A tale of three boards: The opportunity of board engagement

By Rebecca Walker, 2 February 2026

It turns out that board oversight of compliance programmes matters – deeply.

The difference between a programme that feels routine and one that truly influences an organisation’s culture often comes down to how seriously the board takes its oversight role.

Board one

Earlier this year, I conducted an assessment for a mid-sized tech company. (We’ll call this company TechCo.) On paper, TechCo’s programme looked much like the compliance programmes of other mid-sized organisations: a part-time compliance team led by the General Counsel, a global hotline, and the usual set of policies and training modules. But in practice, it stood out. The programme had unusual traction, a clarity of purpose, and stronger visibility across the organisation than I had expected. And the reason was simple: the TechCo board takes its oversight role very seriously.

Every member of the board participated in the assessment interviews – not just the audit committee chair, not just a handful of governance-minded directors, but every single one. 

At much larger organisations, it can sometimes be difficult to secure even the audit committee chair’s participation in a compliance review. (Indeed, in the past few years, I have written multiple memos to general counsel pleading my case about the importance of interviewing the audit committee chair because GCs weren’t convinced it was necessary.) 

At TechCo, the entire board wanted to provide their views on the programme. They also wanted to understand how the programme compares to others, how employees perceive it, and how leadership sets the tone.

That level of engagement sent a message to the CEO, the compliance team, and the broader organisation that ethics and compliance are not peripheral responsibilities. They are central to how the company measures success.

Board two

By contrast, at another company I work with – a large, global organisation with tens of thousands of employees – the compliance officer has struggled for years to get in front of the board. Compliance reports are filtered through the General Counsel, who acts as the intermediary. While the lack of access can be attributed in part to the General Counsel’s gatekeeping, it is equally a failure of the board itself.

Board three

At yet another company for which I conducted an assessment last year – a large, multinational services provider (let’s call them ServiceCo) – the Chief Compliance Officer (CCO) has a good relationship with the audit committee, including direct and immediate access as needed. 

However, the CCO sits several levels below the CEO, a structural issue recognised by everyone within the programme. In discussions with the audit committee chair, there was little acknowledgment that this presented a risk: a simple “it seems to work for us,” without much consideration of legal standards, best practices, or the practical ramifications. 

The good news is that ServiceCo’s audit committee has a functional relationship with the CCO – a definite improvement over the global company described above. But unlike TechCo’s board, ServiceCo’s audit committee appears largely uninterested in understanding the programme’s potential or how it compares to others.

The current environment is, indeed, the best of times and the worst of times for the landscape of board oversight. There has been extraordinary progress in some boardrooms, and stubborn gaps in others. Boards that embrace their oversight role create programmes that thrive; those that remain distant leave even strong compliance officers constrained.

The responsibility

Boards have an affirmative responsibility to hear directly from the Chief Compliance Officer. That expectation is not just a best practice; in the US for instance it is embedded in Department of Justice guidance and reinforced by Delaware case law emphasising directors’ duty to oversee corporate compliance systems. When a board relies solely on management to interpret or deliver compliance information, it risks missing important signals about culture, emerging risks, or the independence of the programme itself.

In these less engaged organisations, the absence of a direct relationship between the board and compliance leadership mutes the programme’s influence. The compliance team may do capable work, but without visible support from the top, the programme’s impact is necessarily limited.

Oversight that elevates leadership

The contrast among these organisations highlights the opportunity boards have to elevate ethical leadership. When a board engages directly, it not only strengthens the compliance programme but also holds the CEO and senior leaders accountable for the culture they create.

At TechCo, the board doesn’t just oversee the programme – it ensures the programme has the resources, independence, and access it needs. That board also actively oversees leadership’s commitment to compliance and business ethics by reviewing survey data and other indicators. This focus creates a feedback loop in which the CEO and leadership team model the importance of ethics across the organization.

At the larger organisations, where the board remains distant, that loop is broken. Without direct communication, the board can neither reinforce nor challenge management’s tone from the top.

The lessons for all organisations

As organisations grow, direct engagement between the CCO and the board becomes even more important. Governance structures and full agendas can make it tempting for boards to rely on second-hand updates. But the potential impact of genuine engagement doesn’t diminish with scale – it multiplies.

When a large-company board invests time and attention in understanding how the compliance programme operates, it strengthens the programme’s authority and signals to employees that integrity is a shared priority. A single question from a board member – “How are we ensuring employees feel safe raising concerns?” – can ripple through management layers, prompting reflection, measurement, and enhancement.

The multiplier effect

When boards engage, the effect is exponential. Compliance gains visibility. The CCO gains influence. Leadership gains credibility. And employees gain confidence that ethical behaviour is both expected and valued. 

In an era when regulators, investors, and employees expect boards to oversee culture as well as compliance, organisations that lean into this responsibility are finding that the benefits extend far beyond risk mitigation. They strengthen the culture of ethics and compliance.

The mid-sized tech company represents the future of compliance oversight: a board that understands its influence, uses it thoughtfully, and recognises that ethics and compliance can drive success. It is a hopeful counterpoint to organisations where oversight remains limited.  That contrast is a reminder that the space between the best and worst of governance can be narrow, and boards themselves have the power to determine where their organisations land.

That’s the opportunity of board engagement – and it’s one worth seizing.