Skip to content

Voices from the Boardroom: Perspectives on Modern Governance – Post 3

By GC Legal | July 1, 2025 | Comments Off on Voices from the Boardroom: Perspectives on Modern Governance – Post 3

Post 3: The Intersection of Governance and Compliance: What Directors in Regulated Industries Must Get Right

By Al Parker

In regulated industries like life sciences, healthcare, and financial services, boards walk a delicate tightrope. On one side lies governance and the board’s responsibility to oversee strategy, risk, and leadership effectiveness. On the other lies compliance and the organization’s obligation to follow laws, regulations, and internal standards.

While these two domains are deeply connected, many boards struggle to strike the right balance. When boards conflate governance and compliance, they risk micromanaging management and blurring accountability. When they ignore compliance, they risk regulatory violations, reputational damage, and personal director liability.

Here are four ways boards can fulfill their compliance oversight duties without losing their strategic posture.

  1. Understand Compliance as a Governance Responsibility, Not Just an Operational Function

Boards often treat compliance as a “management issue.” While it is true that compliance programs are designed and implemented by management, the board has a fiduciary duty to ensure the company maintains an effective compliance framework.

This means directors should:

  • Understand the structure, authority, and independence of the compliance function.
  • Ensure the Chief Compliance Officer has direct access to the board or audit committee, not solely reporting through the General Counsel or CFO.
  • Confirm that compliance issues are surfaced promptly and transparently.

In my advisory work, I’ve seen boards elevate compliance effectiveness simply by clarifying reporting lines and ensuring the compliance leader has an unfiltered voice at the table.

  1. Ask Questions that Probe Both Culture and Controls

Effective compliance oversight goes beyond reviewing policies, training completion rates, or hotline statistics. It requires understanding whether compliance is embedded in the organization’s culture and decision-making.

Boards can probe this by asking:

  • How does compliance risk factor into operational and strategic decisions?
  • What are employees saying in engagement surveys about ethical culture and psychological safety?
  • When issues arise, does management respond constructively and transparently, or defensively and guardedly?

In one situation I observed, a board uncovered cultural blind spots when it asked the CCO why a recent investigation surfaced only after an anonymous hotline report. The answer revealed weaknesses in frontline reporting culture, which became an area the board then prioritized for leadership attention.

  1. Avoid the Micromanagement Trap

Boards sometimes respond to compliance failures by diving into operational details. While understandable, this can undermine management accountability and distract directors from their governance role.

Instead, effective boards:

  • Set clear expectations for compliance performance and resourcing.
  • Ensure robust independent assessments of compliance program design and effectiveness.
  • Hold management accountable for remediation plans and cultural improvements without dictating tactical execution.

As one seasoned director told me, “Our job isn’t to run the compliance program—it’s to ensure it’s being run well.”

  1. Stay Current on Evolving Regulatory Expectations

Compliance risk is not static. Enforcement priorities shift, new regulations emerge, and expectations for board oversight continue to evolve.

Directors in regulated industries should invest in ongoing education, including:

  • Annual compliance and ethics briefings tailored to their sector.
  • Periodic deep dives into emerging regulatory risks, such as data privacy, AI governance, or global anti-corruption.
  • Engagement with external experts to stress-test board assumptions.

Boards that remain informed are better positioned to ask the right questions, anticipate regulatory shifts, and avoid surprises.

Final Thought

Governance and compliance are two sides of the same coin. Effective boards recognize their duty to oversee compliance not as a checklist obligation, but as an integral part of stewarding the organization’s long-term success and integrity.

In my next post, I’ll share lessons learned from M&A, licensing, and strategic transactions—and how boards can navigate these moments of inflection to protect and create value.

Interested in my governance and compliance advisory work across the life sciences and healthcare sectors?
You can find my professional bio and board résumé http://www.linkedin.com/in/albert-p-parker.

Coming soon: “From Conflict to Clarity: Governance Lessons from M&A, Licensing, and Joint Ventures.”

Posted in Uncategorized