Should the chief compliance officer have a role in setting executive pay?
That was a big question asked at the Society of Corporate Compliance & Ethics annual conference this week. You couldn’t escape the subject. More than 1,700 compliance professionals had gathered to talk about good corporate conduct, and we had examples of bad corporate conduct all around us. Many of them boiled down to poor compensation practices that tempted employees, high- and low-ranking alike, to do dumb things.
Naturally Wells Fargo was Exhibit A in this cavalcade of clumsy. Its scandal of employees creating fictional accounts for customers provided endless fodder for SCCE attendees. We picked over the bank’s culture and compliance failures so often that in one discussion, SCCE chief executive Roy Snell tried to invoke a mercy rule to stop piling onto Wells Fargo—which we couldn’t manage. Within five minutes the bank’s misconduct came up in conversation again.
One runner-up was Mylan Labs, and the bungled boardroom governance there that rewarded Mylan executives for imposing usurious price hikes on its EpiPens. I’m sure other examples were named in sessions that I didn’t attend. There was something for everyone, and the line that connected so many dots of corporate dumbness was executive compensation.
So what role could compliance officers play to address that compensation threat? And what role should you play, really?
During a live podcast hosted by Snell and fellow compliance enthusiast Tom Fox, we tried to answer that question. Both men said compliance officers don’t need to play a role in setting a CEO’s base salary, and I agree. But base salary is rarely the problem. Performance-based pay always seems to be the invitation to disaster—and that’s where opinions started to differ.
Snell, Fox, and some members of the audience said ethics & compliance officers could play a useful role in reviewing executive pay packages. That is, if one job of the compliance officer is to be the ethical voice of the company, that can include offering advice about the wisdom of various compensation plans. The compliance officer could be an independent voice who warns the compensation committee when rewards seem too large.
Hmmm. Let’s start with the basics.
The compliance officer clearly can, and should, advise the compensation committee or HR director about the compliance and internal control requirements for compensation plans. For example, while one failure at Wells Fargo was the high-pressure sales culture that drove employees to open unauthorized accounts, an equally troubling failure was the bank’s inability to discover or stop that misconduct. Either nobody noticed these false accounts, or nobody had the power to intervene and stop them.
That compliance failure shouldn’t have happened. Most false accounts would be open for only short periods, and would remain dormant for that time. That’s not how consumer bank accounts generally behave—so why did the bank’s internal control system miss them? Or when whistleblowers at Wells Fargo were punished for alerting supervisors to the misconduct (which they allegedly were), why did Wells Fargo not have a hotline analysis program that would see the pattern?
Gaming out scenarios like that, and building mechanisms to prevent them, is a role compliance officers can play. The CCO should tell the HR director or compensation committee, “If we want to adopt this method of incentive-based pay, then we need to design the following controls to prevent possible abuses.” And you’ll need to think very creatively about exactly what abuses might be possible, because your employees will certainly be doing the same.
We don’t yet know whether that was Wells Fargo’s problem—or more precisely, we don’t know why Wells Fargo had to fight for five years to eradicate such pernicious misbehavior. An effective system of internal control and compliance should have caught the misconduct immediately and put it on an express train to senior HR managers (including the CEO) for strong, sweeping reforms.
Compliance vs. Governance
The bigger challenge is how an ethics & compliance program might confront the meltdown at Mylan Labs. After all, Mylan wasn’t a compliance failure; its price hikes for EpiPens were legal and its executive compensation plan properly disclosed. This was a governance failure: the board approved a strategy for growth that relied on steep price hikes for EpiPens, and gave CEO Heather Bresch a compensation plan that rewarded her (richly) for doing exactly that.
Governance and strategy aren’t really within the compliance officer’s purview—although they can pose difficult ethical questions, if the strategy and compensation plans leave the company behaving like a corporate jerk. In that instance, someone needs to intervene with the board and CEO to say: “Yes, this is legal, but is this what our company is about? Is this how we want to behave?”
Essentially, somebody needs to be the person who warns senior leaders that the company is being too greedy and should retreat simply for ethical reasons. That’s a difficult argument to make in a capitalist society. I’m not convinced it should be part of the compliance officer’s job. Even when it is, I wouldn’t want to be that compliance officer who does it.
One suggestion came from Ty Francis, publisher at Ethisphere, who was also in the room. He suggested that the compliance officer work with the board’s nominating and governance committee, to vet candidates for CEO and the board on ethical criteria. That strikes me as a better role to play, and a more effective way to prevent the messy ethical and reputational failures that senior executives can cause.
After all, the ideal executive isn’t one who can answer, “Is this what our company is really about?” The ideal executive runs an organization where nobody feels the need to ask that question in the first place.