Compliance Officer, Board Relationships Are Good, but There Is Room to Grow

Does your organization’s relationship between compliance and ethics officers and Board of Directors meet the expectations set forth the U.S. Federal Sentencing Guidelines? Does your compliance officer meet directly with your Board of Directors? A 2013 survey of compliance and ethics professionals conducted by the Society of Corporate Compliance and Ethics (SCCE) and the Health Care Compliance Association (HCCA) to assess the current status of the relationship between compliance officers and the Board of Directors, found that for the most part the compliance and ethics department reports to the Board or the chief executive officer (CEO) and meets with the Board regularly. Some compliance officers, however, “reported concerns about whether the relationship is as strong as it should be and if it is serving its intended role of enabling the Board to exercise sufficient oversight,” HCCA and SCCE said.

Under Chapter 8 of the Federal Sentencing Guidelines, an organization’s governing authority must be knowledgeable about the content and operation of the compliance and ethics program and must exercise reasonable oversight with respect to the implementation and effectiveness of the compliance and ethics program. Compliance professionals are required to report periodically to the governing authority, or an appropriate subgroup of the governing authority, on the effectiveness of the compliance and ethics program and must be given direct access to the governing authority or an appropriate subgroup of the governing authority (see Chapter 8, sec. 8B2.1). Although many “aspects of the Guidelines have become well established,” such as the seven elements of an effective compliance program, “the relationship with the Board of Directors is still far from mature,” HCCA and SCCE said. Moreover, this “concern is growing in importance after several high-profile settlements called for compliance to report directly to the Board of Directors.”  In 2013, the Office of Inspector General entered into 19 corporate integrity agreements (CIAs) (including integrity agreements). Of those, 18 included provisions that require the compliance officer to be a member of senior management, report directly to the chief executive officer (CEO), and report compliance matters directly to the Board. In addition the CIAs require Board oversight of the compliance program.

Key Findings of the Survey

HCCA and SCCE concluded that for most companies, compliance professionals no longer report to general counsel, the most common relationship is either between the compliance professional and the Board of Directors or the CEO and the trend is growing. In addition, the relationship between compliance and the Board, is generally, a strong one. Overall, compliance professionals report satisfaction with the relationship and believe that the Board values compliance. Survey responses were solicited in the fourth quarter of 2013 from compliance and ethics professionals in the database of HCCA and SCCE. Responses to the survey were received from 626 individuals. Key findings included:

  • The percentage of compliance departments reporting to the Board has remained unchanged from a 2010 survey. In 2010, 55 percent of respondents said that they reported directly to the Board, while in 2013, 53 percent of respondents said they reported directly to the Board.
  • For those not reporting directly to the Board, approximately 50 percent reported directly to the CEO; however, in health care, 62 percent of those not reporting to the Board reported directly to the CEO. Only 12 percent of health care respondents reported that they report to legal.
  • 34 percent of respondents reported that four or more  meetings a year were regularly scheduled with the Board. and 28 percent reported meeting five or more times a year. Interestingly, health care companies showed higher numbers of regularly scheduled meetings than nonhealth care companies.
  • 64 percent of health care respondents reported that their reports are never pre-screened or edited.
  • 64 percent of compliance professionals are satisfied with the regularity of Board contact.
  • 59 percent of health care respondents believed that the Board values the compliance and ethics program a great deal.
  • 51 percent of health care respondents rated th quality of the interaction with the Board as positive.
  • 77 percent of respondents reported that the chief compliance and ethics officer is responsible for escalating very serious allegations or investigations of noncompliance to the Board.
  • Overall, men and women had similar opinions regarding the attributes that are important to compliance professionals. The three attributes that scored the highest on a scale from 1 to 5, are independence, confidence, and assertiveness/decisiveness.

Comments from HCCA/SCCE CEO

“It’s now clear that compliance has become not just central to business, but central to business leadership. The commitment of compliance to finding and fixing problems is bringing real value to C-suites,” according to SCCE and HCCA Chief Executive Officer Roy Snell. “Compliance is not just the legal department in another form. It’s a profession of its own, and those who advocate for compliance to report to legal are arguing for a relationship that neither serves compliance or corporate leadership. That’s probably a significant reason why reporting to legal is only done by a fraction of companies,” Snell said, adding that “[t]he trend for compliance to report to legal is all but past.” In addition, Snell noted that “Compliance is not just about helping companies follow the law. It’s now integral to how businesses are led.”