This is the fourth blog in a 6-part series, the Diligent Master Class for CCOs (Chief Compliance Officers). Designed by CCOs who’ve built, scaled and run compliance programs for diverse industries across the globe, this is a one-of-a-kind program that provides actionable advice and frameworks for today’s compliance leaders. You may want to check out the previous blog in this series, How to Get Buy-In Fast.
When we discuss ethics and compliance in the boardroom we need data. In some areas, this need is clear — nowhere is it more true than as the murky facts emerge in investigations. But I would argue that Chief Compliance Officers (CCOs) should capture and use data when discussing regulation and even culture with the board. In this blog we’ve set out how to use data in these two ‘data light’ areas.
Creating Useful Data on Ethical Culture
Too often, board discussions about culture are led by ‘gut feeling’ or misleading anecdotes, which are faulty premises for formal decisions. So how do we as CCOs lead a more data-driven discussion about culture with boards?
Surveys, for all their drawbacks, are a good way to give structured insights on culture. Human Resources (HR) teams have become adept at broader workplace surveys, complemented by shorter ‘pulse surveys’ and the like. If we’re lucky, compliance teams will get a few questions included in these surveys and maybe even invited to discuss the results in the management team. But this discussion often doesn’t involve the CCO, is very high level and covers questions that aren’t overly useful for our purposes.
I have spent significant efforts convincing HR to include more targeted, useful questions on observations of non-compliance or why people didn’t report issues they observed. In the end I have developed a different approach, as described below.
My team and I select a group of 50 to 100 leaders who make a significant impact on our risk management efforts and the CEO launches the project with a letter underlining why compliance is so important to the organization. The 50-100 ‘risk leaders’ complete a short survey on items that are truly actionable for compliance teams (maximum 10 questions). I also ask the leaders to fill out a proactive conflict of interest declaration. The results are analyzed and used in one-on-one discussions between the CCO and each individual risk leader that last between 45 and 60 minutes.
This project produces tangible data for the board on culture and is virtually cost-free. It’s a great way to meet senior people and initiate difficult conversations on compliance. I’ve now used the project four times in different organizations and have always seen positive developments both in the wider organization and for individual leaders. The one-on-one discussions are a powerful aspect of the project, allowing learnings to be taken in a judgment-free environment. You can quickly align an outlying leader with their peers by pointing to the survey responses and sharing their colleagues’ best practices for leadership on ethics and compliance.
Simple Visualization Technique for Providing Regulatory Updates
Data doesn’t always have to be graphs and numbers — there is a happy medium to be found on topics like regulatory updates (which can too often be presented as dry memos in prose).
When it comes to regulation, there is always a risk of an imbalanced conversation between the CCO and the Board. The CCO is the expert, yet board members are the decision-makers, so communicating with clarity is essential. What board members need to know is — Have we captured all the regulations that impact us at present and in the future? What are the impacts? And how well prepared are we?
Data visualization can help to give clarity and to address the risk of imbalance, at the same time as making decisions and board scrutiny easier. Here is an example:
Across the x-axis is the potential impact on the organization, with preparedness across the y-axis. The color coding gives a rough indication of where the board should focus its attention – red for high alertness and green for topics that have lower impact or where the company looks to be fully prepared. Each regulation has some simple labeling to ease discussion, including the year when the regulation came / will come into force.
There are lots of potential improvements and tailoring to this visualization, but you can see how instinctive and useful it is to a board compared to a long memorandum. One could imagine color-coding for the labels that indicate which division(s) might be impacted. Or different-sized bubbles for financial investments required for preparation.
Discuss Data Openly with Your Board
If I could give one piece of advice for using data in the boardroom, it would be to create the right environment for the discussions ahead.
Open a direct conversation as early as possible in your relationship with the board. Don’t assume that they want a lot of data; instead, listen to their views on the current set of materials, what works and what doesn’t.
There will be limitations on what you can deliver, so make sure that these are clear up-front. You will need to time to create the systems and governance to capture certain data sets, so don’t leave the board with any doubt that delivering on some metrics is a work in progress.
Overall, data is a great way to step away from gut feelings or anecdotes when making board decisions. You can tell stories from your compliance program using the hard facts that you and your teams have patiently gathered. These stories will be more impactful if you’ve prepared the board for the discussions ahead.
Our next blog in this series, Planning for and Responding to and Integrity Crisis, explores ways in which CCOs can affect real change within their organizations as a result of difficult circumstances.
The Rising Tide of ESG – Navigating the Road Ahead
The Board's Role in Leading and Enabling GRC
Board and Executive Collaboration: Components of a Secure Platform for the Evolving Workplace
Ezekiel “Zeke” Ward advises companies on how to build and refresh best-in-class ESG, ethics and compliance programs. He has been SVP and Chief Compliance Officer at Volvo Group and Yara International. A lawyer by education, he is also a Fellow Chartered Accountant with a forensic background at PwC and KPMG.