Not a Lexis+ subscriber? Try it out for free.


Good-Bye to Maureen O’Hara and How to Drive Compliance Into the DNA of Your Company

 Maureen O’Hara died this week. To anyone who has ever watched The Quiet Man on St. Patrick’s Day, she will always be known as Mary Kate Danaher, who was pursued and eventually wed by John Wayne. Testament to the fiery character she often played, O’Hara refuses to consummate her marriage to Wayne until he fights her brother for her dowry. Wayne’s character, a former boxer, who had once killed a man, finally does so. As it’s The Duke, you can guess the outcome. Her role as Miss Danaher was enhanced due to the Technicolor film process that seemingly highlighted her bright red hair, green eyes and rosy cheeks. I always thought she was the one actress who gave The Duke as much as he could handle.

O’Hara’s career was during the heyday of the movie industry studio system in the 1930s and 1940s; yet she was able to successfully make the transition into the 1950s. I thought about her and the arc of her career when I read an article in the Financial Times (FT) by Andrew Hill in the On management column, entitled “How to set staff free without plunging them into chaos”. The column also had some interesting insights for the Chief Compliance Officer (CCO) or compliance practitioner on how they could think through driving compliance into the DNA of an organization.

Hill’s thesis in the article was to reject “Two big assumptions blight efforts to change how large organisations work. One is that you had best start from scratch if you wish to introduce such exotica as flatter structures, autonomous teams and customer-focused innovation. The other is that you will only succeed in changing everything after a crisis or a wacky revolution”. Not only rejecting these thesis, Hill believes they are “misleading” and it leads senior management to conclude it is “Better to try something that seems uncontroversial and is self-servingly supported by a team of paid advisers — mega-merger, anybody? — even if it is fraught with greater cost and peril.”

The above description often sounds like something facing the CCO or compliance practitioner. Many C-Suite types believe that a Foreign Corrupt Practices Act (FCPA) anti-corruption compliance program will be a completely new set of bureaucratic procedures that will significantly slow down a company’s business response going forward. To counteract this mischaracterization, I often tell such senior management that a FCPA compliance program is not 100 paces past what they are currently doing; indeed it is not even 10 paces past what they are doing. It may be 3 paces past what they are doing if they have anything close to the minimum of financial reporting controls.

Hill detailed another approach he is observing from companies. He said, “the truth is some traditional-looking companies are already shaking up their approach without drama and with the help of — not at the expense of — enlightened managers. Basic changes include the switch from rigid five-year plans to adaptable rolling strategies; or the use of a military-style mission-command approach, where chiefs set a goal and allow frontline troops to work out how to reach it rather than dictating every step.”

He cited to the thoughts of “General Sir Richard Barrons, head of the UK’s Joint Forces Command, told me recently: “I don’t think you can run a business or organisation as if the leader is some giant satnav, telling everyone where to go.” Managers increasingly must act as enablers of a network, rather than central controllers.” Hill also provided a couple of business examples. One was Ericsson, which has given autonomy to engineers to produce enterprise software for telecom operators. He even pointed to Microsoft, which he said is working “in a way to put Google to shame”.

The article drives home the point about making compliance a part of the fabric of how your company does business. When senior management realizes that there is a business solution to the legal issue of FCPA compliance; then it will free the organization to move beyond having teams of lawyers driving what should be a business response to the business issue of corruption.

This does not mean it is easy; not only does a company have to want to achieve compliance but it also has to work at it. While paying bribes is certainly easy, you simply do not pay them; it is the doing of compliance where the rubber hits the road. Hill ended his piece with some of the experiences of Paul Madden from Ericsson. Madden intones that you have to do the work in this type of business structure. He said that his teams have to work harder. Whereas “In the past, when two teams did not get on, managers would simply swap staff around. Now they must moderate a discussion between groups. “It used to take two minutes. Now it takes two hours, but the result is a million times better,” says Mr Madden. To put it in old-fashioned terms: that is a return on investment any board should be able to back.”

The same is true in FCPA compliance. You have to put the work in but once you do, you can put compliance into the company as part of your business process. Think about third party management. The first step is a business justification and the final step is management of the relationship after the contract is signed. Your business unit contact is charged with completing the Business Justification form and your business unit contact is uniquely situated to help communicate your company’s message of compliance to any third party relation to your company.

If your business function has become imbued with compliance they can do these steps as part of your internal controls and will make your company a better-run organization. Moreover, if they are asking such commitments from third parties, most probably such a business person would in better position to stop or report any issue that could eventually turn into a FCPA violation. It is really not surprising to find those committed to compliance with others will also do business in compliance themselves.

So farewell to Mary Kate Danaher, may you live well each St. Patrick’s Day. As the CCO, the more you can drive compliance into the fabric of your organization, the more compliance will be the solution for your success.

 Visit FCPA Compliance and Ethics, hosted by Thomas Fox, for more commentary on FCPA compliance, indemnities and other forms of risk management for a worldwide energy practice, tax issues faced by multi-national US companies, insurance coverage issues and protection of trade secrets.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at

© Thomas R. Fox, 2015

For more information about LexisNexis products and solutions, please connect with us through our corporate site.