Articles and Blogs

Board members play a fundamental role as the highest governing and oversight body of a company. They are responsible for protecting the organization’s finances, assessing the performance and suitability of management, defining the business strategy, and ensuring that it is carried out in line with the company’s values and purpose.

This essential role also comes with significant challenges inherent to leadership and the nature of business itself, as directors’ decisions impact shareholders, internal operations, and all relevant stakeholders.

In this context, it is crucial that board members fulfill their fiduciary duties of loyalty and care, principles primarily developed in Anglo-American corporate law. Notably, the duty of care is supported by the Business Judgment Rule, which holds that corporate decisions must be made in good faith, with due diligence, and based on sufficient information. This allows directors to justify their decisions by demonstrating the soundness of the process that led to them.

Given the growing evolution of criminal law—especially regarding the legal liability of both individuals and corporations—compliance programs are becoming a key support tool for boards and senior management. A well-designed and effectively implemented compliance program serves as a form of insurance, helping protect both the company and its directors in the event of wrongdoing. These programs provide visibility into whether company areas are adhering to internal protocols and policies, and how the organization responds to potential risks or violations.

That’s why before accepting a directorship, it is critical for incoming board members to ask a series of targeted compliance-related questions. These questions are essential for directors to carry out their role confidently, responsibly, and effectively—benefiting from the significant protection that a robust compliance framework can offer.

Below are 25 key compliance questions directors should ask before taking on their role:

 

Main Question:

1. Does the company have a compliance program in place?

Risk & Compliance:

2. What are the company’s main risk areas? Are these risks addressed by the compliance program?

3. Were these risks identified using a formal risk matrix? Were other departments involved in its creation? Has the board reviewed this tool? Is there a process in place for updating it?

4. How is evidence of compliance documented? How is performance across departments measured against established compliance policies, procedures, and controls?

5. How has the board demonstrated its commitment to a culture of compliance?

Compliance Officer (CO):

6. Who is responsible for overseeing the compliance program—a Compliance Officer or equivalent role?

7. Does the CO have autonomy, independence from operations, and sufficient resources?

8. Is there a designated board-level space to discuss compliance issues? Does the CO report regularly to the board?

9. How much influence do the CO’s recommendations have on company-wide decision-making?

Independent Oversight:

10. Is the program periodically reviewed by an independent third party? How often? Are the recommendations of that third party considered and acted upon?

Internal Policies:

11. Are the company’s policies, procedures, protocols, and internal codes known to the board? Were they approved by the board?

12. Are these policies aligned with the organization’s values and corporate purpose?

13. Are they clearly communicated to employees and kept up to date and accessible?

14. Are they also shared with third parties such as clients, suppliers, and stakeholders?

15. Do they consider both local and international legal frameworks?

Training & Education:

16. Are there regular compliance training sessions for the board? How are the topics selected?

17. Are executives and employees also trained and evaluated on compliance? How often? Are trainings adapted to their specific business area?

Incentives & Compensation:

18. What are the principles behind the company’s incentive structure? Do they include non-financial objectives such as ESG goals, innovation, risk prevention, or department-specific targets?

19. Has the company linked any compensation or bonuses to compliance objectives?

Whistleblowing & Internal Investigations:

20. Does the company have whistleblowing systems (digital or physical)? Are whistleblowers protected (anonymity, confidentiality, no retaliation)? Are employees aware of these channels? Do external stakeholders also have access?

21. Have any reports been made? If so, were proper protocols activated? How quickly was the board informed?

22. How does the company ensure consequences are enforced for breaches of compliance policies?

Monitoring & Updates:

23. When was the last significant update to the compliance program? Has it been adjusted to reflect regulatory changes or industry developments?

24. If a compliance issue has occurred—such as a complaint, internal/external investigation, or legal case—how did the company respond? What were the consequences? Has the company taken steps to prevent recurrence?

25. How has the board communicated the company’s position on misconduct to employees?

**

Every director should carefully consider these questions and evaluate the answers before accepting a board seat. The value and expertise directors bring must be reflected not only in the business results of the company—which are, of course, important—but also in how those results are achieved.

Today, more than ever, society is demanding higher ethical standards. In this regard, compliance is the perfect partner for directors and executives who seek to lead responsibly and sustainably.