A new report from the New York City Bar Association on the increased number of enforcement actions against individual chief compliance officers was sparked by the growing concerns of in-house counsel.

The report, "Chief Compliance Officer Liability in the Financial Sector," is a product of the bar's compliance committee. Patrick Campbell, chair of the committee, said while he is an outside counsel, most of the committee is made up of in-house lawyers who seek more guidance and communication from regulators.

"The committee is in a unique situation to raise these issues," Campbell told Corporate Counsel on Monday. "It expresses the concerns of the compliance industry, spoken by a bar committee that is representative of the industry," and in a city that is the finance capital of the country.

Campbell, who spoke on behalf of the committee, is a partner in the New York office of Baker & Hostetler where he focuses on white-collar defense and compliance.

The report was the brainchild of Adam Felsenthal, bar committee secretary and deputy chief compliance officer and counsel at Great Point Partners, a Greenwich, Connecticut-based private investment firm. Felsenthal referred questions to Campbell.

The 28-page report comes at a time when more regulators are holding compliance officers accountable when their companies misbehave. There seems to be a growing "risk of liability arising out of an assessment made in hindsight regarding what a compliance officer or program ought to have detected and prevented," the report states.

It acknowledges that federal agencies have made some efforts toward clarifying enforcement decisions, but "the compliance community would certainly benefit from additional regulatory guidance directing compliance officers on how they may make the best of a bad situation and attempt to address compliance failures without increasing the risk of personal liability for good faith performance of their duties," the report says.

The paper consists of three parts: unnecessary risks that undermine the compliance function and regulatory goals; recent enforcement trends against compliance officers by several federal agencies; and recommendations that primarily deal with better guidance and communications.

Campbell said the recommendations "are practical, and are supported by instances of what other law enforcement agencies do" to benefit not only compliance officers, but investors and regulators as well. They do not require "heavy lifting" or major legislative changes to implement, he added.

The four key recommendations to regulators are:

• Issue formal written guidance on the principles used to determine whether or not to pursue regulatory action against compliance officers. The report suggests asking questions such as, "Did the compliance officers act willfully or recklessly?" and "Did they voluntarily disclose the misconduct and cooperate with investigations?"
• Provide updated or additional guidance through existing regulatory communications, such as risk alerts, enforcement actions and reports of examination activities.
• Create new platforms for informal communication with compliance officers, such as the roundtables sometimes used by the U.S. Securities and Exchange Commission or the LabCFTC program, in which the U.S. Commodity Futures Trading Commission established a dedicated point of contact for fintech innovators to communicate with that agency.
• Create compliance advisory groups made up of representatives from federal agencies, compliance officers for financial institutions and compliance professional associations to meet periodically to discuss concerns.

"Compliance officers can function as effective gatekeepers," the report concludes, "only if they are given the information and tools necessary to carefully police the boundary between culpable and permissible conduct—and do so without bearing a disproportionate risk of liability for others' misconduct."