By Blandine CORDIER-PALASSE & Éliane ROUYER-CHEVALIER, AFJE n°23
Today, compliance is one of the key pillars of good corporate governance. While governance ensures that compliance programmes are put in place and are effective, compliance helps to improve corporate governance. These two concepts are often confused and always influence each other. Here's an overview of the subject.
Compliance is now part of governance. Good governance contributes to a company's performance. Compliance, which makes it possible to anticipate, identify and control risks and protect assets, including intangible assets, also contributes to a company's competitiveness. And that is why it is so important.
Beyond the strict observance of compliance, which calls for a tick-in-the-box attitude, it involves a real attitude of mind, the famous tone from the top, and a requirement to set an example, a culture of integrity that embodies the corporate values embodied by directors and managers. The duty of care - despite the legal difficulties - is an illustration of this. This corresponds to the expectations of investors and, more generally, stakeholders, who expect companies to be accountable for their actions.
FROM RISK MANAGEMENT TO COMPLIANCE
The extremely complex environment in which companies operate (fierce competition, international exposure, increasingly complex international legislative and regulatory developments, ever heavier sanctions by the authorities, etc.) and the pressure on employees to achieve highly ambitious financial targets make it more essential than ever to control their activities by putting in place the necessary bodies, policies and functions to ensure good corporate governance.
Companies can no longer afford not to know. They need to prevent and anticipate the key risks they identify, which may have a financial impact but also a non-financial, intangible impact on their image and reputation - and ultimately their long-term survival. The paradigms and prism through which they must approach risk management in general are changing. The corollary is the civil and criminal liability of managers and directors.
WHAT IS THE SCOPE OF COMPLIANCE?
In particular, compliance covers insider trading and confidentiality, conflicts of interest, preventing and combating the risk of corruption or fraud, antitrust, export control, security (both IT security and security of people and property), management and protection of proprietary data, environmental protection, whistle-blowing procedures, diversity, non-discrimination, and so on.
In addition to knowledge of laws, regulations and, more generally, standards, the aim is to ensure compliance with internal values and rules that have been decreed as unifying, by means of specific programmes, resources and means that are deeply integrated into the way the company operates.
THE ROLE OF THE LEGAL AND/OR COMPLIANCE DIRECTOR AS CONDUCTOR OF THE ORCHESTRA
The development and strengthening of corporate governance, the increasing complexity of the law, and the civil and criminal liability of managers and directors have led to a more global approach to risk management, based on a cross-functional approach. Against this backdrop, the remit of the General Counsel is gradually expanding. They play a strategic role in the company's decision-making process and governance. They are involved in all aspects of the group's development (mergers and acquisitions, geographical expansion, patents, etc.). Often, it is the guardian of the principles of good governance and plays a leading role in raising the Board's awareness of the importance of setting up an efficient compliance programme to control the risks identified.
By its very nature, the legal function manages risk through its strategic role in the company's legal and financial engineering. It therefore plays a fundamental role. It must be involved in setting up and designing the compliance programme. Implementation, in the sense of deployment, training, awareness-raising, promotion and execution, can be carried out by a compliance officer. He or she has operational and business experience and the legitimacy of his or her peers. He or she will therefore be in a position to implement and convey solutions tailored to the reality on the ground that he or she has experienced first-hand.
The legal director and the compliance director, when they are not grouped together in the same function, remain totally inseparable. They must complement each other and work closely together, as well as with the risk manager. The aim is to integrate all the key issues and challenges and summarise all the risks identified.
The risk map is drawn up, among other things, on the basis of business line, business sector and geographical exposure. Non-compliance risk must also be included. These three functions contribute closely to the management of this risk, which involves three main stages:
- Awareness and prevention ;
- Detection and investigation ;
- Follow-up of corrective actions and communication.
This is what the Americans call hands and gloves. This means very close collaboration between these functions. This is based on a relationship of trust and fluid, continuous communication. This equation requires a certain amount of courage. The aim is to raise issues and deal with them, rather than ignoring or even hiding them. In its role of control and supervision, it is up to the Board of Directors to set an example. It is necessary to encourage the development of a genuine culture of integrity. In other words, more than a code of conduct, compliance is above all a matter of culture.
The legal function plays a fundamental role and must be involved in setting up and designing the compliance programme.
ABOUT BLANDINE CORDIER-PALASSE AND ÉLIANE ROUYER-CHEVALIER
Blandine Cordier-Palasse heads BCP Executive Search (www.bcpsearch.com). It is a recruitment consultancy specialising in law, governance and compliance. She is co-founder and vice-president of the Cercle de la Compliance. Further information: www.lecercledelacompliance.com.
Éliane Rouyer-Chevalier was Director of Financial Communications at Accor and Chief Executive Officer of Edenred. She is Chairman of the Audit Committee of Legrand SA.