Blog Post

Can a CEO Also Serve as a Compliance Officer?

Richard P. Kusserow | December 2021

Chief Executive Officers (CEOs) occasionally consider taking on the additional role of the compliance officer for their organization. While the United States Sentencing Commission (USSC), Department of Justice (DOJ), and Department of Health and Human Services Office of the Inspector General (OIG) have not specifically identified this dual role as a risk, there has been extensive commentary on who could best serve as compliance officer. A CEO, who typically has a multitude of other responsibilities, does not necessary fall within the guidelines noted in the commentary.

In its compliance guidance documents, the OIG has stated that “[d]esignating a compliance officer with the appropriate authority is critical to the success of the program, necessitating the appointment of a high-level official with direct access to the [organization’s] president or CEO, governing body, all other senior management, and legal counsel.” The guidance notes that “free-standing” compliance functions help to ensure independent and objective reviews of the organization’s compliance efforts and activities. In addition, “[b]y separating the compliance function from the key management positions, a system of checks and balances is established to more effectively achieve the goals of the compliance program.”

CEOs may have the requisite authority needed to be a compliance officer. However, that authority may actually thwart the goal of a smooth operation. In particular, employees may be hesitant to report compliance-related concerns directly to the CEO, even if they are doing so anonymously. There are several other reasons that having the CEO serve as the compliance officer would not be optimal.

An individual who occupies both roles may face the following challenges:

  1. Finding the bandwidth necessary to maintain knowledge of and expertise in compliance. 
  2. Prioritizing the extra duty of managing the compliance program while running the organization.
  3. Losing focus of other business considerations while investigating potential compliance issues and evaluating the results of those investigations.
  4. Maintaining an objective viewpoint when reviewing reports of potential compliance issues and disclosing problems to the board of directors that may have resulted from inadequate oversight of the executive team.
  5. Raising executive deficiencies, misconduct, or improper activities to the board that reflect inadequate oversight of the executive team.
  6. Discovering and disclosing compliance problems that may have a negative impact on business objectives or financial performance, resulting in an inherent conflict between the two roles.

For more information on this topic, contact Richard Kusserow at rkusserow@strategicm.com.

About the Author

Richard P. Kusserow established Strategic Management Services, LLC, after retiring from being the DHHS Inspector General, and has assisted over 2,000 health care organizations and entities in developing, implementing and assessing compliance programs.

Subscribe to blog