New association to promote year-round networking, expertise and learning for professionals working in legal compliance
The challenge facing COLPs and COFAs in UK law firms is fairly obvious: how do you get staff to take compliance issues seriously? Now, a new networking group has been launched aimed at providing a sense of community to those professionals working in risk and compliance.
September saw the inaugural gathering of the Legal Compliance Association (LCA), the first dedicated association for legal compliance professionals, whose goal is to promote year-round networking and learning to those working in this area of expertise. Attending the event at Holborn Bars in London were delegates from several high-profile law firms including Weightmans, Plexus Law, Pinsent Masons and Kingsley Napley.
Leah Darbyshire, community manager of the LCA, explained in her introduction that, within the legal profession, there is a sense of frustration with the Solicitors Regulation Authority (SRA) due to a lack of guidance and certainty about how to respond to new regulatory rules. The LCA was, therefore, set up to provide a sense of community to those within the risk and compliance arena.
“We know that compliance is quite a lonely job,” said Darbyshire. “At various times you’re a policeman, a whistleblower and a business interruption unit. It is hard to keep pushing the compliance message out when the fee earners just want to go and do business. We want you to feel supported, to bring you together and have the chance to discuss similar issues that you all face.”
The evening’s keynote speaker was Keith Read, formerly group director of compliance and ethics at BT. He began by listing some of the challenges he once faced at the telecoms company: “One hundred and seventy-six countries, 20 million customers, 150,000 employees and contractors. But what that 150,000 figure hides is the fact that there were 50,000 contractors. Employee turnover was 4 per cent. Contractor turnover was 30 per cent. That makes a huge difference to how you deal with training and education, because that means one third of your workforce leave every year.”
Read explained how BT only decided to get serious about compliance following what it thought was to be a “routine steak and chips and a glass of wine with the regulator”.
“Unfortunately, the regulator literally went off on one, and the story was in the press the next day. Quotes from The Independent and The Times included: ‘Watching the company like a hawk’, and ‘Misusing confidential information’. It’s the last thing that a company, particularly one of BT’s size, needs. By the following Tuesday, I was suddenly the chief compliance officer,” said Read.
Despite the challenges he faced in his eight and a half years at BT, Read only saw the inside of a courtroom on a compliance issue once. “You might wonder how a compliance director with years of experience ends up in court over a gangland shooting,” said Read.
“A guy got murdered. His killer was found, arrested and sent to prison. Normally, that might be the end of it, but unfortunately in this case the friends of the guy who was murdered decided they would go after the killer’s parents.
“These parents had threats made to them and were offered witness protection. But they were in their 70s and they did not want to cut themselves off from their friends and family, so they decided that they would buy a house in Lincolnshire, go into hiding and hope it would go away. Unfortunately, two BT employees, one was bribed and one was leant on, revealed the address of the new property. Both the mother and father got a bullet in the back of the head.”
If Read had been unable to demonstrate to the court the lengths to which BT went to train all 150,000 of its employees about data disclosure, the company would have been in serious trouble. Instead, the court was “very happy” with what Read had done.
While this case was perhaps not the run-of-the-mill compliance issue many solicitors may expect to face, it does show the extreme dangers of failing to take compliance seriously and the importance of compliance officers within businesses of all sizes.
Read went on to explain that third parties are now becoming one of the key compliance issues. “A whole range of issues affect major companies through the actions of their third party. For example, the BP drilling disaster and oil spill or breast implants filled with industrial-strength silicone.”
Another example provided by Read is that of Oracle India, which had to pay $2m to the US Securities and Exchange Commission after being accused of violating US anti-bribery laws.
“One of Oracle’s distributors created a bribery reservoir, the more they bribed, the more they sold so the reservoir got bigger and bigger until eventually a whistleblower came forward. Bribery reservoirs are a classic compliance issue,” said Read.
Despite the inherent dangers of not implementing a compliance scheme, Read is all too aware of the arguments made at board level against their implementation. Cost is usually first on the list.
“In my experience, the vast majority of organisations don’t know how much they spend on compliance. When I went around the boardroom table at BT, the estimates of what we spent were enormous.
“The comparison I gave to the board was that of the original fuel price-fixing case with Virgin and British Airways. They were fined £270m. They had 48,000 employees; that fine per capita worked out at about £5,600. BT spends about £12 per employee on compliance; £12 is about three trips on the tube, so the argument to the BT board was pretty stark: do you think three trips on the tube is worth keeping us out of jail or a fine of £270m?”
After hearing Read’s explanation, he said it was a “no brainer” for the BT board to accept his proposals.
It is insights and best practice tips such as Read’s that aim to make the LCA the destination of choice for COLPs, COFAs and others in the risk and compliance sphere.
This article was first published in the Managing Partner on 30 September 2014 and is reproduced with kind permission.