A new survey of nearly 1,000 chief legal officers finds that 74 percent say the compliance function reports into legal — and of the 26 percent who say that isn’t the case, more than one-third of them believe it should be.
Those were two big findings from the Association of Corporate Counsel’s 2021 CLO Survey, released Tuesday. The survey polled 947 chief legal officers around the world, and their views on the compliance function are quite revealing.
First, as we said, a whole lotta legal officers either say the compliance function reports into them, or they believe that compliance should report into them. That goes against the divine teachings here in the land of compliance officers, where we believe that compliance should be separate from legal and report to the CEO or (hey, one can dream) directly to the board.
Across the entire group of respondents, 74 percent said compliance reports into legal. Within specific industries, however, that number varied quite a bit: from 92.3 percent in the wholesale trade sector, down to 54.5 percent in the agriculture and forestry sector. Figure 1, below, shows the breakdown by industry.
Meanwhile, only 42.5 percent of respondents also said corporate ethics reports into legal. And of the 57.5 percent who said corporate ethics doesn’t report into legal, only 13 percent of that group said corporate ethics should.
Let me raise an alarm here. If a solid majority of respondents say corporate ethics doesn’t report into legal, exactly where is corporate ethics reporting? Into the HR department? Into (shudder) the internal audit team? Into thin air?
Moreover, look again at the 57.5 percent who don’t oversee legal, and the vast majority of that group that don’t want to oversee it. My inference there is that many chief legal officers don’t see corporate ethics as a pressing source of risk — or at least, not pressing enough that legal teams need concern themselves with it.
I couldn’t disagree more. Poor ethics causes all sorts of trouble that can drive legal teams nuts: corporate bribery, antitrust violations, wrongful termination lawsuits, and lots more. Good ethics goes hand in glove with good corporate compliance. So if the chief legal officer insists on overseeing compliance, why wouldn’t oversight of ethics also be part of the package?
Priorities for the Business
The ACC survey also asked respondents about the importance of various issues to successful business operations, rating each one on a 1-to-10 scale. Not surprisingly, cybersecurity was rated most important, with a score of 7.8.
Regulatory compliance placed a close second, at 7.7. Other traditional compliance issues, however — anti-corruption, enforcement and investigations, whistleblower issues — all rated much lower. Figure 2, at right, tells the tale.
Reading that chart stings a little bit. Obviously achieving regulatory compliance is important, because that implies that you’re striving to conduct business properly from the start. To see much lower ratings for the other compliance duties, on the other hand, implies that they are lesser concerns.
Is that because those issues don’t arise as much? Or is it because large companies believe that if they throw enough money at an issue, regulators will announce a resolution and go away? (Which is, really, another way of saying that corruption and compliance programs are just a cost of doing business.)
The ACC report also asked about whether investors have been pressuring companies to take a public stand on political or cultural issues in the last 12 months. Eight-five percent of respondents said no, investors hadn’t.
That’s interesting because just the other week the Edelman Trust Barometer published its 2021 report, which said employees do want their CEOs to take stronger stands on political and cultural issues. So this ACC report suggests that investors and employees have different opinions about the importance of companies taking a strong stand on difficult issues. (I’ll let you draw your own cynical conclusions here.)
On the other hand, this same group of respondents also said enviromental, social, and governance (ESG) issues, as well as diversity & inclusion (D&I) issues, are increasingly important to corporate strategy: 65 percent said ESG will be more important to corporate decisions in the coming year, and 72 percent said the same for D&I.
Compliance officers (no matter whom you report to) should watch those trends, since both issues touch on matters of policy management, third-party oversight, data collection, and reporting. On reporting in particular, I suspect much of that right now is reporting to the board — but if the Biden Administration executes its agenda skillfully, that might include regulatory reporting soon enough.
Legal Hiring Looks Good
One bright spot is that chief legal officers do expect to hire more people in 2021: 32 percent said they expect to hire more lawyers this year, up from 30 percent in 2020. Half of those firms hiring more internal staff also expect to send more work to outside counsel. Such enthusiasm from our frenemies in legal is encouraging.
That jibes with what I’ve seen on LinkedIn lately: a gush of people posting news of open compliance jobs at their companies. The exact titles vary widely, and yes, a lot of the job posts I see are compliance jobs reporting into the legal department — but the jobs are there.
Presumably this is because of a new calendar year and new budgets, and because hiring executives are more confident that they can navigate the pandemic’s effect on business. Whatever. I’ll take any good employment news that comes along, even if it answers into the legal function.