A Regulatory Compliance Program Should Be Top Concern, Advisors Say

By Che Odom  

• Practice Tip: A thorough compliance program can help mitigate risk posed by regulation.  

Regulation is a growing concern among corporate counsel and directors, but they can mitigate some related risks by establishing a thorough compliance program, according to business consultants.

And when it comes to mergers and acquisitions, companies can differentiate themselves with a strong program.

That's according to Erica Salmon Byrne, executive vice president of compliance and governance solutions for NYSE Governance Services, who moderated a June 25 webinar regarding corporate directors' legal concerns.

“You see that companies are demonstrating a sensitivity to regulatory compliance, especially in the supply-chain context,” she said. “Companies are starting to wake up and realize that if they've got a strong regulatory compliance program in place, that they are less risky for other companies to do business with.”

The webinar, “Law in the Boardroom: Today's Top Legal and Governance Concerns for Directors and General Counsel,” covered a range of topics, including shareholder engagement, cyber risks, social media and compliance issues. It also featured Brian C. Ong and Thomas G.A. Brown, two senior managing directors of FTI Consulting in New York, who provided anecdotes and advice on compliance matters.

“Companies are starting to wake up and realize that if they've got a strong regulatory compliance program in place, that they are less risky for other companies to do business with.”
Erica Salmon Byrne
NYSE Governance Services

A strong anti-compliance program, which deals with anti-corruption, data security, third-party liability, insider trading and other regulatory risks, is a top concern for chief legal officers and boards, Salmon Byrne said.

Personnel Needed?

The first step is to set the proper tone at the top of the organization, Ong said during the webinar.

“Make sure that there is an unyielding tone of compliance at the top, of ethical behavior, that's permeating the entire organization,” he said.

In building a strong program, companies may need to increase the number of dedicated, in-house professionals, he said.

According to Salmon Byrne, HSBC has added 1,500 new compliance officers, JPMorgan Chase & Co. is adding 1,600 compliance professionals and Wal-Mart Stores Inc. has announced it will have 2,300 embedded compliance officers by the time it is finished making all of its changes.

Wal-Mart declared that it was committed to developing a strong compliance program in the wake of Foreign Corrupt Practices Act-violation allegations in 2012 .

“These are clearly very, very significant investments that these companies are making in people, personnel and technology in order to be able to deal with the increasing complexity of the regulatory environment,” Salmon Byrne said.

Money Needed

In addition to “boots on the ground,” capital needs to be injected into the development of plans and processes to better manage programs, Ong said.

Employees need to be trained on and familiar with the “design and implementation of compliance processes,” and companies must continuously test and monitor their compliance plan to make sure it functions effectively. All of that costs money, he said.

The compliance plan “is not a document that you create and put on the shelf and never deal with again,” he added. “It needs to be a living, breathing document that is tested and updated.”

Evaluating Compliance Efforts

Companies should take the following steps to ensure their compliance programs are effective:

• set a tone of compliance at the top of the organization;

• decide whether your company needs more compliance professionals;

• see that employees are trained on regulation and compliance, and that officers understand your crisis-management plan;

• consider whether technology is needed to monitor regulatory compliance; and

• determine if more investment is needed to develop effective compliance and oversight programs.


Ong has faced many compliance issues when advising companies on transactions, he said. A review of regulatory compliance is a necessary part of the M&A process, so companies should insert provisions into the agreement that deal with the FCPA and the U.K. Bribery Act--areas that are “something of a hot topic” among companies, he said.

“As M&A activity continues to heat up, the regulatory compliance piece, as part of the M&A process, is one thing that does not always get the attention that it should,” Salmon Byrne said.

Emerging Issues a Concern

On May 27, FTI Consulting released findings from its 14th annual Law in the Boardroom study. The 2014 study revealed that emerging issues, including cyber threats, social media and shareholder engagement, are of increasing concern among directors and chief legal officers.

The study asked directors and general counsel to identify the latest and most pressing governance trends and legal matters in today's boardroom.

The notable findings included the following:  

• 34 percent of general counsel and 27 percent of directors are unconvinced their company is secure and impervious to cyber-hackers;

• 41 percent of directors and 33 percent of general counsel indicated IT/cyber risk as an issue upon which they will spend significant time this year;

• 73 percent of general counsel acknowledged the existence of a formal corporate social media policy, while 27 percent of directors surveyed were unsure if their company even has a social media plan;

• 45 percent of directors indicated that they have discussed social media in the boardroom, but need more information to have a good understanding of the strategies and risks involved;

• 81 percent of directors said their company is effective at responding to shareholder concerns in a constructive manner; and

• 57 percent of directors reported their board had proactively engaged in dialogue with shareholders regarding mergers and acquisitions and growth strategies in the past 12 months.

To contact the reporter on this story: Che Odom in Washington at codom@bna.com

To contact the editor responsible for this story: Ryan Tuck at rtuck@bna.com

An archived recording of the webinar may be requested through the NYSE Governance Services website: https://welcome.corpedia.com/events/law-boardroom-todays-top-legal-governance-concerns-directors-general-counsel/.