Five Key Features of a Good Ethics and Compliance Program

There’s a lot of momentum in the corporate world for creating real and effective ethics and compliance programs (spurred on by the incentives in laws such as the Federal Sentencing Guidelines). There’s a lot of wisdom on how to create effective programs at the Deloitte Risk and Compliance Journal, where Keith Darcy and George Hanley just offered a helpful list of five key features: 

1) Tone at the top: “the board and senior management, and the sense of responsibility they share to protect the shareholders’ reputational and financial assets.​”

2) Corporate culture: “In the fight between culture and compliance, culture will always win.”​ [quoted from Paula Reynolds]

3) Risk assessments: “The risk assessment focuses the board and senior management on significant risks and the highest risk concentration within the organization,” and these risks are often results of ethical failures. 

4) Testing and monitoring: “All the policies, practices and procedures developed to manage risk are irrelevant if they are poorly understood and executed and, as a result, do not change the behavior of the organization.​”

5) The chief ethics and compliance officer: “It requires someone with an uncommon breadth of experiences who can design the necessary risk architecture, assess business and cultural risks across a variety of businesses and geographies, develop training and communication strategies, build comprehensive databases and assess data analytics, while conducting sometimes critical investigations. “

I think this is a great list, consistent with the research we cover on our Compliance and Ethics page, and on our Leadership page. I would just add that a good ethics and compliance officer should marry his or her breadth of experience to a breadth of knowledge about the latest research on ethical systems design. In any organization there will be some individuals who love reading social science trade books and learning about research findings. This may or may not be the chief compliance officer. An easy way to integrate research and practice is do designate at least one person in the Ethics and Compliance office to be the “academic liaison” — the person who spends time here at and finds the best connections between the academic research and the current needs of the organization.