Dear CCOs: What Is Your Mandate??

Donna Boehme – Corporate Compliance Insights – June 5, 2018

One of the most important features of any compliance program is its written Mandate. The correctly scoped mandate, approved by the Board and understood by senior management, empowers the compliance function, and clarifies it as the single point of accountability for the organization’s program. Any compliance program assessment (and any scrutiny by a government gatekeeper) should begin with the question: “What is the mandate of Compliance?”

A correctly scoped mandate serves several key purposes that support a strong and successful compliance program. An appropriate Mandate:

  • Clarifies the principal goals of the compliance function and program;
  • Defines the areas where Compliance is the single point of accountability (so important in such a multidisciplinary field); and
  • Empowers the Compliance function to pursue its Mandate throughout the organization.

An appropriate mandate is also a useful tool to clarify and reach a shared understanding about all aspects of the compliance program. For example, CCOs can open a dialogue with the Board with a discussion of the mandate and how their program will be developed to achieve that vision. Further, compliance officers can check to see if everyone on the compliance team is “rowing in the same direction” by asking selected individuals for their understanding of the shared mandate. The same is true of Compliance’s key partners in the organization, such as HR and Legal. This can be invaluable when working out roles and responsibilities in areas of the compliance program where the respective expertise and input of sister functions is needed (e.g. investigations, training, risk assessment, etc.).

A few weeks ago, I led a panel discussion with the RAND Advisory Board for the RAND Center for Corporate Ethics & Governance, along with top thought-leaders Steve Kohn, Co-Chair, National Whistleblower Center, and Mike Volkov, CEO, The Volkov Law Group LLC, and we presented the following Sample Compliance Mandate to open our discussion:


To design and oversee an effective compliance program that can (i) detect and remediate, or prevent, corporate misconduct and fraud, before those problems are discovered by third parties (such as plaintiff attorneys, investigators, prosecutors, regulators, NGO, or the media) who will then force the organization to resolve these problems on terms that they demand (such as fines and penalties, debarment, reputational damage, business interruption, or court-mandated monitor arrangement) and (ii) support a culture of accountability and ethical leadership throughout the organization.

With a Mandate as clear as the sample above, it becomes obvious that so many of the companies in the scandal headlines had utterly failed programs, which did not allow them to detect and fix, or prevent, their problems before they exploded in the crisis zone.

All Boards that are serious about compliance and ethics, or those that wish to stay out of the “compliance trainwreck” headlines, should ensure that their compliance programs have a clear, written mandate in place that is expressly approved by a resolution of the Board and communicated properly to management.

This article first appeared on Corporate Compliance Insights.

Leave a Reply