Should compliance be subordinated to legal, rather than separated from it? Yes, argues Sean J. Griffith, of the Fordham University School of Law, in a recent paper, titled “Agency, Authority, and Compliance.” This is an interesting and unusual perspective and one that I am not unsympathetic to.

The abstract states:

Compliance officers owe their professional existence and their organizational authority to the interventions of regulators and enforcement agents. This creates a unique incentive structure and renders compliance officers especially receptive to regulators’ extra-legal pronouncements.

As a result, the separation of compliance from legal and the elevation of the compliance function as the co-equal of the legal department, a structure often insisted on by regulators and enforcement authorities, effectively enlarges the compliance conduit through which the government may abuse the rule of law. Rather than separating compliance from legal, compliance should be subordinated to legal so that an officer accountable exclusively to the best interests of the firm is charged with interpreting the law and advising the firm on what the law requires. Only after this determination has been made should compliance officers be charged with the task of executing on these decisions.

A necessary condition to realigning organizational responsibilities in this way, however, is for the government to stop insisting on the alternative. More broadly, the government should not involve itself in the organizational details of compliance, but rather should limit itself to making and enforcing the law. 

Indeed, in a piece last year in Compliance Week, I argued that in many companies having the chief compliance officer report administratively to the general counsel would, in fact, be appropriate. (This is assuming, among other things, that the CCO reported informationally to the board of directors.)

But I’m not persuaded that a conflict-like condition exists because CCOs “owe their professional existence and their organizational authority to the interventions of regulators and enforcement agents,” at least, not as a general matter. One might find exceptions where a company is under a monitorship or is in a very highly regulated business. But for most organizations, I believe, this is no more the stuff of conflict than is the fact that a company’s sales people effectively owe their respective jobs to its customers. (Presumably this would not diminish the sales people’s fidelity to their employer’s best interest.)


Subscribe to the Ethical Systems newsletter


I also don’t agree with the notion that whether to take a contemplated compliance measure should be decided by the GC and how to do so that of the CCO. While conceptually neat, as a practical matter the two areas tend to overlap considerably, making the proposed separation of powers difficult to implement.

Finally, regarding this suggestion: “the government should not involve itself in the organizational details of compliance, but rather should limit itself to making and enforcing the law,…” I generally believe that, without the government’s involvement in the details of compliance over the past nearly 30 years, the overall state of compliance would be weaker than it is today.

Jeff Kaplan is a partner in the Princeton, New Jersey office of Kaplan & Walker LLP and a member of Ethical Systems’ Steering Committee.

Reprinted with permission from the Conflict of Interest blog.