FCPA Compliance and Ethics Blog

December 3, 2014

Sherlock Holmes and Innovation in the Compliance Function, Part III – The Hound of the Baskervilles

Hound of the BaskervillesToday we honor Conan Doyle’s third Sherlock Homes novel, The Hound of the Baskervilles. The novel, originally serialized in The Strand from 1901 to 1902, is generally recognized by Sherlockians as the premier Doyle work regarding his fictional detective. Interestingly, Bertram Fletcher Robinson, a 30-year-old journalist, assisted Doyle with the plot for this novel.

Doyle’s idea for the story derived from the legend of Richard Cabell, which was a tale of a hellish hound and a cursed country squire. Squire Cabell was a hunting man and who was described as a “monstrously evil man”. He had a reputation “for, amongst other things, immorality and having sold his soul to the Devil. He was also alleged to have murdered his wife. As the story goes, Cabell was laid to rest in ‘the sepulchre’, but night of his interment saw a phantom pack of hounds come baying across the moor to howl at his tomb. From that night onwards, he could be found leading the phantom pack across the moor, usually on the anniversary of his death. If the pack were not out hunting, they could be found ranging around his grave howling and shrieking. In an attempt to lay the soul to rest, the villagers built a large building around the tomb, and to be doubly sure a huge slab was placed. To add good measure, the folklore of the county where the tale occurs, Devon, includes tales of a fearsome supernatural dog known as the Yeth hound.”

The Hound of the Baskervilles was a tale that appeared to have supernatural implications. Yet, upon closer examination, a more temporal solution was determined. I thought of this novel when reading the article entitled “Build an Innovation Engine in 90 Days” by Scott D. Anthony, David S. Duncan and Pontus M. A. Siren in the December 2014 issue of the Harvard Business Review (HBR). I found their insights quite useful for the Chief Compliance Officer (CCO) or compliance practitioner who might be faced with implementing or enhancing a compliance solution for an organization as the authors’ insights could also be used to help a CCO or compliance practitioner move a compliance function down into the DNA of an organization to make compliance a more standard process for doing everyday commercial operations.

The authors recognize that innovative ideas get brought to the marketplace often through “individual heroism and a heavy dose of serendipity” but companies need a mechanism to “make the process more reliable and repeatable without making major organizational changes.” To do so, they suggested a solution they call the “minimum viable innovation system” which can bring an innovation to fruition within 90 days. I have adapted their system for the compliance function.

Day 1 To 30 – Define Your Innovation Buckets

Initially the authors note that innovations can either be inward or outward facing. “In one are innovations that extend today’s business, either by enhancing existing offerings or by improving internal operations. In the other are innovations that generate new growth by reaching new customer segments or new markets, often through new business models.” This is also true in the compliance function as your compliance program relates to your own internal clients, customers and your third parties. It all begins with two steps (1) Determine between compliance goals and current operations; and (2) determine broad categories of compliance solutions which could fill that gap. If your gap is large, you might sub-divide your compliance efforts so that “you can map them to different directions for future [compliance] growth.” Per the authors recommendations you probably should not take on more than three as an initial effort.

Day 20 To 50 – Zero in on a Few Strategic Opportunity Areas

In this time frame, the authors believe that you meet with your customer base to “probe unmet needs”. As one class of your compliance customers will be your internal employee base, you can use a wide number of mechanisms to accomplish this, including town meetings, compliance focus groups or meetings with individual employees. You should also look outside your company by engaging in benchmarking through investigation on new developments in your industry and in the compliance space. This is also a time when you can best use big data through an appropriate data analytic approach to spots trends in your organization that might present opportunities for compliance innovation.

You should synthesize this down and the authors recommend the following, “lock the members of the senior leadership team in a room for an afternoon, share the findings, and instruct them not to leave until they have identified three strategic opportunity areas that each combine the following”: (1) A compliance function that no one is addressing very well; (2) Enable a technological solution that will enable your business unit to perform a compliance function much more easily, cheaply, or conveniently, or a change in the compliance landscape that is greatly intensifying the need for that job; and (3) Incorporate some special capability of your company that will give you an advantage in seizing this compliance opportunity.

Day 20 To 70 – Form a Small Dedicated Team to Develop the Innovations

Here the authors suggest three steps. First, dedicate a handful of the company to developing the compliance innovations. Second, work with the Chief Executive Officer (CEO) and Chief Financial Officer (CFO) to eliminate “zombie” compliance projects. Third is to develop a process checklist.

Everyone in a corporation has a day job. This is particularly true for a CCO or compliance practitioner. While there is no need for your compliance innovation team to be particularly large, the authors suggest that it have the capability “to handle at least two ideas once, since there will be inevitable course corrections and failure.” The authors define zombie projects as “walking undead that shuffle along slowly but aren’t headed anywhere.” Their reference hails to both the elimination of the AMC show The Walking Dead and the zombie banks from the Japanese financial crisis of the 1990s. The reference to the AMC television offering is that these projects are dead on arrival for a variety of reasons. The reference to the Japanese financial crisis is that because as long as these zombie projects exist, they will consume compliance innovation resources. Here the authors suggest identifying and deleting projects that hare neither core nor strategic.

Developing a checklist is a critical process step because it requires you to create a protocol to make sure you do not omit any critical step throughout the process. In order to develop this checklist, the authors suggest asking the following questions. (1) Is your compliance innovation team “spearheaded by a small, focused team of people who have relevant experience or are prepared to learn as they go?” (2) Has your compliance innovation team spent enough time directly with your business function to develop an understanding of what they can use going forward? (3) Was appropriate benchmarking performed? (4) Has your compliance innovation team defined the internal customer(s) and paths for reaching others? (5) Is your compliance innovation team’s idea “consistent with a strategic opportunity area in which the company has a compelling advantage?” (6) Does your compliance innovation team have a plan for testing? Does each test have a clear objective, a hypothesis, specific predictions, and a tactical execution plan?

Day 45 To 90 – Create a Mechanism to Shepherd Projects

During this time frame, the authors suggest two major goals for oversight. First is that the CCO needs to select and train compliance leaders to oversee the innovation team and to establish oversight rules. The group of compliance leaders who will have the autonomy to make decisions about starting, stopping, or redirecting compliance innovation projects. You should take care not to simply replicate the current executive committee, because if you do, it will be too easy for group members to default to their corporate-planning mindset or to let day-to-day business creep into discussions about compliance innovations meant to fulfill long-term goals.

The authors turned to the world of Venture Capital (VC) funding to help this group work on compliance initiatives. (1) There can be disagreement about which projects to move forward, your committee does not require unanimity. (2) The group should set a threshold monetary level that the project team(s) can spend without having to come back for every funding request. (3) Your compliance innovation projects should not be locked into a 3/6 month or other budget cycles. It may take time but when the time for review or a GO/NO GO decision to be made the oversight team needs to be ready to convene and make a decision. From this point you should be ready to pressure test your compliance innovation.

The authors’ formulation is an excellent way for a CCO or compliance practitioner to think through the process to design and create innovation in your compliance function. Just as Holmes methodically worked through the clues in front of him (and some behind him) in the The Hound of the Baskervilles you can use this protocol to assist you moving forward.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

 

 

 

 

December 2, 2014

Sherlock Holmes and Innovation in the Compliance Function, Part II – The Sign Of Four

Sign of FourToday we honor Conan Doyle’s second Sherlock Homes novel, The Sign of Four. The novel was published in 1890 but the story is set in 1888. The story entails a complex plot involving service in East India Company, India, the Indian Rebellion of 1857, a stolen treasure, and a secret pact among four convicts and two corrupt prison guards. It presents the detective’s drug habit and humanizes him in a way that had not been done by Doyle to-date. It also has a rather happy ending as it introduces us to Dr. Watson’s future wife, Mary Morstan to whom he proposes at the end of the novel.

The Sign of Four was an intricate tale with many strands woven throughout. I thought of this novel when reading the article entitled “Leading Your Team into the Unknown” by Nathan Furr and Jeffrey H. Dyer in the December 2014 issue of the Harvard Business Review (HBR). I found their insights quite useful for the Chief Compliance Officer (CCO) or compliance practitioner who might be faced with implementing or enhancing a compliance solution for an organization. But equally interesting, were that the authors’ insights could also be used to help a CCO or compliance practitioner help move a compliance function down into the DNA of an organization to make compliance a more standard process for doing everyday commercial operations.

The authors posit that “Innovation is at heart a process of discovery, and so the role of the person leading it is to set other people down a path, not to short-circuit it by jumping to a conclusion right at the start. To lead innovation, you don’t have to be the next Steve Jobs, nor do you need to guess the future. Rather, you must carve out the mental space within which the innovation process can be carried out. How? First, by setting the expectation that innovation will push boundaries. Fashion designers often include very bold designs in their lines to inspire customers to try more-flamboyant styles. . .You need not go so far. You can push boundaries just as dramatically by demonstrating a willingness to reimagine some of your organization’s most fundamental assumptions about products, customers, and business models.”

For the CCO or compliance practitioner, I think this means that innovation in the compliance function requires a different approach to leadership than the standard command and control or even collaborative approach. For a successful CCO or compliance practitioner this is accomplished by leading compliance integration into the DNA of a company through example and not simply dictated. The authors suggest, “by asking questions rather than making decisions; clearing a path to the unknown for the innovative team rather identifying the end goal; and give people the right kind of time, the right constraints and the right tools” to come up with a solution. I found the authors implications for such an approach appropriately inspiring, “Innovative leaders can create a sustainable competitive advantage not through superiority of a particular invention but by creating an organization that can learn from mistakes faster, more efficiently and more consistently than competitors do.”

The authors provide what they call “A Comprehensive Approach to Innovation” which I have adapted for the CCO or compliance practitioner to facilitate innovation in the compliance function. It consists of four steps. 

  1. Generate Insights. The authors state, “Use questioning, observational, and networking skills to search far and wide for broad insights into problems that may be worth solving.” As a CCO or compliance practitioner, you can push compliance boundaries just as dramatically by demonstrating a willingness to reimagine some of your organization’s most fundamental assumptions about products, customers, and business models. But it means getting out there and seeking input from those outside your direct compliance function.
  1. Identify an Important Problem. Here the authors recommend “Through direct observation look for an unsolved problem or an unfilled emotional or social need that enough people have for the opportunity to be worth pursuing.” This also means giving your team an opportunity to synthesize the issues. You will need to dedicate both resources and time for the process to run its course. I recognize that all corporate employees have a day job so you will need to set aside specific time for such issue identification. In addition to providing resources and time, you will need to provide your innovation team support by removing the inevitable organizational barriers, which will be thrown up in their path.
  1. Develop the Solution. The authors advocate constructing prototypes so rather than building a complete compliance solution, quickly construct a set of simple prototypes of many different compliance tools. For each, start with a theoretical example, if that looks promising internally, move to a virtual prototype to test throughout a pre-selected business unit or process. Start with a visual representation, which could be just a drawing; next move to testing a minimum viable prototype with internal consumers of the compliance solution through the simplest, quickest physical version of the offering you can devise. Finally, pilot test the full-blown compliance solution with a wider audience, including trusted and integral third parties to your organization.
  1. Devise the Business Model. Finally, the authors note that once you have worked out the offering, apply the same experimental approach to developing and testing the components of the business model, including approaches to implementation. They suggest that there are three values to such an approach. The first is that you will have generated “insight value-that is, the insight into the unknown that comes from reducing uncertainty.” The second is “option value-the option upon resolving an unknown, to pursue, alter, or abandon a course of action.” The third is “strategic value” which is both the value derived by your internal compliance consumers but also that of all the knowledge you will have gained throughout the course of the project; what worked and what did not work and, more importantly, why.

As a lawyer who moved into compliance, I initially thought that anti-corruption compliance was a function of telling everyone the rules and having them followed. Some companies are still at this stage of compliance. However, if there is one over-riding theme that the Department of Justice (DOJ) has communicated over the years it is that your compliance function needs to constantly evolve. It certainly must evolve as the corruption risks your company encounters develop but also it should also mature as your compliance program grows and becomes more ingrained in your organization. Innovation is not a concept that comes naturally to lawyers who are generally trained to study the past (i.e. read case law precedent) and apply it going forward. The idea of innovation simply does not jive with what many believe should be a static list of rules and regulations that businesses should operate under. However, as compliance moves into its next phase and becomes the best practice of a well-run business, innovation will become more of a focus.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

Blog at WordPress.com.