Board members have a transcendental role in any company. In forming its highest administrative and representative body, they are responsible for protecting finances, evaluating the performance and suitability of senior management and designing the business strategy, ensuring that it is fulfilled in accordance with the values and purpose defined by the company. Their decisions impact the shareholders, employees and stakeholders.

In order for board members to fulfill their fiduciary duties of loyalty and care, they must make decisions based on good faith and with all the information and due diligence on the table, which will allow them to support their decisions and back the process they carried out to arrive at those decisions. This is especially true now after the changes made to compliance programs by the United States Department of Justice (DOJ). These changes seek to increase the criminal liability of natural and legal persons in order to strengthen the application of corporate criminal law and empower companies to invest decisively in this area. As a result, these programs are becoming more important than ever to support the work of their board members and senior management.

A correctly implemented compliance policy will serve as a kind of insurance that will protect the company and its board of directors in the event of a crime occurring within the organization since it makes it possible to see if its different areas are complying with the internal protocols or policies, as well as to verify the ways in which the company is reacting to any irregularities that may occur.

In order for this insurance to act as such, it is key that board members ask a series of questions related to the company’s compliance area. The answers are essential to determine whether a board can exercise its role in a safe, rigorous and effective manner. The following are the questions that I consider vital.

What are the main risk areas facing the company?

The perception of the type of risks or threats a company faces is one of the first aspects to consider when developing a compliance program. To verify if such a program is well structured, it’s necessary to consider the main risk areas that the company faces in its industry and whether said risks are adequately covered by internally established controls, supervision and cross-checks, as well as whether improvements and adaptations have been made regarding problems experienced by the company or other firms in the same field.

Are internal policies part of the company’s organizational culture?

A compliance program that lives and breathes beyond the paper on which it is written is one that is part of the company’s organizational culture and is manifested in its day-to-day activity—and part of the incentives offered to employees to keep them actively involved in its compliance. Ask how the board and other areas account for their commitment to a culture of compliance that permeates the corporate hierarchy and whether there is training for executives and employees on compliance policies according to the areas and risks to which they are exposed. Likewise, it is important to find out if employees have internalized the company’s position on the committing of crimes or misdemeanors and if there are anonymous or confidential reporting channels with whistleblower-protection mechanisms.

Do the actions or recommendations proposed by the compliance area influence the decisions made by other areas?

The team in charge of compliance must have seniority, sufficient resources and autonomy to carry out its work. To achieve this, it is necessary to know whether it has the quality and experience that the company requires, whether its status is comparable to that of other strategic areas and whether the compliance officer or their team has access to the board and all divisions.

Do incentives and compensations promote good practices or encourage corrupt behavior?

Today, it is required that the compensation system not only focus on achieving certain results or business goals but also on criteria such as innovation, risk prevention and environmental, social and governance standards. Compliance should be part of the metrics for rewarding bonuses to executives and employees, whereas non-compliance, infractions or crimes should be sanctioned with the revocation of said bonuses.

Does corporate policy allow the checking of BYOD communications or messaging applications?

One of the new features of the DOJ guidelines is that it now regulates the use of corporate information in messaging applications and communication platforms on employees’ personal devices. This raises questions such as what electronic communication channels have been authorized in the company and what mechanisms are used to preserve the information derived from them. If the company has a bring-your-own-device (BYOD) program, it is important to verify how it regulates the preservation and access to corporate information stored on said personal devices, as well as if the corporate policy allows checking of BYOD communications or messaging applications.

Does my company have an effective monitoring and investigation policy?

It is important to be clear about how the firm reacts to breaches of regulations or policies linked to compliance, whether it is a complaint, an internal or external investigation or a court case. It is also important to know what actions or sanctions were applied, what responsibility was assigned to the managers in charge and if procedures were changed to ensure that such an event will not happen again.

The value and expertise that board members bring to the company should not only be understood from the point of view of the commercial results they obtain, but also from how the company’s business is carried out. Today, more than ever, society is demanding higher ethical standards. Compliance is the perfect partner to make a difference and guarantee that board members do their work in line with today’s expectations.

The information provided here is not legal advice and does not purport to be a substitute for advice of counsel on any specific matter. For legal advice, you should consult with an attorney concerning your specific situation.

By Susana Sierra

Source: Forbes Business Council
Image: GETTY

Producido por Webit Studios