CERCOMM
Overview of the profession - profiles - remuneration - development
Interview with Blandine Cordier, founder and Managing Partner of BCP Executive Search since April 2010. She co-founded the Cercle de la Compliance in 2011 and is its vice-president.
She began her career with the Schlumberger group before joining Slaughter & May in 1988 as a lawyer. She then joined the company as General Counsel and Secretary to the Board of Directors of Parfinance from 1994. Her career continued at Gemplus in 1998 and finally at Siparex in 2007. She holds a doctorate in law, a Master's degree from ESCP and is a member of the Paris Bar.
Compliance, an evolving function
78 % of business leaders worldwide see the proliferation of regulations as the main obstacle to business growth.
But only 35 % turn to the Chief Compliance Officer in place to anticipate regulatory risks that could compromise the company's strategy.
What is the difference between compliance in banking and compliance in business?
The role of Compliance Officer varies according to the organisation in which they work. Traditionally, compliance officers work in banking, which is a highly regulated business. The main task of the compliance department is to protect the bank and its most important assets. Its customers and its reputation, in support of all business lines, are present in all geographical areas.
Regulations are increasingly complex and extraterritorial. In a constantly changing economic and regulatory environment, this function is becoming strategic to the development of responsible and secure banking.
This function generally encompasses three main activities:
*Financial security, which consists of protecting the bank against external actions, in particular the fight against money laundering. There is also the financing of terrorism, and compliance with embargoes and sanctions imposed on certain countries.
*Fraud prevention, both internally and externally,
*And ethics, which involves protecting the bank and its customers from internal misconduct. This covers prevention of market abuse, conflicts of interest, appropriateness of the offer, compliance with treaties, etc.
Compliance defines how far to go without crossing the white line. The aim is to guarantee the security of the bank's operations and protect its image, reputation and civil and criminal liability.
Compliance is more than just expertise. Above all, it is a culture of compliance with the rules to ensure that the bank's performance is more solid and sustainable.
What is compliance in a group?
Zero risk does not exist in the company and is not an objective.
With globalisation, increased competition and the race to ever higher targets on the one hand, and increasingly complex national and international regulations and standards on the other, non-compliance has become a critical risk. It can damage a company's image and reputation. It can also jeopardise its performance and even its very survival.
A company's reputation is one of its most important assets. It is also one of the most fragile. Built up step by step, over time and through excellence, a reputation can crumble in a matter of moments. It is therefore in the company's interest to do everything in its power to protect it, to strengthen it in all its activities and with all its stakeholders.
This is why it is important to take the necessary steps well in advance to protect the company from any risk of non-compliance.
Groups are also increasingly inclined to set up a compliance programme.
Certain central functions are emerging as strategic players within a group. This is certainly the case for the Compliance Officer. This profession only emerged in the second half of the 90s.
How did you become aware of the increased importance of compliance issues?
I was a lawyer and then legal director and board secretary in listed groups for 15 years. I actively contributed to the implementation of corporate governance in these groups. As early as 1995, we drew up a code of ethics within Parfinance. In 2000, I took part in the Gemplus IPO, in Paris and on Nasdaq. We then had to apply the rules of governance in compliance with the very strict constraints of the Sarbanes-Oxley regulations. At Siparex, the RCCI of this fund reported to me functionally, even though he was attached to the AMF by law.
Since I moved into recruitment, I've seen the impact of compliance on companies. Anglo-Saxon groups are ahead of the game. Compliance is an indicator of good governance and is one of the fundamental strategic elements.
My operational experience and sector and business expertise enable me to support the development of these new businesses and functions. Within the firm, we recruit cross-functional, multi-disciplinary and complementary teams in France and abroad, for global or regional deployment.
What is the role of the compliance officer?
The role of the compliance officer varies greatly from one group to another. He or she is the linchpin in implementing and rolling out compliance throughout the company, as closely as possible to the company's business challenges. He or she must be able to adapt the programme according to various parameters, in particular :
*Issues facing the company
*Issues
*Markets
*Culture and history
*Functional, operational, image and reputation risks.
As a result, it must first define the company's DNA in order to deploy an appropriate Compliance programme. This role requires excellent knowledge of the company's activities in general and a great ability to adapt. It also requires an open and inquisitive mind, and a keen awareness of changing rules and ethics. To achieve this, they must have unique character traits, specific to the position they occupy, which enable them to carry out their tasks successfully.
The Compliance Officer will not learn his job through his academic studies alone. Their experience, accumulated through the situations they encounter, will enable them to add to their knowledge. It will also enable them to develop their skills and affirm their human qualities. Every day, they have to listen, understand and analyse complex issues, and identify and propose practical solutions.
We recruit teams with complementary skills, cultures, training and sensitivities. Compliance must be deployed on a matrix basis across all functional and operational departments. Local relays can be appointed. The aim is to coordinate the roll-out of the programme through training, awareness-raising and monitoring.
In Europe, not all Boards of Directors have yet understood the importance of Compliance for the long-term future of their companies.
That said, a number of companies, whatever their size, in more or less regulated sectors, have become aware of the importance and the need to set up a Compliance programme. This spirit and culture are driven primarily by the Board of Directors and the Chairman, and embodied by senior management. It can be put in place and deployed by a Compliance officer and a team.
A Compliance Officer cannot set up an efficient programme if the guarantee is not given from the top of the pyramid. This guarantee does not have to be cosmic ethics. The will, the ambition to follow values, to embody them, whatever the situations and temptations, must be unfailing and the exemplarity of the top of the pyramid must be permanent in all places and in all circumstances.
In this context, compliance is not limited to compliance with legal or financial standards. It encompasses processes designed to ensure good governance within the company and to optimise its performance. These processes also aim to improve overall performance.
What makes a good compliance officer?
The compliance officer is responsible within the company for ensuring compliance with national and international regulations, professional and extra-professional standards and the rules of ethics and good conduct defined by the company and its environment. They must analyse these rules and standards from the perspective of the company, its business, its culture and its overall economic and extra-financial environment.
He or she must have a very good overall and cross-functional understanding of the business, and in particular of the company's organisation, culture and activities.) The Compliance Officer must be able to anticipate the risks and constraints specific to the business or to each of its branches. He or she must also communicate effectively on the usefulness and benefits of implementing good practice.
Compliance policy is correlated with risk management (corruption, reputational risk, etc.).
Compliance is more than a programme. It is the conduct of business by and for the company, based on responsibility and ethics.
The compliance officer's role is highly matrixed within a company. It is both vertical, descending from the Chairman to all levels of the Group, and transversal within all the Group's functional and operational organisations. It is carried out in collaboration and synergy with all the functional and operational departments.
1. An essential prerequisite for efficiency: a panoramic view of the company
In order to acquire a real understanding of the company's processes and operations, a good compliance officer must :
- Auditing chains of delegation of authority, analysing conflicts of interest, mapping risks and ensuring traceability of information.
- Identify the areas and people at risk, the mechanisms and issues involved, the control points and the required reporting.
This analysis enables it to determine the economic (by quantifying the costs associated with the various difficulties) and strategic (by allocating its own budget for promoting the corporate image) issues to be taken into account in the company's policy.
The compliance officer's objective : Aligning Compliance with the company's business challenges to improve overall performance.
They must have the skills and human qualities to advise, train and raise awareness of Compliance, business ethics and compliance among employees and the company's stakeholders, particularly in the context of social and environmental responsibility.
There is a need to bring this to life, not in the somewhat legal approach that we are familiar with to the responsibility of managers and economic players and the fear of liability, but in an approach that is lived, direct, controlled, cross-functional and concrete.
2. What skills and qualities are required?
The compliance officer must have a thorough knowledge of the company's business and a good understanding of what is at stake. They must therefore have a global vision of the business. He or she must be familiar with the group's strategy in order to support the managers, who must justify the legitimacy of their decision. It must also show that the decision is in line with the company's overall strategy. The means used and the process followed to take decisions are therefore legitimate.
He/she must understand market developments, whether in terms of new business segments, customers or geographical areas to be conquered. He or she must understand potential risks, so as to anticipate them and put in place processes, in collaboration with the operational and functional staff concerned, capable of securing the Group's operations.
Leadership skills. The Compliance Officer must have a great capacity for training. They must be able to identify an objective and define the means to achieve it. Rules only have legitimacy if they are understood by those who have to apply them. They must win the support of everyone in the company in order to be able to change practices. They are imposing by nature and represent a figure of authority within the company. They know how to convince.
It contributes to a general awareness of the importance of Compliance within the company, in order to create a virtuous circle.
Independence. The Compliance Officer must enjoy a certain degree of independence in order to ensure, as far as possible, the exhaustiveness of his scope of intervention and the objectivity of his remarks at the point of alert. He must not be influenced by internal or external pressure or by his own interests.
Rigour: They must have a keen sense of organisation, while identifying potential risks in advance. They have a natural authority and a certain ascendancy over those they deal with. He or she must have a strong voice and know how to make his or her ideas heard.
Integrity: They must be exemplary in terms of the values embodied by the company and which they convey.
Communicator and teacher. He or she must adapt to the culture and technical language of each person to enable them to understand the ins and outs of a problem or the processes to be respected and put back in place.
Human and firm. The Compliance Officer must be benevolent and an active listener. He or she must be able to impose sanctions without appearing to be a business censor. He must be both firm and very human. The aim is to establish a climate of trust and legitimacy so that the decision itself is legitimate and the authority is accepted.
It's a sensor. With a panoramic view of the company, they know the business and the people well enough to be able to anticipate constraints and assess the level of risk.
A good Compliance Officer is not just an expert. They take a much more general view.
It's also a watchdog.
In the face of pressure, competition and rivalry, the need to be better and the desire to succeed by any means necessary can tempt some people to cross the white line and step out of line. Confidence in the individual first and foremost, in his or her capacity for analysis, discernment and objective judgement, encourages employees, and indeed any other stakeholder in the company, to consult the Compliance Officer in order to raise a sensitive issue or discuss a problem with him or her.
3. What are the challenges of a good OC and the pitfalls to avoid?
The challenge for a Compliance Officer is to understand what is expected of him or her, depending on the sector and the size of the company.
Compliance is organised differently in a company with 100,000 employees, 10,000 employees or 500 employees. There is a real issue of specificity.
The fact remains that when a company commits to a definition of rules, there are a number of pitfalls and risks:
- A good Compliance Officer must avoid a first risk, which is that of the temptation of political correctness. We display very simple rules such as corruption is bad, the environment is good, and we are open to diversity. In this case, there's a real credibility. If all you have is a billboard with an ethical charter, a code of good conduct, all in four-colour process with pretty photos, etc. and nothing behind it. Scandal! And you risk getting an extremely strong backlash.
- The second risk is disempowerment.
- The third and more serious risk, which has been observed since the existence of the sometimes highly developed compliance programmes, is that of the misuse of compliance to make the offence compliant. Finally, it must encourage everyone to take responsibility for the results implied by the rules they have to implement, or even create. They must therefore understand that these rules are not superimposed on the business. They must consciously apply the rules of the business itself.
What will change for you?
A good Compliance Officer is becoming a strategic partner in the face of accelerating change. Added to this is the proliferation of risks and regulations. It contributes to operational decision-making in line with the company's strategic objectives. It can provide an overview and help anticipate compliance requirements before they become an obstacle to achieving the company's strategy.
Compliance officers enable companies to assess risks and transform them into opportunities to take risks in order to grow rapidly and stay ahead of the competition.
It sets up and deploys more than a programme. It must lead to the conduct of business by and for the company, based on responsibility and ethics. Its role is to align Compliance with the company's business challenges in order to improve overall performance.
