within the c -suite: clos and ccos – collaborating for · pdf filewithin the c -suite:...
TRANSCRIPT
Within the C-Suite: CLOs and CCOs – Collaborating for Success
Presentation to ACC – Minnesota Chapter November 4, 2014
Contents
CLOs and CCOs – expanding responsibilities 3
Compliance moving away from Legal 6
Potential tension triggers – Compliance and Legal 10
Potential benefits of a combined structure 17
Potential benefits of an independent structure 19
The keys to success….communication and collaboration 21
4 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Today’s CLO role typically includes: Chief Legal Officer today
Defender and Protector
Trusted Advisor
“Steward”
“Eyes and Ears”
Traditional roles & responsibilities
and…. Board Liaison
5 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Today’s CCO role typically includes: Chief Compliance Officer today
Risk Manager
Compliance Controller
“Steward”
Compliance Auditor
Traditional roles & responsibilities
and…. Enforcement
7 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Compliance is increasingly a standalone role Many companies are moving toward an independent compliance function.
In Focus, Compliance Trends Survey, Deloitte & Compliance Week, August 2013
13%
13%
9%
37%
15%
14%
Is also the general counsel
Is also the chief audit executive
Is also the chief risk officer
Is a stand-alone job wholly separate from the general
counsel or anyone else
We don’t have a specifically identified CCO
Other
8 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Compliance is increasingly independent • Many companies are progressively moving to a more independent CCO • The CCO role is evolving to have a direct reporting line to the CEO
In Focus, Compliance Trends Survey, Deloitte & Compliance Week, August 2013
20%
34% 7%
17%
2%
19% The general counsel
The CEO
The CFO
The board
Other
The CRO
9 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Compliance has been moving away from Legal
Independent CCO
Compliance risk assessments
Training, education, and communications
Compliance internal controls
Monitoring, technological enablement, auditing
Internal investigations, fact finding, remediation
Compliance policies and procedures
11 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Potential tension triggers — Chief Compliance Officers (CCOs) and Chief Legal Officers (CLOs)
Ethical Stewardship
Legal Risk Management
Privilege
People
Independence
CCOs and CLOs may have viewpoints that are opposing or prioritized differently based on overlapping roles
Examples of potential tension areas
12 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Ethical Stewardship Potential tension triggers — CCO & CLO
• The CCO typically is charged with instilling an ethical corporate culture and tone at the top, and implementing effective programs to prevent, detect, and remediate violations of law and company policy
• The CLO and other senior company management (e.g., HR) may perceive their role as having some of the same characteristics and responsibilities
13 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Legal Risk Management Potential tension triggers — CCO & CLO
• The CCO typically is charged with identifying, prioritizing, and mitigating, via effective internal controls and business processes, sources of risk pertaining to legal and regulatory
• The CCO also may be vested with “ownership” of certain legal risk areas (e.g., privacy, anti-corruption, RIM)
• The CLO may perceive these functions and risk areas to be part of their scope of responsibilities
14 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Independence Potential tension triggers — CCO & CLO
• The CCO views organizational independence and autonomy as critical enablers of an effective compliance program, and essential to compliance with the letter and spirit of the US Federal Sentencing Guidelines and other authoritative frameworks
• The CLO may view CCO independence and autonomy as creating the potential for confusion on roles and responsibilities related to legal risk management, and the potential for misaligned communications with the Board and Management
15 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
People Potential tension triggers — CCO & CLO
• The CCO requires a dedicated, centralized staff with an increasingly varied set of specialist skills (e.g., legal, internal control, audit, human resources, law enforcement, business operational)
• The CLO and other senior company management (e.g., IA) may view the compliance staff as duplicative, inefficient, and having the potential of creating channel conflict and confusion due to perceived overlapping responsibilities
16 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Attorney Client Privilege Potential tension triggers — CCO & CLO
• The CCO sees the need for substantial transparency in carrying out the activities of the Compliance Office, consistent with regulatory and other stakeholder expectations
• The CLO has understandable concerns around protecting the corporate attorney-client privilege in appropriate circumstances
18 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Several potential advantages are apparent … When Legal and Compliance are combined
Shared People Unified compliance communications
Structurally lean
Lowest cost option
Single SME pool
Single legal risk management function
One voice of ethical stewardship
Less potential for overlap
Focus on Attorney Client Privilege
Less complexity for small and mid sized
companies
Advantages should be weighed against
advantages of the “split” model
20 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Several potential advantages are apparent … When the CCO is independent from the CLO
Consistent with the trend Specialized cadre of compliance skills
Preferred by many regulators
Sends a message
Independence in appearance and fact
Multi-disciplinary approach to legal risk
management
Unfiltered transparency with board and management
Focused and sustained compliance efforts
Ownership of risk “orphans”
Scalable solutions for larger companies
Advantages should be weighed against
advantages of the “combined” model
22 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Collaborating for success
With growing roles and responsibilities for the CCO and CLO, multi-level collaboration should occur across the enterprise – board, management, and operations
Enterprise Alignment
CCO
CCO
CCO
Board of Directors
Business Operations
CEO, Legal, Audit, HR, IT,
Security
23 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Several Key Areas of Communication and Collaboration
Multi-level approach (board, management, operations)
• Culture • Independent program assessments • Precise roles, authority, accountability • Risk “orphan” ownership • Dynamic risk assessment process • Continuous control enhancements • Integrated audit plans and gap closure
governance • Risk based third party compliance • Data quality systems and procedures • Investigation playbooks • Documented escalation criteria • Compliance archives
Compliance Maturity Framework
Regulatory Concerns
Technology Innovation
Privacy Concerns
Independence
Compliance Hotlines
Corporate Culture
Corporate Business Strategies
Regulatory Agencies
Resources
Talent Concerns
Attorney Client Privilege
Finance Issues
Policy and Procedure Manuals
Risk
Internal Investigations
26 CCO & CLO Collaborating for success Copyright © 2014 Deloitte Development LLC. All rights reserved.
Bios
Director, Deloitte Forensic [email protected]
+1 313 396 3310
Robert Biskup has over 28 years of experience in the corporate sector and private professional settings, and is among the leaders of our national Corporate Compliance practice. He also serves as a regional leader of our Corporate Investigations and Foreign Corrupt Practices Act (FCPA) practice areas.
Rob is the former global chief compliance officer at Ford Motor Company, and also worked as the company’s assistant general counsel and assistant secretary. As Ford’s head of compliance, he was responsible for global compliance program design and implementation at the parent company, as well as Ford Credit, Mazda, Volvo, Jaguar, Land Rover, Aston-Martin, Hertz, and operations in 44 countries worldwide. With his vast international experience, Rob brings valuable insights to Deloitte’s compliance capabilities, and deep experience in designing and implementing compliance programs in complex organizations.
Robert T. Biskup Deloitte Financial Advisory Services LLP
Partner [email protected]
+1 612 766 7055
For more than 25 years, George Martin has assisted clients with their international mergers, acquisitions, joint ventures and FCPA compliance obligations. He has lead deals and investigations in more than 40 countries, and is a trusted counselor to multinational company Boards of Directors and senior leadership teams in connection with many of their most significant and sensitive business, compliance, governance and related personnel matters.
George D. Martin Faegre Baker Daniels
This presentation contains general information only and Deloitte is not, by means of this presentation, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This presentation is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this presentation.
About Deloitte Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to clients. Please see www.deloitte.com/about for a detailed description of DTTL and its member firms. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting. Copyright © 2014 Deloitte Development LLC. All rights reserved. 36 USC 220506 Member of Deloitte Touche Tohmatsu Limited