Compliance Commando Briefing: Securing the First Three Pillars of Your Compliance Program
Compliance Commando Briefing: Securing the First Three Pillars of Your Compliance Program
We’ve spent the last few posts focused on the prep work of a compliance program. Before we move forward to Element Four, rules and procedures, let’s take a quick look back at the first three.
These are the essentials that set the tone for everything else: oversight, culture, and risk assessment. Or, as we like to think of them, designating a commander, getting the troops fired up, and assessing the enemy.
1. Oversight
Whether it’s the CEO, the Chief Ethics and Compliance Officer, or another senior leader, this person must be grounded in what we call the Four R’s:
- Role: Clearly defined and understood.
- Responsibilities: Aligned with strategic and operational goals.
- Reporting: Built into a regular cadence to track and course-correct.
- Reach: Sufficient authority and independence to act across the organization.
2. Getting the Troops Fired Up
Policies and procedures are only half the battle. Culture is what drives behavior. Just as a commander instills values like strength, discipline, and competence in their troops, your executives should be modeling the values your organization stands for.
If leadership sets the tone at the top of the organization, the rest of the company will fall in step.
3. Assessing the Enemy
No army moves without intel. The same goes for companies. You can’t manage what you haven’t identified. In the corporate world, your enemies are risk areas, and they need to be mapped.
Start with a legal compliance and risk assessment. Identify what potential threats may pose to your specific organization, from a legal, financial, and operational standpoint. Take those threats and try and estimate what financial and reputational risk they’d pose to your company.
Use that information to act proactively. Focus your resources where they’re needed most, and strengthen your company’s ability to prevent unnecessary damage and build long-term resilience.
