Leonid recently sat down with Caveni Wong, founder of Principle Compliance, to gather her views and insights on what really matters today when it comes to compliance leadership, culture and conduct and the future of the compliance profession.
From your perspective, how has the role of the chief compliance officer changed over the past five years, and where do you see the biggest gaps between expectation and reality?
In the last five years, we’ve seen enforcement agencies point out the failures of compliance programs that allowed serious violations to slip through the cracks. This is despite having large global company resources and chief compliance officers and programs in place. I think that more and more, CCOs are realizing they need to build programs that actually work in practice, not just look good on board reports. To do that, a CCO needs to ascertain whether policies and procedures are tailored to actual business processes, employees know how to apply them in their work, managers enforce the desired behaviours, or HR handle speak up reports properly. Often, CCOs stop short at telling employees WHAT needs to be done without fully understanding WHO needs to do it, and HOW. Today’s CCO needs to understand the requisite set of skills and compliance experience needed to operate a program that works in reality, and build the team accordingly with people who have those skills.
Culture is often described as the cornerstone of effective compliance, yet it remains hard to measure. What signals do you look for to assess whether a culture is actually working?
A lot of signals can be useful: upward trends in employee surveys, data from pulse surveys, downloads or web page visits, training evaluations, number of inquiries about a policy, participants in voluntary compliance activities, frequency of leaders seeking ethics and compliance advice, consistency in applying disciplinary actions. I can name a ton. The real challenge is not the lack of ways to measure culture. Often, it’s the lack of resources or organizational priority.
In your experience, where do well‑designed compliance frameworks most commonly break down when put under commercial pressure?
Even well-designed frameworks can break down when there’s a lack of enforcement or only superficial compliance. For example, I’ve seen control functions bending to allow exceptions because they did not feel empowered to stand up against requests by business leaders. I’ve seen managers rubber-stamping compliance processes when ethical standards are pitted against the perceived need to maintain client relationships. On the surface, these approvals are in compliance with the framework, but fail to mitigate compliance risks in practice.
What qualities do you see in the most resilient compliance leaders, particularly those operating in highly scrutinised or regulated environments?
Resilient compliance leaders need to have grit, sound judgment, a strong ethical centre and a passion for the work. The goal is to foster a culture of integrity where people can thrive in an environment that treats them fairly and that upholds ethical values. Remember that the purpose of law and regulations is to serve people and to maintain the social order, however imperfectly. They don’t exist for their own sakes. Compliance leaders who remember that the ultimate goal of compliance is to build a fair and ethical society would be more resilient in spite of regulatory challenges.
Looking ahead, what skills or experiences will define the next generation of senior compliance leaders?
I really hope to see the compliance profession evolve to appreciate experience beyond a JD. An impactful compliance leader is a polymath who has deep compliance functional expertise, which is not the same as legal expertise. Effective ethics and compliance programs require a diverse skillset and attributes including legal knowledge, tech savviness, project management, data analysis, change management, cross-functional collaboration, marketing, courage and a high degree of emotional intelligence along with sound judgment. Even more important may be a passion for the work. Compliance can be a thankless function that requires a tremendous amount of self-motivation. The role is like rolling a rock up the hill, every day, with little recognition for the effort but consequences if a rock falls. Without the passion and genuine desire to make the world a better place, it’d be difficult for a senior compliance leader to sustain a high level of performance to create lasting change.
If you were advising an organisation rebuilding or re‑setting its compliance function today, where would you insist they focus first, and why?
I would advise them to assess where the function is situated organizationally, how it obtains its mandate, and how it is perceived by business leaders. Without an honest assessment or re-calibration, everything the compliance function does may end up as activities that look good rather than outcomes that matter.
About Caveni and Principle Compliance
Caveni Wong is the founder and principal consultant at Principle Compliance, a specialist advisory firm focused on helping organisations design, embed and mature effective compliance and ethics programmes. With deep experience working with global compliance teams across regulated industries, Caveni is known for her practical, risk‑based approach and her ability to translate complex regulatory expectations into frameworks that work in real-world business environments. Principle Compliance partners with in‑house teams on everything from programme design and third‑party risk to investigations, culture and governance.
