Management Consultant Mike Eldon

The necessary evil that is compliance

My colleague Frank Kretzschmar and I have been hosting our story-telling Leaders Circles for 12 years. The theme for our most recent event was “The Necessary Evil of Compliance”, a topic increasingly in the forefront of our minds.

Yes, we did include “necessary” before “evil”, acknowledging that, as former Deputy US Attorney-General Paul McNulty put it, “If you think compliance is expensive, try non-compliance”.

We began by sharing what the theme meant to us, noting that where there is high trust we can be more flexible with compliance.

Everyone must comply with national laws and regulations, we readily agreed, but within organisations with healthy cultures there is scope for making judgements, while keeping a balance between trust and compliance among broader stakeholders.

These days much more work must be done on compliance and integrity matters. It’s like a fashion, said one participant, with audits sometimes carried out in a spirit of suspicion, as “investigations” that assume something is wrong.

It can make you defensive, lead to feelings of bitterness, and an erosion of trust. You know you didn’t do anything wrong, but did you miss something? Life becomes impossible when “Compliance Jihadists” are on the job, “dangerous purists”, we heard.

On the other hand though, one must certainly not be too trusting, and pain can come from relaxing emphasis on compliance, as others related.

One participant, having introduced a regime of strict submission of weekly management accounts, so trusted his people that he relaxed the discipline, later to discover that substantial fraud was taking place.

So compliance is indeed a necessary evil where there is no prevailing culture of integrity. As another of our leaders was once told, “If your audits are not revealing problems they’re probably not doing their jobs properly.”

But compliance can lead to lost opportunities too. In his legitimate efforts to reduce his debtors, a manager in one of the organisations represented so tightened credit that he began losing business.

Here we were reminded of Peter Drucker’s experience, that “people who don’t take risks generally make about two big mistakes a year, while those who do make a similar number.”

What still must be handled is impunity: why do we need so many speed bumps here — why not just put up speed limit signs, as happens elsewhere? We know the answer to that: because they would be ignored.

Two of our leaders went to the UK to study, and there they learned about a different code of conduct, making them ethical and complaint in entirely new ways, some that were hard to practice back here.

I talked about the over-specification of procurement Terms of Reference that make comparisons between competitors more straightforward but reduce bidders to commodity providers who compete merely on price.

It precludes the possibility of offering alternatives that may be better or more innovative, risking compliance becoming the enemy of excellence.

And another said there were too many examples of opportunities lost as a result of having had to comply with some conformity. It’s what turns the dynamic to the stale, breeding timidity unless someone has the guts to raise the red flag. Such situations can arise within the family too, he added, and also in religions, leading to fundamentalism.

Then, we must beware of seeing board members as people who merely provide oversight and ensure compliance. Not enough to add value through offering strategic and innovative thinking, inspiring and motivating, acting as champions and ambassadors.

As a result, CEOs too feel the pressure to comply. One such, we were told, had done a great job in the UK of developing learning, growing leaders, helping them accept that sometimes they had to be non-compliant in order to deliver the best product, is no longer in such a position… and is really glad he is no longer there.

We did however acknowledge that we have seen significant benefits of many compliance initiatives, not least through the introduction of technology — as with fairer tax collection, through PINs, the iTax and the e-Citizen system.

Our conclusion? Have enough but not too much compliance. Above all though, do the right thing, knowing that nobody’s going to know whether you did it or not.