Throughout each year, Hanzo’s "Profiles of Excellence" series interviews industry leaders in compliance, eDiscovery, investigations, and risk management to learn about their experiences in the field and give them a platform to share advice with our community. In March 2019, we were fortunate to speak with Louis Sapirman, JD, CCEP, an E&C leader and the President of Compliance Innovator, LLC, with over two decades of experience building effective ethics and compliance programs, and corporate cultures, in large public organizations.
How long have you been working in compliance, and why did you get started in the field?
I’ve been working in compliance and compliance related fields for 25 years. I worked for Dun & Bradstreet for the past thirteen years, serving as Associate General Counsel & Chief Compliance Officer. In this role, I had global responsibility for compliance, ethics, privacy, third-party compliance, litigation, and employment law.
It was clearly my legal practice that prepared me for and drove me into the compliance field. It was, however, the fast pace of change and the positive impact I am able to have that have wedded me to compliance. There are always new things to learn, and the need for innovative and strategic thinking in compliance. What’s not to love about that!?
I love being able to look at problems within a business and find solutions that others had not seen. Because of this, excellence in compliance programming has become a passion of mine.
What are some of the most pressing challenges you believe compliance professionals are struggling to overcome today?
I believe two of the most significant struggles are the shift from reactive compliance to a proactive business partnership, and the identification and use of appropriate metrics to drive program excellence.
Too many compliance teams are still viewed as an organization’s “police force.” Making the shift to a proactive business partner is not easy, because it requires changing others’ perceptions of the value that compliance brings. It is often a long process, but well worth it, as the compliance team can then become a true driver of cultural and behavioral change for the organization.
Compliance professionals have become relatively comfortable with data related to hotline statistics. There is so much new data now available to us now to help drive and measure excellence in our programs that was previously not being collected or used. If we do not evolve and become more comfortable with using and exploiting the data resources at our disposal, like many of our peers in other departments within our organizations have already become, we will likely be left behind.
You mentioned the importance of compliance professionals being comfortable using data and metrics to make better decisions. What other skills, whether technical or personal, do you believe a compliance officer needs in order to be effective and overcome the challenges they’ll face in today’s workplace?
I believe the most important skills for a compliance professional are:
Curiosity – a desire to constantly learn about their organization and the ever-changing business landscape;
Relationship building – strength in building trusted business relationships across your organization can facilitate compliance excellence and help break down silos;
Strategic and innovative thinking – the world of compliance and ethics is changing every day and we need to be comfortable finding new ways to drive a culture of compliance and ethics into our organizations – it also takes an innovative mind to see which metrics will make a meaningful difference in the strength of your program;
Strong leadership and influencing skills – compliance professionals must be excellent servant leaders who can drive individual ownership of compliance into all corners of their organization; and
Knowledge of their organization operations and strategy, along with the regulatory environment that governs its business.
This interview is featured in our new eBook for compliance professionals, where you can learn about the different risks that exist within marketing, comms, and social media teams, the consequences of ignoring them, what you can learn from them, and how to build collaborative internal relationships that can help prevent them.
What organizational, cultural, and business trends do you think will have the most direct impact on the role of a compliance officer over the next few years?
As our workforce becomes more tech-savvy, compliance professionals will need to keep up with trends in communications.
Regardless of their age or demographic, employees today are not like they were 5 or 10 years ago. They rely less on e-mail and more on real-time social media communications tools. To be effective, compliance professionals must be able to provide communications in a manner that will be most effective for their workforce, and be comfortable testing and learning with new communications tools.
If you haven’t done so, dip your toe into the waters of Twitter, or WhatsApp. Even they are becoming “older” forms of communication in 2019, but will at least get you ready for whatever comes next.
The role of compliance, especially in multinational organizations, is in large part driven by the global legal environment. As countries around the world continue to adopt significant legal change, this will have a wide-ranging impact on the compliance professional. I believe that the enforcement and development of new privacy regimes around the world, whether in Europe, China, or elsewhere, will be one of the greatest drivers of compliance requirements over the next few years.
Right now, we are seeing most of these privacy laws simply in written form. Seeing how they are enforced will add to our understanding and the need to innovate the ways we will ensure compliance.
Finally, and probably most importantly, is the rise of data as a tool in every compliance professional’s toolbox. I believe that collecting and leveraging metrics to make more informed decisions has been a challenge for many in the compliance profession. There is now so much data available to the compliance professional, beyond the classic hotline statistics, that innovation in how we use that data to drive excellence in our programs will likely be what we look back on 5 or 10 years from now as being the most significant change.
For those companies that have the resources, we will begin to see the use of “artificial intelligence”-like systems to identify red flags, assist with risk analysis, and simplify time-consuming internal processes and workflows.
If you had the opportunity to spend one week with any organization's compliance team, what are the 2 or 3 things you would focus on doing in that week to make the biggest impact and leave a lasting impression?
I believe there are three things I would want to focus on with any compliance team if given one week.
First is reframing the focus of compliance from reactive to proactive. The second is taking a strategic approach to compliance planning and building greater ownership in the team and the organization’s success. Finally, I would want to focus on individuals’ development and what they need to be passionately engaged in the organization’s future.
Many compliance teams spend an inordinate amount of their time responding to questions and dealing with investigations. Although this is the bread and butter of compliance, it is not often where we are able to provide the greatest value. Beginning to flip the mix of work that a compliance team is focused on to more proactive risk assessments and operational reviews provides significant benefits to the team and organization.
The compliance team will have the opportunity to build strong relationships throughout the business, add value early in the product and sales lifecycle, and develop a significantly stronger base of knowledge, which has the added side effect of making it more valuable and effective in its reactive work as well. Proactive compliance requires a different mindset than reactive compliance. The compliance professional must begin to see themselves as a true business partner, helping to drive the future success of the business. As the compliance team sees themselves in this role and acts upon it, the business will be more likely to stop viewing compliance as “Dr. No.”
I am a big proponent of giving all compliance professionals an opportunity to take part in the strategic direction and future of the compliance organization. This develops a much stronger sense of ownership within the team’s individual members. I would begin with visualization exercises to help the team see what is truly possible and what is needed. This will often include identifying what the team’s “brand” should be within their organization. When a team understands what audacious success looks like, it gives them a stake in helping drive the team to new heights.
A team is only going to be as strong as the members want it to be. I believe compliance professionals, like all employees, are driven by personal goals and interests as much as the team’s mission. If compliance leadership does not devote significant time and attention to the care and development of the individual team members, the likelihood that they will “bring their whole selves” to work is small. Accordingly, I would take time to do some self-awareness work with the individual members of the team and help the leaders identify ways they can most effectively aid in each person’s development.
Since the question gives me only one week, I intentionally omitted anything about training on new laws and regulations or digging into current policies and practices. These are obviously very important as well. In my opinion, building a great team that is passionately engaged in your organization’s future first will make all of the tactical compliance efforts significantly more effective.
Thank you for your time, Louis, and thoughtful responses to these questions. If an ethics and compliance professional reading this wants to get in touch with you or discuss these topics in more depth, how can they reach you?
This article was originally published on Corporate Compliance Insights.
You can read more stories from our "Profiles of Excellence" series on our blog, including:
Alexandra McCombs, Senior Project Manager at PAE: "10 Years In, and Still Passionate About eDiscovery"
Joseph Stephenson, Managing Director at Hagerty Insurance Agency: "Social Media Investigations - Lessons from a Master"
Ben Robbins, Senior Manager for Information Governance, eDiscovery and Forensics at LinkedIn: "Getting to Know Ben Robbins from LinkedIn"
Ricky Brooman, CEDS, Litigation Support Project Manager at Saul Ewing Arnstein & Lehr LLP: "Zero to Sixty in eDiscovery - the Value of On and Off the Job Training"
Louis Sapirman recently participated in a CCB CEU eligible webinar hosted by Hanzo on the topic of leveraging marketing and social media best practices in a compliance program. You can watch a recording of that webinar, read about the 8 key lessons from that webinar, or download a new eBook that dives deep into the themes of digital risks for compliance teams and mitigating them by collaborating with marketing.