Skip to contentSkip to navigation

Applied Governance: Beyond Compliance

(originally published by Booz & Company)

The recent legal, regulatory, and other responses to reported corporate transgressions have broad and, in some respects, still uncertain implications for public companies. A growing number of organizations are appointing a chief compliance officer (CCO), or an equivalent, such as a chief governance officer or chief ethics officer, to be a single and senior point of contact for Sarbanes-Oxley, stock exchange, and other requirements. Computer Associates, Kodak, Peregrine Systems, Pfizer, SunGard, and Westar Energy are among the companies that have formalized the position. The trend will continue as boards and management realize that the role transcends “policing” and actually contributes to growth and resiliency.

Originally conceived to address the compliance needs of some highly regulated industries, a full-time CCO can provide direction and substance to public companies in meeting their evolving corporate governance requirements — whatever the industry. The role involves the communication and application of both universal and company-specific corporate governance themes, through the creation, implementation, and continuing refinement of practical processes and methodologies.

To promote and codify the universal themes of transparency, integrity, and accountability, the CCO, working with the general counsel, chief financial officer, and internal auditor, can manage and document Sarbanes-Oxley and stock exchange compliance requirements. He or she also can act as an internal and external facilitator for board committee chairs, and lead the planning process associated with the company’s efforts to mitigate risks and ensure the company’s ability to adapt and grow through discontinuous change.

The CCO also can help a company implement the practical changes these broad themes imply. For example, the revenue recognition, expense classification, and other accounting flaws at Enron, WorldCom, and others were in many cases basic process problems. A good compliance officer can introduce activities to increase transparency, such as eliminating departmental “silos,” reducing manual data entry and transfer points, and instituting periodic below-officer-level interdepartmental meetings to address common problems. Reinforced by consistent management actions emphasizing integrity and accountability, these can improve the quality of internal communications and operations.

Activities of this kind constitute applied corporate governance. They take governance themes and embed them in core corporate activities, addressing primary operational and legal risks and the expanding responsibilities (and liabilities) faced by officers and directors. Although the CCO is not a guarantor of stellar corporate governance or squeaky-clean operations, a senior officer dedicated to these issues is likely to produce positive change and diminished risk.

From a financial perspective, the role adds value and can pay for itself many times over in two ways: cost savings and strategic differentiation. Cost savings are achieved through internal risk control and resiliency activities, namely, the identification and mitigation of compliance and/or interdependency problems at earlier, less costly stages. Strategic differentiation occurs as companies aggressively communicate the existence of the role and its application to the specific concerns of various critical constituencies.

Specifically, the CCO’s position offers six direct benefits to the company and its key constituencies:

  • Added credibility with customers, resulting in additional revenues.
  • Less risk for partners, resulting in better company purchase and/or deal terms.
  • Increased trust and confidence among employees, resulting in greater loyalty and productivity, less turnover, and the preservation of intellectual capital.
  • Less risk to the company in capital markets, resulting in higher valuations, lower capital costs, and improved scores from institutional corporate governance rating services.
  • Less risk for directors and officers’ insurers and other insurers, resulting in less costly policy premiums.
  • Less personal risk for senior officers and board members, resulting in both professional value (the existence of the role reflects positively on the company) and personal value (less chance of individual lawsuits).

As with any corporate role involving changes to the status quo, a variety of issues affect the CCO’s ability to be effective. The conditions for success include:

Related Experience. A CCO should be sufficiently senior and experienced to have dealt with boards and senior management on a variety of complex issues. Former general counsel or chief financial officers are good candidates.

Independence. Ideally, the CCO should report directly to the audit or governance committee, and should have an independent budget flowing from that committee. Without a reporting relationship to the board, the CCO position is more likely to be seen as “business as usual,” with marginal value to
external and internal stakeholders. Similarly, budget dependency on management creates control (and role diminishment) problems.

Title. A corporate officer title signifies that the company takes the role seriously.

Board and Senior Management Support. Consistent and visible backing for both the position and the specific goals and themes it represents (as shown by the company’s code of ethics and business
conduct policies) is critical. “Tone at the top” is constantly measured by employees. Similarly, whether or not management’s actions follow policy and principle in the presence of inconvenient facts sends strong signals to the work force.

Sales Management Support. The support of the revenue-generating side of the business is also important. This group will quickly decide whether a given role or activity will help or hinder sales, and will respond accordingly. The CCO should therefore position the role as one of practical “sales facilitation,” and then deliver value through identifying and eliminating unnecessary steps in sales processes (while still advancing compliance goals) and, in the right situations, participating in sales calls with customers.

The creation of this position is a corporate opportunity to go beyond the letter of Sarbanes-Oxley and related requirements toward applied corporate governance. A hands-on, business-oriented CCO can translate the often amorphous elements of transparency, accountability, and integrity into positive actions — and produce tangible benefits.

Author profiles:

Worth D. MacMurray ( is CEO of Compliance Initiatives LLC and recently served as Peregrine Systems Inc.’s first compliance officer. He has been general counsel of four public companies, and has also held corporate operational roles.
Get s+b's award-winning newsletter delivered to your inbox. Sign up No, thanks
Illustration of flying birds delivering information
Get the newsletter

Sign up now to get our top insights on business strategy and management trends, delivered straight to your inbox twice a week.