Compliance committees’ role

Compliance committees are essential to the effective governance of modern corporations
Published on

Even as new regulations are getting made, corporate governance and compliance are becoming increasingly critical components of business success. Compliance committees of boards play a crucial role in ensuring adherence to legal and regulatory requirements, ethical standards, and internal policies.  

Compliance committees oversee and ensure that an organisation complies with all relevant laws, regulations, and internal policies.
These committees typically consist of board members and sometimes include external experts to provide specialised knowledge. The five major responsibilities of compliance committee include regulatory oversight, policy development and implementation, risk management, promote ethical standards in corporate culture, and audit and reporting.

Remember the Volkswagen emissions scandal a few years ago? The absence of effective compliance mechanisms led to significant legal and financial repercussions for the company in the US. The Wells Fargo account fraud scandal was another case where compliance oversight was missed.

Compliance committees can add more value than just regulatory and legal. They can play the role in building stakeholder trust as in the case of Johnson & Johnson upholding its credo and catalyse long term success as in the sustainable living plans of Unilever. Having knowledgeable and experienced members on the committee is crucial. In addition, setting clear mandates with defined roles and responsibilities is also important for its effectiveness.

More than any other board committee (maybe even audit), a compliance panel depends on a steady, constantly updated stream of comprehensive, quality reporting to do its job. How to provide this fuel for your board’s compliance engine? Here are a few pointers:

First, larger corporations should already have a management compliance committee, made up of the CEO, legal counsel, compliance and finance staff monitoring risk concerns, especially since it is mandatory in many industries. This committee should have its own charter and reporting. If this includes your company, this is a good way to report to the board committee. This body should be assessing not only internal enterprise risks, but also external threats, which is helpful in glossing over easily in compliance assessment. 

Then, once a year, the management team should put together a list of all risk and compliance issues facing the board committee. This is best scheduled as a year-end item, and, as noted, closely coordinated with compliance staff. What should the board look at and discuss going forward? Cyber issues, new regulation, disclosure norms, ESG, data oversight, climate, finance, as well as their various geographic impacts – differing company offices all should pitch in. From this, assemble a heat-chart risk matrix for board oversight in the coming year. Next year, before assembling your new matrix, allot committee agenda time for review of last year’s chart. What did you miss? What can be done better? What are changing?

With all these reporting areas, it would be too easy to choke compliance committee members with paperwork and detail. Don’t just cc everything, but rather start out with a plan to focus committee reporting for high value and comprehension. Our suggestion is to start a meeting starter pack that includes: Communications, training, ethics hotline data, investigations, governance, and risk assessments. Over the years, boards have gotten more savvy on asking the right questions about compliance programmes, and how to really read the data, particularly on financials and hotlines.

There can still be much info overload, so look at ways to visualise and condense data. Start with a risk matrix dashboard, with red/yellow/green light reports to understand what issues to focus on.  Reports and briefings to the committee also need to balance historical data with current trends. It is common for chief compliance officers to drone on about how many trainings the office did, or the number of hotline reports. Better is trend-wise reporting – is the number of complaints at a facility trending up or down, and why? Also valuable are snapshots at particular locations, or compliance weak spots. How about a deep cultural survey at a facility that has a lot of compliance issues? 

What else should compliance staff remember in presenting to the committee? Compliance software platform OneTrust offers some tips on how to tell a solid, board-friendly compliance story.

Remember, compliance committees are essential to the effective governance of modern corporations. By protecting the organisation, enhancing corporate governance, building stakeholder trust, and driving long-term success, compliance committees contribute significantly to the overall health and sustainability of a business. 

M. Muneer is MD, CustomerLab and co-founder, Medici Institute, a non-profit organisation. Ralph Ward is a global authority on boards; both of them drive board alignment for corporations. Contact: Muneer@mediciinstitute.org 
Business India
businessindia.co