What’s the dirty little secret of the corporate compliance profession?
If you do your job, there’s a good chance you will be fired.
“It’s rampant like wildfire,” says Donna Boehme.
And Boehme should know.
She’s on the board of the Society of Corporate Compliance and Ethics — an organization that represents corporate compliance officers — more than 3,000 of them. Boehme is a principal at Compliance Strategists in New Providence, New Jersey.
“If you really were able to open the box and look at companies where the compliance officer has left, it will more likely than not be because they were trying to do their job well,” Boehme told Corporate Crime Reporter in an interview last week.
“A compliance officer is trying to introduce a new order of things into an organization. And it’s disrupting the power bases. You are sometimes telling senior management that they have to do things differently. For instance, a compliance officer might have to tell a powerful head of a business that they are not allowed to know the identify of the confidential whistleblower. Or they are not entitled to know the facts of a case until it reaches a certain point.”
“And there are reasons for that in a well run compliance program — to protect the integrity of an investigation, to prevent a powerful senior leader from creating his own separate investigation and retaliating against somebody who has raised a concern. That is the practical reality that many compliance officers live with. People who are in power don’t like to give that up and aren’t too happy when a compliance officer, on behalf of the organization, is putting a different kind of risk management system into place. And heads roll.”
Why don’t compliance officers become whistleblowers?
“There is one right now,” Boehme says. “A Siemens compliance officer in China tried to report corruption and graft and was fired for her trouble. We do see that from time to time. More frequently, that scenario does not involve the compliance officer trying to become a whistleblower, but the compliance officer trying to do their job well and being fired for their trouble.”
Boehme says she knows of compliance officers who have a signed letter of resignation and keep it somewhere in their office.
“One carried it around with him and had to offer it twice,” she says.
It was rejected twice?
“It was rejected twice,” she says. “But he happened to work for that rare commodity — a CEO who stood behind the compliance program and the compliance officer. This is the unspoken story that goes on in the compliance profession.”
What about public cases other than Siemens?
“There are a couple of unusual public cases,” Boehme said. “The compliance officer of the Olympics Committee resigned very publically. Also, Paul Moore, who was the chief risk and compliance officer for Halifax Bank of Scotland in the UK.”
“He left under a severance agreement, but he ultimately was able to tell his story under Parliamentary privilege after the 2008 financial meltdown. He has been very public in interviews about the fact that compliance officers don’t have adequate independence, empowerment and protections from retaliation to do their job. He’s a very public case of a compliance officer being fired for doing his job.”
“But they tend not to be public,” she says. “They tend to fly under the radar because when compliance officers leave, they leave under a confidentiality agreement and they can’t talk about it. If a compliance officer were to go public and say — I was fired for doing my job well, they would not work again in compliance.”
Don’t compliance officers speak with reporters on a confidential basis?
“A reporter actually asked me to arrange that kind of phone call with a few people I know right now who are in that situation,” Boehme said. “And I told them it would be very difficult. Compliance officers hope to work again. And they would not even want to talk on a confidential basis. And that was the case.”
Boehme says it’s still rare to find a corporation where the compliance officer is positioned to be independent and do their job.
What percentage of them have corporate compliance programs where the chief compliance officer is positioned for success?
“I was asked that question at a talk that I gave at the House of Lords in 2006,” Boehme says. “And I said — ten percent. People were stunned. They thought we made all of this progress in compliance. We have made a lot of progress. There is a lot of activity. Companies like to issue press releases on this stuff. But if you unpack the box, the number is much smaller than the public relations wizards would have you believe.”
“I’m not sure I could put a number on it today. We are seeing more and more positions structured for success. Even in the last two years, we have made considerable progress. And that’s not just because management decided to do it. There have been settlement agreements with regulators and investors who are demanding this and public pressure.”
“The chief compliance officer should report to the CEO, with a dotted line to an independent committee of the board. Different companies have different reporting lines. But at a minimum, the compliance officer should be an independent voice in the C-Suite and have direct access so that there is no filtering of the compliance officers reports to the board. And that’s a minimum.”
“In three surveys just this year — by PwC, Deloitte, and the ACC — they show that the compliance officer position is moving away from legal and reporting more to the CEO. One number I saw showed that compliance officer reporting to the CEO and to general counsel was running roughly even. So, CEO numbers have gone up and general counsel numbers have gone down. It depends on which numbers you look at. But the momentum is all in the right direction.”
[For the complete transcript of the Interview with Donna Boehme, see 27 Corporate Crime Reporter 41(12), October 28, 2013, print edition only.]