Story image

The rise of the chief compliance officer – Digital Guardian

11 Oct 18

Article by Digital Guardian EMEA, VP and GM Jan van Vliet

With GDPR now in force, the position of chief compliance officer (CCO) has risen in prominence as a corporate coordinator and navigator of compliance issues.

But what exactly is the CCO, and does an organisation need one?

The Chief Compliance Officer (CCO) oversees and manages compliance issues within their organisation.

The role involves ensuring organisational compliance with various regulatory requirements and that employees are in adherence to internal procedures and policies. 

The CCO typically reports to the chief executive officer or chief operations officer.

The role of the CCO

The CCO should come up with corporate policies and procedures needed by their company for compliance.

He or she will then need to communicate these policies and train employees to avoid compliance mishaps.

The role also involves monitoring compliance and measuring and evaluating the level of compliance across the entire organisation.

The CCO is tasked with reporting to the board on everything related to compliance (from policy development and monitoring to enforcement and implementation).

In their role, the CCO coordinates with different departments including internal audit, employee services, and risk management to ensure that compliance issues are fleshed out, investigated, and resolved.

The CCO should also be proactive in identifying potential vulnerabilities and be able to address these head on with corrective measures.

They must also be able to come up with proper guidance on how employees and the company can avoid similar situations in the future.

Hiring a CCO

A good CCO must have a thorough technical and practical knowledge of the business.

This allows a CCO to envision and then supervise compliance solutions.

A CCO is responsible for designing the right policies and procedures and tapping into technologies needed for compliance.

A good CCO should also have great interpersonal skills, as they regularly interface with a variety of people, from C-level executives to the rank and file.

The CCO’s responsibilities take them from the boardroom, reporting on compliance issues, to top management and the board of directors, as well as to the manufacturing plant in order to train production workers on compliance.

Additionally, a good CCO is able to navigate legal matters with relative ease and build lasting positive relationships with regulators.

Superior multitaskers often make the best chief compliance officers as they need to make strategic decisions, supervise complex monitoring programs, manage and educate highly skilled professionals, and even talk with other departments on issues relating to risk and control.

What’s more, they need to stay up-to-date on what’s happening in their industry and stay informed about changes in regulatory requirements. 

Challenges of the role

Like any position, there are inherent challenges and risks faced by Chief Compliance Officers.

The first challenge is that the job is not really clearly defined. For example, some companies give the CCO role to their general counsel, thinking that it only involves legal concerns.

Then there is the challenge of not having the independence and authority to make decisions.

Ideally, the CCO works with the CEO, the board of directors, and other employees to make compliance second nature to the company.

However, conflicts of interest might arise, and for some departments, compliance might get in the way existing processes.

Another problem faced by CCOs is that they might not have the necessary resources to do their jobs, as compliance teams tend to be lean and underfunded.

However, investing in enterprise data loss prevention (DLP) software allows for deeper visibility and information control that can make compliance simpler and easier for the team.

DLP software extends a compliance team’s capabilities while increasing efficiency, making it an essential part of a successful CCO’s operations.

Despite the challenges, the role of a Chief Compliance Officer can be quite rewarding, and it’s a role that’s becoming increasingly important for modern organisations in heavily regulated industries.

As regulations continue to become more stringent and complex, CCOs will be in even higher demand as companies seek qualified professionals who are able to manage the complexities of the regulatory landscape.

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
GCSB welcomes Inspector-General's report on intelligence warrants
Intelligence warrants can include surveillance, private communications interception, searches of physical places and things, and the seizure of communications, information and things.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."