Monthly Archives: August 2016

Due Diligence Questions Chief Compliance Officers Should Ask In A Job Interview

Due Diligence Questions Chief Compliance Officers Should Ask In A Job Interview


The following guest post is by Maurice Gilbert, Managing Partner of Conselium Executive Search.

Earlier this month I posed a question to Chief Compliance Officers around the world: “Since today’s regulatory climate means you may face increased personal liability for corporate wrong-doing, what due diligence questions are you now asking potential employers and Boards before accepting a CCO position?”

The results were enlightening.  Are today’s CCO candidates concerned? Yes. Are they doing more due diligence before joining a company?  Definitely. Were they eager to share examples of questions they’ve been asking in interviews?  You bet.

As a compliance-focused executive recruiter, I know the Yates Memo isn’t simply changing the way Chief Compliance Officers do their jobs — it’s changing the way they look for jobs.  So what follows is a growing list of due diligence questions.

As this list has made the rounds on social media over the past few weeks, it’s expanded– and it will continue to, with your help.  Drop me a line if you have questions of your own to add.

Feel free to print and save this list.  You can download a pdf here.

Here we go:

  • What keeps you up at night?
  • What’s the major compliance issue currently facing the company?
  • Do you believe employees are comfortable in reporting potential ethical/compliance infractions?
  • Is there a whistle-blower policy? How does it work and what does it cover?
  • Why is the position open?
  • If someone was previously in the position, what were the circumstances of his/her departure?
  • Prior to hiring me, would you permit me to meet privately with the chair of the board or committee responsible for compliance oversight?
  • What keeps you up at night?
  • For any prior government sanctioned infraction, what are the lessons learned? What changes have been made?
  • What do you believe to be the greatest regulatory compliance risks facing the company?
  • What do you believe to be the greatest business risks facing the company?
  • What do you believe to be the greatest geographic risks facing the company?
  • Describe the relationship between the company and the regulators
  • What are the main challenges for a CCO in the coming nine months?
  • Are there any areas where the compliance program is not meeting management or board expectations?
  • Do you believe employees are comfortable in reporting potential ethical/compliance infractions?
  • Have you ever had an outside evaluation of your compliance program?
  • Is there anything you believe management can do to support the compliance program?
  • What is the budget/staffing for the Compliance function?
  • What are the reporting lines for the role?
  • Can the CCO veto a Due Diligence target?
  • At what stage is the compliance department involved in establishing a relationship with a business partner?
  • At what stage is the compliance department involved in the M&A process?
  • Is it customary for the CCO to sit in operations meetings pertaining to new products and market initiatives so as to advise the business on risk?
  • What role do you see Compliance playing in management meetings?
  • What is the formal frequency of reporting to the Board and what is the policy for Board reporting on an as needed basis?
  • Have executives in your organization ever walked away from a business opportunity for ethical and/or compliance concerns?
  • Do you feel ethics/compliance is an essential part of a successful business or something that’s just a reality you have to deal with these days?
  • Do you think that ethical business practices do in fact lead to a more successful business if done the right way?
  • How do you view the compliance officer – as part of the business or an external function?
  • What did or didn’t you like about working with their former CCO?
  • What sort of questions have you raised to the previous Compliance Officer? Have questions been purely technical or have they extended to broader business practices?
  • What do you and Board leadership think about regulatory compliance risk and whether it is viewed proactive or only reactively?
  • How do you think compliance can be a strategic partner in achieving your goals? Is it more just “keep us out of trouble?”
  • Are there ways you believe the compliance program could be a strategic advantage for the company in terms of its health and growth?
  • How would you describe the values of the leadership team and what does the tone at the top look like?
  • Who has authority to fire me?
  • What are you offering in the way of liability protection?
  • Am I free to engage my own counsel if necessary in a response to a government investigation?
  • Can I go to outside counsel on issues before discussing with General Counsel?

Have you road-tested any due diligence questions in a compliance job interview?  The threat of personal liability will drive the importance of the due diligence process, so this list of questions can – and will – grow and change in the coming months and years.  Share your input below and be part of the process.

Click here for a downloadable/printable version of the questions.

Maurice Gilbert is Managing Partner of Conselium Executive Search, which specializes in placing Compliance Officers and Legal Counsel for clients in the U.S., Europe, Latin America and Asia Pacific. Maurice is also CEO of Corporate Compliance Insights, a worldwide publication devoted to governance, risk and compliance issues. Maurice can be reached at [email protected] 


Interesting article? Would you like to know more?

Contact Me



VIDEO: Can Emerging Markets Counter the Corrupt Narrative?

In this ten-minute video interview, Frank Brown, Anti-Corruption Program Team Leader for the Center for International Private Enterprise (CIPE), addresses the value of collective compliance solutions in emerging markets, as part of  how leadership can “counter the corrupt narrative.”  In this interview (part II or II), Frank also addresses:

  • What are the political reasons why foreign leadership might  embrace international anti-bribery norms?
  • How western multinationals can better identify third parties in emerging markets that take anti-bribery laws seriously.
  • How small to mid-sized companies in emerging markets can organize the compliance function.
  • The value of collective compliance solutions in emerging markets.
  • How collective action can raise the “water level” of compliance efforts in emerging markets to a serious critical mass.

Interesting article? Would you like to know more?

Contact Me
A View from the Front-Lines of Compliance in Mexico

A View from the Front-Lines of Compliance in Mexico

Today, I am pleased to welcome back Patrick Henz as a guest contributor. I welcome Patrick’s perspective, as he shares his real-world approach and experience with respect to anti-corruption compliance in Mexico.

The Transparency International Corruption Perception Index (2015) presents Mexico as 95 of a total of 167 countries. In comparison to 2014, this was no change of the perceived corruption level, as the score stayed at 35. If we analyze the index starting in 2002 (36), we see that the country had the best value in 2008 (36) and the worst in 2011 (34), Thus, with a given statistic uncertainty, we can say that even with the different initiatives, everything stayed the same since the beginning of the millennium. There are several historic reasons and further theories as to why perceived corruption in Mexico remains so high, which is not the topic for today’s article. More important is that corruption is not limited to a single government, but represents a dynamic that can be found in all parts of society. Most countries have their share of pressures and temptations; Compliance can take those and convert them into an advantage. As corruption is not a theoretical construct; people from all social levels face its negative effects in their daily life. The good news is that Compliance can present itself as a practical problem-solver, not just limited to corporate life, but also as bringing integrity to the personal level. So, let’s address some of those details, both with respect to Mexico, as well as to the implications for current Compliance efforts.

  • Mexico has a high-perceived corruption level, but on the other hand this does not mean that our employees are dishonest people! The goal for a Compliance Officer should be to be recognized as a “trusted advisor”. This includes two sub-roles, being a trusted expert, but also a trusted colleague. It makes no sense being the biggest Compliance expert if you have no idea about the business and how the company is earning money. As Compliance Officer you should trust your employees, but be prepared that in the beginning you will not receive the same level of trust returned by them. According to the OECD study “Society at a Glance 2011”, Mexicans express a low level of trust in others. As a Compliance Officer you have to be prepared to earn trust, with visibility, accessibility, and the perception as efficient problem-solver.

Compliance by Walking Around

  • Visibility (office, plant and project-site) is needed so that employees can perceive their CO as a trusted colleague, who is not just talking about Compliance, but living it as a good example. This investment is important, as you need employees to build up trust in you, as only with trust will they come forward on difficult topics and use the offered whistleblower hotline. Therefore, it is helpful not to see everybody as a potential risk factor, but rather, embracing the idea that more than 99% of employees are good and honest people, putting forth their best efforts for the benefit of the company. These people are to be protected and prepared so that they will not get into trouble via an accident, or through a case caused by a trustworthy or rouge employee.
  • From all OECD countries, Mexicans work the most hours, an average of 43 hours a week, and often have sideline work (risk: conflict of interest). This combines with only 6 paid vacation days and 7 paid public holidays. With this Mexicans have significant less free time than their colleagues in other Latin American countries such as Argentina, Brazil or Colombia. Time is precious and petty bribes present a great temptation, as small payments can often avoid spending a complete day (with loss of wages) at public office or a police station.

A Circle of Trust

  • Mexico is similar to other Latin countries with respect to the importance of family & networks as circle of trust (risk: conflict of interest) Also important are the social implications of, where a business invitation dine is more than just a possibility to talk about commerce, but also a sign of respect and appreciation (risk: gifts & hospitality). Due to the warm Mexican climate it is common in some regions to have a two or three hour break in the middle of the day, and for employees work until late in the evening, accompanied by business lunches and dinners. Most of these cultural dynamics present a small or medium Compliance risk, and can be mitigated by adequate tone from the top and Compliance communications. We are talking here about temptations, which mean we have to help our employees to not give in to them! The most relevant cultural risk factor here is the focus on family and friends, where business relationships are often included. Thus, in Mexico, the lines and distinctions between business and personal life are often blurred, as friendships play a strong role in business. In this environment, for Compliance, it is imperative to have robust controls, including the company’s business partners, travel and entertainment expense and other third party controls (risk: business partners / procurement / handling of competitive information).
  • Another known Mexican problem is the impunity of many public cases. If the Compliance department wants to make a difference, it has to ensure that Compliance cases are not just identified, but also remediated. There cannot be different answers for different levels of employees. If a violation is discovered, the company has to take the hard decision to separate the employee from the company, even if this means a loss of important knowledge and complying with the difficult local labor laws. Just this way you can earn the respect of the employees by avoiding any appearance of favoritism or impunity. As is valid for all other countries, a Compliance department has to be independent, adequately staffed and financed; reporting to the CEO and / or a global Compliance department.
  • Compliance is a sales advantage! A robust Compliance program is a base of business reliability and sustainability. Global and local companies need to understand and embrace the importance of this issue. Some have learnt it the hard and others the easy way. Since 2011, Compliance and Internal Audit experts meet in the Mexican Forum for Ethics and Compliance. Started as self-help group, it has grown to be a relevant forum for an exchange of experience, best practices, and a platform for collective actions. It published a “Manual for a Compliance and Ethics Program,”a free document (link here) , which has its focus on small and medium sized companies. The manual explains how to implement a robust anti-corruption and ethics program. I highly recommend this manual, as it was developed by personnel who have a broad knowledge of experience and background, combined with a working understanding of the corruption risks which face corporations and business teams working in Mexico.

 Train with with Real-World Examples and Perspectives

  • Regarding training and workshops, employees appreciate the discussion of real cases, which the company has had in the past, or around a situation that could come up regarding future business. This can also go involve small role-plays. Actual news and experiences like those of Richard’s, should be included into the training, as corruption is not always limited to big political and business cases. Rather, as is the case in Mexico, it often starts as small facilitation payments, petty bribery or product piracy (all forbidden under Mexican law). According a survey of the American Chamber of Commerce in Mexico, 80% of Mexicans have bought or downloaded pirated products. Thus, in many Mexican households, corruption is learnt by the youngest; as they receive pirated products from their parents or they observe their father or mother give a small payment to the police officer or garbage man. Demographically, the average age in Mexico is rising, at 27.7 years, but this is still quite young. Thus, there are a lot of the employees who have younger children and who embrace the wish is that they would grow up in a more transparent surrounding and environment. This starting position makes it easy for Compliance to get perceived as trusted advisor. In other words, in Mexico, and elsewhere, the Compliance officer sets an example, as someone to be trusted internally, as a role model, and as an example of success without corruption! You can make a difference!

Patrick Henz is the  Regional Compliance Officer Americas  for Primetals Technologies, based in the Atlanta Area. His LinkedIn Profile can be found here. His blog, Ethics Playground, here


  • American Chamber Mexico (2011): “Survey on Pirated and Counterfeit Product Consumption in Mexico.”
  • Foro de Ética y Cumplimiento México (2014): “LinkedIn-group.”
  • OECD (2011): “Society at a Glance 2011: Trust.”
  • OECD (2014): “Average annual hours actually worked per worker.”
  • Pliego Carrasco, Fernando / Lot, Maite (2012): “Family culture in Mexico and the well-being of the population.”
  • Statista (2014): “Mexiko: Durchschnittsalter der Bevölkerung von 1950 bis 2015 (Altersmedian in Jahren).”
  • TI (2015): “Corruption Perception Index 2015”,
  • Wikipedia (2016): “List of countries by income equality.”
  • Wikipedia (2016): “List of statutory minimum employment leave by country.”


Carrots, Corruption & Compliance

In part one of a two-part interview, Frank Brown, Value Chain and Anti-Corruption Program Team Leader at the Center for International Private Enterprise (CIPE), addresses a CIPE paper “Anti-Corruption Compliance, A Guide for Mid-Sized Companies in Emerging Markets.” In this interview, Frank addresses the ‘carrots’ which can help organizations, even in low integrity regions, embrace anti-corruption compliance as their entry into the global supply chain.

In this fourteen minute interview, Frank traces his work from Moscow Bureau Chief for Newsweek Magazine to an Anti-Corruption leader and his first-hand view of corruption issues in his work, focusing upon:

  • How we can utilize a  ‘carrots over sticks’ approach, to incentivize small to medium size businesses in emerging markets to embrace ethical and compliant business practices.
  • The need to better assist and support small to medium sized enterprises in emerging markets to understand and embrace anti-corruption laws.
  • How to elevate the importance of  the FCPA and other anti-corruption laws down the supply chain, even in low integrity regions.
  • How the FCPA and global anti-corruption acts have set a standard of business practice that holds great sway in global markets.
  • How the ‘status quo’ wins, if large multinationals don’t lend support to potential partners in emerging markets.
  • How we can get smaller enterprises in frontier markets beyond a ‘box checking’ mentality by making anti-bribery compliance a ‘selling point’ and hence, making them a ‘magnet’ to other multinationals.

A download of the referenced paper can be found on the CIPE Website here. Frank Brown can be found on twitter here.

Interesting article? Would you like to know more?

Contact Me