Further, boards should not take a shortcut here: Compliance oversight should not fall on the already-overburdened members of the audit committee. If left to audit committees, compliance runs the risk of being neglected or simply becoming another box for busy directors to check.
It makes perfect sense to have some overlapping membership of these two committees, but they should function separately. Having a separate committee permits a group of directors to give the necessary attention and time to this critical component of any successful corporation.
The compliance committee should regularly ask questions and look beyond pieces of paper and other presentations from management. The committee should have access to independent legal counsel and, periodically, forensic accountants. And, of course, the members of the committee should be properly trained in the meaning of compliance oversight and the most effective means of accomplishing it.
Fourth, the compliance committee and the CCO should put in place a rigorous compliance program. There should be a clear structure for compliance, established reporting relationships, a periodically updated identification of corporate risks as well as plans to mitigate those risks, clear policies and procedures in every area of required compliance, effective training programs as well as monitoring and reporting systems, clear reporting requirements and access to the CCO by every employee of the company.
Over the past ten years, more responsibilities have been placed on directors, particularly independent directors. We do not believe that one needs to be Hercules to be an independent director, but one does need to put one's shoulder to the wheel, as Hercules himself advised. This is especially true with regard to corporate compliance, because failure in that realm can be devastating for a company.
Ultimately, every organization is a mirror reflection of the people on top. People with the right outlook taking seriously their obligations of compliance will run good companies that have the least exposure to compliance risk.
Corporate compliance belongs at the board level precisely because it sets the tone at the top, where compliance properly belongs, and demonstrates a commitment to an ethos of following the highest standards. This, in turn, permeates a company and helps attract people of integrity.
Conversely, companies that relegate compliance to a back office run the risk of marginalizing compliance and not reaping the benefits of a robust program, which has its own manifest rewards.
Finally, run properly, a corporate compliance program can be an important -- and positive -- part of a company's identification of opportunities to run better businesses, beat the competition and improve shareholder returns. A well-run compliance program can also provide employees, management, directors and shareholders with comfort that they are a part of a company that is not only committed to doing, but actually
the right thing every day.
No matter how many laws are passed or regulations written, illegal activity will never be eliminated. But with a good compliance program, overseen by independent directors, companies can not only avoid lawsuits and regulatory action but also achieve a higher level of excellence.
This article was written by an independent contributor, separate from TheStreet's regular news coverage.