The Changing Face of Corporate Compliance and Corporate Governance
On Monday, February 9th, 2015, the Corporate Law Center hosted its annual symposium. This year’s topic was the “Changing Face of Corporate Compliance and Corporate Governance.” The symposium consisted of two panel discussions, and was followed by a keynote address given by Thomas Baxter, the General Counsel and Executive Vice President of the Federal Reserve Bank of New York.
Professor Steve Thel, Fordham University School of Law, moderated the first panel. The topic of discussion was how the development of compliance over the past several decades has challenged established norms of corporate law and corporate governance. The panel consisted of Professors Sean Griffith, Fordham University School of Law, Geoffrey Miller, New York University School of Law, and Miriam Baer, Brooklyn School of Law.
Professor Griffith argued that corporate compliance, the means by which firms adapt to norms, is essentially corporate governance, the ultimate control over the internal affairs of a firm. Professor Griffith found that compliance programs might have several negative implications for corporate governance since they are largely influenced by governmental entities with little input from shareholders. Specifically, he identified that (1) a growing number of compliance programs are not cost-justified by the value they produce to the organization; (2) conflicting metrics of success to regulators and corporate managers being implemented; and (3) there is an advent of “compliance creep,” where firms look at their peers to decide whether to add compliance staff and programs.
Professor Griffith discussed two alternative ways to address these shortcomings. On one hand, corporations can simply try to understand the compliance revolution and plan for it going forward. Alternatively, Professor Griffith suggests several alternatives that he argues would make compliance more effective. These include an elimination of governmental incentives, greater judicial scrutiny of compliance investigations, and public disclosure of program details.
Professor Miller presented an economic analysis of corporate compliance programs. He asserted that compliance programs are important aspects of corporate governance, and, if well designed, and vigorously implemented, that they may improve firm performance by shielding corporations from enforcement actions and penalties. Professor Miller discussed how the current regulatory framework has taken a common law approach to compliance, manifesting in agencies shaping compliance programs through regulatory checklists. The result has been a non-systematic and non-comprehensive regulatory framework that reflects slightly different understandings of fundamental compliance issues.
Professor Miller presented an economic analysis of how a firm can create an effective compliance program. He concluded that an effective compliance program is the set of policies and procedures that a rational, profit-maximizing firm would establish if it faced an expected sanction equal to the social costs of those violations. An implication of Professor Miller’s model is that the U.S. government can achieve an optimal level of violations simply by ensuring that the firm adopts an effective compliance program. Professor Miller concluded by acknowledging that since his model is so abstract, it has little practical value but may serve as a useful guide for analysis in some instances.
Professor Baer explored privilege and corporate investigations. She first conducted a walkthrough of benchmark cases establishing the current legal standard for what types of communications fall under attorney-client privilege during corporate investigations. Professor Baer then set forth to answer the question: What is the ideal privilege rule for corporate investigations?
Professor Baer first defined an ideal corporate investigation as one that spends resources optimally, is conducted in a legal manner, identifies criminal violations promptly, and enables organizations to learn from mistakes. She then set out to determine what amount of privilege facilitates optimal corporate investigations. Baer’s two main assumptions were: (1) privilege causes corporations to hire more attorneys; and (2) attorneys cost more than non-attorney investigators. Professor Baer identified three possible rules: one where there is privilege for all investigations, one where privilege is only allowed for the purpose of securing legal advice, and one where there was no legal privilege. She then argued that the ideal attorney-client privilege rule should only require privilege for the purpose of securing legal advice. Professor Baer argued this would best facilitate employee disclosure of criminal activity, corporate learning of what is legal and what is not, and improve the immediacy and likelihood of detection.
The second panel was practitioner-oriented, and analyzed how compliance programs have evolved specifically within the financial services industry. Moderated by Gerald Manwah, Managing Director, Financial Crime, Barclays; Senior Director, Compliance Programs and Adjunct Professor, Fordham Law School, the panel included Stuart Breslow, Managing Director and Chief Compliance Officer at Morgan Stanley, Alan Cohen, Executive Vice President and Global Head of Compliance at Goldman Sachs, Martin Grant, Chief Compliance and Ethics Officer, Federal Reserve Bank of New York, Henry Klehm III, Partner at Jones Day, and Allen Meyer, Head of Global Compliance and Services and Strategy at Barclays.
The panelists shared their perspectives on the current role of compliance. They also provided projections on the impact of compliance within financial institutions. The panelists discussed many topics, including: (1) the future of compliance programs in Fortune 500 companies; (2) compliance lessons learned from the financial services industry; (3) who “owns” the first line of defense on compliance programs; (4) whether compliance programs can/should be treated as trade secrets; and (5) the implications of globalization on compliance.
Some key points made by the panelists include:
Stuart Breslow: It is important for every corporation to have a corporate ethos along with a code of conduct and means for employees to voice concern for potential violations, such as an employee hotline. If a company does not have these things, they will likely find themselves in a tough position if any violations do occur. Compliance programs should not be treated as a trade secret because the entire industry suffers when one member suffers. There has been a lot of cooperation between companies to develop effective and efficient compliance programs.
Alan Cohen: If your business is active in global markets, a strong compliance program is necessary because the world is complex Laws around the world are complex, sometimes inconsistent and need to be tended to. Regulators can do a better job of drawing on lessons learned from the best practices they have seen in each industry. Everyone in a company needs to understand the company’s values if compliance programs are to be effective.
Martin Grant: The Federal Reserve considers corporate culture all the time. Actions of leaders matter, as do words, for the risk appetites of firms. Corporate leaders should be emphasizing compliance to everyone, and although a business’s employees are the first line of defense, there is a role for everyone in the organization.
Henry Klehm III: Compliance programs will likely play a more prominent role in Fortune 500 companies. If you are, for example, an automobile company shipping parts internationally, you are exposed to a wide variety of legal risks that are hard for companies with small compliance programs to fully understand. Sharing trade secrets is complicated. If you are at the bottom of the pack, compliance programs are too hard to implement, and if you are at the top of the pack, implementing a program is too expensive. Globalization poses a number of risks that makes developing an organization with respect and understanding of international laws very difficult.
Allen Meyer: The direction of travel for compliance programs should be towards transparency and sharing information. In the changing regulatory landscape, it is too costly to make mistakes, and though there are some issues, peer firms should be working together to develop effective compliance.
A keynote address was delivered by Thomas Baxter, the General Counsel and Executive Vice President of the Federal Reserve Bank of New York. Mr. Baxter started by noting, “we have come a relatively long way in a short period of time.” He then discussed that while it is important to understand the different reasons why compliance has evolved into what it is today, it is more important to adapt to the changing circumstances in industries, listen to compliance professionals, and concern ourselves with getting to the “next level.” Mr. Baxter explained that observing a change in nomenclature from simply “Compliance Officer” to “Chief Compliance Officer” is a result of the increased role compliance has in many corporations.
Mr. Baxter saluted corporations that have tied compliance to ethics by creating a Chief Compliance and Ethics Officer position, as it recognizes compliance is easier in a company that is ethically sound. He noted that evidence is growing that ethical culture leads to tangible benefits. He explained that companies that have tied together ethics and compliance have done better as measured by the Program Effectiveness Index (“PEI”). This is because a strong ethical culture has an impact on corporate behavior. He predicted that there will be much more empirical evidence that suggests tying corporate compliance to ethics leads to greater benefits for corporations.
Mr. Baxter continued by saying there have been many instances where compliance has decreased risk by constraining activity. For example, many banks are wary of transacting business in dollars abroad, because of the risk of unwittingly becoming involved in terrorist financing in the Middle East, or money laundering in South America.
Mr. Baxter stated that constraining business activity is an adverse consequence of compliance that does not need to continue in the future. Instead of constraining activity, Mr. Baxter noted that sound compliance programs could help business leaders on-board risk by making them more confident that they are operating in an ethical and legal fashion. If banks become confident that they are not engaging in terrorist financing, or money laundering, then they will be more willing to take these risks on, and open new accounts in foreign countries. Mr. Baxter acknowledged that compliance is not yet at a stage where businesses are confident in taking on what are deemed risky activities because identifying such risks are too costly. Nevertheless, he is confident that compliance programs will reach the level where they will be able to do so.
Mr. Baxter then discussed different methodologies to gauge the effectiveness of compliance programs. He explained that the current measurement of effectiveness should change from one that is backwards looking (results oriented), to one that is gauged by a reliable and acceptable measurement of effectiveness. This would provide business leaders with more confidence, and further facilitate companies’ willingness to take on risk. He warns that as compliance becomes a repeatable process, it cannot drive out creative thought if companies hope to achieve what he deems the “next level” of compliance.
In conclusion, Mr. Baxter reiterated that ethics and compliance has come a long way in a short period of time. As he looks out on the road ahead, Mr. Baxter says he believes progress will continue for the benefit of employees, shareholders, and the community at large. He finished by saying ethics and compliance can best be nurtured by developing a strong culture, and employing the best and brightest.