Leadership Profiles: Haydee Olinger

McDonald’s operates across more than 100 countries. What were some of the most pivotal challenges you faced in developing a global compliance framework that was both consistent and culturally adaptable?

I established the compliance function at McDonald’s, which involved the challenge of not only developing the program itself, but also educating the organization on what it meant to have a compliance function. McDonald’s always had a strong culture of integrity and a code of conduct, but compliance efforts were built around abiding by laws and regulations, food safety, compliance with labor laws, etc. While each business unit and region was responsible for critical compliance matters, the company lacked a unified global compliance philosophy and a cohesive approach to the essential elements of an effective compliance program.

As a result, one of the biggest challenges I faced was navigating the differing legal and regulatory regimes and finding that compliance expectations varied dramatically in areas such as data privacy (GDPR vs. U.S. vs. China), anti-corruption (FCPA, UK Bribery Act, etc.), labor laws, and others. The labor laws were the most challenging because Sarbanes-Oxley required the establishment of an anonymous whistleblower line, while such provisions were prohibited under EU labor laws. It was important to define global minimum standards and allow local customization to meet or exceed those thresholds.

Additional challenges I faced included cultural differences in ethical norms, inconsistent enforcement and accountability across departments and geographies, a lack of tailored communication that recognized country-specific differences, variations in data privacy laws, and the need to balance central oversight with local ownership. I found it was most effective to partner with local markets to design a program that resonated with local audiences, making compliance relatable rather than imposed.

While it was essential to establish a principle-based program grounded in universal values of integrity, transparency, and respect, it was equally important to build a strong compliance framework that was risk-based, focused on areas of greatest impact to local realities. Ultimately, this led to the establishment of regional compliance officers who were able to adapt global strategies locally.

Compliance leaders are often tasked with influencing without direct authority. What strategies did you find most effective in building trust and credibility with the C-suite and board?

Again, since I started the function, developing a program that would resonate with the C-suite and the board was also a challenge. Their high-level focus on risk mitigation, brand protection, operational efficiency, and long-term growth extended beyond the legal and regulatory requirements. Therefore, translating compliance into business value was critical. Providing evidence of how the compliance program helped prevent losses and preserve reputation was an important way to connect compliance initiatives to corporate objectives. Equally important was acting as a trusted advisor to the C-suite and the board, providing thoughtful recommendations that balanced compliance requirements with business goals. They had to have confidence that I was anticipating and mitigating risks while handling sensitive issues calmly, confidently, and ethically.

Risk management is integral to compliance leadership. How did you balance protecting the brand’s reputation while enabling innovation and growth in a highly competitive industry?

I balanced protecting the brand’s reputation with enabling innovation and growth by aligning compliance with the company’s purpose. I tied compliance to the mission and vision by showing how ethical and responsible growth strengthens the brand’s differentiation. This was achieved through close collaboration across the business — partnering with marketing, audit, operations, IT, finance, and other functions. Ultimately, maintaining the balance between brand reputation and innovation requires a sustained, collective effort to ensure that the brand promise is consistently reflected in day-to-day practices.

Creating a culture of integrity was also critical to accelerating decision-making. By embedding values and ethical decision-making frameworks into daily operations, we fostered a speak-up culture and made compliance approachable, enabling developers and innovators to act with integrity and make informed decisions without waiting for approval. Helping move the company from a “don’t take risks” philosophy to “take the right risks, with facts and eyes wide open” was a significant shift. I was part of the IT, Audit, HR, Finance, and CFO risk mitigation team, where compliance challenges were discussed with an eye toward a creative solution that met regulatory requirements and achieved business goals. If I had not been part of this team, I might not have been aware of some of the internal business innovation initiatives being pursued, and they might not have been sensitive to the legal or compliance challenges these initiatives presented.

The regulatory landscape is constantly evolving. What lessons can today’s compliance leaders draw from your experience navigating global regulatory complexity?

Today’s compliance leaders navigating global regulatory complexity can draw several important lessons from my experiences. First, local expertise is critical. Regulations differ widely across countries, and compliance programs must balance global principles with local nuances to remain effective. Principle-based programs offer flexibility, enabling employees to make informed decisions without waiting for approvals while upholding ethical standards. Second, cultural awareness is equally important; understanding local values and communication styles makes compliance relatable rather than imposed, encouraging adherence. Third, transparency and a trusted advisory role with executives and boards allow compliance leaders to escalate issues confidently and provide balanced paths forward. Fourth, by staying abreast of trends through conferences, industry news, law firm briefs, and peer benchmarking, a compliance officer can remain informed about potential risks and emerging developments. Finally, global consistency builds trust. By defining global principles (e.g., anti-bribery, transparency, code of conduct, etc.) and creating regional compliance champions, your program will ensure cultural fit, legal alignment, and local adaptability and credibility.

Many organizations view compliance as a cost center rather than a value driver. How did you help shift that perception and demonstrate the strategic value of compliance at McDonald’s?

To demonstrate this shift, I reframed compliance from a focus on enforcement to one of enablement. I aligned compliance messaging with business priorities by using language executives understand — terms like “revenue protection,” “brand equity,” and “investor confidence.” I also emphasized how a strong compliance program empowers the company to enter new markets more quickly, streamline approvals, and maintain stakeholder trust. This approach repositioned compliance as a strategic enabler rather than a constraint, making a program more relevant and valued across the organization.

Equally important is being able to tell a compelling story by providing tangible examples of how the compliance program drives meaningful change in processes and procedures that result in economic gain or cost reduction for the company. Focus on risks, leading indicators, and business implications to demonstrate how the compliance program aligns with industry benchmarks and investor expectations. When communicating with management and the board, frame these discussions around both value protection and value creation, demonstrating how compliance directly contributes to the company’s overall performance and strategic goals.