In a previous blog post, I promised to release a list of questions a Board of Directors (Board) might ask its compliance officer. This post is intended to fulfill that promise. My intent is to help Board members exercise their oversight responsibility, assess the compliance officer, and further their understanding of the compliance program and risks faced by organizations.
The Board should have an ongoing dialogue with compliance. Initial questions can be turned into follow-up items at subsequent compliance sessions. The Board’s questions will naturally evolve as their understanding of the process deepens. The questions might change or grow more focused over time, but they should not stop. The Board needs to continue its inquisitive process over the compliance process.
Governing Body Compliance Responsibilities – Questions Board Members Might Ask of a Compliance Officer:
- Is anyone or anything within your organization impeding your ability to operate an effective compliance program? For example, is management resistant of your compliance efforts?
- Does management completely embrace and support compliance functions?
- What is the scope of your responsibilities? Do your responsibilities extend beyond your compliance obligations?
- Do other obligations significantly impede the effective operation of the compliance program?
- Do you perceive any conflicts of interest from any other responsibilities you might have?
- What is involved in the compliance reporting process that permits employees and others to report compliance issues?
- Are your compliance efforts adequately funded? Do you need to seek funds from other areas of the organization?
- Do you have sufficient staff to support your compliance efforts to the level of effectiveness appropriate for the organization?
- Have you been able to adequately address all compliance issues that come to your attention? Are you able to address and resolve issues promptly?
- How frequently does the organization have an outside compliance effectiveness review conducted?
- What are the main gaps that exist in the compliance program?
- Do you have the ability to retain separate legal counsel to address compliance issues without having to check with management?
- What is needed from the Board of Directors to assure you are able to adequately operate an effective compliance program?
- Are you comfortable addressing compliance issues that may involve management or legal counsel?
- Do you maintain compliance resources such as applicable laws, rules, and regulations in a central location for easy access?
- How do you stay current on legal and regulatory issues that potentially impact the organization?
- What are the top regulatory risk areas that potentially impact the organization?
- Is there a process to continually identify new and emerging legal and regulatory risks?
- Do you regularly conduct compliance training?
- What training resources or expertise would be helpful for the Board to better understand the nature of its compliance oversight responsibilities?
- How do you know whether compliance training is effective? How do you measure results?
- What issues that potentially impact the organization are focused on by applicable regulatory agencies?
Is there an atmosphere within the organization that facilitates reporting of compliance concerns and assessment of perceived compliance issues.