Do a Web search for corporate compliance committees, and you’ll get hundreds of thousands of results. As compliance issues move front and center thanks to the new U.K. Bribery Act and a renewed focus on the Foreign Corrupt Practices Act (FCPA), compliance committees have become a hot new topic.
Because legislators and regulators in the United States and abroad are paying more attention to bribery and corruption, companies have been forced to reevaluate their compliance efforts and improve them on the fly. In the past, compliance committees have been most prevalent in the health-care industry, but now companies in other industries are creating them as well.
To be effective, a compliance committee needs access to the data needed to identify problems and force changes within the company. That’s where a CFO can help. However, the committee members must also be able to access data — and employees — independently to ensure the integrity of the information they review.
Often a CFO will serve on the compliance committee, which usually includes some members of the board of directors. Committee members are supposed to evaluate the company’s compliance risk and oversee the implementation of the compliance program. Ideally, the compliance committee should also monitor the company’s compliance program on an ongoing basis to make sure it is effective in preventing and detecting ethical violations.
Apart from directly helping to prevent ethical violations, the very existence of a compliance committee may help a company that is under scrutiny. In determining appropriate sanctions and settlements, regulators and law enforcement will often take into consideration bona fide compliance efforts.
It is no secret that U.S. and U.K. regulators are focusing heavily on bribery and corruption in the business world. Whether their focus will significantly reduce unethical activities is yet to be determined. But as experience with Sarbanes-Oxley has shown, increased regulation does not automatically improve behavior.
In fact, there has not been a marked decrease in the instance or cost of corporate fraud since SOX became law. Certainly, improvements to internal controls over financial reporting are good, but the small reductions in fraud risk and actual fraud did not justify the high cost to many companies. It is clear to those with experience preventing and investigating fraud that the “good companies” were going to be good without burdensome regulations. And the “bad companies” would remain bad no matter how much time and money was spent regulating them.
In much the same way, some compliance committees will fail and others will succeed, with or without regulatory mandate. Some companies will make a substantial effort to create a committee that is engaged and effective, while others will only pay lip service to the concept.
As with any effort at preventing and detecting fraud and ethical violations, the companies that have engaged compliance committee members with legitimate access to data and authority to force changes will reap the greatest benefits.
Tracy L. Coenen, CPA, CFF is a forensic accountant and fraud investigator with Sequence Inc. in Milwaukee and Chicago. She has conducted hundreds of high-stakes investigations involving corporate embezzlement, financial statement fraud, securities fraud, investment fraud, tax fraud, and criminal defense. Tracy is the author of Expert Fraud Investigation: A Step-by-Step Guide and Essentials of Corporate Fraud, and has been qualified as an expert witness in both state and federal courts. She can be reached at [email protected].