The Buck Stops Here: Executive Oversight (Part 2)
Any effective compliance program requires executive oversight. And we’re not just talking about passive, infrequent observation. As we explored in Part 1 of this article, state and federal regulators such as the Consumer Financial Protection Bureau require specific actions of organizational boards, including, among other things, appointing a qualified and experienced chief compliance officer who can hold other compliance officers accountable, assessing the compliance function to make sure the organization is mitigating potential consumer harm, and mandating and reviewing regular compliance audits.
If that seems like an excessively big ask, it might be time for your organization to consider adopting an automated compliance management system. Indeed, many of the obligations detailed by regulators are natural outcomes of using an automated CMS.
How Your Board Can Demonstrate Its Commitment to Compliance,
Without Spending More Time and Money
An effective, end-to-end compliance management system allows you take care of all of your organization’s regulatory requirements at once, eliminating waste and confusion.
The structure of your compliance management system should flow directly from senior management and board leadership. Here are a few ways your organization’s decision makers can establish the template for your CMS and demonstrate (internally and externally) that your organization takes compliance seriously:
Don’t Discount the Tone at the Top
More than any single measure, however, the overall tone set by your board influences your organization’s compliance outcomes. Culture is a reflection of senior leadership—its values, assumptions, and expectations for behavior. A disorganized board uninterested in compliance sends the message to staff that “anything goes, as long as you don’t get caught.” A culture of compliance, meanwhile, can be traced back to a leadership philosophy that clearly articulates intolerance for misconduct.
But don’t take our word for it. A 2009 survey by the Ethics Resource Center (PDF) found that…
“In stronger as opposed to weaker cultures, pressure [to commit misconduct] is reduced from 16 to 4 percent…; rates of misconduct are roughly halved from 77 to 40 percent; failure to report declines from 44 to 27 percent and retaliation against reporters diminishes from a rate of 1 in 4 to 1 in 20.”
And the effect isn’t limited to your organization. Third parties pick up on cultural cues as well, and if they assume your organization doesn’t care, or has a muddled message about misconduct, they may look the other way—increasing the risk of harm to consumers—or terminate their business relationship with you.
Compliance Monitoring and Reporting: Best Practices
Now that you’re equipped with CFPB guidance and are aware of your board’s role in establishing a culture of compliance, we’re back to where we started: with enormous pressure on your board to do the right thing, or else face the consequences.
Compliance personnel can take on some of that burden, meeting your organization’s needs and your board’s demands at the same time. The trick, as usual, is monitoring and reporting—that is to say, communication:
- Determine reporting metrics and frequency.
Work with your board to define which information about your compliance program they need to review, and how often, and deliver what they need—no more, no less—on time.
- Provide context for changes in results.
When results differ from one report to the next, don’t leave it entirely to your board to interpret why. Give them the tools they need to make high-level decisions.
- If results come back negative, propose an action plan to remedy the situation.
Take initiative to reduce the time and energy your board spends brainstorming solutions.
- Make sure your CMS changes along with updates to regulations or compliance standards.
Automation makes it easy to stay on top of new laws and industry practices.
- Educate your board on any new programs you implement.
Explain how the program works, and how it fulfills objectives established by senior leadership.
Automation: Better Compliance, Not More Compliance
Information is power, especially when the fate of an organization, industry, and perhaps even a global market is in your hands.
The same system that keeps your organization on track also enhances your board and insulates senior leadership from risk. With an automated CMS, board members can rely on thorough, ongoing, up-to-the-minute insight into compliance activities and outcomes across your organization. They’ll spend less time worrying about what might be happening, so they can focus on making things happen.
Ready to witness the power of an automated workforce compliance management system for yourself? Click here to schedule a tour of Compligo with a compliance expert.