Integrating your compliance programme into the variable compensation of executives

A good compliance programme is one that constantly evolves with the needs of the business. As the business moves into new areas and new territories, the business model changes, new products are developed and new customers are gained, the compliance programme also needs to move to address any new risks. Ensuring that the company leaders don’t forget about the need to conduct business in a strongly ethical and compliant way is key for any chief compliance officer. While it would be great if every single business leader would just do this instinctively, many need to have some incentives to push compliance up the list of things that they need to keep thinking about. The old business phrase that “compensation drives behaviour” is still as important today as it was 50 years ago, before the compliance revolution.

One company that is driving compliance internationally and taking the challenge to integrate its compliance programme into the variable compensation of executives is the Sorin Group, a global medical device company and leader in the treatment of cardiovascular diseases. With over 3750 employees worldwide, the company develops, manufactures and markets therapies for cardiac surgery and for the treatment of cardiac rhythm disorders.

Challenge: Implementing a compliance programme that works globally

While headquartered in Italy and listed on the Milan Stock Exchange, Sorin Group treats more than one million patients in over 80 countries. Its British General Counsel, Brian Sheridan, along with the Sorin compliance team, built the company’s United States compliance programme many years ago. Sorin’s industry peers consider the programme one of the stronger in the industry.

The Sorin compliance team is leveraging its achievements in the United States to further develop its compliance programme in markets outside of the United States. “One module at the heart of our global ambitions for compliance is the creativity we apply to incentives and disincentives – we started this in the United States and it has worked well for us,” said Mr Sheridan.

Embedding compliance into executives' key performance indicators

At Sorin Group, compliance is an integral part of each manager’s performance objectives. Members of the Executive Leadership Team and leaders of all of Sorin’s functions and business units are directly responsible for the culture, understanding, observance and adoption of the Sorin Code of Conduct, the Sorin United States and international compliance policies and procedures, and their industry codes of practice (including AdvaMed and Eucomed).

In addition to these worthy, but still standard, key performance indicators, each of the different functions within the Sorin Group has adopted individual performance objectives specifically regarding compliance. The individualised compliance objectives are agreed and documented every year for each function and senior manager, and form part of the process of continuous performance review (written reviews twice yearly) managed by Sorin’s human resources team. The responsible executive of each function or group is required to cascade each of the compliance obligations to those employees under them. This ensures that the whole company has compliance integrated into their variable remuneration.

Sorin’s system – unique in the world of medtech – creates tailor-made objectives that allow a more focused drive on key risk areas and “personalisation” of the system while successfully avoiding the box-checking mentality that bedevils many compliance plans.

Evaluating the performance of compliance obligations

As part of the annual review process, the staff that directly report to each senior executive are interviewed by the General Counsel or another member of the company’s legal or compliance functions to determine their adherence to the compliance objectives. An assessment is performed alongside line managers and a member of the human resources team to determine whether the obligations have been met, and to what extent. This interview and assessment procedure, which includes direct reports from the leader of the function or group, ensures that there is a 360 degree assessment of each particular executive and their function. The same system (with the involvement of the Board of Directors and the Remuneration and Risk and Control committees) applies to Sorin’s Chief Executive Officer.

The compliance obligations have an effect in variable compensation in two ways. If a group fails to meet expectations for the specific objectives the executive and their whole team will miss out on the entire variable pay for that year. This means that if an employee fails to meet his or her compliance objectives, the whole bonus for that employee will remain unpaid. If a group meets some expectations for the compliance objectives they will receive payment of the variable, with the amount dependant on the amount of objectives that have been met.

Given the risk for failure for managers, and that a failure may be documented as early as the half-yearly review, they are encouraged to seek feedback throughout the year from as many sources as possible regarding how they and those reporting to them are meeting their objectives. The emphasis is placed on the manager to coach, educate and assist his or her direct and indirect reports to ensure that they understand what the objectives require and then meet those objectives.

As many of the compliance obligations allocated to executives talk about communicating compliance to the cascading manager, Sorin acknowledges the risk that some executives may claim to achieve that objective by simply emailing their direct reports about compliance messages.

“To understand the system, you have to go back to why the Executive Leadership Team and our Board of Directors approved this plan: we do not want to stop at mere risk management. We want to influence actual behaviours, and not merely the consequences of any wrongdoing that may occur. This is easy to say, but [is] a tough objective for the Chief Executive Officer and his leadership team to sign up for,” said Jamie Leitner, an American heading Sorin’s International Compliance Programme.

The tailoring of personal compliance objectives with direct relevance to the business goals of different executives and the continuous process of review is also important for another reason. “We of course have had instances where things have not been achieved to our satisfaction at the mid-year checkpoint. However, an essential part of our system allows managers to recover their objectives, and their variable compensation, by the end of the year,” said Mr Sheridan.

The compliance objectives are intended to be as difficult to achieve as other business goals. They are not “easy option” objectives, but ones that require thought, commitment and sincerity. Sorin’s compliance team reminds all executives that actions speak louder than words, and encourages them to actively demonstrate their commitment rather than simply vocalising it.

Some examples of the rating system that the company put in place to manage the compliance obligations are:

Fails to meet expectations

  • Communicates verbally or in writing in a cynical or ironic manner regarding compliance, especially to his or her own direct reports
  • Openly challenges the company’s commitment to compliance
  • Obstructs the compliance and legal functions in their roles or denies access to those functions to the people, events, meetings or data needed
  • Fails to follow up on actions assigned by a line manager, the Chief Compliance Officer or a member of the legal function
  • Deliberately or repeatedly violates the policies and procedures that form part of the compliance policy
  • Fails to meet any of the specifically identified objectives related to compliance
  • Allows those directly or indirectly reporting to him or her to fail to meet their compliance objectives without implementing an action plan or alerting the Chief Compliance Officer or General Counsel

Meets some expectations

  • Demonstrates one or more of the above failings, but implements satisfactory recovery actions in agreement with line manager, Chief Compliance Officer or member of the legal function

Meets expectations

  • They and those reporting to them comply with all requirements of policies and procedures on time and in complete and thorough manner
  • “Walks the walk” on compliance
  • Understands the reason for a compliance policy and the need for each policy and procedure relating to his or her function and role in the company
  • Ensures that their team and manager understands the policies and procedures, including Sorin’s Code of Conduct and AdvaMed and Eucomed’s codes of conduct
  • Proactively facilitates and dedicates adequate time and resources to the involvement of the compliance and legal functions, including annual and regular sales and management meetings, on-boarding of new hires, etc.

Exceeds expectations

  • As above, and also exercises does not waste any opportunity to talk about compliance, training and educating on compliance
  • Ensures proactive efforts are taken to understand and implement new or amended policies, procedures and practices of the compliance function
  • Reacts with maturity to “misses” in compliance policies and procedures within his or her team, and involves the Chief Compliance Officer and/or member of the legal function in a timely manner to ensure communication regarding compliance is open, transparent and sincere

Outstanding performance

  • Oversees at least 90percent performance of all direct and indirect reports in implementation of policies and procedures in terms of timing and completeness
  • Zero failures in substantive compliance with the AdvaMed and Eucomed codes of conduct
  • Demonstrates consistent, constant and true “tone at the top” in how he or she communicates about compliance, the company’s compliance programme, and the work of the compliance function.

Examples of compliance obligations

For its Executive Leadership Team (the ten most senior executives of the company), the most basic form of compliance obligations are necessarily more qualitative, and include:

  • Lead from the top – in your own conduct (lead by example) and in the decisions you take, to the resources and time you commit to compliance
  • Facilitate and proactively practice in day-to-day activities the key compliance competencies, both internally and externally
  • Support specific initiatives from the Chief Executive Officer and legal and compliance functions.

For its heads of sales and marketing (level and two sales leaders and level one global marketing leaders), some of the most basic compliance obligations are:

  • Demonstrate, facilitate and proactively practice in day-to-day activities the key compliance competencies, both internally and externally
  • Support specific initiatives from the legal and compliance functions
  • Ensure that all employees, agents and contractors directly or indirectly reporting to you fully complete all required training and communications in a timely manner
  • Provide full cooperation with investigations conducted by the compliance or legal functions of any alleged violation of compliance policies
  • Include the Chief Compliance Officer or another legal or compliance function representative in your management meetings at least twice per year, per geography

Identify instances of non-compliance and support compliance monitoring and reporting systems

  • Partner with compliance in resolving compliance issues.

For its country level heads of sales (level two sales leaders) there are additional responsibilities, for example:

  • Certify that all employees, agents and contractors directly or indirectly reporting to you have fully reported all sales and marketing interactions with all HCPs (Health Care Professional) in a timely manner
  • Certify that all employees, agents and contractors directly or indirectly reporting to you have fully, promptly and accurately reported all expenses with HCPs on Concur.

Sorin Group has made very public commitments to a programme that drives management behaviour as well as achieves the apparently narrower goals of risk management. While used as a “sword” on occasions to drive improved behaviour, the company believes that an effective compliance programme needs incentives and disincentives. Having a documented performance management system for compliance that applies across the entire company is essential in building Sorin’s compliance programme. In terms of being an employer of choice, Sorin believes the compliance programme is becoming a competitive advantage.

The compliance incentives programme at Sorin continues to go through annual refinements. According to Michelle Bradbury, Chief Compliance Officer, United States, the secrets of success are not complicated. : “A recent industry survey showed that over 80 percent of companies in our space have not made the link yet between positive financial incentives and the achievement of goals for their compliance plans. But it isn’t that hard, really. First, we remind ourselves that our Chief Executive Officer is under the same system, and his own variable pay is at risk, just as [that of] our least senior sales rep. Second, we have alignment from our human resources leadership in adjusting a system that has been around for years. Third, execution: once you start down this path, failure simply isn’t an option.”

Lessons learned since Sorin’s 2010 roll out:

  • Top down: If your Executive Leadership Team is truly on board you can make big leaps and not limit your compliance ambitions to incremental steps
  • Personalise: The objectives are more personal to each function and more granular now than four years ago and that has made a difference
  • Balance: In 2010 Sorin was very “qualitative” in designing objectives. They have retained some of these key performance indicators (such as “show leadership”), but complemented these with concrete and – most importantly – objective and measurable key performance indicators
  • Talk about it: In the 2012 compensation cycle, Sorin awarded a bonus that was greater than 100 percent of the target compliance bonus on 23 occasions. They withheld 100 percent of all variable pay (including sales performance achievements) on six occasions. These real examples of real people make the difference.
  • Be positive: The focus for most companies in Sorin’s industry is to disincentivise non-compliance rather than positively incentivise behaviours. At Sorin they seek both.
  • Just do it: Sorin is evangelical that a plan such as theirs can be achieved without any incremental cost to the company (save the bonus payments that follow from improved leadership in compliance). This often doesn’t make Sorin friends in their peer group, who sometimes see themselves as on a permanent mission for greater resources, higher headcount and more fees.


Five things to consider when looking to build compliance into a variable compensation programme:

  1. The variable compensation programme needs to be for all leaders and then cascaded down the company so that staff at all levels are subject to the obligations in the compensation plan as they apply to compliance.
  2. Ensure that there is a 360 degree review mechanism to allow feedback from peers, managers and those reporting to management regarding how the function or team (or particular executive) is progressing in achieving their compliance obligations. A part-way review is also a good idea.
  3. Have SMART compliance objectives:
  • Specific: A specific objective has a much greater chance of being accomplished than a general objective (e.g don’t just say “ensure training has been completed by your team”, say;
    • Who: who needs to be trained?
    • What: what training objectives do you want to accomplish?
    • Where: identify a location for the training
    • When: establish a time frame for the training to be completed
    • Which: identify requirements and constraints for any training
    • Why: provide specific reasons, purpose or benefits of accomplishing the training objective.
  • Measurable: Establish concrete criteria for measuring progress toward the attainment of each objective you set.
  • Aggressive but attainable: When you identify objectives that are most important to the compliance function and the relevant business, employees are more likely to see the value in making them come true.
  • Realistic: To be realistic, an objective must represent something which you are both willing and able to work toward.
  • Timely: An objective should be grounded within a timeframe.

4. Make sure the compliance objectives are weighted in the overall compensation plan for at least 25 percent or, preferably, that the compliance objectives need to be achieved before any other payments are made.

5. Ensure the objectives are set so that the executives are blinded to a “tick the box” mentality of achieving objectives. Leave some room for qualitative objectives for the more tenured executives.


The Red Flag Group is adviser to the Sorin Group for its international compliance programme and manages Sorin’s due diligence of intermediaries through its global due diligence offerings and the ComplianceDesktop® Technology Platform.

Previous Article
Measuring country risks - IntegraRating® | Compliance Focus Analysis
Measuring country risks - IntegraRating® | Compliance Focus Analysis

Let’s face it: compliance budgets are tiny in comparison to those of other functions within a large company...

Next Article
Compliance risk assessments - Target your risks effectively
Compliance risk assessments - Target your risks effectively

Although the formalisation of the discipline of risk management is relatively recent, the notion of enterpr...


Subscribe to The Red Flag Group Insights

First Name
Job Title
Thanks for subscribing
Error - something went wrong!