This presentation discusses the role of the chief compliance officer within the corporation, and in particular the CCO's relationship with the board of directors. This issue has important implications for effective corporate governance, risk management, and ethical behavior.
Effective Reporting to the Board on Compliance and Ethics Issues
1. Effective Reporting to
the Board on Compliance
and Ethics Issues
Douglas Y. Park
DYP Advisors
July 19, 2011
2. DYP Advisors
(http://www.dypadvisors.com)
1
The Agenda
o Who should manage the Compliance and Ethics (C&E) program?
o Who should report to the Board?
o When should C&E issues be reported to the Board?
o What is the Board’s role in C&E?
o What are the NASDAQ and NYSE requirements?
o How to handle ethics training for the Board?
3. DYP Advisors
(http://www.dypadvisors.com)
2
Who’s in Charge?
o Structure of C&E
o Legal?
o Pros
o Cons
o Internal audit?
o Pros
o Cons
4. DYP Advisors
(http://www.dypadvisors.com)
3
Who’s in Charge?
o If legal is in charge
o Internal audit supports legal
o Internal audit must conduct reviews and provide relevant data
o The data must follow legal’s guidance concerning the critical C&E
risks
5. DYP Advisors
(http://www.dypadvisors.com)
4
Who’s in Charge?
o If internal audit is in charge
o Legal supports internal audit
o Legal must provide advice regarding acceptable risk boundaries
o That will help internal audit focus its data collection and analysis
6. DYP Advisors
(http://www.dypadvisors.com)
5
Who’s in Charge?
o Mixed group might be best – even if the head is from one discipline
o Legal and internal audit must collaborate
o To make data collection and analysis efforts efficient and effective
o To reduce C&E risks
7. DYP Advisors
(http://www.dypadvisors.com)
6
Who Reports to the Board?
o Only one person should report to the Board
o Board should receive only one report
o The report should include information from relevant parties
8. DYP Advisors
(http://www.dypadvisors.com)
7
Who Reports to the Board?
o Should GC report to the Board even if legal does not manage C&E?
o Yes
o No
9. DYP Advisors
(http://www.dypadvisors.com)
8
How Often To Report To Board?
o What is the board’s involvement in the C&E program?
o Does the company have a process for reporting C&E issues to the
board?
o Is C&E consistently on the board’s agenda?
10. DYP Advisors
(http://www.dypadvisors.com)
9
How Often To Report To Board?
o Frequency of complaints
o Company wide problem
o What level of employee is involved
o Hot button issue
o Potential government investigation and penalty
o Impact on company’s reputation
11. DYP Advisors
(http://www.dypadvisors.com)
10
Board’s Role in C&E
o Board can set the tone for the rest of the company
o C&E is big piece of board’s risk oversight function
o Needs to be involved in overseeing C&E
o Must know main risks company faces
o Director and corporate liability?
12. DYP Advisors
(http://www.dypadvisors.com)
11
NYSE Requirements
o NYSE Listed Company Manual § 303A.10
o Adopt and disclose a Code of Business Conduct and Ethics for
directors, officers and employees, and promptly disclose any
waivers for D&O
o Each Code must also contain compliance standards and
procedures that will facilitate the effective operation of the Code
o CEOs must certify compliance with listing standards every year.
(Final NYSE Corporate Governance Rules, Section 10.)
13. DYP Advisors
(http://www.dypadvisors.com)
12
NASDAQ Requirements
o Rule 5610 of NASDAQ Listing Rules
o Code of Conduct that complies with the definition of a “code of
ethics” under § 406(c) of the Sarbanes-Oxley Act and SEC
regulations
o Code must apply to all directors, officers, and employees. Can
satisfy this obligation by adopting one or more codes of conduct
o Any waiver for D&O may be made only by the board and must be
disclosed to shareholders, along with the reasons
14. DYP Advisors
(http://www.dypadvisors.com)
13
NASDAQ Requirements
o Rule 5610 of NASDAQ Listing Rules
o Each Code must also contain
o An enforcement mechanism that ensures prompt and consistent
enforcement of the code
o Protection for persons reporting questionable behavior
o Clear and objective standards for compliance, and
o A fair process to determine violations
15. DYP Advisors
(http://www.dypadvisors.com)
14
Ethics Training for the Board
o Why?
o So board can better understand C&E program
o Stock exchanges strongly imply
o When?
o Once a year minimum
o What?
o What does the board already know?
o What does the board need to know?
16. DYP Advisors
(http://www.dypadvisors.com)
15
Takeaways
o Structure of C&E program involves legal and IA
o One person should report to the board
o Board needs to receive regular updates
o NYSE and NASDAQ imply board oversight
o Board training in C&E strengthens reporting
17. Thank You!
Douglas Y. Park
DYP Advisors
http://www.dypadvisors.com
(650) 814-3933
dpark@dypadvisors.com
16
Hinweis der Redaktion
Audit Committee should take lead in oversight of C&E.