The following is an interview I did with the unparalleled Tom Fox – otherwise known as “The Compliance Evangelist.” In the interview, he discusses his new book, “The Complete Compliance Handbook,” available HERE.
Kristy: Hi Tom! Thanks so much for taking the time to answer my questions. I love The Complete Compliance Handbook. Tell me, why did you decide to write this book?
Tom Fox: For several years, I have wanted to write a definitive, single volume on what constitutes a best practices compliance program. I decided in 2017 to bite the bullet and dedicate the year to writing it. It turned into a journey of discovery as I was able to interview many of the country’s leading compliance practitioners and others to incorporate the most current thinking into the book
The book is a practical guide, not a book with an academic or legal focus. It is designed to be used by all levels and expertise of compliance practitioner, from the long time CCO to the newly minted compliance professional. It has the most current government thinking and commentary on what constitutes a best practices compliance program; incorporating the Justice Department’s Evaluation of Corporate Compliance Programs and new FCPA Corporate Enforcement Policy, both of which came in 2017. There is no other book which incorporates this most recent information.
Kristy: How did you organize it?
Tom Fox: The first chapter is, “31-days to a more effective compliance program.” The last chapter is, “One month to more fully operationalizing your compliance program.” In between are 10 chapters which give you specific steps to take within concrete compliance areas: Operationalizing Compliance Through Human Resources, The Role of the Board of Directors and Compliance, 360-Degrees of Communication in Compliance, Better Third-Party Risk Management, Reporting and Investigations, Internal Controls, Innovation in Compliance, Written Standards, More Effective Compliance for Business Ventures and Continuous Improvement
Kristy: That’s great! So how can a reader use the book?
Tom Fox: Of course, you can read through the nearly 600 pages of text straight through, but the book is also designed to provide 12 one-month tutorials on how to create, implement or enhance one component of your compliance program. You can go through each chapter and read about one thing you can do each month, which you can do at little to no cost to more fully operationalize your compliance program.
Kristy: Who would most benefit from reading this book? Is it someone who is just starting, or a seasoned CCO?
Tom Fox: It is designed to be used by all levels and expertise of compliance practitioner, from the long time CCO to the newly minted compliance professional. This book represents the sum of what I have learned in my 10+ years in the area of compliance. I interviewed a wide variety of compliance practitioners, service and product providers and those outside the traditional compliance field to provide every level of compliance professional tangible ideas on how to more fully operationalize a compliance program. It helps provide every compliance practitioner a roadmap to not only make their compliance program more robust but demonstrate the value in having a more efficient company made more profitable through the operationalization of a best compliance program.
Kristy: Your “31 days to a more effective compliance program” is fascinating. Has anyone tried it out yet, and if not, what would you expect the outcome to be?
Tom Fox: I wanted to lay out concrete steps that any compliance practitioner could take, at little to know cost, to improve their compliance program over a one-month period; all tied to the 10 Hallmarks. I don’t know of anyone who tried before I thought of it but if they did, I would expect their outcome to be a more robust compliance program which they can then build from with the details from each corresponding chapter in the book.
Kristy: I love all the focus you give to operationalizing compliance. I don’t think there is enough focus on how critical this is to running an effective program. Can you explain what “operationalizing compliance” means to you and give us two or three tips on doing it with our programs.
Tom Fox: The godfather of compliance in Houston is Jay Martin, CCO at Baker Hughes who has been there since 2004. He continually reminds us all that is in execution that good compliance programs become great. When you couple what Jay Martin says with the government’s mandate to operationalize compliance, you see a program that moves the risk management strategy closer to the operations risk, so it can be more effectively managed.
You’ve written an entire chapter on innovation in compliance. What do you think we’re going to see more of in the future, and how can compliance practitioners prepare now so they can continue in their upward trajectory?
Tom Fox: You and I have both seen compliance programs evolve enormously in our careers. I think it is one of the most exciting aspects about being in the field of compliance. The technological tools which and will become available to compliance professionals will increase the efficiencies of compliance and make doing business ethically and in compliance a driver of profit going forward. It will be compliance which breaks down the operational silos in companies which will drive these business efficiencies.
Kristy: Thanks so much Tom. Before we leave, what are your top three tips for creating a successful compliance program?
1. Use the tools in your company now to improve your compliance program. Perform a gap analysis of your internal controls. They are present, you may not be using them from the compliance perspective. If there are gaps, use your gap analysis as a roadmap to remediate.
2. Make the business case for compliance. A robust compliance program makes your company run better, more efficiently and more profitably.
3. Get out of the office. Meet everyone you can in your organization. Meet the heads of all functional disciplines. Get outside the US and make all the employees understand you are there to help them do business better. If there is a problem, they will be much more willing to pick up the phone and call you if they know and trust you.
The Complete Compliance Handbook is available HERE.