- Independence is a fundamental principle for Compliance Officers
- USSC, DOJ, and OIG all call Compliance Officer independence as critical
The Compliance Officer is an individual charged with ensuring that their organization complies with applicable regulatory and legal requirements and internal policies and procedures while meeting operational goals and objectives. They further have the duty to identify and manage regulatory risks, detect and prevent noncompliant activity, and work with management to take necessary remedial action based on the known risks and established principles of compliance. To meet these obligations, they must have the resources, authority, and independence to carry out the performance of duties. This means being free from others’ influence, pressure, controls, and interference in meeting their obligations. The following are factors related to Compliance Officer independence.
- “Pro Forma” Independence. The Compliance Officer’s independence begins in a formal establishment of the function within the organization, documented in charters, policies, position descriptions, and organization charts that give the Compliance Officer appropriate standing, authority, and independence. DOJ “Guidelines” specifically ask whether the Compliance Officer has sufficient seniority in the organization and sufficient autonomy and independence from management control and influence. Critical to this is that the actual functioning of the position matches what is written.
- Defined Responsibilities. Compliance Officers should define responsibilities should include (a) developing and implementing an effective compliance program; (b) keeping abreast of the ever-changing regulatory environment; (c) overseeing the development of internal controls and monitoring of high-risk compliance areas; (d) implementing of written compliance guidance (Code of Conduct, policies/procedures); (e) managing compliance communication channels (e.g., hotline); (f) having unfettered access to documents and people in conducting compliance reviews and investigations; (g) ensuring effective compliance education of employees and management; (h) identifying and mitigating compliance risks; and (i) providing the compliance perspective in organization strategy development.
- No Conflicts of Interest. Compliance Officers should perform duties independently without bias and, as such, are not directly responsible for any operational areas outside of the compliance program operation. The separation of compliance and operational functions ensures the OIG’s vision of “a system of checks and balances to more effectively achieve the goals of the compliance program.” The DOJ and OIG have underscored the importance of compliance being separate from legal to avoid a conflict of interest and compromise of independence of the Compliance Officer’s role and perspective.
- Compliance Access. Compliance Officers must have unfettered access to information and anyone in the organization to carry out compliance responsibilities. The extent of this access is considered critical evidence of Compliance Officer independence by the OIG and DOJ.
- Direct CEO Reporting. To maintain their independence in performing duties, it is expected that Compliance Officers would report to the CEO, bypassing interference of others in executive leadership. The lower the Compliance Officer’s level in the organization’s hierarchy, the greater the likelihood that information will be filtered or compromised. The US Sentencing Commission, OIG, and DOJ all call for direct reporting to the CEO.
- Board Oversight and Contact. In addition to the day-to-day reporting to the CEO, it is also expected that Compliance Officers have a reporting relationship with the governing body, which, in turn, provides oversight and support for the compliance program. DOJ “Guidelines” ask whether the Compliance Officer has “direct reporting lines to anyone on the board of directors and/or audit committee.”
- Objectivity and Impartiality. It is critical for the Compliance Officer to be viewed by others as objective and free of any influence. The OIG Guidance notes that the best practice in creating a reporting structure for compliance professionals is a “free-standing” function to “help ensure independent and objective legal reviews and financial analyses of the institution’s compliance efforts and activities.” To be viewed as an independent and neutral party, it is important for Compliance Officers to (a) remain professional in all work and actions, (b) avoid being judgmental of others, (c) focus only on reporting the facts and evidence of work performed, (d) not be captive of legal or any other function, and (e) not become involved in organizational politics that would undermine independence.
Keep up-to-date with Strategic Management Services by following us on LinkedIn.Subscribe to blog