Are you looking to hire one person to combine the Chief Compliance Officer and General Counsel roles? Or maybe you’ve heard that combining them is not a good idea and need to know why. Our compliance experts help fintech founders and executives understand the differences between Legal and Compliance by answering a few typical questions.
This analysis was not written by hired copywriters, third-party agencies, or AI-based tools. We are experts from a leading fintech regulatory compliance consulting firm supporting fintech startups and established financial institutions with outsourced CCO services since 2013.
While Compliance and Legal functions can initially seem closely intertwined, there are clear differences between legal and compliance that are best managed when entrusted to separate roles, the Chief Compliance Officer (CCO) and the General Counsel (GC).
This analysis aims to explore differences between legal and compliance and leans on our deep fintech startup compliance expertise to argue that the two positions should be kept separate to maximize their efficiencies and value.
What is the Difference Between a CCO and a General Counsel?
The CCO and GC are two distinct roles within organizations. While both share a common mission to uphold laws and regulations and a similar reporting line that allows them to provide an independent source of oversight, they are marked by differences across the following key factors:
- Responsibilities
- Areas of Expertise
| Difference Between a CCO and a General Counsel | Chief Compliance Officer | General Counsel |
| Responsibilities and Areas of Expertise |
|
|
Let’s review these key differences between legal and compliance in greater detail.
What is the Role of Compliance and Legal?
While there is overlap and alignment, the responsibilities and the expertise expected from the roles of CCOs and GCs are, in fact, different.
- Compliance Role (CCO). A CCO’s primary responsibility is to establish a compliance program that supports the company’s compliance with regulatory requirements, best practices, and ethical standards. From a regulatory compliance perspective, their primary role is to provide independent oversight and mitigate the risk of potential compliance pitfalls by educating the Board, senior management, and other employees. Additionally, a CCO is tasked with developing internal controls and procedures that ensure compliance with exposure in areas such as employee training and human resources.
- Legal Role (GC). A GC acts as an advocate for the company, with a primary duty to provide legal advice related to corporate transactions, dispute resolution, contracts, intellectual property protection, and other matters relevant to an organization’s operations and business strategy. As such, the GC must understand legal risks that impact business objectives and strategy and then communicate with top management.
Should Compliance Be Separated from Legal?
There are compelling operational and risk management-related arguments for keeping these roles separate while recognizing their interdependence. At times, it may seem cost-effective to merge Compliance and Legal to contain immediate operational costs. However, many companies that historically assigned compliance tasks to their Legal departments are now looking to separate them.
Why Should Fintechs Keep Compliance Separated from Legal?
There is now broad industry consensus that separating the roles of a CCO and GC is crucial for companies operating within a complex and highly regulated industry, such as fintech. The two main reasons are:
- Special compliance expertise gives the CCO a greater focus on addressing any potential risks while helping ensure adequate compliance culture stewardship.
- The two separate functions help maintain essential checks and balances to avoid the potential for a conflict of interest. For example, an independent legal review of compliance procedures ensures impartiality and objectivity, much like an independent auditor keeps a check on corporate finances.
Two Sides of the Same Coin
InnReg advises fintech founders and executives to view Compliance and Legal as two sides of the same coin. For a compliance program to be effective, both compliance and legal professionals are needed. They must coordinate and communicate at every step to fulfill the synergy in their respective mandates.
These synergies manifest themselves in various ways. For example, while the GC defines the framework of a company’s operations, it is the CCO that defines and develops controls, policies, and procedures to ensure that companies adhere to this framework.
Companies that are ready to invest in separate functions can maximize their underlying synergies by:
- Detecting compliance issues at earlier stages
- Assuring prompt corrective action
- Creating a company-wide culture of ethical behavior
In sum, having Compliance and Legal work together in this way helps ensure that corporate compliance goals are effectively achieved.
What key practical considerations should CCOs and GCs consider to foster a mutually beneficial partnership between Legal and Compliance?
For the reasons documented above, fintechs increasingly recognize that legal analysis and adherence to compliance principles are two sides of the same coin that can perform better when kept separated but in close partnership.
To enhance collaboration and leverage their collective expertise, the compliance and legal teams should strive to build a close working relationship. This will enable them to effectively address enterprise risk assessment, controls testing, investigations, and mitigation plans.
To facilitate this collaboration, we have compiled a list of essential practical considerations for compliance and legal officers to follow:
| Action | Legal and Compliance Collaboration Touchpoints |
| Prioritize | Collaboratively prioritize all business initiatives by conducting a comprehensive review of compliance and legal risks. |
| Analyze | Structure projects in a manner that complies with regulatory requirements, based on a thorough impact analysis. |
| Alert | Stay updated on new regulations and establish information alerts to keep the company informed of relevant changes. |
| Confirm | Ensure that legal analysts review regulations to assess their implications and provide necessary guidance. |
| Escalate | Promptly escalate significant compliance matters to senior management for their attention and appropriate actions. |
Conclusion: Recognizing the Interdependence AND Difference Between Compliance and Legal Functions
In conclusion, while compliance and legal are complementary to ensure that companies operate in compliance with laws and regulations, the differences in their responsibilities and areas of expertise lead us to argue for their separation as the optimal organizational and governance structure across most types of organizations.
For this reason, we offer that the key to a successful partnership between the two functions is a clear understanding of each other’s role and the mutual inter-dependencies of each based on a given company’s internal structure, business strategy, and operational needs.
Consult with the Experts
Need help with support and information on compliance and legal partnerships? Reach out today for a free consultation: info@innreg.com
The road to success requires optimizing your regulatory structure, business, and operational models and then developing the optimal cost-benefit structure for fintech compliance. InnReg helps fintechs like yours acquire the crucial advantage needed to streamline compliance operations, maximize profit, and minimize costs and risks.
The Author
InnReg is a team of over 30 Regulatory Compliance and Innovation Consulting experts helping fintechs succeed in highly regulated markets since 2013. InnReg specializes on mitigating regulatory risk while helping clients launch and grow innovative fintech products and services.
