- Read the Article: The Foundation of Good Compliance & Governance. Compliance Week, 11(131), 46-49.
- Write a summary analysis and discuss the element of risk and how Boeing sees the future in Compliance.
- 2-3 pages in length (excluding cover page, abstract, and reference list)
- APA 6th edition, Use the APA template located in the Student Resource Center to complete the assignment.
- Please use the Case Study Guide as a reference point for writing your case study.
— [ERM & INTERNAL CONTROLS}
S H O P T A L K
The Foundation o f Good Compliance & Governance
During our latest roundtable, hosted w ith Boeing, executives from Am erican Airlines, AT&T, and elsewhere discussed strategies for building an effective structure for compliance to flourish
R ig h t : P a n e lis t s a t t h e r e c e n t C o m p l ia n c e W e e k / B o e i n g f o r u m o n
c o r p o r a t e g o v e r n a n c e .
B y J o e M o n t
Every company is unique, and its compliance program must be too if it has any chance of working well, but there are still some common aspects
that most high-functioning compliance and governance programs share.
Compliance and governance can’t just be wedged into existing functions and reporting lines; integration must be care fully engineered so it effectively meshes with business lines and a wide variety of departments, from internal audit to HR, IT, and finance. At the same time, compli ance must have the independence it needs to surface concerns, play a lead role in in vestigations, and influence culture.
Those dual interests were an underly ing theme at the latest Compliance Week executive roundtable, co-hosted with Boeing Co. in Dallas in November. Com pliance executives from a wide range of industries and companies, including Boe ing, GE Capital, AT&T, Dr Pepper Snap- pie, and American Airlines, shared strat egies on structuring and organizing the compliance function. They all weighed in on what compliance and governance means to their organizations and how it flows through to various reporting lines.
“We all struggle with and debate over where should all these different functions sit—compliance, enterprise risk manage ment, audit, enterprise information gov ernance, and corporate governance,” said Judy Carter, vice president for compliance and audit for BNSF Railway. “There are so many common goals that run through each of these functions. The objective is to structure your organization so you can effectively leverage all of these efforts.
Roundtable participants agreed that compliance officers tend to wear sev eral hats and that it’s not always easy to move among the many different neces sary roles. Staying on top of everything can be a challenge and as businesses grow or evolve, complications are even more pronounced.
Eric Hinton, senior director of ethics and compliance for 7-Eleven, said his goal is to bring order to “pieces of compliance that live in a lot of different places.” “We can improve that by consolidating and ra tionalizing it and making it more coherent across the enterprise,” he said.
Within the corporation, effective in teraction with other areas is a concern that Doug Cotton, managing director of American Airlines’ business ethics and
compliance program had in common with other roundtable participants. Compli ance oversight raises a thorny issue: “How far do we push without having them think we are trying to take over.”
Buy-in from executive leadership alone doesn’t necessarily make that effort any easier. “We get really good tone from the top and have really good policies. The struggle is making sure everybody un derstands those policies,” Eric Bowman, chief compliance officer for Darling In ternational, said.
Diana Sands, senior vice president for the Office of Internal Governance at Boe ing, described compliance at the aerospace giant as a journey. What originated as a response and enforcement function now has a “vision around enabling company performance.” The important question: “Can we gain a competitive advantage if we do it more effectively and efficiently?”
In her role, Sands oversees Boeing’s compliance and ethics program. She is re sponsible for ethics, trade controls, com pliance risk management, and the team of professionals who comprise internal audit. “In the beginning, it was all about setting up the appropriate structure and rules,” she said. “What we have evolved
4 6 W W W.CO M PLIANCEW EEK.CO M >>8 8 8 . 5 1 9 . 9 2 0 0 DECEMBER 2014
to is being an integrated business partner, a function that provides centralized and focused expertise in the field and is also integrated with the businesses.” By bring ing multiple interests to the same table, the goal is to foster a seamless sharing of information among stakeholders, she said.
T a lk in g th e W a lk
W hile proper care and feeding is necessary to get company leadership to work toward the same goal as the compli ance team, tone at the middle may require just as much finesse. “The bigger chal lenge is in the middle,” one participant said. The diplomatic task at hand is to not have them thinking that compliance “is questioning their own judgment, ethics, or professionalism.” “You are not really trying to do that, but there is that percep tion,” he added.
Expectations must be reasonable. “You have to also exercise good judgment,” one participant said. “You can’t turn over ev ery pebble on the beach or chase every rabbit.” Success depends upon having credibility throughout the business units and displaying a “willingness to hear what their key risks are, rather than just assuming on your own.”
Improving the perception of compli ance-avoiding the view that its role is to be a police officer for the organization or, that old cliche, it is the “Department of No,”—was presented as an ongoing battle. What is the best way to create an alternate perception, as a partner and facilitator for the business?
“We have to really know the business and help the business units understand the compliance risks; that is where we can help,” Sands said of intra-company out reach.
“Every dollar spent on remediation is a dollar the business can’t spend on innova tion,” agreed William Gordon, associate general counsel for Hercules Offshore. “At the same time, a strong compliance program can improve the quality of the business and deliver a sustained return on investment.”
U n ify in g F a cto rs
Another important aspect of effective compliance and governance func
tions is that they work well with related functions, such as legal, audit, and HR. It is important to understand how various functions operate within their own sphere of influence. “There are just a lot of dif ferences in terms of approach,” one par ticipant said. “Auditors and accountants are going to want to follow the book and follow COSO to a ‘T.’ Lawyers are more
procedurally oriented.” “N o matter what, compliance organi
zations need to work closely with their functional partners,” Sands said. “In- house counsel, HR, finance, and other subject matter experts are important team players. In all my groups there are law yers and other functions tied in,” she ex plained. “To be effective, it’s important to
OVERHEARD AT THE ROUNDTABLE
“To be effective, it’s important to be cross-functionally integrated and well-embedded in the business processes.”
Diana Sands, Boeing
We all struggle w ith and debate over where should all these different functions sit— compliance, enterprise risk management, audit, enterprise information governance, and corporate governance. There are so many common goals that run through each of these functions. The objective is to structure your organization so you can effectively leverage all of these efforts.”
Judy Carter, BNSF Railway
“Every dollar spent on remediation is a dollar the business can’t spend on innovation. At the same time, a strong compliance program can improve the quality of the busi ness and deliver a sustained return on investment.”
William Gordon, Hercules Offshore
“We get really good tone from the top and have really good policies. The struggle is making sure everybody understands those policies.”
Eric Bowman, Darling International
“We have a quarterly compliance meeting where we bring lots of people together who don’t report up to the CCO. You have HR there and audit, safety, security, cus toms, and environmental. We get all sorts of people together who don’t normally talk so they can share ideas.”
Doug Cotton, American Airlines
“Our goal is to bring order to pieces of compliance that live in a lot of different places. We can improve that by consolidating and rationalizing it and making it more coherent across the enterprise.”
Eric Hinton, 7-Eleven
DECEMBER 201 4 W W W .CO M PLIAN CEW EEK.CO M » 8 8 8 . 5 1 9 . 9 2 0 0 47
— [ERM & INTERNAL CONTROLS}
Above: Forum participants discuss their concerns about and strategies for crafting an effective compliance and governance program.
be cross-functionally integrated and well- embedded in the business processes.”
The unifying factor, what all ultimate ly puts them on the same team, is risk. “One of the synergies taking place in the governance space is the ability for compli ance, legal, and internal audit to approach challenges from a consistent risk perspec tive,” says Steve Koslow, chief ethics and compliance officer for CU N A Mutual Fund Group. “With greater communica tion and a common framework for risk analysis these areas can better coordinate the services they provide. If everybody is looking through the same risk lens, risk prioritization becomes an effective means for allocating limited business area re sources.”
“We have a quarterly compliance meet ing where we bring lots of people together who don’t report up to the CCO ,” C ot ton said. “You have H R there and audit, safety, security, customs, and environ mental. We get all sorts of people together who don’t normally talk so they can share ideas.”
“I often find I’m called upon to be the one putting focus to all those lenses,” Bowman said of his role. “I can speak
legal, I can speak accounting, and I can speak H R .”
Optics M a tte r
A world-class compliance function doesn’t only just function well, it can also demonstrate that effectiveness. Faced with an investigation or government in
quiry, a company cannot just describe its compliance efforts, it must document them. That proof of concept is an effort that extends company-wide. “We may be doing everything right, but we need to demonstrate that we are doing everything right,” it was observed.
Ultimately, no matter the structure or who reports where, “The end game for compliance and auditing is exactly the same,” Carter said. “Each function may get there very differently, but they have the same ultimate goal. Risk is never completely eliminated from any business model, but both functions work to reduce risk as much as possible and minimize po tential exposure.” ■
“If everybody is looking through the same risk lens, risk prioritization becomes an effective means for allocating limited business resources.”
Steve Koslow, Chief Ethics & Compliance Officer, CUNA Mutual Fund Group
P A R T IC IP A N T S
These panelists participated in the Nov. 6 Compliance Week & Boeing roundtable on structuring compliance and ethics.
Candice Aaron Chief Compliance Officer,
Equipment & Commercial Division,
Jennifer Arm strong Enterprise Compliance &
Ethics Director, State Farm
Susan Bounds D ire c to r-C o rp .
Eric Bowman Chief Compliance Officer,
Judy C arter VP, Compliance
& Audit, BNSF Railway Co.
Doug Cotton Managing Director,
Business Ethics & Compliance Program,
4 8 W W W.CO M PLIANCEW EEK.CO M » 8 8 8 .5 1 9 . 9 2 0 0 DECEMBER 2014
Boeing’s Diana Sands discussed the evolution to “integrated business partner.”
Speaking at right: Susan Bounds, director of corporate compliance for AT&T; at left, Candice Aaron, chief compliance officer at GE.
At left, William Gordon of Hercules Offshore; CUNA Mutual’s Steve Koslow (center); far right is Doug Cotton of American Airlines.
Art Swanson, assistant general counsel for Dr Pepper Snapple Group, spoke about the differences in approach. Judy Carter of BNSF Railway is a t right.
W illiam Gordon Associate General
Counsel, Hercules Offshore Inc.
Eric Hinton Sr. Director of Ethics
& Compliance, 7-Eleven
Steve Koslow Chief Ethics &
Compliance Officer, CUNA Mutual
Diana Sands SVP, Office of Internal
Governance, The Boeing Co.
A rt Swanson VP, Assistant General
Counsel, Dr Pepper Snapple Group
Graham Vanhegan Deputy General Counsel,
Corporate, Chief Compliance Officer,
DECEMBER 201 4 WWW.COMPLIANCEWEEK.COM » 8 8 8 . 519.9200 49
Copyright of Compliance Week is the property of Wilmington Group plc and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder’s express written permission. However, users may print, download, or email articles for individual use.