DLA Piper published its First Annual Compliance Survey, titled “2016 Compliance and Risk Report: CCOs Under Scrutiny” (Survey) this month, which contains a lot of very interesting information. DLA Piper distributed the survey in 4Q15 and received 78 responses. Eighty-one percent of respondents held the title of Chief Compliance Officer (CCO) or General Counsel/Chief Legal Officer. This is the first in a series of posts in which we will explore some of the survey results.
One of the survey’s primary focuses is the increasing liability faced by CCOs for compliance lapses at their companies. Approximately 2/3 of survey respondents said that changes in tone from Washington and recent developments with respect to CCO exposure would affect their decisions to remain in or accept positions as CCO. (Survey p. 3, 8-9). One of the dilemmas those on the job reportedly face is, not surprisingly, resources: only 1/3 of those responding were confident they had the resources they needed to do their jobs (Survey, p. 3, 11). Forty-seven percent of respondents encountered resistance “to some extent” when requesting budget increases (Survey p. 4, 11). This is, of course, problematic when faced with increasing external accountability because it may mean that CCOs are left knowingly exposed but with no means to address the exposure without adequate resources.
Given the recent launch of our online training program, Currin Insurance Compliance Education Program (CICEd), it was interesting to note that “[r]espondents said they considered monitoring to be the weakest aspect of their compliance programs and also the aspect (along with training) that took up the most time.” Sixty-five percent of respondents indicated that they use online, interactive training, with public companies more likely to use online resources than their privately held counterparts (Survey p. 4, 16).
The report identified four recommendations to mitigate CCO risk (Survey p. 6):
- Track Effectiveness – This begins with assessing the program and documenting its development and maintenance. The goal is to be able to point to concrete evidence that the program works.
- D & O Coverage and CCO indemnification – This makes sense and the report suggests including indemnification in employee contracts and corporate by-laws. (The challenge here is to not let these important protections have the effect of weakening the compliance program.)
- “Wear One Hat” – The recommendation is to have clear reporting lines with defined roles and responsibilities.
- Escalate any concerns – Taking prompt action when any red flags are identified is key as is continuing with an active program, including compliance reviews, during any periods of crisis.
Check back again for more discussion and analysis of this important survey and report.