The Chief Compliance Officer (CCO) position has become essential and in demand. When contemplating a transition to a CCO role, knowing what to consider when making the change and what skills are needed to transition successfully are critical. After starting, setting yourself up for success in and after the role is also vital.
In the GC AdvantageSM webinar, “The Challenges and Pitfalls of Transitioning Into (or Out Of) the Compliance Officer Role,” Stephanie Lambert, Vice President and Chief Compliance Officer for NETSCOUT, joined me for a conversation regarding the considerations for transitioning into or out of the CCO position. This article is a summary of our discussion.
Transitioning into the Chief Compliance Officer Role
When transitioning into the role of Chief Compliance Officer, there are many factors to examine, from whether a company has a culture of compliance to whether you have the appropriate skills for the position. Consider the following before transitioning into a CCO role:
- Understand the history of compliance at the company.
- Evaluate the skills required.
- Learn the company’s values and culture.
- Review the compliance budget and resources.
- Master changing your focus as a CCO.
Understand the History of Compliance at the Company
When the company embraces compliance, the work is easier. Seek to understand how the organization perceives compliance and how supportive management has been of the compliance function.
When interviewing, try to meet with HR, the hiring manager, CEO, and Chief Operating Officer. Through your meetings, learn how these and other stakeholders support the role and understand how the function is viewed.
Evaluate the Skills Required
CCOs are not typically part of the everyday business management process, but it is your job to break through the silos. Thus, soft skills – such as being able to influence others and learning to get the attention of your colleagues – are critical for success.
Successful compliance officers do not have to be lawyers. CCOs can have communications, accounting, risk, corporate strategy, or other backgrounds supporting compliance. Experience running investigations for a company, project management skills, and embracing technology is also helpful. It is also necessary to understand if and to what degree compliance has been integrated into the business.
Learn the Company’s Values and Culture
Everything flows from the corporate culture and values. Consider whether the values of the company have meaning. Can the employees reiterate the values? Are decisions being made in consideration of the values?
Make the necessary adjustments if there is not enough communication from the top. At NETSCOUT, Stephanie found that the compliance team could do more to communicate the values. She implemented a communication strategy utilizing available communication channels and commenting on topics and stories in the news.
Review the Compliance Budget and Resources
With companies experiencing cost-cutting due to a potential recession, compliance teams now have fewer resources. Throughout the transition, review the team’s budget and resources. Determine if the team is optimizing every dollar. What can you stop doing to reduce costs? Know the top risks and assign sufficient resources to the risks.
Create accountability and expertise within your team by assigning team members to specific areas. And consider how to leverage experts outside of the team. As the Global Chief Compliance Officer at McDonald’s Corp., I recruited in-house counsel to be compliance officers. I also leveraged people from audit and accounting teams to assist with compliance tasks.
If management asks you to accept tasks or functions beyond compliance, such as legal business, ensure you are appropriately compensated and have sufficient resources to succeed.
Master Changing Your Focus as a CCO
Stay aware of what is coming next and focus on being proactive versus reactive. Stephanie implemented a trend analysis at NETSCOUT that identifies trends and anticipates the “next big thing.” Using this trend analysis, she can change her focus to the new area identified and mitigate the impact faster.
Tabletop exercises can also highlight coming trends or potential problem areas. The exercises allow multiple departments to determine what would happen in a particular circumstance.
Remember to expand your focus beyond legal regulations. Companies have many non-legal policies – such as conflicts of interest, gifts, and business entertainment – that reflect the company’s values and deserve attention.
Be prepared to implement innovative strategies to support corporate culture and manage risks, including:
- Training on cognitive bias
- Creating training specific to executives
- Holding in-person training
- Creating crisis response teams
The First 90 Days as a CCO
In the first 90 days as a new compliance officer, focus on setting yourself up for success by securing early wins, building credibility and relationships, and understanding the business. Focusing on these items will also be helpful when moving beyond the CCO role.
Secure Early Wins
Make early wins by identifying low-hanging fruit. Try to make the most significant impact in the shortest time. Start learning and get a feel for the company culture. Conduct a listening tour to show you are open to feedback. Ask colleagues about any pain points and stumbling blocks and determine how to help them.
Build Credibility
Build credibility by being:
- An active listener. Be open to learning from your colleagues and direct reports.
- Decisive. Obtain all the relevant data and make an informed decision.
- Focused. Identify low-hanging fruit to secure early wins.
- Willing to disrupt the status quo. Be open to new ideas or different ways of doing things.
At NETSCOUT, Stephanie built credibility through the listening tour and during an investigation. After the investigation, she provided multiple options for resolution, which her colleagues appreciated.
Build Productive Relationships
Get acquainted with the leaders in your organization and understand how each one feels about compliance and what they need from you. Use lunches, coffee, and invitations to meetings to meet key leaders. Avoid pointing out non-compliant items from the past.
Do not shy away from getting on your manager’s calendar. Learn what is expected from you and share your challenges with your boss. As a leader, bring solutions, and not solely problems, when speaking with your manager.
Be a Student of the Business
For those who are not a “student of the business,” it may be difficult to move on to a compliance officer or General Counsel role in the future. Learning the business can also make the compliance officer’s job easier. Knowing the company’s strategy makes it easier to create a risk assessment or implement a compliance program. Understanding the strategy helps you determine significant risks, allocate resources, and contribute to conversations beyond compliance.
Focus on understanding corporate strategy and risks, since a compliance officer’s work impacts the strategy. Negatively affecting a project can be harmful to compliance and the business.
Read the company’s filings and profit and loss statements. Understand how the company makes money and learn to speak the same language as colleagues.
Assess How the Compliance Program Fits into the Company’s Strategy and Risk
Ask yourself if the compliance program fits the company’s current strategy and risks. For example, companies are still noting the following risks:
- The pandemic. Have you included a strategy for handling any ongoing pandemic-related concerns? Consider training programs and how to deliver compliance messages.
- Remote workers. How are you ensuring workers behave ethically when working remotely? Ask HR to add ethics-related inquiries during interviews, such as, “Tell me about a time when you were challenged ethically.”
Understand the Department of Justice’s Evaluation of Corporate Compliance and Ethics Programs
In alignment with the 2023 revisions to the Department of Justice’s guidance for implementing a compliance and ethics program, focus on defining the program and creating documentation. The documentation must show who manages the compliance program, how it is managed, and what you are managing. Retain and refresh the documentation while keeping it accessible for your successors.
Stephanie advised CCOs to create a calendar showing what the compliance team will do throughout the year. The calendar can reference in-depth plans for the programming.
Assess the Hotline Program
It is essential to assess the hotline program because problems may first there. Stephanie explained how she uses an external benchmarking report to analyze her organization’s data and look for trends. By aggregating inquiries and reports from inside and outside the hotline, she identifies concerns for review.
Exiting the Chief Compliance Officer Role
After being in the Chief Compliance Officer role, it may be time to consider whether it is time to move on. Before exiting, get in a solid position to make a move. Consider your aspirations and why you took the role initially. Ask yourself:
- Is this position where you want to be?
- Are you good at the job?
- Do you enjoy the role?
It may be time to move on if you are unhappy or not excited. If management is not committed to compliance, it may be time to exit. Before leaving, raise any concerns with management. As the compliance officer, it is necessary to bring these concerns to the attention of the correct people.
Haydee Olinger and our team of professionals are happy to help accelerate the initiatives that you’re already pursuing or to supplement your current strategic thinking to help you realize your vision. Please reach out if you or your organization may benefit from our recruiting, leadership development and coaching, or legal and compliance department consulting services. Let BarkerGilmore help you build and optimize your legal and compliance departments.
Connect with a legal recruiting advisor
* indicates required fields