The Visible Hand: A New Compliance Model

Friday, December 09, 2011

Thomas Fox

59d9b46aa00c70238bb89056cfeb96c0

In an article in the December issue of the Harvard Business Review, entitled “First Let’s Fire All the Managers”, author Gary Hamel writes about the concept that “Management is the least efficient activity in your organization.”

He articulated that this inefficiency is derived from a top-heavy management model that many companies employ, “that is both cumbersome and costly.”

While his article is focused on a supplier business I found some of his concepts could lead to a more robust, dynamic and agile compliance program.

Hamel described one of the functions of managers is to “amalgamate thousands of disparate contributions into a single product or service.” This effect was termed by business historian, Alfred Chandler Jr. as the “visible hand.”

But Hamel posed the question, “Wouldn’t it be great if we could get the freedom and flexibility of an open market with the control and flexibility of tightly knit hierarchy?”

For a compliance program, this sounded like an excellent goal. Your company guide drives down the compliance function into the DNA of the business so that all employees are thinking about how to do business in a compliant manner, just as they think about performing an activity in the safest way possible.

Put another way, if safety is job criteria No. 1, what can you do to make compliance, job criteria No. 1A? Hamel’s article is a jumping off point for that guidance.

Initially a company must recognize that a top down philosophy in compliance is not consistent with such self-management. A Compliance Department can certainly have a highly valuable function in a more self-managed company compliance program.

But a company must trust that its employees will conduct business in a manner which satisfies an anti-corruption and anti-bribery program, whether such program is based upon the Foreign Corrupt Practices Act (FCPA), UK Bribery Act or other anti-corruption and anti-bribery regime. Hamel identifies four steps in the “road to self-management” all of which apply to such a companywide system for compliance.

Personal Mission

Everyone should write down, such as in their annual personal employment goals, the answer to the following or similar question, “What is the compliance and ethics value that you want to create for your peers?”

This is designed to challenge employees to “focus on benefits delivered rather than activities performed?” This does not need to be a lengthy thesis. Hamel believes that a few sentences should cover it. This statement should be critiqued by a peer group and used as a touchstone for movement towards “peer negotiated accountability.”

Expand Employee Autonomy

A company should look for small ways to expand employee autonomy in the compliance area. This does not mean a complete abdication of the role of the Compliance Department but it does mean a “notch-by-notch” transfer of authority to persons in the field.

This will probably require close monitoring initially, and certainly the Compliance Department will need to be a resource to the business units. However, such transfer can have a powerful effect. I would temper this with the Ronald Reagan admonition to “Trust but verify”.

Financial Impact

Here Hamel suggests that employee’s should be able to calculate the financial impact of their decisions. This means the costs savings that are derived by having business unit employees participate in the compliance function. An initial calculation should be made on third party representatives.

Does your company really need all of the sales agents it currently uses? Is there overlap or duplication in the Supply Chain? The answers to these questions can go a long way towards reducing overall compliance risk and adding points to the bottom line.

Further, properly trained, a business unit employee can perform some of the underlying due diligence investigation work for any third party business representative. The self-management of the business unit to fulfill these functions can drive down the overall cost of compliance.

Democratize the Process

This final step involves the commitment of managers to those whom they lead. All managers must enumerate their pledges to the business unit employees. Employees who are managed should have input into these commitments but it is imperative that managers must be accountable.

A company, and indeed an industry, can change its DNA. I defended companies in the oilfield service industry and chemical plant industry for over 20 years. In the late 1980s and early 1990s the death and personal injury rate in both of these industries was significantly higher than it is now.

However, due to increased government regulation and increased costs in the form of insurance rates and lawsuit awards sometime in the late 1990s this began to change. The death and personal injury rate is lower now than it was 15 years ago.

While it should be recognized that this model may not be the right model for all companies and the learning curve may be steep, Hamel’s article provides an example for companies to consider about how to burn compliance into the DNA of a company.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

Cross-posted from Tom Fox Law

Possibly Related Articles:
10889
General
General Legal
Legal Compliance Enterprise Security Management Regulation FCPA Employees Policies and Procedures
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.