FCPAméricas Blog
How Companies Measure “Culture of Compliance”
2.27.2013
This post is the third in a series that relates to comments made by top AML compliance officers from banks and financial institutions like Citigroup, American Express Bank Mexico, and CapitalOne. These comments were made at the 2013 Anti-Money Laundering Compliance Conference organized by the Florida International Bankers Association (FIBA).
FIBA’s AML conference is one of the largest, focusing on Latin America and drawing over 1,200 participants from banks and other financial institutions and regulatory bodies throughout the region. Earlier posts summarized the panelists’ descriptions of the ideal compliance officer and where compliance fits within an organization.
The AML compliance officers responded to the question “How do you measure a Culture of Compliance?” As you will see, these comments could just as easily be made about FCPA compliance:
“Is there a propensity in the organization to talk about ethics? Does the company reprimand employees for unethical behavior? Are they fired?”
“You can gain a sense of culture in meetings and discussions. When you talk about risk, what is the willingness to change business practices? Even if they do not, will they talk about it and consider it? The compliance officer is not always right, and during those discussions you need to have a ‘maybe I am wrong’ attitude.”
“Measuring culture is one of the hardest things to do. You shouldn’t set out to try to do it.”
“Is training at 100%?”
“Are compliance breakdowns reported to the board? What is the speed of remediation?”
“What committees does your CCO participate in? What data do you provide to these committees? Are hot spots shown and heat maps used to provide compliance-related information to the decision makers and business?”
“Is a portion of performance reviews compliance-related? Is there input from compliance in that review so that it has meaning in compensation and promotions and bonuses? What goes into these assessments to ensure that they are objective?”
“Culture of compliance has to be communicated from the top. The people at the top have to tell the business that it is they who have to own the risk.”
“Is compliance at the table when the firm is considering new products? Or are they brought in at the 11th hour and their role is just to say no? These questions get to a fundamental sense of where compliance stands and where their authority is. They show if the program is one that is just on paper.”
Some of these comments relate to classic compliance topics: tone at the top, training, performance reviews. What is interesting about these comments is that so many of them suggest that “compliance” is becoming a mainstream part of business. Rather than being considered an isolated organizational “cost center”, compliance officers are increasingly seen as key contributors to corporate objectives. This evolution is seen in the best compliance programs, whether for AML or FCPA purposes.
The FCPAméricas blog is not intended to provide legal advice to its readers. The blog entries and posts include only the thoughts, ideas, and impressions of its authors and contributors, and should be considered general information only about the Americas, anti-corruption laws including the U.S. Foreign Corrupt Practices Act, issues related to anti-corruption compliance, and any other matters addressed. Nothing in this publication should be interpreted to constitute legal advice or services of any kind. Furthermore, information found on this blog should not be used as the basis for decisions or actions that may affect your business; instead, companies and businesspeople should seek legal counsel from qualified lawyers regarding anti-corruption laws or any other legal issue. The Editor and the contributors to this blog shall not be responsible for any losses incurred by a reader or a company as a result of information provided in this publication. For more information, please contact Info@MattesonEllisLaw.com.
The author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author.
© 2013 Matteson Ellis Law, PLLC
Post authored by Matteson Ellis, FCPAméricas Founder & Editor
Comments
February 28th, 2013 at 11:20 pm
[…] FCPAmericas blog shows how companies magnitude compliance. Mike Volkov describes 5 simple worries for each board, and […]