Fri, Jul
51 New Articles

Building World-Class Ethics and Compliance Programs

Building World-Class Ethics and Compliance Programs

  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

The expression “never a dull moment” could have been tailor-made to describe the ethics and compliance function and how it has evolved over the past decade or so. The well-publicized scandals that started to take place on the market (concerning, e.g., anti-money laundering or privacy incompliances) led the policy makers to pass sweeping legislation that called for increased regulation, greater transparency, and more rigorous scrutiny of corporations.

Suddenly, the ethics and compliance function found itself front and center, its responsibilities greatly expanded, and its activities integral to the strategic core of organizations struggling to keep public trust.

What has become abundantly clear is that when it comes to creating ethics and compliance programs, organizations today cannot afford to settle. “Good enough” is simply not good enough. Rather, organizations should continuously strive for “great.”

What separates a “good” ethics and compliance program from a “great” one? How does an organization’s investment in compliance and reputation risk mitigation systems and processes measure up against leading practices? While there are a number of factors that separate the “good” from the “great,” in our experience, five factors are key differentiators in the highest-performing ethics and compliance programs.

Tone at the top—The starting point for any world-class ethics and compliance program is the board and senior management, and the sense of responsibility they share to protect the shareholders’ reputational and financial assets. The board and senior management should do more than pay “lip service” to ethics and compliance. They need to empower and properly resource the individuals who have day-to-day responsibilities to mitigate risks and build organizational trust.

Corporate culture—A culture of integrity is central to any effective ethics and compliance program. Initiatives that do not clearly contribute to a culture of ethical and compliant behavior may be viewed as perfunctory functions instilling controls that are impediments to driving the “value change” of the enterprise.

Risk assessments—Ethics and compliance risk assessments are not just about process—they are also about understanding the risks that an organization faces. The risk assessment focuses the board and senior management on those risks that are most significant within the organization, and provides the basis for determining the actions necessary to avoid, mitigate, or remediate those risks.

The Chief Compliance Officer (CCO)—The CCO has day-to-day responsibility for overseeing the management of compliance and reputational risks, and is the agent for the board’s fiduciary obligations in this regard. A skilled CCO can create a competitive edge for their organization.

Testing and monitoring—A robust testing and monitoring program can help ensure that the control environment is effective. The process begins with implementing appropriate controls, which should be tested and ultimately monitored and audited on a regular basis.

Each organization can determine how far it needs to evolve—whether it wishes, in effect, to have in place a reliable compliance vehicle or a top-fuel racing model. As an organization moves along the continuum, much more becomes possible.

In addition to the above-mentioned factors, innovative technology provides an opportunity for solving regulatory challenges. A modernized compliance program that combines new technologies and new approaches, keeping both in alignment with enterprise goals, helps deliver richer and faster insights, drives efficiencies in compliance processes through automation, reduces costs, and offers foresight into emerging risk issues.

Role of in-house and externalized lawyers

The primary, formidable risks handled by in-house departments today involve legal compliance and reputation and seldom originate in the legal function. General Counsels worry that most risks are from activities and behaviors across businesses without General Counsels’ control and without management visibility. They are concerned that even their upright employees may unconsciously breach a local regulation or set up some anti-competitive process that increases exposure to the business.

New skills, roles and responsibilities are required as legal and compliance departments move from reactive management of risk to risk-avoidance. People skilled in preventative and precautionary services are needed to fill these roles.

When it comes to outsourcing, purchasing patterns for legal services in area of compliance are changing. In-house teams are looking for tech perceptive, integrated service providers who offer more than traditional legal advice.


It is clear that compliance faces challenging time ahead with increasing internal and external scrutiny and an expectation that the function increasingly demonstrates the value they are providing. Compliance teams, which start to take action now around the key areas identified, will be better prepared to respond to these challenges and build on the capabilities and value their functions provides to the business in the future. However, Moving along the compliance evolution continuum and unlocking the potential to create material and strategic value is a process, and Rome was not built in a day.

By Tarja Krehic, Partner, and Ivan Zornada, Partner, Krehic & Partners in cooperation with Deloitte Legal

Croatian Knowledge Partner

Čipčić-Bragadin Mesić & Associates is one of the leading law firms in Croatia that serve companies, credit & financial institutions and public entities. We have been recommended and recognized as the legal experts and service leaders by many leading international legal guides for more than 15 consecutive years. With roots dating from 1928. we now probably have more tradition, experience and market presence than almost any other law firm in Croatia. We work closely with the leading international law firms and consultants so we’re able to manage complex, cross-border projects and deals seamlessly and successfully. Around 85% of our clients are international enterprises doing business in Croatia. List of our clients include some of the world-renowned companies such as Amazon Europe Core, China Machinery Engineering Corporation, Tate & Lyle, Nafta a.s., Unilever Croatia, Unilever Hungary, Lenovo, Innoenergy CE, Flixmobility, Flixbus CEE South, Okoenergie Group, CTC Holding, Bunge Limited, Chipita, Rolls-Royce, Canvas Holidays, Vacalianselect, Redgate Software, Red gate Investment, Yahoo!, Aston Martin Lagonda, Domino Printing UK, Domino Printing Sciences, Goldman Sachs, Deutsche Bank, Barclays Bank, HSBC, State Street Bank, Citigroup Global Markets, Credit Suisse, Bank of America Merill Lynch, Standard Chartered, Och-Ziff Capital Management, Amundi Asset Management, Altima International, Red Arc Global Investments, SMBC Nikko Capital Partners, Royal Bank of Scotland, Morgan Stanley International, J.P. Morgan group, Allianz Global Investors, Schroders, Macquarie Bank, Digital Finance International, Winton Capital Management, Citibank, Invesco Asset Management Österreich, Croatian Pension Investment Company, Unicredit Bank AG etc. We enjoy learning about our clients’ businesses and want to understand them completely so we can provide the best possible and complete service.

All News about, and Legal Analysis by, Čipčić-Bragadin Mesić & Associates can be found here.

Firm's website: cipcic-bragadin.com


Our Latest Issue