The Personal Liability Tied to Compliance
Compliance scandals are not a new issue, however, the shifting of blame is. This shift has seen the fault narrow from the business as a whole to the compliance team or Compliance Officer responsible for the business's operations.
As the latest compliance scandals emerge, the root issues are being increasingly tied to negligence from the businesses’ compliance teams. Whether stemming from cover-up activities or incompetence, Compliance Officers are no longer exempt from personal liability.
Looking back, legal actions and penalties for such corporate failures have previously been a rare occurrence. Historically such penalties were sparingly awarded and minor, and usually surrounded exceedingly egregious factual situations. Nowadays, Compliance Officers are held to a higher level of accountability. After the financial crash of the late 2000s, holding the responsible individuals accountable has been pushed by the public agenda. This public clamouring has forced regulatory and enforcement agencies to shift focus, looking to individuals rather than blaming businesses as a whole.
Given it is a Compliance Officer's job to ensure their compliance programme is effective, it is understandable why more are calling for this individual accountability. A flawed compliance programme is a direct reflection of a Compliance Officer’s failure - and such a failure may prompt regulators to seek that Compliance Officer personally liable.
Whilst this may sound somewhat extreme, when framed alongside other professions this personal liability is understandable. A pilot responsible for crashing a plane would be held personally responsible, for example, just as a detective would be if they withheld information from an investigation. Compliance Officers who passively overlook compliance breaches and gaps are legally liable and could be prosecuted accordingly. Prison sentences and substantial fines are among the myriad of possible penalties that have recently been awarded globally.
As the role of a Compliance Officer has evolved with the changing regulatory environment, their role has become increasingly perilous. Compliance Officers must be aware of regulatory expectations and the penalties tied to the oversight of compliance policies and procedures.
The grey area encroaches when these Compliance Officers are either not involved or unequivocally unaware of such wrongdoing. The issue surrounds the legal confusion of how to pursue such cases and which party the fault falls to. Compliance Officers who are completely unaware may still be liable purely based off of their compliance position. The argument is that Compliance Officers should be capable of identifying, stopping and reporting any and all compliance breaches.
Yet, this is not the only time Compliance Officers face personal liability. Trouble may arise when Compliance Officers fail to take action once an issue or wrongdoing is identified or should have been identified by a competent Compliance Officer. Personal liability will be worse if the Compliance Officer then conceals such wrongdoing from regulators.
If a Compliance Officer becomes privy to concerning information and takes no action or even if action is delayed, regulators consider this enough evidence for such offending Compliance Officers to be further investigated for personal liability.
Ultimately, Compliance Officers should be fully aware of their organisation’s compliance operations. Oversight or negligence is clearly no longer an excuse. As regulatory bodies and the public have successful changed the way compliance failures are handled, Compliance Officers in the wrong must be prepared for personal liability.