Today we have another Radical Compliance podcast, this time on the practical challenges of building out a global compliance program. I sat down with Charles Paré, chief compliance officer at CEVA Logistics, who has been doing just that since he started working for CEVA eight months ago.
You can hear the full podcast at the top of this page. For now let me dash off some of my own thoughts about the points that Paré raised, such as how a compliance program needs to communicate with employees, how a CCO might structure his or her team at a global organization, and what reporting a compliance officer provides to business units so they can understand their risks and compliance posture.
First, to give people a sense of CEVA’s organization and reach: the company is headquartered in Marseille, France, with 78,000 employees around the world and $7.8 billion in annual revenue. CEVA traces its history back to Thomas Nationwide Transport, a trucking company founded in Australia in 1946; although the CEVA name didn’t come along until 2006, with many mergers along the way.
Paré, as we mentioned, arrived on the job in March. He then began recruiting a team of regional compliance officers, and has hired or promoted at least five people into those roles in the last six months. When I caught up with him last week, Paré and his new team had just finished a 10-day (!!!) team retreat in France.
So what were the big themes in our talk? This is what struck me.
Compliance Programs From the ‘Consumer’ Perspective
At the start of his job, Paré spent a lot of time just talking with managers of the business units, asking them how they would want to interact with the compliance program — whether that would be training, investigations, policy management, or whatever. So what did those managers tell him? “One thing that came across in all conversations was to make it human,” Paré said.
Paré then framed the compliance officer’s challenge as selling something (a culture of compliance and ethical conduct) to the business units. “We tend to look at the compliance program from the compliance officer’s point of view,” he said. “And if we transpose that to any type of product in the world, that would be counter-intuitive. If you want to sell a product, you look at the consumer’s perspective.”
That’s an important point, and one that I suspect many compliance professionals endorse. We have to remember, however, that compliance officers have competitors in the enterprise, selling “rival” products — pressure to hit performance goals; desire for more success, even if that means cheating; or a belief that ethics policies aren’t really that important. We’d be foolish to pretend that employees don’t hear those messages too; they very much do. The compliance program needs to compete against those temptations.
So compliance officers, Paré said, need to perform market research by talking to other parts of the enterprise; and they need to package “the product” (policies, procedures, training, and so forth) in a form that employees will actually buy. And the more successful a compliance officer is at product development and packaging, the more employees will do viral marketing of your compliance program for you.
A Balanced, Two-Pronged Structure
I asked Paré a few questions about how he wanted to structure his ethics and compliance function. He sketched out a two-pronged strategy of regional compliance officers around the world, plus three global functions that focus more on issues. My chicken-scratch interpretive diagram, with some help from PowerPoint:
In total, Paré has roughly 50 people reporting into him at the CCO perch; not including other compliance ambassadors and other friends of the cause sprinkled around the enterprise.
Supporting Business Units
I was also interested in how Paré stitches together various feeds of information from across the CEVA enterprise, into one larger picture of compliance activity that he can put into reports for senior managers, the board, regulators, or anyone else looking for an understanding of CEVA’s compliance posture. How does that work?
First, Paré said, his success as a CCO really does depend on his lieutenants. They are the ones seeing more specific incidents up close, and deciphering which items are or aren’t serious enough for immediate escalation and attention. Then Paré needs to marry that information with observations he gleans from the business operating units: customer wins, shifts in strategy, new market development, and so forth. In a report to senior management, Paré then needs to translate all that into, “What’s in it for them?”
“The entire compliance culture needs to be framed in a way that’s relevant for the business objectives,” he said.
In practice, that means Paré does not want to brief the board by reciting one risk at a time: five minutes on anti-corruption, then five minutes on anti-trust, and so forth.
“That’s my kitchen,” he said. “I need to translate that into their menu: ‘You want to go into that country. These are the risks of that, and this is what we’re doing to mitigate them. This is what I need from you, and this is where we stand.’”
The job of Paré and his regional compliance officers (who are more familiar with the local risks and compliance obligations around the world) is to perform that translation. Then they’re giving business unit leaders the context they need so those leaders can own ethics and compliance themselves, and make it part of strategic decision-making.
Paré and I cover other issues as well in our podcast, so I encourage you to listen to the whole thing. If anyone else wants to talk about how you’re running your own program, drop me a line at [email protected] any time.