs can be client-focused helping a business onboard new customers and products, but they may also need to serve as gatekeeper helping resolve a compliance gap or data breach.  A network of colleagues, what I call friends of compliance (FOCs) help COs manage conflicts interests and demands on their time. FOCs help Compliance issue spot, rank risks, understand industry trends and prepare for training and presentations.

What is a Friends of Compliance Network and Why Have One?

A FOC network is an interconnected group of people in various positions within the company who help the CO run a successful Compliance program and stay ahead of developing problems.

FOCs help the CO in a number of ways. They provide diverse perspectives, as each person has different information and experience within the organization  They help identify issues before they become large problems by pointing out anomalies and red flags. FOCs provide constructive feedback on the CO’s work and ideas helping the CO deliver a more impactful compliance program.

How to Build a Friends of Compliance Network

 Social-exchange theory shows that through a series of interactions over time, employees develop trust and interdependence on one another. COs can leverage these relationships to build their FOC network. This is the essence of the how: building relationships over time. There’s no secret to it other than to be consistent and authentic. Not only will this help develop FOCs, it will also help develop relationships within the organization.

At the heart of these relationships is the exchange of mutually beneficial information. To run a successful Compliance program, the CO needs to have people who share information with them, and social-exchange theory says this happens when the CO shares in return.

Though ideally, COs have individuals throughout the organization in their network, one place to look for FOCs is the legal department. The legal department is a powerful, respected, and informed part of the organization and a great building block for a FOC network.

 A Secret Weapon

An FOC is the CO’s secret weapon, helping the CO’s mission of Compliance and also building their reputation within the company. COs who commit to developing an FOC network enjoy more influence and more camaraderie to boot.

For more ideas about how to build influence, take a look inside my book.

seat at the table

Ask Beth: How Do You Get a Seat at the Table to Help Launch New Products?

Question: How do you get a seat at the table to help launch new products?

Answer: This is an issue that many in Compliance face. Focusing on helping with new products is an excellent way to make a proactive impact on the business. You can build rapport and bring your perspective early – helping to make sure products and services are rolled out online and within budget without any delays because of last-minute compliance issues.

When the business focuses on developing the best service or product, compliance may not make it to the top of the list. How do you use your influence to be heard?

#1 – Your first priority is to be proactive and invite yourself to project meetings if needed; get involved as early as possible. The longer you wait, the harder it will be to slow the momentum to consider compliance and governance controls.

#2 – Pitch the value you will bring. Be ready with ideas and value-add. For example, can you provide perspective on the competitive landscape, the regulatory environment, risk and compliance requirements that can be addressed efficiently?  You can also tell a story about a regulatory enforcement case where faulty product design or due diligence caused legal and compliance liability. Compliance issues can derail timelines and launch dates. When in doubt, explain how early collaboration can avoid headaches down the road.

#3 – Offer to test or audit the design of technology for regulatory such as disclosures, and conflicts of interest with cash and non-cash incentives. For example, the SEC 2018 examination priorities has several examples you can use to issue spot and help the business avoid delays in launching new products or services.

Show how you will save time and secure timelines. Make it plain that you are here to facilitate company goals by ensuring that the business is not exposed the regulatory scrutiny that comes from poor planning.

There are myriad cautionary tales that you are welcome to relay at your discretion, but I hope you can approach this with a tone of positivity. While you may be holding the map, you are all in the same boat.

For more ideas about how to be influential, take a look inside my book.

Green business and investment / Business with environmental concern

Why Should Compliance Officers Consider ESG Principles?

Environmental, Social, and Governance (ESG); impact investing, and sustainability are terms you may believe are outside the remit of your compliance and ethics program.

This article will illustrate the applicability of ESG and impact investing to general compliance programs as well as risk management and prudent business judgment. The heart of a compliance officer’s job is to help ensure claims to investors or consumers are accurate. ESG principles can help a compliance officer deliver on that responsibility. For example, understanding what is meant by ESG claims, or borrowing ESG principles to identify and manage risk, can help compliance officers not just protect their companies and end customers, but also add important commercial value by helping the business make prudent business decisions.

Recent policy changes support the move to an ESG framework; in May, the European Commission released an ESG proposal advocating enhanced transparency and duties for institutions. These principles are already incorporated in the investment mandates of US pensions such as CalSTRS and the New York Common Fund. Additionally, there are global investment standards such as the UN Principles of Responsible Investing (PRI) with over 1,500 signatures and the UN Sustainable Development Goals pointing the private sector toward those issues that require the most attention and investment.

Even if you put aside these evolving standards and new products, such as impact private funds or ETFs or mutual funds using a socially responsible index such as the Calvert US Large-Cap Core Responsible Index or the MSCI KLD 400 Social Index as a performance benchmark. Compliance officers can look at ESG investing concepts for sales practices, compliance, and managing risks.

When businesses consider a new investment, product, or service provider, they often rely on others’ claims to forecast their own returns or profits. What happens if those claims are inaccurate and then forecasts are inflated? Faulty due diligence can lead to unmanaged risks and liability. However, by leveraging ESG principles, companies can minimize these blind spots and avoid the predictable surprises that come along with unsubstantiated claims.

Public companies have a duty to deliver a return on investment (ROI) to shareholders. Technology companies and those that manage personal information have a duty to protect said information. Investment advisers and brokers have a range of duties under the Department of Labor (DOL) Fiduciary Rule, the SEC proposed Regulation Best Interest, as well as investment advisor regulation. Likewise, compliance officers and business leaders should consider ESG principles as meeting a necessary enterprise risk management (ERM) duty. ERM is the process of identifying and rating material risks to decrease the probability a company will be harmed by an unexpected risk. ERM helps avoid predictable and unpredictable risks and errors – such as a reliance on inflated performance or underestimated the importance of controls to protect against a data breach or systems hack.

Leveraging ESG as an ERM duty teaches us to think big – to prioritize and strategically work on systematic risks. It teaches us to manage risks as projects, to set deadlines, and to require a backup for process solutions to help avoid repeat deficiencies. It also teaches us to continuously broaden risk factors – staying on top of technology and global regulatory developments. As the business world becomes more complex and global, so to should our approach to managing compliance, governance, and operational risks. In Turning Corporate Compliance into a Competitive Advantage, Bird and Park describe the benefits of using an efficient investment-risk (EIR) model to build and manage an effective compliance program. The model similarly focuses on the benefits of tailored and strategic planning to address the most impactful enterprise issues by finding the compliance “sweet spot” on what amounts to a compliance efficient frontier. It also acknowledges the mistakes legal and compliance professionals can make if they do not adopt an ERM approach (choosing instead to focus on process over results and/or undue emphasis on fear of personal liability or sanctions).

Not considering ESG principles is like not considering cybersecurity to run an online business. Considering these principles as an ERM duty helps a company and its gatekeepers strategically focused on identifying and mitigating material risks – which can mean knowingly accepting reasonable risks while eliminating blind spots that can cost a company money and reputational damage.

A perfect illustration is a company that has experienced multiple enforcement cases resulting in fines, lost share value, and brand tarnish that arguably creates an adverse impact on investors. For example, an allocator considering a new investment in Wells Fargo can more accurately forecast returns after considering risks such as the sustainability of its historical sales success; the efficiencies and costs to fix recurring systemic operational processes; and the impact of a tainted brand on growth projections. If an allocator does not consider systemic “social” and “governance” attributes; for example, by studying the effectiveness of Wells Fargo’s whistleblower program, its regulatory enforcement cases, and its incentive compensation programs, the allocator may not meet its legal duties such as best interests, suitability, and even a fiduciary standard during the sales process.

How ESG Impacts Your Compliance Program?

ESG principles and this ERM duty can also surface when a compliance officer tests investment governance; supports the development of new ESG or impact investing products and services; conducts or responds to due diligence requests, or reviews sales and marketing campaigns. Compliance officers should keep the following in mind as they work:

  • Sales and Marketing: Make sure promotional statements don’t misrepresent products or services to customers, particularly retail customers. Regulators, such as the SEC, have recently focused on performance reporting and sales practices related to retirement investments. The same concepts apply in the ESG area when it comes to impact reporting. If an investment purports to be in line with ESG or impact investing mandates, ask for the quantitative and qualitative evidence to support any statements. When reviewing ESG claims, compliance officers should understand the claims by asking how impact performance is measured.
  • Due Diligence: Whether conducting due diligence on a service provider, providing certifications to clients or testing your firm’s adherence with impact investing or sustainability claims, consider asking targeted due diligence questions. For example, if a real estate development firm asserts it meets LEED or WELL Building Standards because it uses technology and research to build a sustainable, clean working environment, and a company relies on those claims to build its offices without further due diligence, it takes on liability if the claims are exaggerated or inaccurate. In this scenario, if the health research is faulty, or the new sensors missed toxins in the building’s air, the company is open to legal and compliance risks that the building is not safe. In extreme cases, sick employees may file a class action lawsuit. On the other hand, if the company asked questions about the supporting science, operations, and technology behind the sensors, the company can avoid such liability because it prudently assessed the validity of the claims and risk associated with the new technology. A few questions to consider as compliance officers test claims, review marketing materials, or consider new investments:
    • Does any ESG claim include a guaranteed impact? If so, what is the basis and are there any exclusions? If not, why not?
    • Is there an extra layer of costs either through a fund of fund structure or sales intermediary? If so, consider the costs when analyzing returns.
    • Is the provider publicly committed and aligned with any impact-related marketing statements? How does it run its own business; is it sustainable or is it a signatory to PRI?
    • Has a trusted third-party affirmed its ESG or impact statement so you know it isn’t limited to a branding exercise?
    • How can you test environmental claims? Can you see a demonstration rather than rely on market demand or excitement for a new offering?
    • What is the desired time horizon? Is the timing for positive impact, positive returns, and any liquidity risks well documented?

 Additionally, compliance officers can bring value-add by helping the business ask the tough questions and adhere to this ERM duty. For more information.

How are ESG Principles Applied to Compliance Officers’ Performance?

 From a compliance program perspective, a more holistic approach can also enhance the performance within a compliance team. Compliance officers can approach each facet of the compliance program by building a sustainable governance approach that also avoids predictable surprises of repeat compliance deficiencies.

In the same way ESG is innovating the way we look at financial investments and environmental impact, sustainable governance innovates the way we look at compliance and compliance officers as gatekeepers. Responsibility and accountability for results is broadened for each. For investing, it’s delivering financial and corporate responsibility; for Compliance, it’s delivering protection from legal and regulatory liability but it’s also making an impact as a trusted business leader.

Let’s look at some ESG-related compliance issues to illustrate the difference in the approach.

Imagine a compliance officer for a global investment firm has finished the annual compliance review and is eagerly planning next year’s training program when a call from the head of the London office interrupts her early morning calm. He sternly explains that a client at a large pension fund requires a complete report on the firm’s promised ESG investment strategy. The client is seeking a certification that its funds have been tracking ESG guidelines from the time of the initial investment.

Tactical Response

“Why are you calling Compliance? I don’t make the investment decisions. Talk to the investment team, please,” the compliance officer reflexively says.

Sustainable Governance Response

Sustainable Governance entails thinking of, and helping avoid, systemic risks and repeat deficiencies. In other words, helping the business with its ERM duty. What if the investment team doesn’t have written guidelines and hasn’t been investing in the manner the pension fund expected? Compliance officers should not “own” compliance with ESG investment instructions, but they should help confirm investments are aligned with investment guidelines.

In this scenario, a better response would have been to offer to be a liaison between the Office Head and the investment team. The compliance officer could help prevent the investment team’s submission of a certification that isn’t accurate, comprehensive, and transparent. She could get details from the London office about when the client came on board and what promises were made. If there were any compliance gaps in reporting or adherence with investment guidelines, she could help the investment team respond and remedy any gaps.

In conclusion, compliance officers can maintain independence and avoid involvement in ESG investment decisions while still helping uncover and address governance gaps. Common compliance and governance gaps to look for include:

  • Requests for Proposals: The investment team could over-sell the client about ESG capabilities. Compliance officers should review RFPs and sales materials to make sure representations are supported by process and documentation.
  • Documentation to Support Certifications: There may be inconsistency between investment holdings and client instructions or investment guidelines because of a lack of written protocols. ESG investments entail specialized investment strategies and typically require additional investment instructions that may relate to higher standards for corporate accountability for investable assets. For example, with regard to the use of resources, labor practices, supply chain management or management of conflicts, internal controls, and board diversity. These instructions must be documented and followed as the client expects. Clients may be required to adhere to standards, regulations, or laws such as PRI and/or specific pension fund mandates. Clients often ask for certifications to ensure they are followed. Compliance officers should help, or at least test, to make sure the certifications are handled appropriately.
  • Accountability and Collaboration: ESG investments may be consistent with the client’s expectations, but the documentation may be inadequate or just not filed/vetted as needed because of a lack of coordination. Without the engagement of all stakeholders, the business can make mistakes and compliance can be bureaucratic. Engagement is a key benefit of sustainable governance. Compliance officers help the business using project management skills as much as their technical knowledge. Compliance will bring value-add, increasing rapport with the business and engagement in the compliance program if it establishes a disclosure committee or process to ensure accountability for each part of the ESG certification process. The business will appreciate an engaged compliance officer who helps the business with ESG obligations as proposed above in the sustainable governance approach.

In a sustainable governance world, compliance officers can add value by improving controls because they are supported by an engaged network of business colleagues who they have also helped meet an ERM duty and avoid predictable surprises.

Beth Haddock, CEO and founder of Warburton Advisers, is the author of Triple Bottom-Line Compliance: How to Deliver Protection, Productivity and Impact. She has more than 20 years of experience as a compliance and business executive. Her consulting firm provides sustainable governance and compliance solutions to leading international corporations, technology companies, and nonprofits.

Damage Table Meeting

VW’s Damage Table Meeting

When we consider the recent Department of Justice (DOJ) charge against former CEO and chair of the management board of Volkswagen AG (VW), Martin Winterkorn, there can be at least three lessons learned:

  1. Fudge Factor Thinking creates dangerous blind spots.
  2. Crisis management skills can be the most important to master.
  3. The cover-up is often worse than the original act.

The Justice Dept, FBI, and EPA worked together to hold senior VW management—arguably the most important gatekeepers for the company—accountable for intentional decisions to use technology to avoid compliance. On May 3, 2018, the DOJ charged Winterkorn with conspiracy and fraud in connection with a long-term scheme to circumnavigate the US diesel emissions requirements. Allegations about the CEO-led cover up involve an approved script of talking points to deceive regulators and an executive planning meeting—known as the Damage Table Meeting—to determine strategy and tactics for the cover-up using a detailed PowerPoint.

One could envision the Fudge Factor Thinking at the Damage Team Meeting of senior executives. Perhaps they didn’t believe the emissions regulations were necessary or effective; perhaps they didn’t think the emissions could actually cause harm to the environment or the air we breathe in the US. This double self-deception of rationalization arguably led to their criminal liability. The allegations portend the executives acted blindly without regard to accountability as corporate control persons, officers, and gatekeepers. It’s a good reminder to include control person liability in any manager training.

Even referring to their meetings as “The Damage Table Meeting” shows the corporate infrastructure was present for crisis management, but when values lean toward transactions and damage control without equal analysis of the implications of mitigating damages with disclosure or self-reporting, it appears as though the corporate governance was inadequate. Crisis management should involve disinterested analysis of the root cause, brand credibility, and compliance and legal liabilities. Those in charge of the breach should not be in charge of the crisis management. In your organization, when there is a data breach, large processing error, or customer problem is it resolved by those who cause it? Take this opportunity to review how a crisis is handled in your organization—Compliance and those that weren’t involved in the problem should help make decisions about how to manage the crisis.

We commonly see cover-ups as part of corporate scandals. This VW case is unique in that the blatant cover-up occurred in a management off-site meeting—a forum typically reserved for strategic business planning. Take a look at VW’s new sixty-eight-paged Code of Ethics: https://www.volkswagenag.com/en/group/compliance-and-risk-management/compliance.html.

What do you think about the message? Audit your own Code of Ethics and make sure there is buy-in for the values and that the values align with organizational priorities.

Technology was at the heart of this scandal. VW used “defeat devices” to affirmatively detect and evade emissions testing. The final lesson from the Damage Table is to make sure your surveillance technology is targeted to your business. Compliance needs to partner with the business to calibrate its surveillance, otherwise it will miss the important risks that can systemically impact an organization. In this case, the regulators discovered the conspiracy and fraud because an employee decided to go off-script and ignore instructions from the Damage Table Meeting. This is another important reminder—engaged employees can be the best gatekeepers.

At the core of effective crisis management is compliance. In my book, How to Deliver Triple Bottom-Line Compliance. I go in-depth into how Sustainable Governance affects the bottom-line, the strategies that help take Compliance from the basics to beyond, and the skills that COs need to succeed in this new paradigm. Take my assessment to see how your program stacks up: Is Your Compliance Program Delivering a Triple Bottom-Line?

productivity

Back to Black: How Utilizing Compliance Can Raise Your Bottom Line

,

Compliance can affect the bottom line in many real ways.

It is seen by many as a cost center. I see it as a competitive advantage. The difference is in how you view Compliance within the context of the larger company. Compliance serves the organization’s interests by protecting it from liability, ensuring that relevant regulations are met. But Compliance can go beyond this to deliver not only protection but also increased productivity and employee engagement, too. In the context of sustainable governance, compliance takes on a long-term, strategic role, making it a competitive advantage.

Here’s how it can help your company’s bottom line.

Stop Scandals and Forget Investigations and Fines

Compliance in its most basic form is focused on protection. It achieves this by meeting regulatory and legal requirements. At this level, it helps companies avoid investigations and scandals which can be costly in terms of money and productivity. If violations are discovered, large fines may be imposed by regulatory or government agencies. Even in its most basic form, a competent Compliance program saves companies money and protects the bottom line.

Sustainable governance takes compliance further. It focuses on educating employees and implementing processes to avoid repeated mistakes. Companies that don’t take this approach may repeat the same mistakes, having wasted time and money on regulatory investigations and missed opportunities to find efficiencies and process improvements.

Focus Where There’s a Future

In many companies, Compliance is called in at the end of a process rather than the beginning. For instance, let’s consider when a company works developing a new product or service only invites a compliance officer to weigh on the compliance ramifications in the final planning stages. If the CO discovers issues at this stage, money and time have been wasted in development. Compliance can avoid this unfortunate situation by being involved from the beginning stages to point out possible pitfalls and help keep things on track from the start.

 Incentivize Employee Behavior and Increase Productivity

Sustainable governance relies on incentivizing good behavior, rather than simply imposing rules, to influence employee behavior and productivity. Those who display good behavior and good judgment are respected, rewarded, and promoted.

This culture, based on principles of behavioral economics, helps stem the kind of behavior that leads to scandals and encourages employees to report errant behavior early. It also attracts and retains highly motivated, ethical employees whose contributions undoubtedly boost the bottom line.

 Serve Your Clients and Investors and Strengthen Your Brand

In the context of sustainable governance, compliance goes far beyond regulatory requirements to affect the very perception of the brand itself. A company with a reputation for ethically sound governance, transparency, and a focus on corporate responsibility is attractive to many investors, donors, consumers, and future recruits. They perceive the company to be well-run and put trust and credibility in the brand.

 Go Beyond Protection to Productivity and Profit

Compliance can be run as a cost-center focused solely on the protection aspect. It can also be run in an environment of sustainable governance, allowing for productivity and impact, which increases the bottom line.

For further reading, check out my bookHow to Deliver Triple Bottom-Line Compliance. I go in-depth into how Sustainable Governance affects the bottom-line, the strategies that help take Compliance from the basics to beyond, and the skills that COs need to succeed in this new paradigm.

Data Breach

Three Questions to Ask About Your Company Before and After a Data Breach

Your company will inevitably suffer a data breach. As long as there is valuable data to mine, there will be people to mine it.

  1. Is a data breach an exercise in damage control?

Companies experiencing a data breach may sustain negative repercussions, but the good news is that a quick response to mitigate risks is also an opportunity to strengthen systems and build transparent client relationships that will bring long-term returns.

  1. Who do you protect during a crisis?

Imagine a hospital full of doctors whose only directive is to concern themselves with the hospital’s interests, rather than those of the patients they serve. Does that sound right to you? Not at all.

It’s the same in business. Yes, businesses need to pursue their own self-interest, but they must also keep their customer’s interests front and center. For companies that collect personally identifying information from their customers, this means keeping that data confidential and safe from those that don’t need the information to deliver services. Many states have prompt breach reporting duties, as do federal regulators. Companies should promptly report breaches so clients can mitigate their risks.

  1. Is “client-centric” a customer service and sales concept?

Compliance has been referenced as quality assurance, making sure the company’s reputation and brand is protected. A client-centric approach to compliance supports a healthy balance of pursuing the company’s and the customer’s interests. When mistakes happen, make sure any remediation efforts are focused on fixing mistakes and assessing client impact. A cover-up or failure to report as needed can cause more losses of client loyalty and brand credibility, along with added costs of Compliance investigations.

Can Your Compliance and Governance Program Stand Up to Scrutiny?

People sometimes justify their questionable ethical decisions by using what behavioral economists call “fudge-factor thinking.” When deciding how to behave in tough situations, many rely on two rationalizations: (1) there isn’t a real victim, and (2) everyone else is doing the same thing. Is your company’s governance addressing “fudge-factor thinking”? If it is, it’s time to refresh your compliance and governance program. Revamp training to refute these rationalizations; show the specific impact of unethical behavior and examples of employees who choose to act in the best interests of customers. Foster a program that incentivizes good employee behavior and continues to debunk any reliance on “fudge-factor thinking” to justify unethical behavior.

Remember that Compliance and governance are not just subject to scrutiny of government and regulatory agencies, but to the scrutiny of customers, investors, and the public whose trust your company relies on.

 Not Prevention, but Preparation

A data breach can bring on a crisis of trust that can damage the bottom line. Although you can’t ever fully prevent a data breach from occurring, you can prepare for the aftermath should it ever happen. Asking yourself these questions about your company may help you see where the cracks are that can be filled.

For further reading, check out my bookHow to Deliver Triple Bottom-Line Compliance. I go in-depth into how Sustainable Governance affects the bottom-line, the strategies that help take Compliance from the basics to beyond, and the skills that COs need to succeed in this new paradigm.

Load More