Right Balance between Program Structure and Resource Deployment for Effective Compliance

George (Sonny) H. Cave, SVP, General Counsel, Chief Compliance & Ethics Officer and Corporate Secretary, ON Semiconductor
1104
1815
362
George (Sonny) H. Cave, SVP, General Counsel, Chief Compliance &  Ethics Officer and Corporate Secretary, ON Semiconductor

George (Sonny) H. Cave, SVP, General Counsel, Chief Compliance & Ethics Officer and Corporate Secretary, ON Semiconductor

Being Proactive, not Reactive

The compliance field is changing more rapidly than in the past. The media have recently brought many troubling on-going practices in the world to light. Companies can no longer afford to take a wait and see approach, and as such we have taken proactive measures to enable our business to operate successfully in accordance with our high standards. Stay proactive not reactive. Transparency is another key challenge that companies are facing. The compliance industry has often taken a conservative approach and information about on-going company actions and issues was not widely disseminated to employees or other stakeholders. Thus, improving transparency is becoming an important component for organizations to embrace in implementing company-wide programs.

Through the desire to be more transparent, many companies struggle with determining what additional information should be disclosed and what is the best way to do that. Here again we are being proactive—engaging our employees through surveys in the compliance area and are sharing the results with them, along with other compliance metrics that we track on a regular basis.

Understanding Global Risk Implications

As international markets continue to grow and countries and corporations become ever more entwined, everyone doing business must be alert to the growing number legal regulations and requirements; in addition, they must develop and operationalize effective programs to create a culture of compliance aimed at preventing and detecting unethical and unlawful conduct. Every organization is different and unique in its culture and values, as well as where and how the business operates.

“Data security and privacy is fast growing area of concern, which has to be addressed when utilizing any technology that could compromise participation if it is not trusted”

One size does not fit all and you have to find your own mechanism that can be applied to your organization to be effective in compliance and ethics. We operate our business worldwide in more than 25 countries. Some countries are ranked in high risk areas where our constant monitoring is necessary, while some countries are low risk areas but we still have to understand and be prepared for all types of potential risks that could lead to problems. It is imperative that we seek, if necessary, local expertise and build buy-in at the local level, with reliable and constant actions.  As a company operating in foreign countries, we have to adapt to and be sensitive to local customs and practices, but still act consistently across all of our operations. In this connection, we have a world-wide network of Compliance and Ethics Liaisons within the company who are part of the corporate program but reside within our business functions and operations around the world.

Our Compliance and Ethics Liaisons help identify and address risks of criminal, illegal or unethical conduct and serve as the first point of contact to address concerns raised by employees in their local sites.

Determination of the Right Technology

Technology will help organizations detect problems before they occur, but again a “one size fits all” approach does not always work. We have to determine what technology works and what does not work for our organization. It is necessary to provide employees with readily available and easy options for reporting and dealing with compliance issues. Data security and privacy is fast growing area of concern, which has to be addressed when utilizing any technology that could compromise participation if it is not trusted. By the end of 2014, our Compliance and Ethics Liaisons will have access to a case management tool, which is hosted by a third-party, to report and track compliance and ethics related incidents that they receive from local employees.

We will also have the ability to assign and manage cases using the case management tool at the corporate level when matters are reported through our ethics hotline or other sources.  The case management system allows us to house the incidents in one place, and easily review, monitor, analyze and run reports.

Advice to Fellow Compliance Officers

Start small as you are not going to build and maintain a world class compliance program overnight.  Benchmark other companies or even learn from their best practices. Companies can help each other to create better and sustainable programs. Do not be afraid to take new initiatives; compliance is not a static area of practice. Compliance is constantly changing and evolving. Find the right balance of program structure and resource deployment to fit your company’s unique culture and compliance challenges.

It is important to be able to demonstrate that your organization operates at the highest standard and that it brings real value to both the employees and shareholders of your company.

Read Also

Easing Compliance: Expanding an Ethical Culture Through Technology

Easing Compliance: Expanding an Ethical Culture Through Technology

Raphael Richmond, Global Director-Compliance, Ford Motor Company [NYSE: F]
Cybersecurity Risks and Why Internal Partnerships and Cross-Functional Resources Matter

Cybersecurity Risks and Why Internal Partnerships and Cross-Functional Resources Matter

Adrian Mebane, VP & Deputy General Counsel, The Hershey Company [NYSE: HSY]
Chief Compliance Officers And Cyber Security: A Match Made in the Boardroom

Chief Compliance Officers And Cyber Security: A Match Made in the Boardroom

Robert Garretson, GM, Governance Strategy, United States Steel Corporation
Avoid Non-Compliance by Getting Your SSH Keys under Control

Avoid Non-Compliance by Getting Your SSH Keys under Control

Fouad Khalil, Director of Compliance, SSH Communications Security