Defy Expectations: Take Your Compliance Program to the Next Level

By Tim Moore, Vice President, Head of Commercial Legal & Compliance, Corium

Psycho. Frozen. What do these highly successful movies have in common? They defied expectations. Audiences expected one story; they got a different one still rooted in familiarity. (No spoilers here, if you are not familiar with these movies.)

What does this have to do with effective compliance programs? Everything.

To begin understanding why, we can look to industrial designer Raymond Loewy. He made the Air Force One logo, the Coca-Cola bottle, the Shell Oil logo, and dozens of iconic products. His widely adopted and lauded approach to product development understood humans’ inherent psychological tension between preferring the familiar and being excited by the new. The logos and products he designed were successful because they took the familiar and made it surprising.

The people, teams, and businesses we support interact with us and our compliance programs with assumptions about our what we do and how we do it. Unfortunately, these assumptions are not always positive. By defying expectations, we can enhance our compliance programs by taking advantage of the formula that made Psycho, Frozen, and so many movies and products successful.

“Defy expectations” is about more than just the interpersonal aspect of being a compliance professional. It is a framework for developing and running a compliance program that speaks to what we do and how we do it. Here are a few ways we can apply the framework.

Partner, Not Police

We and our teams may work with people who have had negative interactions with those in our profession. Frequent monikers for the compliance team include “the department of ‘no’” or “business prevention.” These stereotypes stem from a reputation of compliance professionals acting like police within their organizations, solely looking to identify infractions and enforce rules.

Instead, we can harness our expertise in the rules and risks germane to our industry while flipping the script. We can show up as partners for the business, sharing the goal of achieving business objectives compliantly. Our words and actions can show that we understand our products, business, and objectives. Fully actualizing this approach means employing a sustained, teamwide effort where everyone is acting and speaking with business partnership in mind.

Showing up as a business partner means keeping two things in mind.

Seek to Understand: Steven Covey’s fifth habit applies to compliance professionals as much as to our business partners: Seek First to Understand, Then to Be Understood®. When we learn of something, and especially when we are approached for guidance, we should ask questions to learn the business objectives and the thinking underlying them as well as the proposed idea. Show genuine curiosity. Ask clarifying questions. Doing this will lead our business partners to see that we want to help because we share a goal instead of merely looking for reasons that we cannot or should not do something.

Seeking to understand an idea’s merits amongst its compliance risks should come against the backdrop of understanding our business generally. Like our business partners, our decisions should be informed by a wholistic understanding of our company’s products, our business objectives, and the markets and geographies in which our business operates. This global view of our business enables asking the right questions to get to the right answers. It also enables us to demonstrate a shared interest in advancing the business.

Offer Solutions: Our teams’ expertise in risks is undoubtably valuable to our organizations. But if we use that expertise only to identify risks, we are not delivering the most value we can to our organizations. What is more, we play right into the assumption that our teams look only for risks. To make the most of our knowledge, we should bring solutions to the table after seeking to understand the business goals. Even if the solutions are incomplete, our business partners will see great value in collaborating with us to devise a complete solution that effectively manages risk while advancing business goals. Where there is no compliant path, we must explain why that is so instead of just saying that the idea cannot move forward.

Enable Performance, Not Just Compliance

Historically, policies and procedures have been written in a style familiar to lawyers: sections, subsections, sub-subsections, and jargon (e.g., “transfers of value”). Policies and procedures can go on for more than a dozen pages. Controls and procedures, while mapped to relevant risks, exist outside normal business processes. We “train” people to follow rules, relying on them to absorb and retain large amounts of industry-specific rules and practices. All of this creates disengagement and frustration with our compliance programs.

We can flip the script here too. We can design our policies, procedures, controls, and technology with business objectives in mind and, where possible, embedded in normal business activity. We can use our expertise to enable our business partners to achieve our shared business goals while making good choices. Two concepts can help us do so.

Design Thoughtfully: When drafting policies or procedures, we should apply the basic writing rule of keeping our audience in mind. So the language we use should be clear, concise, and easy to read. Where possible, we should embed controls into business processes; doing so promotes efficiency and shared ownership with the business for compliance. Before creating or implementing technology, we should consider how the business might use or be impacted by the technology. If there are ways for the business to benefit from it, then our business partners will hasten adoption. If the business will be affected, we should bring them to the table early and along for the journey to preempt resistance.

Educate People: When creating educational content for our businesses, our goal should be to enable good choices. This means that our education should be practical, relevant, and follow the appropriate learning approach (e.g., adult learning principles). So instead of teaching people the formal elements of a particular law or their place within the United States Code, we should help them understand the law in words and concepts they use every day. We need them to make good choices, even if that choice is pausing to speak up and seek guidance; we do not need them to be compliance lawyers or officers ready for an exam. Humor and fun increase engagement, so we should look for opportunities to make our educational material have games or be memorable.

Defy Expectations

Our business teams know that we are experts in the compliance risks in our industries. They rely on us to use that expertise to ensure our businesses stay compliant. Yet some want to keep us at arms’ length because their experience with compliance has been negative. They expect “no” at every turn, and they are comfortable engaging with us on those terms. We can overcome this predisposition by outwardly defying those expectations. By combining our knowledge and skill with a deep understanding of our business, engagement showing partnership, and education that enables performance, we can make the familiar surprising. With business partners excited about working with us, our compliance programs will reach the next level.

Hot Topics

Related Articles