top of page
  • Richard Bistrong

Does Robust Compliance Mean Understood Compliance?


“We know we have a robust compliance program, one which would satisfy the regulators, but what keeps me up at night is the question as to whether it is taking hold at the field.”

If I had to summarize my experience of last week, where I participated in three compliance events, that statement from one of my lunch partners, would be it. First, an up front thank you to the organizers of the Inside Intelligence Oil and Gas for the Americas (Houston), the Houston Compliance Counsel Exchange, and the OECD Integrity Week (Paris via live video), for asking me to attend and present. Was it all a little overwhelming: yes. Did I learn a great deal: absolutely, and not while I was speaking (as my UVa M.A, mentor always proclaimed “Bistrong, when you are talking your not learning”). Rather, the teachable moments for me occurred during the presentations and panel discussions of compliance and regulatory professionals, as well as during breaks and breakout sessions. It was during that ‘down time’ when I really connected with others as to current compliance trends and challenges.

While most compliance professionals would consider my learning moments as “the basics,” this was one of my first experiences engaging with compliance practitioners in a live and interactive environment. Thus, at the risk of overstimulation, I tried to be the best ‘sponge’ of information as possible! Accordingly, I absorbed a great deal about the basics of multi-layered risk assessments, risk-based compliance, the structure of whistleblower hotlines (corporate and regulatory), travel and entertainment policies, debarment, ombudsmen, collective action, and supply chain management, for starters.

So, how does that all intertwine with the opening question? Well, as one compliance attorney stated, “Anti-Bribery compliance is a management challenge, which needs to become an internal part of the decision making process as to make compliance a positive part of the business.” Another compliance professional added, “Human nature is human nature, and when you say ‘figure it out’ to a manager in a high-risk area, that sends a message which trumps other messages.” Indeed, as another well-known practitioner amplified “You can make legal decisions which are still not ethical, and compliance needs to align positive business, legal and ethical outcomes.” He added, compliance succeeds when all stakeholders agree “we make more sustainable profit when we are ethical because anti-bribery compliance is an investment not a cost.” Agreed.

But a nod to the obvious here: anti-bribery laws have a unique characteristic among ‘white-collar’ laws, in that they are developed at the home-office, by legal, audit and compliance professionals, yet they meet reality, in what Barry Vitou ( calls the ‘sharp end’, at the furthest point from those very offices. It is at the front lines, often isolated and remote, with little support personnel yet manned by teams who are tasked with growing the business that anti-bribery compliance needs to “take hold.” And that is where I return again to my table partner, who reflected “does robust mean understood?” Or, as one person shared with me “it is the remote office concept that worries me most.”

Front-Lines Teams Are Not Compliance Professionals

But for those in the field, not being attorneys or auditors or compliance professionals, empowered with not only growing the business, but also in adhering to rules, policies and procedures which travel up, down and across the organizational chart, it can be confusing. They are the one’s who match the stated messages of compliance with the unstated messages of “how things get done around here,” and then chart a course of action. Are they thinking about risk matrixes, third party due diligence platforms and collective action initiatives? Probably not. Are they thinking, “I can do this, it makes sense, and delivers both compliance and success.” More likely, yes.

So, when I was asked during OECD Integrity Week by Patrick Moulette, Head Anti-Corruption Division, OECD, at a panel Bribery and Corruption –The Dark Side of International Business “what does a company executive weigh when engaging in bribery, or not bribing?” I replied with what I consider to be one of the more important considerations: compensation. And here lies another remote office dilemma, best reflected in a recent article in the Harvard Business Review titled “How to Really Motivate Sales People,” (link here) by Doug Chung. As Mr. Chung states, “Studies of personality type show that salespeople typically have a larger appetite for risk than other workers, so a pay plan that offers upside potential appeals to them.”

However, here is where ‘risk hits the road,’ as Mr. Chung calls attention to studies of compensation AND the uncertainties of a sales cycle. If anyone needs a 101 in sales cycle uncertainties, feel free to read my post on my own perfect storm of rationalizing bribery and the first cloud of “procurement instability.” Simply said, in high risk, frontier markets, sales cycles are anything but stable, populated by poorly trained and inadequately compensated procurement personnel, with often deliberately confusing procurement regulations. As an Oil and Gas compliance professional called it last week, “overburdened and inefficient.” Accordingly, in such an environment, as Mr. Chung reflects, “the more uncertain a firm’s sales cycle, the more a salesperson’s pay should be based on a fixed salary.”

Houston, We Have A Problem

Where you have risk-rich, low-integrity environment with sales cycle instability, and you index performance to individual measures (as opposed to corporate or group), along with public company quarterly targets, well, “Houston, we have a problem.” Corny, yes, but appropriate. I am not sure that compliance, in that context, will “take hold at the field.” In such cases, with quarterly pressure to “make the numbers” as the unspoken message of “win above all else,” it will likely be left to the field to ponder “what does management really want,” as they take compliance into their own hands to the peril of all.

Indeed, as William Below, OECD Directorate for Public Governance and Territorial Development, states in a piece The Policy Makers Guide to Graft  (link here) “ambitious targets could easily morph into an “ends-justify-the-means” approach by hitting year-end numbers,” where my only addition would be to multiply that danger by four when “hitting quarter end numbers.” In such situations, again, compliance decisions can end up in those remote offices where, as Mr. Below reflects, compensation might end up as the enabling “tipping point.”

I don’t mean to imply that all compliance is compensation, but it you layer on high-risk areas to the high-risk taking profiles of many successful business executives, as Mr. Below states, “the harsh reality may be that human nature isn’t about to change anytime soon.” Indeed, as V. Kumar, Sarang Sunder and Robert P. Leone states in as Harvard Business Review piece, (link hereWho’s Your Most Valuable Salesperson, sales people “respond quickly and enthusiastically to monetary rewards and recognition.” Combining that statement with Mr. Below’s ‘harsh reality,’ and therein lies a significant challenge of getting compliance to “take hold” at the front-lines, in those remote offices.

In sum, if you know that front-line personnel weigh inventive compensation in their ethical decision making,  then perhaps going back to my table partner,  you can think about aligning the complexities of a compliance program to what “takes hold at the field.” As Paul P. Jesep stated in a recent SCCE Blog Piece, Forgetting Ethics Has a Human Face (link here) “ethics are about people, not wordy guidelines.”

As a footnote, for those interested in continuing the conversation, reach out to Mary Crane-Charef and/or Leah Ambler,, to find out more about the Trust and Business (TNB) Project. The goal of the TNB is to identify “how a company’s corporate governance framework can strengthen its ability to do business with integrity and prevent corporate misconduct.” The OECD is looking to engage with the business community in this initiative and seeks out contributions. So, why not, and the link is right here.

*Photograph by Alain Pirot (c) Richard Bistrong, not to be reprinted or distributed without permission, 


bottom of page