Chief Compliance Officers under Increasing Scrutiny, Deeply Concerned

Cybersecurity, data privacy and regulatory risk (such as Foreign Corrupt Practices Act) were the greatest compliance concerns

On a scale of 1 to 10 (with 10 being greatest), how concerned are you about your personal liability as a CCO or the personal liability of your company’s CEO? As noted, 81 percent of respondents were at least somewhat concerned, with nearly a third (32 percent) rating increased personal liability as extremely concerning.
On a scale of 1 to 10 (with 10 being greatest), how concerned are you about your personal liability as a CCO or the personal liability of your company’s CEO? As noted, 81 percent of respondents were at least
somewhat concerned, with nearly a third (32 percent) rating increased personal liability as extremely concerning.

April 19, 2016—With federal agencies turning up the heat, and as investigative and enforcement activities abound, 81 percent of compliance officers have increased apprehension when it comes to their personal liability in situations of corporate misconduct, according to a new survey released by DLA Piper.

Some of the most significant findings of the 2016 Compliance & Risk Report: CCOs under Scrutiny revolve around the recent tone and articulation of priorities emanating from Washington, including the Justice Department’s (DOJ) appointment of Hui Chen as its first-ever compliance counsel, and the release of the Yates Memo that outlined a plan to prosecute individual corporate employees and incentivize reforms. 

“Between the DOJ’s memorandum and the Securities & Exchange Commission’s (SEC) latest initiatives, there’s considerable rhetoric driving the government’s renewed focus on corporate misconduct and the prosecution of company executives,” said Brett Ingerman, co-chair of DLA Piper’s Global Governance and Compliance practice. “The most revelatory parts of this survey lie in the specific feedback from compliance officers who are facing increased personal accountability for organizational misdeeds whether they perpetrated the wrongdoing or not.”

An overwhelming majority of survey respondents predicted greater scrutiny with Chen in her new position, and nearly two-thirds said this backdrop of federal oversight would affect their decisions to remain or accept positions as compliance officers. According to one chief compliance officer (CCO): “If it’s a higher-risk company or one with a prosecutorial history, you’re going to weigh the risk of whether it could destroy your career and your personal life.”

The survey results demonstrate that the majority of CCOs are deeply concerned, especially those at private companies within the most heavily regulated industries, including financial services, healthcare and chemicals. Compounded with the fact that nearly a quarter of respondents don’t believe they have adequate resources to address emerging issues, many are likely to experience acute anxiety in this shifting compliance landscape. 

“Given the high stakes involved, it’s imperative that compliance officers identify and address new risk areas and blind spots in order to promote ethical and compliant business cultures, but also to protect themselves against potential legal action,” Ingerman added.

The Highlights

  • CCOs are placed on alert. As noted above, 81 percent of respondents were at least somewhat concerned, with nearly a third (32 percent) rating increased personal liability as extremely concerning. Also, concern was higher (89 percent) among respondents from private companies.
  • Regulators affect the revolving door. Sixty-five percent of respondents said the public statements made by the SEC and DOJ gave them pause when considering current and future CCO roles which, in turn, could affect the pool of candidates. 
  • DOJ’s Hui Chen is making waves. Seventy-seven percent of respondents believe Chen will intensify the pursuit of cases against CCOs and nearly all (99 percent) said they expect her to intensify the scrutiny of compliance programs overall.
  • Greatest risks and preparedness are wide-ranging. Not surprisingly, cybersecurity, data privacy and regulatory risk (such as Dodd-Frank, Affordable Care Act and Foreign Corrupt Practices Act) were the respondents’ great compliance concerns, and their spending tracked closely with those areas. Additionally, 77 percent said they have business continuity and disaster recovery programs and crisis response teams in place, and 66 percent indicated that monitoring was the weakest area of their compliance program.
  • Resource and budget allocation is also concerning. When assessing resources, clout and board access to best perform their jobs, only a third of respondents said they had such support to a great extent. Furthermore, 28 percent don’t think they have sufficient budget, and 27 percent don’t know whether they do or not.

DLA Piper distributed surveys in the fourth quarter of 2015, and received responses from 78 corporate in-house counsel and compliance professionals. Eighty-one percent of the respondents held the title of CCO or general counsel/chief legal officer, and about half came from companies with more than $1 billion in revenue. 

Latest