I am attending the ACI Foreign Corrupt Practices Act (FCPA) Boot Camp in Houston. It is one of the best FCPA events held in Houston annually. It brings together some of the top local compliance talent, together with top national practitioners. One of the presentations was on how to tell your compliance story. It presented several interesting aspects of how to not only communicate your internal compliance story but how to also market compliance within your organization. Céline Gearson, Chief Ethics and Compliance Officer at Cameron International, had an interesting perspective on how she internally markets her compliance function. She termed these as “The Five Golden Rules of What Works”.
1. Socialize, Socialize, Socialize
Gearson believes that it is critical for the compliance practitioner to foster strategic relationships with key stakeholders within your company so that you can explain the compliance function on a one-to-one basis to get their buy-in. The importance here is to build those relationships prior to any compliance program implementation. She specifically mentioned the IT and Marketing departments. Another person I would add is the Corporate Secretary, the reason for this is that the Corporate Secretary has several constituencies within the company that he or she may work with and for. This can provide an opportunity to view a company’s ethics and compliance program and to help shape and direct it. The Corporate Secretary, head of IT or Marketing may be excellent resources to the Chief Compliance Officer (CCO), which may be under-utilized. It might be worth a cup of coffee or short meeting to see what they might think about your ethics and compliance program or how they might be able to assist you in your efforts.
2. Communicate metrics and near misses
Here Gearson said that it is important that the business units understand not only what you are doing from the compliance perspective but also how your actions are helping them do business more efficiently and, hopefully, more profitably. She gave an example of when she demonstrated the length of time required to approve sales agent. From this metric she was able to show how efficient it could be for the business unit if the onboarding of third parties was automated. With this information and the business units’ support, she was able to secure funding for this compliance initiative.
A second component of this rule is to use the investigations, audits and monitoring of compliance to show where the compliance function detected an issue before it became a compliance violation. This could occur in your routine audits or by spot-checking payment requests and invoices from certain third parties, either sales agents or vendors.
3. Create engagement and excitement
The organization in the middle will make or break your initiative so get them involved. So, for Gearson, it is imperative that you engage the employees in the middle of your organization before you rollout any implementation. She gave the example that for Cameron’s Compliance Week celebration, she calls upon employees to create the message. In this manner you can use your Compliance Week event not only as a springboard to internally publicize your compliance program but to foster a closer relationship with disparate groups within your company.
I would add that another part of this rule could be your financial incentives for doing business ethically and in compliance, such as a portion of a year’s salary in discretionary bonuses. While such financial rewards may be given in private, it is certainly true that those employees who are promoted for doing business ethically and in compliance are very visible and are public displays of an effective compliance program. I think that a company can take this concept even further through a celebration to help create, foster and acknowledge the culture of compliance for its day-to-day operations.
4. Become a marketing guru and IT expert
More than getting to know the folks in these departments, you need to know how they work and learn to speak their language. One of the things that you might try is to use social media to assist you. A key component of any effective compliance program is an internal reporting mechanism. The FCPA Guidance states “An effective compliance program should include a mechanism for an organization’s employees and others to report suspected or actual misconduct or violations of the company’s policies on a confidential basis and without fear of retaliation.” The Guidance further discusses the use of an ombudsman to address employee concerns about compliance and ethics. I do not think that many companies have fully explored the use of an ombudsman but it is certainly one way to help employees with their compliance concerns.
But, more than a reporting tool for compliance, there are other ways a company can help employees do business in a compliant manner. One commercial tool is Navigator, developed by the firm of Stroz Friedberg LLC, which the firm calls “a groundbreaking mobile and desktop application that makes your compliance program come alive! It automates clear answers and approval processes, and even offers data analysis for enhanced decision-making. The Navigator app is custom-tailored to each client and offers an array of benefits to any organization seeking easier ways to drive a positive corporate compliance culture.” I have seen this tool and it is way cool.
Yet there are other tools that are available, at no cost, and can be downloaded onto a mobile device such as a smartphone or iPad. These include the O’Melveny & Myers LLP Foreign Corrupt Practices Act Resource Guide, which concentrates solely on the FCPA and is primarily a new vehicle to distribute content it already makes available upon request. This content includes O’Melveny’s FCPA Handbook and In-House Counsel’s Guide to Conducting Internal Investigations. In addition, the app features five resource sections that serve as an interactive, illustrative directory with titles ranging from ‘O’Melveny Authored Client Alerts’ to ‘DOJ Opinion Releases.’
Another approach is found in the Latham & Watkins LLP’s AB&C Laws app which takes an international approach to anti-corruption and anti-bribery laws and its scope is international, with the content focused on organizing and easing access to statutes and regulatory guidance according to specific fields of interest, from legislative frameworks to extra-territorial application to enforcement and potential penalties. It also includes official guidance such as steps (where available) that can be taken to reduce the risk of liability for bribery and corruption.
5. Embed your initiatives into business processes
Gearson and several other speakers talked about the need to embed compliance into the fabric of the company. Arvind Sharma, Senior International Trade Counsel, Business Integrity & Compliance at the Flowserve Corporation, said that building trust with the business is the most important issue he faces. The building of this trust comes from the demonstration that the compliance function is not ‘The Land of No, run by Dr. No’ but runs at the speed of business. By such demonstrations he is able to win the trust of the business units and this allows him to embed compliance initiatives into the company’s business processes.
I would add that this also means demonstrating the cost savings that are derived by having business unit employees participate in the compliance function. An example given was regarding third party representatives. Does your company really need all of the sales agents it currently uses? Is there overlap or duplication in the Supply Chain? The answers to these questions can go a long way towards reducing overall compliance risk and adding points to the bottom line. Further, properly trained, a business unit employee can perform some of the underlying due diligence investigation work for any third party business representative. The self-management of the business unit to fulfill these functions can drive down the overall cost of compliance.
I found Gearson’s five rules to be quite useful as starting points for thinking about how the compliance function can interact and work through the business unit to further the company’s goals of compliance. You can use each one of these to begin to lay the foundation for your compliance initiatives going forward.
Visit the FCPA Compliance and Ethics Blog, hosted by Thomas Fox, for more commentary on FCPA compliance, indemnities and other forms of risk management for a worldwide energy practice, tax issues faced by multi-national US companies, insurance coverage issues and protection of trade secrets.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at firstname.lastname@example.org.
© Thomas R. Fox, 2014
For more information about LexisNexis products and solutions connect with us through our corporate site.