What’s next on the agenda for Chief Compliance Officers?

As demands on the compliance function grow more intense, Chief Compliance Officers (CCOs) must proactively embrace new leadership responsibilities for their role and reposition how their function is thought of among stakeholders, according to Gartner.

We sit down with Chris Audet, Senior Director at Gartner, to see what’s next on the agenda for global compliance leaders.

Chief Compliance Officers

How has the role of the Chief Compliance Officer evolved in the past few years?

CCOs have shifted from a reactive to a more proactive posture. At the same time, the CCO mandate has expanded. Beyond managing core legal and compliance risks, compliance is increasingly tasked as a strategic advisor in ESG and CSR matters, as well as managing the risks of the organizations extended enterprise.

Compliance is also partnering closely with privacy leaders in the wake of GDPR and CCPA regulations and working closely alongside HR leaders after #MeToo and social justice movements of the past year that have led to many organizations reaffirming their commitments to DEI.

What are the most important traits for the modern CCO role? What should aspiring professionals gain an understanding of?

Today’s CCO must sharpen their skills in establishing strong partnerships beyond assurance functions to ensure clear risk ownership and accountability, promote a strong corporate compliance culture that is increasingly reflective of the organization’s posture in ESG and CSR, play the role of strategic business advisor to support business growth amid digitalization initiatives and inorganic growth amid the ongoing pandemic, all while supporting technology initiatives that allow them to do more with the same or fewer resources.

Regulations such as the GDPR and CCPA have forced more organizations to quickly establish a CCO role. Are we witnessing the creation of a robust culture of compliance?

GDPR and CCPA only expanded the mandate for compliance leaders. The drumbeat has been strong for a robust culture of compliance now for many years.

Only in the last several years are compliance leaders now recognizing that a robust compliance culture is more than the byproduct of low rates of noncompliance or misconduct. Instead, progressive compliance leaders are recognizing that a robust compliance culture is also driven, in part, by the organization’s commitment to ESG, CSR and DEI initiatives.

In the last year, organizations have had to shift from an “office-centric” model to a “human-centric” model, requiring many leaders to shed outdated assumptions about how to best design the working environment for a new hybrid future.

The implications of a hybrid work environment on compliance culture are not yet fully known, and guidance for compliance leaders on creating a strong compliance culture in a hybrid work environment is yet to be written.

Now more than ever, a CCO has to reinforce the business priorities of the organization. What advice do you have for newly appointed CCOs in large organizations?

CCOs should focus on minimizing uncertainty about their role upfront and have a clear sense of roles and responsibilities for the compliance program:

  • Continuously connect with stakeholders across the organization by collaborating on key program initiatives in order to ensure the program has a wide-ranging reach.
  • Continually assess the function’s current state and maturity by prioritizing improvements in order to make the best use of limited resources.
  • Plan and act to address the most pressing issues while paving a vision for the future by measuring the progress of the program through data-led initiatives to track improvements over time.


Subscribe to the Help Net Security breaking news e-mail alerts:


Don't miss