In SMEs, human and financial resources are more limited than in large groups, but certain obligations and expectations are the same. The legal departments, which are already heavily solicited, often take on compliance missions. The role of governance, and in particular of the Board of Directors, becomes crucial to ensure that organizations comply, but also to fight against the solitude of managers. It is on these points that Blandine Cordier-Palasse, Managing Partner of the recruitment firm BCP Executive Search and co-founder of the Cercle de la Compliance, insisted during our discussions.
Before going into more detail, can you give us an initial overview of the « compliance and governance » linkage within French SMEs?
It is complex to draw up a portrait of the situation as there are so many disparities between groups and sectors of activity, but also of course the type of governance: for example, the approach will be different between a family-owned company whose primary objective is the transmission and its durability, and a company owned by a fund looking for a less long-term financial performance. Moreover, the level of maturity of organizations in terms of compliance is still very heterogeneous. We realize that faced with the complexity of the regulatory environment and the recent multiplication of laws, many managers are confused and this is quite understandable. Therefore, it is important for them to be well supported and accompanied on all these subjects. This is – and will be – all the more true because of the crisis we are going through (editor’s note: the interview was conducted on April 28, 2020) as they will have to review – sometimes in depth – their operating methods, or even their business model to adapt to changes.
What advice would you give to SME entrepreneurs and managers?
I believe that many have understood that the law is a real economic weapon. In SMEs, too, we have seen a strong evolution of the legal function and the role of legal directors. And compliance is increasingly integrated into their missions because, depending on the size and structure, it is not possible to multiply the number of positions. Their role, which is very transversal, makes them true partners of the CEO and the business. In the United States, the General Counsel is the Chairman’s right-hand man and the CFO his left-hand man! In France, we can see that this model is inspiring: the Legal Directors are increasingly risk managers, business partners, who are involved at a very early stage, not only in projects but also in defining strategy. And this is necessary because regulatory changes are having an increasing impact on the way a project, a contract, an M&A operation, or even the ability to do business in a given country, etc.
It is certainly still a little early to draw any real conclusions, but how do you think the Covid-19 crisis sheds light on the importance of the ethics and compliance functions for the company?
I believe that what we are currently experiencing shows – once again – the crucial importance of human capital. For years, especially as a recruiter, I have been insisting on its importance within organizations. However, it is the only resource not valued in the balance sheet, where human resources are still counted as a cost. Yet it is the effective consideration of this capital and of good environmental, social and governance (ESG) practices that will enable companies to align compliance, values, model and strategy in order to succeed in their sustainable transformation. For example: this crisis has considerably accelerated and violently accelerated the digital transformation of companies, notably due to widespread teleworking. The RGPD, which came into effect in 2017, includes a number of provisions for data protection and cybersecurity. Two years later, I see that compliance is far from complete in many organizations. A lot of effort has been made, but it is not yet complete. Overnight, companies had to adopt telework. Some were ready, others were not: compliance with the RGPD has certainly secured the information systems and therefore, made life easier for the organizations that were prepared and brought them agility and reactivity at a crucial moment for their survival. By its unprecedented scale, this crisis highlights the importance of risk prevention and management.
It goes beyond the responsibility of the risk manager to involve the governance bodies – both the members of the Board and the members of the Executive Committee must take ownership of this subject. It is their responsibility to ensure that risks are properly identified, anticipated and mitigated.
As far as governance is concerned, how should it be involved in compliance?
First of all, it should be remembered that an organization that is able to identify risks and talk about them offers guarantees of good governance that reassure not only the shareholders but also the increasingly numerous stakeholders. The quality of dialogue with stakeholders is a particularly important criterion for assessing the involvement of governance bodies. The members of the Management Committee and the Board must be able to discuss compliance issues on a regular basis, just as the operational staff must be able to provide information to the directors, including – if necessary – without going through top management. Similarly, Board members must have the opportunity to freely challenge the Executive Committee on risk management. And the current crisis will only amplify this requirement. Moreover, compliance is increasingly invited to Board meetings. Some Boards or Audit Committees now discuss the subject every quarter. In my opinion, this is a sign that they are becoming aware of their responsibility in terms of compliance. Compliance is a « tone from the top » issue. Alone, the Compliance Officer is limited in his or her actions and their scope; this is why the role of governance is crucial. We know that the Compliance Officer must have the independence, the means and the resources necessary to carry out his or her missions – including the ability to report matters, even sensitive ones. It is the role of governance to create conditions, particularly in terms of trust, which are conducive to effective action.
As a recruiter, can you tell us which profiles are most in demand in the field of compliance?
We are recruiting many Compliance Officers and we are observing a real rise in the rank of the function. Until a few years ago, companies used to recruit a lot of young people to set up compliance programs. Since then, they have realized the importance of being able to rely on more experienced profiles, who understand the business and the workings of the company, and who know how to interact with the various functions of the company with legitimacy and credibility. They must also be close enough to top management, while having the ability to challenge it in order to implement a solid, effective compliance program that is aligned with the company’s strategy: this presupposes a certain maturity and authority. In terms of skills, the Compliance Officer must have a marked legal awareness, understand the business and speak the language of the operational staff.
What is the appetite of the directors you recruit for these governance and compliance issues?
We systematically discuss governance and compliance during recruitment interviews because it is important that they have an appetite for these subjects given the role they play – or will have to play – and that they are able to assume the related responsibilities. These exchanges also contribute to raising the awareness of those who will then be responsible for the proper implementation of compliance programs. The protection of managers, the business and also the image and reputation of the company are at stake.
To conclude, what are your recommendations for a better link between compliance and governance?
There can be no good governance without good compliance and vice versa. Compliance is a governance issue and directors must organize themselves to ensure that managers are vigilant in this area. They also have a role to play in supporting the executive, especially in times of crisis, and to accompany him or her without complacency in the company’s major decisions. However, some SMEs have set up a Board based on relationships, rather than on the objective of building a powerful team through its complementarity, its expertise and its diversity. From then on, we must ask ourselves the question of how to develop our Board. Companies must increasingly evaluate the efficiency of their management and governance bodies, and ensure that there is an alignment between the bodies and the strategy, in order to be even more powerful and thus contribute to the sustainable transformation of the company – a key issue today. I believe that a certain number of managers will have realized, with this crisis, the importance of being able to rely on governance bodies with proven skills and varied profiles to ensure that they are well advised and surrounded. That good governance and solid compliance make it possible to face up to increasingly diverse, unpredictable and frequent risks, with increasingly serious consequences, and to get through the most difficult times, in order to make the company more agile and stronger.