Companies Struggle with New Chief Compliance Officer Position

The overwhelming range of new duties brought on by corporate reform legislation has prompted many companies to create the position of chief compliance officer.

The problem is, companies are not always clear on who the chief compliance officer should report to or even what that person should do, the Wall Street Journal reported.

The Sarbanes-Oxley Act does not require the new position, but 36 percent of companies now have a chief compliance officer, according to a recent study from market research firm Meta Group. In the pre-Enron era, the chief financial officer usually handled financial compliance work, while other types of compliance fell under the duties of a chief operations officer or were spread throughout the business.

The Meta Group found two common problems with how companies handle the new position: too many companies are allowing the CEO to supervise the CCO, and companies are not working on developing a good relationship between the CCO and chief information officer.

Meta, which surveyed 300 executives, says 45 percent of companies with a CCO have that person reporting to the top executive, which is a bad idea. The CCO would be in an awkward position if the CEO was involved in any compliance problems.

"We believe this role should report directly to the board of directors," said Meta in its study. CCOs should meet regularly with board members, at a minimum. Only 10 percent of CCOs reported to the chairman or the board; 17 percent reported to the CFO, 13 percent to the chief information officer and 6 percent to legal personnel. And 7 percent of respondents didn't know who their CCO reported to, the study said.

Another problem was the lack of coordination between the CCO and the CIO, who can help the CCO understand software used in compliance work.

"The chief compliance officer absolutely has to lean on the CIO to understand where the hooks and liabilities are," said David Yockelson, a senior vice president at Meta Group.

The CIO should create a technology blueprint for compliance functions as various Sarbanes-Oxley requirements require different kind of technology, the Meta Group says. The IT department's compliance is also a major part of a company's overall compliance work, according to the research group.

You may like these other stories...

Here's a CPA who truly walks the walk. On March 15, Frank Ryan, CPA, departed San Diego, California, with plans to be in Ocean City, Maryland, by July 2 to teach a course at the Maryland Association of CPAs’ (MACPA...
When Theodore J. Flynn first joined the Massachusetts Society of CPAs (MSCPA) in 1970, it was a different world and a different profession.  The "Big Eight" were still headquartered in Boston. Vietnam War...
Accountant Rickey Charles Goodrich had it a little too good. Many bean counters would kill to serve as financial guru to the likes of Pearl Jam. Goodrich was hired in 2005, and the following year, he became the CFO of Curtis...

Already a member? log in here.

Upcoming CPE Webinars

Aug 26
This webcast will include discussions of recently issued, commonly-applicable Accounting Standards Updates for non-public, non-governmental entities.
Aug 28
Excel spreadsheets are often akin to the American Wild West, where users can input anything they want into any worksheet cell. Excel's Data Validation feature allows you to restrict user inputs to selected choices, but there are many nuances to the feature that often trip users up.
Sep 9
In this session we'll discuss the types of technologies and their uses in a small accounting firm office.
Sep 11
This webcast will include discussions of commonly-applicable Clarified Auditing Standards for audits of non-public, non-governmental entities.