12 Month Compliance Challenge: Episode 6 - Management’s Commitment and Obligations

Compliance Management
Episode 6: Management’s Commitment and Obligations

For if the trumpet give an uncertain sound, who shall prepare himself to the battle?”
1. Corinthians 14:8

 

The “Tone from/at the Top”

Even if “management’s commitment and obligations” appears at first glance to be a “soft skill” requirement, it is actually an important element of an effective compliance program.

A clear commitment by the management to the company’s compliance program and organization are crucial to their success.

The FCPA Resource Guide stresses this point:

Within a business organization, compliance begins with the board of directors and senior executives setting the proper tone for the rest of the company.

The message could hardly be clearer: Compliance starts with management. This also means that the success of a CMS can also quickly end with management if it does not establish a convincing compliance culture within the DNA of the company.

 

The “Tone from/at the Middle”

However, it is not only management that must send clear signals to support compliance in their organization. Middle management is at least as important. Middle managers are typically much closer to the challenges of day-to-day business than are managing directors. Middle management decides whether a company gives mere lip service to compliance, or genuinely implements it: i.e., whether the company “walks the talk.”

“Good leaders produce good followers; but if employees in the middle of the organization are surrounded by coworkers who are lying, cheating, or stealing, they will most likely do the same, regardless of what their bosses say. So-called descriptive norms – how peers actually behave – tend to exert the most social influence.” (Epley, Nicholas/Kumar, Amit: How to Design an Ethical Organization, Harvard Business Review, Issue May-June 2019, p. 144).

Employees have a keen sense for whether executives are serious about compliance, or whether compliance talk is mere lip service, and other rules apply behind closed doors. Taking compliance seriously may actually require declining a critical business opportunity.

 

What concrete steps are necessary?

I clearly recall one company whose employees were to be trained on the subject of compliance. Everyone gathered in the training room. The Managing Director spoke briefly on compliance, wished everyone a productive training session, then left the room. While he “said” that lawful and ethical conduct was important, what he did sent a clear signal that he had more important things to do. No big deal? Perhaps not, but the signal such behavior sends should not be underestimated.

What specific steps can management and executives take? As usual, communication is (almost) everything. Management can keep compliance issues in focus by regularly communicating with employees. Of course, the Compliance Officer can and should support this. Management can comment on an important compliance project via internal company communication channels, or a managing director can write a foreword to the new Compliance Manual. Above all, however, management can support the Compliance Officer by associating him or her with the overall issue of compliance, especially by granting access to management circles, and consulting the Compliance Officer on compliance-related decisions.

Middle managers should act as multipliers and try to translate the Compliance Program into the daily practice of their areas and ensure that the relevance of rules to specific tasks is understood. They should be the first point of contact for their employees on compliance issues, addressing questions or concerns from their areas to the Compliance Officer and providing constructive feedback to the latter. This will put employees on notice that compliance is not an optional extra, but a central responsibility of the manager and therefore also of the employee.

Integrating middle management can make it clear what compliance really means and show how all employees can work together on implementation.

 

What’s Next:

In the next episode we will continue with the topic “Organization, Compliance Responsibility, Autonomy, and Resources”.

If you are unsure how to set up and run your compliance project successfully, please feel free to contact me.

Recent Posts:

Compliance Management
Episode 5: Compliance Processes – Establishing the Framework
Compliance Management
Episode 4: Compliance Guidelines – Defining the Framework
Compliance Management
Episode 3: Risk Assessment – Set and Stay the Course