By Blandine CORDIER-PALASSE, Revue Compliances n°8 p.32 & 33
In SMEs, human and financial resources are more limited than in large groups. Nevertheless, certain obligations and expectations are the same. Legal departments, which are already under heavy pressure, often take on compliance tasks. The role of governance, and in particular the Board of Directors, becomes crucial in ensuring that organisations are compliant.. This role is also crucial in combating the loneliness of managers. Blandine Cordier-Palasse, Managing Partner of BCP Executive Search and co-founder of the Cercle de la Compliance, emphasised these points during our discussions.
Before we go into more detail, could you give us an initial overview of the relationship between compliance and governance within French SMEs?
It is difficult to paint a clear picture of the situation. There are disparities between groups and sectors of activity, but also, of course, between types of governance. For example, the approach will be different between a family business whose primary objective is to pass on the company and ensure its long-term survival, and a company owned by a fund seeking less long-term financial performance. Furthermore, the level of maturity of organisations in terms of compliance still varies widely.
Faced with the complexity of the regulatory environment and the recent proliferation of legislation, many company directors are at a loss. This is entirely understandable. That's why it's so important for them to have the right support and guidance on all these issues. This is - and will be - all the more true given the current crisis (editor's note: the interview took place on 28 April 2020). They are going to have to review - sometimes in depth - their operating methods, and even their business model to adapt to new developments.
What to advise for SME-ETI managers and entrepreneurs?
I think that many have realised that the law is a real economic weapon. The legal function and the role of the General Counsel have also undergone significant change in SMEs. Their remit increasingly includes compliance. Depending on the size and structure of the company, it is not possible to multiply the number of posts. Their highly cross-functional role makes them true partners of the CEO and the business.
In the United States, the General Counsel is the Chairman's right-hand man and the CFO his left! In France, we can see that this model is inspiring. Legal Directors are increasingly becoming risk managersand business partnersThis is necessary because regulatory changes are having an ever-increasing impact on the way a project, a contract or an M&A operation is put together. And this is necessary because regulatory changes are having an ever-increasing impact on the way in which a project, a contract or an M&A operation is set up. They also have an impact on the ability to do business in a given country, and so on.
It is certainly too early to draw any real conclusions from this.. How do you think the Covid-19 crisis sheds light on the importance of the ethics and compliance functions for companies?
I believe that what we are currently experiencing demonstrates - once again - the crucial importance of human capital. That was years ago, a fortiori As a recruiter, I insist on its importance within organisations. Yet it is the only resource that is not valued in the balance sheet, where human resources are still counted as a cost. Yet it is by taking effective account of this capital and of good environmental, social and governance (ESG) practices that companies will be able to align compliance, values, business model and strategy. The aim is therefore to achieve a sustainable transformation.
For example: this crisis has considerably accelerated and violently shaken up the digital transformation of businesses, due in particular to widespread teleworking. The RGPD came into force in 2017. It contains a number of provisions on data protection and cybersecurity. Two years on, I note that compliance is far from complete in many organisations. A great deal of effort has certainly been made, but it is not yet complete. Overnight, companies have had to adopt teleworking. Some were ready, others not. Compliance with the RGPD has certainly made information systems more secure. It has made life easier for organisations that were prepared. It has given them agility and responsiveness at a time crucial to their survival.
The unprecedented scale of this crisis highlights the importance of risk prevention and management. It goes beyond the scope of risk managerIn order to involve the governance bodies, both Board members and Executive Committee members need to take ownership of this issue. It is up to them to ensure that risks are identified and anticipated.
As far as governance is concerned, how should it be involved in compliance?
First of all, it should be remembered that an organisation that is able to identify risks and talk about them properly is a sign of good governance. This reassures not only shareholders but also the growing number of stakeholders. The quality of dialogue with stakeholders is a particularly important criterion for assessing the involvement of governance bodies. Members of the Executive Committee and the Board must be able to discuss compliance issues on a regular basis. Operational staff must be able to pass on information to the directors, including - if necessary - without going through the Board. top management.
Similarly, Board members must have the opportunity to challenge Comex freely on the risk management. And the current crisis will only amplify this demand. Compliance is also an increasingly frequent topic at Board meetings. Some Boards or Audit Committees now discuss the subject every quarter. In my view, this is a sign that they are becoming more aware of their responsibilities in terms of compliance.
Compliance is a subject " tone from the top ". Alone, the Compliance Officer's actions and scope are limited. This is why the role of governance is crucial. We know that the Compliance Officer must have the independence, means and resources necessary to carry out his duties. The main one is to raise issues, even sensitive ones. It is the role of governance to create conditions, particularly in terms of trust, that are conducive to effective action.
As a recruiter, can you tell us what the most sought-after compliance profiles are?
We are recruiting a large number of Compliance Officers and we are seeing a real upward trend in this function. Just a few years ago, companies were recruiting a lot of young people to set up compliance programmes.
Since then, they have realised the importance of being able to rely on more experienced profiles, who understand the business and the workings of the company, and who know how to interact with the various corporate functions with legitimacy and credibility. They also need to be close enough to the top management. They have the ability to challenge it so that they can implement a solid, effective compliance programme that is aligned with the company's strategy. This requires a certain maturity and authority. In terms of skills, the Compliance Officer must have a marked legal awareness. He or she must also understand the business and speak the language of operational staff.
How interested are the directors you recruit in governance and compliance issues?
We systematically discuss governance and compliance during recruitment interviews. It's important that they have an appetite for these subjects, given the role they play - or will have to play. They need to be able to take on the associated responsibilities. These exchanges also help to raise the awareness of those who will subsequently be responsible for ensuring that compliance programmes are properly implemented. The protection of senior executives, the business but also the company's image and reputation.
To conclude, what are your recommendations for improving the link between compliance and governance?
There can be no good governance without good compliance, and vice versa. Compliance is a matter of governance, and directors must organise themselves to ensure that management is vigilant in this area. They also have a role to play in providing genuine support to the executive, especially in times of crisis, and in accompanying him or her, without complacency, in the company's major decisions. However, some SMEs have set up a Board based on relationships, rather than on the objective of building a powerful team with complementary skills, expertise and diversity. So we need to ask ourselves how our Board can evolve.
Companies increasingly need to assess the efficiency of their management and governance bodies, to ensure that there is alignment between the bodies and the strategy, to be even more powerful and thus contribute to the sustainable transformation of the company - a key issue today.
I believe that a number of managers will have realised, as a result of this crisis, the importance of being able to rely on governance bodies with proven skills and varied profiles to ensure that they are well advised and supported. Good governance and solid compliance will enable them to face up to increasingly diverse, unpredictable and frequent risks, with ever more serious consequences, and to get through the most difficult times, in order to make the company more agile and stronger.