Many compliance officers believe they have targets on their backs. Indeed, according to industry-wide surveys conducted by the National Society of Compliance Professional (NSCP), 72% of compliance professionals are concerned that regulators have expanded the role of compliance officers and the scope of their responsibilities in imposing personal liability and 63% believed that personal liability will be imposed even where compliance did not participate in the violations caused by the company or other executives. It is not surprising that compliance professionals feel this way. After all, when regulatory examinations or investigations begin, who is the initial point of contact at the firm? The chief compliance officer (CCO) or one of her direct reports. Who usually coordinates with different departments at the firm to coordinate production? The CCO. When regulators want to know what a document means or why production differs from the regulators’ expectations, who is involved in providing the answer? The CCO. Who generally drafts procedures and often is involved with surveillance? The CCO. Finally, who is often brought in for questioning under oath by the regulators regardless of whether compliance played a role in the conduct being investigated? You guessed it, the CCO. Thus, compliance officers seem to believe that regulators look at them the same way that Mrs. Gamp viewed the living young man: “He’d make a lovely corpse.”

In light of these issues, on January 10, 2022, NSCP issued its “Firm and CCO Liability Framework” to “more effectively address the issue of CCO liability.” The Framework focuses on “the larger context of the compliance function within firms,” evaluating real world issues such as whether the compliance officer had actual responsibilities to affect conduct and the resources to do the job.

In this article published by NSCP Currents, Eversheds Sutherland attorneys Brian Rubin and Amy Albanese use the Framework to see how it might affect two recent compliance officer enforcement actions, one brought by the SEC and one brought by FINRA. Where the relevant facts are unknown, they present hypothetical “yes” and “no” answers to show the possible effect.

Originally published in NSCP Currents - March 2022.