1

Justifying Compliance Budget Increases

Julie Moriarty, The Network

Jimmy Lin, The Network

2

“State of the Function 2014 Survey Results – CEB”

Budgets ARE Growing

$0.93

$0.76

$0.36

$0.08

$0.42

$0.08 $0.12 $0.08 $0.04 $0.04 $0.04$0.01

$0.48

$1.17

$0.40

NA*

$0.35

$0.07

$0.08

$0.07$0.03 $0.03 $0.03

$0.01

2012 2014 

C&E Mean Budgets per 1,000 EE:• All Companies Median in 2014: $97,333 • All Companies Median in 2012: $84,800 

Regulatory Intensity Lower Higher 

Banking and Financial Services

Insurance

Health Care and Health Insurance

Aerospace and Defen

se

Pharma., Biotech., and Chem

icals

Utilities

High Technology and 

Telecommunications

Food, B

everages, and Consumer 

Goods

Distribution and Transportation

Energy

Manufacturing and Auto.

Retail

2

3

5.56

7.91

3.27

0.501.10 1.12

0.85

0.33 0.21 0.29 0.16 0.08

4.13

10.00

4.59

0.621.02 0.87 0.67 0.43

0.12 0.25 0.160.08

2011 2013 

C&E Full‐Time Employees per 1,000 EE:• All Companies Median in 2013: 0.55• All Companies Median in 2011: 0.57 

Banking and Financial Services

Insurance

Health Care and Health Insurance

Aerospace and Defen

se

Pharma., Biotech., and Chem

icals

Utilities

High Technology and 

Telecommunications

Food, B

everages, and Consumer 

Goods

Distribution and Transportation

Energy

Manufacturing and Auto.

Retail

Regulatory Intensity Lower Higher 

“State of the Function 2014 Survey Results – CEB”

Staff Resources Remain Flat

Doing More in Polices & Training 

Compliance owns a significant number of activities in:

• Training and Communications

• Policies and Procedures

“State of the Function 2014 Survey Results – CEB”

3

Doing More in Risk Management 

• Compliance risk assessments will increase

• Third party concerns on the rise

“State of the Function 2014 Survey Results – CEB”

Doing More in Reporting Metrics

• Program effectiveness can be one of the most effective ways to gain funding buy‐in

“State of the Function 2014 Survey Results – CEB”

4

7

ROI and Program Effectiveness

• Evaluate as many data points as possible

• Look at all E&C activities

• Look outside E&C activities

• Work with other areas of organization to identify existing metrics

“Policy Management Benchmark” – GRC 20/20 Research

8

ROI and Program Effectiveness

Your workload is relevant

• Measure what you have done and are doing:

– Code/policy /procedure updates

– Issues managed

– Investigations undertaken

– Inquires addressed

– Initiatives completed

• Course completions, communications, certifications, attestations, surveys

– Employees and third parties reached

– Plans for future 

Three‐Year  Education 

and Communication Plan

2014 2015 2016

Q1Code of Conduct Training

Code of Conduct Training

Code of Conduct Training

Q2Speak UpCommunica

tion

Anti‐bribery 

Communication

Social Media Training

Q3Conflicts of Interest Training

Speak Up Training

Privacy Training

Q4Respect 

Communication

Confidentiality 

Communication

Gifts & Gratuities Communica

tion

5

9

© 2014 CEB. All rights reserved. CELC9495514SYN

n = 65 companies.Source: CEB analysis.

73%

OrganizationalJustice

27%

All Other IntegrityComponents

■ Clarity of Expectations

■ Comfort Speaking Up

■ Trust in Colleagues

■ Direct Manager Leadership

■ Openness of Communication

■ Tone at the Top

Organizational Justice is employees’ degree of agreement that:

■ Their company responds quickly and consistently to verified or proven unethical behavior and

■ Unethical behavior is not tolerated in their department.

Key Drive in Culture of Integrity

9

“Predictive Monitoring – CEB”

10

Organizational Justice on Display

Communicate, in summary and aggregate, compliance incidents and follow‐up actions/results

Reiterate no‐tolerance for unethical behaviors 

6

11

Measure Understanding

Use employee surveys to gauge how well compliance risks and policies are understood

Understand how compliance messages are received and perceived by frontline employees

12

Over‐Reliance on Hotline Data

Less than 10% of incidents reporting through hotline

More than 65% of incidents are reported to managers

CEB Survey Analysis; The Network Benchmarking Reports

7

13

Middle Management Buy‐In

Gain insights from managers by ensuring capture of incident conversations

Train managers on how to have the conversations and process for capturing incident information

14

ROI and Program Effectiveness

Ethical Culture Metrics

• Survey/assessment results

• Entry/Exit interview data

• Performance evaluations

• Examples of ethical leadership, behavior that are rewarded

• Helpline (inquiries as opposed to complaints)

• Employee communications (nature and number)

8

15

ROI and Program Effectiveness

The Negatives

• Lawsuits

• Administrative actions

• Complaints

• Fraud incidents

• Investigation costs

• Fines

16

Organizational Metrics

• Sick days

• Worker’s comp claims

• Accidents

• Theft

• Employee complaints

• Customer complaints 

• Retention rates

• Recruiting costs

9

17

ROI and Program Effectiveness

Engagement Metrics

• Management participation and sponsorship of Code and overall E&C program

• Reminders needed to complete initiatives or obtain information

• Employee:

– Feedback/suggestions

– Participation in company initiatives

– Interest shown in improving organization

18

Maintaining Program Support

Demonstrate link between E&C initiatives and benefits to business

• Better oversight & policies = better business practices

• Better E&C compliance = better compliance in all areas (safety, financial integrity, asset protection, etc.)

• Middle management & employee engagement = better engagement in all areas

• Ethical culture = better teamwork and productivity

• Stronger E&C program = better public image, better recruiting & retention

10

19

Maintaining Program Support

• Evaluate all available data to identify potential problems 

• Centralized visibility– Track everything – Totality of circumstances– Aggregate view

• Conduct regular audits of controls and processes

20

Maintaining Program Support

• Maintain leadership/Board visibility to your program status and initiatives

• Continually assess risk and employee attitudes using multiple vehicles

• Adjust program as necessary to improve effectiveness 

• Don’t forget about informal avenues for obtaining program support and feedback

11

21

Ensuring Program Success

Don’t do it alone

• Engage others to:– Help manage workload– Provide input– Support and drive program

• Work of others helps establish ownership outside of E&C office

22

Ensuring Program Success

Have a plan

• Identify short‐term wins that can be quickly implemented

• Develop a multi‐year plan with goals for each element

• Write it down and track against plan

12

23

Keep up the Momentum

• Prioritize phased activities by risk (geographic, relationship types, dollars, etc.)

• Conduct regular status meetings

• Keep moving forward, even in small steps

• Provide regular updates regarding program status to leadership

• Share process with Risk Management and Internal Audit to identify synergies that can be leveraged

Jimmy Lin, GRCP

VP of Product Management and Corporate Strategy 

The Network

JimmyLin@tnwinc.com

Julie K Moriarty

General Manager, Training and Communications Strategy

The Network

JulieMoriarty@tnwinc.com

Q&A