Importance of a sustainable compliance culture

The promotion of a sustainable compliance culture across the enterprise is a responsibility of the board of directors and the executive management, particularly, the chief compliance officer.

The board members are liable for ensuring that the company complies with the regulations, the laws, the internal policies and ethical principles.  Their tone at the top filters down the elements of a “good culture” through the layers of management and decision-makers. The code of conduct and the corporate shared values foster the alignment of business decisions and plans towards a mature compliance culture. Where culture is favorable, behaviors are more desirable in terms of policy compliance, risk prevention, whistleblowing and accountability. Building a compliance culture is a process to prioritize risks and educate managers and employees to perform controls to manage those risks. Promoting the adherence to the objectives of the ethics and compliance program involves many activities, such as assigning accountability, strengthening monitoring controls and ensuring accessibility to legal advice.

Regulators and authorities have pronounced about a “poor culture” in enforcement cases to extend liabilities to governance bodies. With the Memorandum 1/2016 in Spain, the State Prosecutor indicated that compliance programs should build the true compliance culture of a company rather than being an instrument to avoid criminal liability. Inadequate culture led by performance complacency, tolerance of improper behaviors or the justification of compliance breaches diverts resources from strategic objectives. A permissive corporate culture will create pressure to compromise standards and fear of reprisal. When the compliance function fails at instilling and ensuring an ethical culture, the consequences affect both the profitability and the corporate reputation. Consequences of poor compliance cultures are usually associated to higher fraud and corruption, heavy fines and possible criminal charges, safety-record blemish, mismanagement and poor business decisions, inefficiencies and inadequate communications with stakeholders.

When the factors that support a mature culture are promoted, versus the “paper” compliance programs, companies can protect the reputation and their sustainable growth. It requires compliance officers with influence and training skills… able and willing to truly change behaviors.

The compliance culture has a deep impact on the way that a company hire, promote, retain and terminate employees. Internal and external factors of the compliance culture are studied by diverse academic disciplines to change them for the better. Perceptions of the governance structures such as remuneration incentives and performance measurement are critical to adjust risk behaviors.  The compliance program should specify these desired expectations to align practices in all part of the company with the ethical values and the capability to take business risks. Incentive programs also support the compliance culture when the performance goals include the financial results, the risks assumed to achieve them and the capability of controlling risks. The managerial oversight of fraud, corruption and legal risks enables to safeguard assets from misconduct, and also to protect the company reputation. This oversight is supported by the whistleblowing reporting, the open-door communication and investigation and sanction protocols.

A strong compliance culture is based on clear accountability for performing and controlling business processes to improve performance, and finally, to achieve strategic plans. The accountability for each individual employee is formalized by policies and procedures in supporting the code of conduct. A transparent ethical culture also involves external stakeholders, such as the communication with vendors, clients, regulators and investors. When the factors that support a mature culture are promoted, versus the “paper” compliance programs, companies can protect the reputation and their sustainable growth. It requires compliance officers with influence and training skills… able and willing to truly change behaviors.

 

By Hernan Huwyler, MBA CPA

 Director Programa Superior de Compliance 

Twitter: @hewyler

Blog: Governance, Risk Management and Compliance