CCI’s CEO, Maurice Gilbert, recently caught up with one of Kroll’s key compliance leaders, Kevin Braine. What follows is their discussion about Kevin’s background in the field, the current state of compliance and an overview of Kroll’s 2017 Anti-Bribery and Corruption Benchmarking Report.
Maurice Gilbert: How did you get started on a career in compliance?
Kevin Braine: I was always interested in investigative work and applied to Kroll straight out of university. I did not even make it to the interview round at that time and ended up starting my career as a journalist and was lucky enough to travel extensively, working in a variety of countries across Europe, the Middle East and Africa. In particular, I was involved in profiling companies and reviewing their exposure to a number of business risks, including the risk of regulatory breaches. The investigative and people skills I developed gave me a head start when I first started working for a due diligence and investigations firm over 15 years ago. Since then, I have always focused on the detection and prevention of bribery and corruption and increasingly concentrated on working closely with organizations putting in place or enhancing their ABC compliance programs.
MG: Did you have any mentors who helped shape your views?
KB: I have had the good fortunate to work with an extraordinary bunch of individuals and have learnt much from a great many different experts in their fields. To pick just two: René Biagi, the former Agence France Presse Eastern Europe Head, introduced me to the subtleties of investigative interviews, and Ken Farrow, former Head of the City of London Police fraud squad, taught me the discipline required to manage a complex investigation.
MG: How do you stay current on ethics and compliance issues?
KB: Bribery and corruption are fascinating topics and keeping up to date is a pleasure rather than a chore. I find I learn as much from the continuous discussions I have with legal, internal audit and compliance teams than from reading the press and specialist publications. Kroll also employs an abundance of experts who previously worked in the regulatory field, at law firms or embedded within the public or private sector from whom to learn from and share ideas.
MG: What are some of the high-level takeaways from the Anti-Bribery and Corruption Report?
KB: Based on a survey of compliance professionals, combined with analysis of Ethisphere’s data on the World’s Most Ethical Companies® and insights from Kroll’s globally recognized experts in the field of anti-bribery and corruption, key themes from this year’s report include:
The Rise of Reputational Risk
ABC Programs: Ongoing Challenges, New Lines of Defense
Monitoring: The Evolving Role of Compliance Post-Onboarding
M&A: A Deeper Look
MG: What does the ABC Report indicate about the significant issues facing compliance officers, risk managers, etc.?
KB: Reconciling an organization’s compliance structure and resources with a fast-changing regulatory environment remains the key issue facing compliance professionals and the ABC Report flags this in several different ways.
MG: What do you believe is the optimal reporting structure for the CCO and why?
KB: Like internal audit, the CCO needs to be independent and have a direct way to make his or her voice heard at board level. The exact reporting structure will vary greatly depending on the size and reach of the organization. There is no one-size-fits-all approach.
MG: How do you effect change within your client’s environment?
KB: No organization sets out to deliberately bypass regulations or to act improperly. Compliance departments are there to alert an organization to areas of risk, detect potential problems and put in place controls to prevent bad behavior. I help compliance teams and CCOs avoid the pitfalls of poorly thought-out policies and processes and help design effective, sensible, risk-based and proportionate third-party vetting programs.
MG: Drawing from both your experience in compliance and the findings from the ABC Report, what are some of the evolving threats and risks facing corporate compliance professionals? Do you see the CCO role evolving within the next three years as a result, and if so, how?
KB: The increased focus on personal liability is a growing threat and risk to corporate compliance professionals. Those unfortunate enough to work in organizations that do not take regulatory compliance seriously enough will find their positions increasingly uncomfortable as they become personally liable for corporate shortcomings that may well be outside their control. I believe that companies with a poor compliance track record or an unwillingness to effect meaningful change in that regard will find hiring and retaining effective CCOs increasingly difficult in the coming years.
MG: What do you see as the greatest business risks facing companies today?
KB: Cybercrime is the thing that keeps a lot of my clients awake at night. Partly because it is very hard to assess how well-protected an organization may be, and partly because it is an area that many boards struggle to truly understand.
MG: What do you see as the greatest regulatory risks facing companies today?
KB: An FCPA or UKBA breach, because the legal costs and business disruption alone are enough to severely damage a company.
MG: How might Chief Compliance Officers, Chief Audit Officers and Chief Risk Officers prepare to face these risks?
KB: By having a good understanding of issues affecting their industry, ensuring that they really understand how their organization conducts business on the ground and by avoiding complacency. Unfortunately, I have yet to come across a sector or type of organization truly immune from malpractice.
MG: How does Kroll help its clients mitigate risk?
KB: We are a specialist risk management company. My area of expertise is bribery, corruption and third-party relationships and www.kroll.com highlights all the other ways in which we help clients mitigate risk, whether it be risk of financial crime, leak of information, cybersecurity or security consulting.
MG: What new service offerings do you have in the queue?
KB: We are increasingly brought in to help detect “softer” reputational risks, such as labor issues, conflicts of interest or poor environmental track records, on top of our traditional strength in identifying regulatory risks. Kroll has also invested heavily in technology to make comprehensive compliance programs more cost-effective. In particular, our new automated monitoring service, available in the Kroll Compliance Portal, allows compliance professionals to constantly review the status of large numbers of third parties and allows them to react quickly should any suddenly fall foul of sanctions or get embroiled in issues that change their risk profiles.
MG: Compliance departments are often asked to accomplish their work with limited resources… do you see this situation changing any time soon?
KB: I have never heard a CCO complain about being over-resourced, and I don’t imagine this will change in the near future. Technology is helping to ease the burden, but there is always more than enough work to be done.