Newly-empowered compliance officers should focus on ensuring transparency and clearly defining the roles of company officials.[@@]
Experts gave that advice here Monday at the opening session of the National Association for Variable Annuities' 2005 Compliance & Regulatory Affairs Conference.
The Sarbanes-Oxley law mandates that investment companies establish written policies and procedures to prevent violations of federal securities laws. Those policies and procedures are required to be reviewed annually, and each company is required to name a compliance officer to monitor, update and report on the policies and procedures.
But SOX and the U.S. Securities and Exchange Commission have not defined the exact role of the "chief compliance officer," or CCO, within a company, and they have not decided whether company executives enjoy the attorney-client privilege when speaking to CCOs who are lawyers.
Lee Augsburger, chief compliance officer for the Prudential Financial Inc., Newark, N.J., said he believes that the CCO should function as an overseer of the policies established by a company, rather than an enforcer of those policies. "It's about internal control," he said. "I'm not taking accountability [to mean] day-to-day control of the processes, but [to mean] I have the accountability for monitoring those processes."
There are other executives or departments, the panel concluded, that seem to have jurisdiction similar to that of the CCO. These executives and departments include the corporate legal counsel, the risk management department and a company's internal auditor. John Walsh, chief counsel at the SEC's Office of Compliance, Inspections and Examinations, said those areas are "neighbors to compliance," but do not cover its full scope, and that a CCO should typically be working with all 3.