by Rebecca Walker
Although many companies have well-developed procedures and practices for reporting information to their boards regarding their compliance and ethics programs, training members of the board is an area that organizations continue to grapple with. Indeed, when asking compliance professionals about board training, a common response is to point to regular reporting to the board on program implementation as a form of board training. While reporting to the board can serve important educational purposes, and while compliance officers are often expert at weaving training into their periodic board reports, there are numerous reasons to provide actual training to board members, including government guidance in this area, which expects board training, and a board’s fiduciary oversight responsibilities under Delaware law. In addition, like any members of an organization, board members pose compliance and ethics risks to a company. Training the board regarding those risk areas is both expected and a good practice.
Computer-Based Board Training
I recently assisted a client with what, in my experience, is a fairly novel approach to board training. The company decided to develop and disseminate a computer-based training course for its board members. This particular company develops much of its computer-based compliance training in-house and has good resources for that, so it was a more natural fit than this approach might be for other organizations. I must admit, I was a bit uncertain about this approach at first. I have a bias in favor of in-person compliance training where feasible, and for a board – with its limited size and the need to explore complicated topics – in-person has always seemed to be a preferable format.
However, the board training developed by this company is quite good. It covers all the topics that one typically sees in live board training, such as the board’s fiduciary obligations to oversee the compliance program, including a discussion of recent Delaware case law addressing this topic, such as the Boeing case and Marchand v. Barnhill, the Bluebell ice cream case. The training also discusses the company’s compliance program design in good detail and addresses legal risks that impact the board members themselves. And the production value is excellent.
A bonus to this type of training is that the board is put through the same type of experience that employees undergo when completing their annual code of conduct computer-based training course. What is missing, of course, is a lengthy discussion amongst directors about compliance and ethics, but there is significant focus in the computer-based training on the company’s values and importance of ethical culture and tone at the top.
The Contents of Board Training
This extremely interesting exercise has me thinking about what is important in board training more generally. In my view, board training should typically discuss – at minimum – the why and the what of compliance and ethics programs, as well as those legal risks posed by directors. The “why” is an opportunity to educate board members on the value of compliance and ethics programs to the organization and on the importance of their oversight of those programs. It affords the chance to explain to boards the cost of corporate misconduct; the value in preventing it; and their role in the creation of an independent compliance function. There’s a lot that can be included in the “why,” from the exorbitant cost of misconduct; to potential credit for having an effective compliance program; to the efficacy of a strong culture in preventing, and facilitating the reporting of, misconduct; to the board’s fiduciary obligations.
The “what” affords Compliance the opportunity to provide the board with a detailed look at the compliance program, including the composition of the compliance team and the board’s role in ensuring that Compliance has an appropriate level of independence and authority; the compliance risk assessment process, which areas have been identified as presenting more significant compliance risks, and the controls that are directed to those significant risk areas; reporting and investigations procedures, including what information the board can expect to receive regarding reports of suspected misconduct; escalation protocols, including what types of concerns will be escalated to senior leadership and/or the board on an immediate basis; and all the other elements of the program.
Board training should also address those risk areas most relevant to directors, such as conflicts of interest, insider trading, prohibitions on interlocking directorates, protection of confidential information, anti-bribery compliance and cybersecurity.
Format of Training
As noted, I was – at first – a bit uncertain about computer-based training for board members. In my own experience conducting training for boards, the rich discussions about ethics, compliance and law are what make the training memorable. However, I see tremendous value in this company’s approach. All board members will get this deep dive overview of the compliance program and their fiduciary oversight obligations. And the computer-based training can easily be utilized to orient new board members regarding the program. The interesting discussions can still occur during board reporting and during future training sessions, but the on-line training should be a helpful tool to ensure that board members know and understand the basics. And, frankly, for many companies, any board training at all is a big WIN.
I also have come to appreciate the value of training coupled with the periodic reporting done by the compliance officer. For example, training on the role of the board in ensuring an adequate level of independence for a program can easily be woven into a discussion about the helpline and reports received during the prior period, along with an explanation of the company’s escalation protocol. Because training in this way is more organic, it can be significantly more meaningful to directors.
I’m curious to hear from you about your approach(es) to board training, and how successful you think that approach is. I’m also wondering if companies provide additional, perhaps more intensive training for members of the board committee that is responsible for oversight of the compliance program, and, if so, what form that takes.
Search the site
The first time I saw Kristy Grant-Hart she put on a show about magic compliance dust and then brought the audience to reality by breaking the news that there is
In our years of assessing compliance and ethics (C&E) programs, my partner Jeff Kaplan and I have pinpointed several key attributes that we consider essential to an effective program, including