Close this search box.
Close this search box.

What Your GC Isn’t Telling You About Compliance Risks

© AdobeStock
There’s a dangerous tendency to assume this executive has a firm handle on all aspects of compliance risk. In reality, even the best will admit in private that they, too, have blind spots. Here are three.

General counsels have evolved to become far more than just corporate lawyers. They are now a core part of executive teams, expected to show expertise in a range of financial and business areas, plus oversee legal and compliance matters. And that’s where trouble may lie.

These overworked executives often have an air of infallibility about them; company boards and C-suite execs expect them to possess almost superhuman level of knowledge and understanding of the organization’s legal risks. There’s a dangerous tendency to assume that as long the company has a competent GC, it automatically has a firm handle on compliance risks.

But even the best GCs will privately admit that there are plenty of legal risks and potential blind spots that keep them up at night. Is the company up to date with the latest data privacy compliance regulations? Are there any hidden third- and fourth-party supplier risks?

Executives should be alert for telltale signs that their GC may not be sharing everything they—and their boards—need to know about compliance. Maybe the GC doesn’t realize a particular duty falls under their purview. Perhaps communication has broken down internally. Whatever the reason, companies should ensure there are systems in place to address any risks that cause reputational damage or result in expensive enforcement actions. Here are three things your GC may not be telling you.

1. Our compliance programs are insufficient.

Some GCs might believe their company’s compliance risks are covered because they made sure necessary legal language is included in every contract their company signs with vendors and distributors. But just because your company has something in a contract with a third party that addresses, for example, contract language involving bribery and corruption obligations, this does not mean a sufficient compliance program is in place.

Other times, GCs recognize there are compliance gaps, but they take the position that the problem should be obscured until a full solution becomes available. Their attitude is, “we just need to fix a few things before putting in a program.” That’s problematic because a good program is always going to reveal compliance gaps that could be making the company vulnerable right now.

Finally, even when companies have established programs, there may be gaps. Perhaps the programs aren’t measuring adjacent risks such as data privacy or IT security of third parties. No GC or compliance leader can roll out a program that covers every risk in one fell swoop. But they should be highlighting to you what’s missing now — and a plan to address adjacent risks in the future.

Good GCs will always have one eye on the horizon. Does yours assure you that the company’s program is complete? Or do they acknowledge that specific risks aren’t well managed at the moment? The latter is more honest and leads to conversations to solve the problems.

2. There’s a dangerous lack of resources.

When companies cut budgets across the board, compliance programs often suffer. GCs may see the lack of resources either as an excuse to either stop pushing for compliance program updates or to cut some systems all together.

Of course, cuts are inevitable sometimes. But good compliance leaders will properly weigh the savings from reducing compliance against the potentially crippling costs of an enforcement action.

They will initiate a dialogue over how to maintain as robust a compliance system as possible, looking at lower costs tools and options that use more technology to create efficiencies.

Is your GC openly communicating with leadership on possible compliance risks, as well as solutions such as asking vendors for lower-cost solutions?

3. I’m not close enough to the business.

A great GC will understand the business, how it operates, the way it goes to market and the value it brings to clients. These pros quickly ascertain what compliance risks apply, and when.

But even the most experienced may miss something, either because they aren’t as close to the business as they think they are or because of poor coordination and a lack of clear responsibilities. For example, your GC might be aware of personally identifiable information (PII) data held by your company—a well-known compliance hot spot—but may have a lesser grip on the PII held by an outsourced payroll provider in India.

One of the biggest telltale signs of a GC who’s not close enough to the business: Consistent friction between the legal department and the sales or marketing channel. If, for example, compliance regularly pokes holes in the details of new sales contracts, it could be a sign they don’t have a good program in place. Questions like, “Who is this party?” or “How can you prove to me this party won’t resell our product into a third-world market?” are good queries but an established compliance program should have already addressed them. When GCs demand that the sales team reiterate information, it shows they—or their program—might not be up to speed.

No single GC can oversee every aspect of their company’s compliance risks. A good one will be transparent about holes in the firm’s program, the dangers of cutting costs and whether they do not grasp some key aspects of the business.  Those who don’t openly share this information put the company at risk of costly enforcement actions.

The solution is inexpensive and straightforward: Good communication, always. Start by asking your GC these simple questions, “What might we be missing? What are we not covering?”

The answers can help your GC engage proactively and constructively, while initiating steps that protect the company’s reputation.


  • Get the CEO Briefing

    Sign up today to get weekly access to the latest issues affecting CEOs in every industry
  • upcoming events


    Strategic Planning Workshop

    1:00 - 5:00 pm

    Over 70% of Executives Surveyed Agree: Many Strategic Planning Efforts Lack Systematic Approach Tips for Enhancing Your Strategic Planning Process

    Executives expressed frustration with their current strategic planning process. Issues include:

    1. Lack of systematic approach (70%)
    2. Laundry lists without prioritization (68%)
    3. Decisions based on personalities rather than facts and information (65%)


    Steve Rutan and Denise Harrison have put together an afternoon workshop that will provide the tools you need to address these concerns.  They have worked with hundreds of executives to develop a systematic approach that will enable your team to make better decisions during strategic planning.  Steve and Denise will walk you through exercises for prioritizing your lists and steps that will reset and reinvigorate your process.  This will be a hands-on workshop that will enable you to think about your business as you use the tools that are being presented.  If you are ready for a Strategic Planning tune-up, select this workshop in your registration form.  The additional fee of $695 will be added to your total.

    To sign up, select this option in your registration form. Additional fee of $695 will be added to your total.

    New York, NY: ​​​Chief Executive's Corporate Citizenship Awards 2017

    Women in Leadership Seminar and Peer Discussion

    2:00 - 5:00 pm

    Female leaders face the same issues all leaders do, but they often face additional challenges too. In this peer session, we will facilitate a discussion of best practices and how to overcome common barriers to help women leaders be more effective within and outside their organizations. 

    Limited space available.

    To sign up, select this option in your registration form. Additional fee of $495 will be added to your total.

    Golf Outing

    10:30 - 5:00 pm
    General’s Retreat at Hermitage Golf Course
    Sponsored by UBS

    General’s Retreat, built in 1986 with architect Gary Roger Baird, has been voted the “Best Golf Course in Nashville” and is a “must play” when visiting the Nashville, Tennessee area. With the beautiful setting along the Cumberland River, golfers of all capabilities will thoroughly enjoy the golf, scenery and hospitality.

    The golf outing fee includes transportation to and from the hotel, greens/cart fees, use of practice facilities, and boxed lunch. The bus will leave the hotel at 10:30 am for a noon shotgun start and return to the hotel after the cocktail reception following the completion of the round.

    To sign up, select this option in your registration form. Additional fee of $295 will be added to your total.