So let's dive right in and look at the characteristics of a hyperproductive compliance management team:
- They all share the same vision, which is to protect the company, not to build a system.
- Their key focus is reducing risk and passing audits, not following a process.
- All the team members are highly competent professionals, from technologists to policy experts.
- They are colocated and very vocal with each other.
- They are self-sufficient. Everything they need to know and do is under the complete control of the team.
- They are small in size, typically seven to 12 people.
- They really enjoy working at their job, and with their team.
Easier said than done
It's actually quite easy in concept to build a hyperproductive team, but depending on your company's organization and your role, you may face challenges getting the right team together. Unfortunately, when it comes to compliance management, even the CIO will often take a back seat to the direction of maybe the CFO or chief compliance officer. You must be diligent with your influence and insist on partnering with your organization instead of servicing it. Without proper partnership with technology, your company is doomed to fail in its compliance program, leaving it unnecessarily exposed.
The challenge comes in employing the skill set that you need for your team. Although you run a technology organization, this particular team will need skills that span the spectrum of compliance, including at least one internal auditor and one or more policy experts. Avoid making the common mistake of getting these people "on loan" from finance or another department with a dotted-line reporting relationship. Everybody on your team must be 100% dedicated to its cause and under the complete control of the program leader or coach.
Building the team
Which leads me to the most important person in your program -- the program leader. Your program leader must have an agile background, be it Scrum, Extreme Programming or something of the like. This is why it's essential that the IT function takes ownership of the team; it's quite unusual to find an agile program manager in any other function of the company. Your program leader will coach your team into a self-directed, risk-reducing machine; a team guided by the direction of the policy experts and resilient to the many changes it will face in policy, interpretation and organizational tolerance.
It's important to keep the team small and physically colocated in the same room or general area. If you try to grow the team, or split the team into varied locations, your communication problems will escalate geometrically. Your team members must be self-sufficient, complete with experts in technology, policy, auditing and management. They should be intellectually curious about everyone's function but still be clear on the importance of being an expert in their role.
It's not about the technology
Although you're building IT systems to support compliance, this is
Finally, your team members must be enthusiastic about being part of something great. To do this, you must invest heavily in team development. These are the gladiators of the organization; they are the defenders of the crown. On a daily basis, they protect the company from untold millions of dollars in lawsuits and compliance violations. They should be recognized and rewarded appropriately.
It's ironic when I see companies take huge risks in forming substandard compliance teams, whose raison d'être is to reduce the risk and exposure of the company. The only way to get it right is by forming a highly productive compliance team of experts who collectively have the knowledge to maintain an end-to-end system of compliance for the company. Empower them properly and treat them well, and your company will be safe from harm. Start today by putting together the charter for your compliance dream team.
John Weathington is president and CEO of Excellent Management Systems Inc., a San Francisco-based management consultancy. For more information, visit www.excellentmanagementsystems.com.
This was first published in June 2009