There has been a lot of discussion around an article that recently appeared on Forbes.com called “Why Companies Shouldn’t ‘Do’ Compliance.” The author, Dov Seidman, advocates that the current GRC approach to ethics and compliance should evolve into a “GCL” approach, or “governance, compliance and leadership.”
His premise is that too many companies operate under the illusion that simply having a compliance program makes them a more compliant organization. This is a correct assumption if management takes a “check the box” attitude toward compliance and looks to meet the bare minimums needed for certification or a “passing grade.” But not if ethics & compliance is “baked in” to the corporate culture. Maybe that the leadership “L” that Seidman advocates, because an ethical culture requires a superior tone from the top where ethical behavior is touted and expected, and the procedures required for compliance are fully explained.
The point here that we all can agree with is this: compliance as an objective has great value. How you get there is essential to that objective, because unless you approach the goal with acting with a high degree of ethical behavior – at every level – the purpose behind ethics & compliance becomes totally lost. As Seidman says, “the notion of a compliance program should be replaced with a commitment to a culture where compliance is an outcome of deep connection to a fundamental set of values and a mission and purpose of significance.”
Maybe it’s time we replaced “doing compliance” – a misnomer that we all have colloquially used – with programs that are aimed toward “getting compliance.” That will take a business strategy that leverages an ethical culture, along with trustworthy, purposed-based leadership and a set of moral-based business values that we absolutely refuse to break.