Rising use of generative artificial intelligence tools are bringing compliance efforts to the forefront. Although businesses have had compliance functions for decades, non-regulated companies are adopting them with increasing frequency. This is due not only to AI concerns, but also post breach-exposure following cybersecurity events, or obligations under data privacy laws.
Corporations are recognizing the benefits compliance programs can bring—and the risks if they don’t work well. These might include regulatory scrutiny or penalties in the wake of alleged non-compliance. It may also include higher settlements in litigation (again alleging arguable lack of legal compliance).
Despite the increased interest and need, businesses may question how best to create a functional and cost-effective program. Because of limited budgets, some attempt to replicate standard programs. They may implement off-the-shelf tools or adapt programs from regulated entities using a “it worked for a banking firm, it will work for me” approach. This approach, because it isn’t always customized to the company and its needs, can backfire. And when it does, compliance professionals return to leadership to request additional funding.
When they do, they may be turned down because of competing demands, a belief that the company has no or low risk, or perhaps because those who hold the purse strings believe that the organization is already in compliance. They may also face hurdles because leadership doesn’t share the concerns they have about large fines, complicated litigation, or regulatory scrutiny.
Change Management
When facing resistance for compliance efforts, compliance professionals would be well-served to use change management tools.
To begin, tie your efforts to your company’s underlying mission and strategy. For example, think about what your organization is trying to achieve. Is it to be a flexible provider of bespoke solutions? Or instead, is the goal to be a place of trust for consumers?
- Address the right values when describing your compliance efforts.
- Understand not just the company’s goals, but those of the individual leaders as well.
- Some questions to ask include: What are they trying to accomplish? What pressures are they facing, and from whom? On what metrics are they measured? What is their personal style? Do they need facts in advance? Or verbal input first?
- Which of your leaders are potential allies? Might you have allies outside of the leadership team that can help you make your case?
- Before approaching leaders, know your own biases. What preconceived notions do you bring to the table?
- A clear understanding of your biases can help you compare it to the rest of the leadership team. You can use that understanding to balance your request.
- Having more awareness about your own style is a useful tool for a more effective discussion. Remember the “platinum rule” (do unto others as they would want done unto them) rather than the “golden rule” (doing unto them what you would want).
One of the most interesting aspects of change management research is evidence that presenting both the negative (risks) and positive (benefits) at the same time can actually decrease adoption of compliance efforts.
Instead, pitch with one or the other—whichever is more likely to sway your audience. Why? According to the research, when presented with both benefits and negatives, people spend more time focusing to understand the recommendation. And when they spent more time focusing, they became more critical of the proposal, and less likely to adopt it. A related recommendation is keeping it simple. When presenting the program, anticipate the points of adoption that will be difficult. Borrow from a trial lawyer’s opening argument: address head-on the other side’s argument.
Finally, don’t give up. It’s very possible that your request won’t immediately be approved. If that happens, look at lessons learned from your approach. Ask yourself: What didn’t work? What can you tweak? Can you approach it in a different way? Does this still not give you comfort to ask again? Then consider conducting a pre-mortem.
Pretend your efforts to get funding have failed, and ask yourself—in the comfort of the hypothetical—why it failed. Be honest. What could you have done differently?
This article does not necessarily reflect the opinion of Bloomberg Industry Group, Inc., the publisher of Bloomberg Law and Bloomberg Tax, or its owners.
Author Information
Liisa Thomas is partner at Sheppard Mullin and a member of the intellectual property practice and focuses on privacy, advertising, and unfair competition law.
Write for Us: Author Guidelines
To contact the editors responsible for this story:
Learn more about Bloomberg Law or Log In to keep reading:
Learn About Bloomberg Law
AI-powered legal analytics, workflow tools and premium legal & business news.
Already a subscriber?
Log in to keep reading or access research tools.