On February 3–4, 2011, members of the Audit Committee Leadership Network (ACLN) met in New York. In one session, members addressed the issue of regulatory compliance. This document reflects a summary of the key points that members raised in the discussion, along with background information and perspectives that members shared before the meeting.
A number of major themes emerged as ACLN members engaged in a wide-ranging discussion of trends and strategies in the area of regulatory compliance.
Audit chairs see a challenging regulatory environment
Regulatory compliance is becoming an ever more demanding challenge for companies as governmental regulation expands and enforcement becomes more rigorous. Even companies’ approaches to compliance itself are becoming subject to governmental directives. ACLN members said company management must engage with regulators to build trust and stronger relationships. Increasingly, even board directors may need to interact with regulators, a development already under way in some sectors, such as financial services.
Companies are strengthening their compliance functions
Achieving compliance is a complex endeavor involving the legal function, internal audit, dedicated compliance staff, and ultimately the whole company. Members noted that companies are applying more resources to the task and that they are trying different organizational approaches, spurred partly by governmental directives such as the Federal Sentencing Guidelines. Although the government has pushed companies to have independent chief compliance officers (CCOs) who report to the CEO, most audit chairs believe that the best way to organize the compliance function depends on a company’s specific situation and that a compliance-oriented culture is as important as a specific structural solution. The costs and consequences of noncompliance are clear, but many audit chairs are wondering how to assess the effectiveness of their increased spending on compliance.
Audit committees are spending more time on compliance oversight
Compliance oversight is an increasing burden for boards. While some boards are creating separate compliance committees, most audit chairs reported that responsibility for compliance falls to the audit committee or a subcommittee of the audit committee. Audit committees hear frequently from the compliance officer, and they are interested in how they might engage more deeply on compliance issues. At the same time, they are worried that a mounting emphasis on compliance could distract the board from other important issues, such as company strategy.