Chief Compliance Officer Roadmap

Chief Compliance Officers (CCO) are responsible for protecting the ethical integrity of a company by ensuring it meets all regulatory obligations. 

The consequences of misconduct are severe for companies. These consequences include financial and reputational damage, with regulators clamping down on regulatory breaches.

CCOs have a huge responsibility on their shoulders. In this leadership role, getting off on the right foot is important. 

We can suggest practical steps to take if you need help getting started in your role as a CCO.

Join our next CCO Roundtable

Chevron Skillcast chevron graphic
CCO Roadmap

Starting a new role as CCO

Starting a new position can be a challenging task, especially in a leadership role. As a new CCO, you need to establish your authority in the company while finding your feet. To get off the starting blocks, it is important to get clarity on some basics such as whom you report to, if you're part of the C-suite, if there are ethics and compliance programmes in place and how committed the company is to it.

It is your responsibility to establish standards and implement procedures that ensure compliance programmes effectively identify and prevent non-compliance. As an expert in compliance, CCOs have a duty to assure senior management and the board that there are efficient policies and procedures in place and that the company is complying with all regulatory requirements. To be effective in the role, CCOs need to communicate clearly and have the respect of other employees.

Our quarterly roundtable dinners provide CCOs with the opportunity to network with others and learn from the best in the compliance business.

First 90 days

As a new employee, it's important to map out your goals and strategies for the first 90 days of your role. This plan will help you navigate your journey to settling into a new job and maximise your productivity. A 30-60-90 plan will also give your employer an idea of how you intend to contribute to the company over the upcoming months.

The first 30 days involve connecting with other employees which lays the foundation for good communication. These early days should focus on learning about the company, current projects and getting a handle on the org. chart. Establishing yourself in a new role requires structure, especially when in a leadership position.

Within your first 60 days, it is useful to start building on the foundation of the connections you have made. This is the time to start working with others in the organisation to create goals and establish key outcomes that you would like to achieve.

Towards the end of your first 90 days, you should feel relatively established and settled in your role. As a CCO, there's a responsibility to enforce regulations in the company - this is the time to take action. To effectively implement your 30-60-90 day plan, you will need to outline measurable goals and ensure they align with the company's overall mission.

Back to top of page

Auditing compliance processes

Conducting a compliance audit is essential to your role as a CCO, especially at the outset. There are a few points that are essential to consider in the process:

  • Decide who will perform the audit.
    This is generally a compliance officer. However, if you work for a smaller business with limited resources, you may choose to engage an independent auditor.
  • Initial planning
    Before any investigation takes place, you need to address some key questions:
    • What risks will your audit address?
    • What was the outcome of any previous compliance audits?
    • Have there been significant changes since the previous audit?
  • Meet with key stakeholders
    Audits may begin with a meeting between senior stakeholders and auditors to outline compliance checklists, guidelines and the audit scope.
  • Evaluate existing processes & controls
    The compliance auditor is responsible for assessing the organisation's tone and risk management culture and evaluating and reporting the effectiveness of management policy implementation.
  • Assess risks
    Some organisations have a higher appetite for risk arising from changing trends and business/economic conditions. Therefore, internal auditing techniques have changed from a reactive and control-based form to a more proactive and risk-based approach. The internal auditor can anticipate possible future concerns and opportunities, providing assurance, advice and insight where it is most needed.
  • Analyse operations & confirm information
    Achieving objectives and managing valuable organisational resources requires systems, processes and people. Internal auditors work closely with line managers to review operations then report their findings.
  • Consider external resources needed
    Compliance auditors may work with many assurance providers, including risk management professionals, fraud investigators, quality managers and security experts, to name just a few.

Back to top of page

Understanding policies & processes

When starting at a new company, it's important to get a lay of the land regarding the policies, processes and compliance training. This assessment allows you to offer a fresh perspective and identify problems. During the first 90 days, you can clearly see the size of any problems. You have an opportunity to put these concerns on the radar.

Your assessment should include investigating the number of complaints and regulatory referrals. Important information to know includes how the company reports breaches,  the company's breach register and their statements of breaches.

Skillcast offers an online Policy Hub tool that enables you to create, update, approve, communicate and seek attestation for your corporate policies. The tool allows you to demonstrate compliance with both UK and international regulations easily.

Policy Hub

Back to top of page

Reviewing compliance training

A new CCO needs to have a grasp of the product or service that the company offers. You'll gain credibility with senior management and regulators if you know the product inside out. This is a key component of working and communicating with the product team. You're more likely to earn the respect of other teams if you show an effort to understand their language.

Within your first 90 days, it is important to get a good understanding of the org chart. Knowing the company structure and culture will go a long way in ensuring you seamlessly adapt to the environment. Embedding compliance training in the company culture is a challenge. However, the challenge of engaging employees in training is greater.

Aligning your goals with those of each team will encourage greater cooperation and enthusiasm. By having a firm grasp on the company culture, you can adapt training to being inclusive and engaging for all employees. It is essential for compliance officers to take the lead on training.

Skillcast Essentials Library includes over 100 e-learning and microlearning courses that cover key compliance and conduct issues facing companies in the UK.

Compliance Essentials E-learning Courses

Back to top of page

Setting the tone

As a new CCO, it is valuable to hone in on the traits that will help you execute your role to the best of your ability. There are five key characteristics that every CCO should have to perform their tasks efficiently. CCOs need to have:

  1. Consistent operational integrity to monitor and enforce training programmes
  2. The ability to assess risks and communicate their impact efficiently
  3. Industry knowledge beyond regulatory requirements to the latest criminal tactics
  4. A respected voice of integrity to be taken seriously at all levels of a company
  5. The ability to be alert and responsive to keep compliance programmes dynamic

Identifying relevant legislation

CCOs face a huge volume of legislation, regulations and standards. It has become increasingly complex for companies to comply with them, so CCOs need to have their finger on the pulse. It is important to familiarise yourself with key legislation and regulations that define the corporate compliance landscape.

Some industries are more heavily regulated than others such as pharmaceuticals. There are generic regulations that every CCO need to be familiar with that relate to the following areas of compliance:

Gifts & Hospitality Checklist
Back to top of page

Continuously learning

The compliance landscape is always changing, so it is vital that stay up-to-date. That doesn't only mean regulatory changes but also thought leadership and best practices.

We offer 100+ free compliance training aids, including presentations, desk aids, posters and e-learning modules that you can use to help train your staff.

If you'd like to stay up to date with compliance best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech, and RegTech news, subscribe to the Skillcast Compliance Bulletin.

How to be an Effective Chief Compliance Officer (CCO)

Chief Compliance Officers are responsible for promoting a company's ethical conduct. This task involves overcoming some key challenges.

How to be an Effective CCO

Managing Key Compliance Challenges

Those working within compliance in the UK face more challenges now than ever before. Our eBook examines 15 of the key challenges facing compliance professionals to help you manage them more effectively.

Free Compliance Challenges eBook

How to Create a Compliance Culture

Our eBook aims to address some of the key challenges surrounding the quest for 100% compliance so that you can begin taking reasonable steps to implement a culture of compliance.

Free Compliance Culture eBook

Compliance Audit Checklist

Here we explain the key steps to completing a compliance audit to identify any gaps in compliance and suggest corrective actions.

Free Compliance Audit Checklist

101 Compliance Tips for CCOs

It's important to keep your finger on the pulse - stay informed with the latest developments, as there is always something new to learn. We have 101 tips from team building and mentoring to self-development and leadership.

Free 101 Compliance Tips eBook

Learning Styles Self-assessment

Providing quality training and development opportunities is one way to improve employee engagement. We have created a self-assessment to help you identify which learning approach would best suit your employees.

Learning Styles Self-Assessment

Proving Compliance ROI Webinar

In this webinar, we show how you can improve the ROI of compliance spending and demonstrate this to your management.

Proving Compliance ROI Webinar

Back to top of page

Key insights from CCOs

Our CCO roundtable dinners give compliance minds the opportunity to bounce off each other, share knowledge and discuss relevant issues. We've collated some of the most engaging insights.

Challenges in the role 

Identifying challenges is the first step in overcoming them. One of the main challenges in the role of a CCO is that it can be isolating. Regardless of whether you have a team around you or not, you have to make tough decisions that are either unpopular with the people or the regulator. 

Some other challenges include: 

  • Potentially dealing with a regulatory mess in the first few days. 
  • The time it takes to fix critical issues 
  • Feeling compelled to say something for the sake of saying it

Overcoming these challenges and learning how to allow you to gain trust.

Advice to CCOs new in their role

It is often hard to find someone internal to provide mentorship when you're new in a CCO role and often, there simply isn't the time.

Here are some nuggets of advice from CCOs who are relatively new in their role:

  • Remember to listen
  • Keep calm
  • Record everything - any regulator will want to know what you've done and why
  • Be sociable and approachable
  • Take your time -unless your instinct tells you something is genuinely urgent, it is not

Learning how to be effective in a CCO role

  • Storytelling is an effective tool as everybody can relate.
  • Understand that compliance is synonymous with confidence.
  • Think of compliance as inspiring people to do the right thing rather than policing.
  • Build a rapport with stakeholders - it will be easier to explain tough decisions.

Working in small vs large organisations

Smaller organisations

  • More of a visible impact and you actually need to have that impact
  • Potential to feel more useful
  • Longer term opportunity 

Larger organisations

  • Can be quite political 
  • There is often a lot of red tape where it is difficult to get simple things done
  • More compensation and security, in some cases



Network with your peers


Skillcast networking roundtables bring together a small group of compliance professionals to discuss their challenges and learn from the best.

When starting a new role, you can often feel isolated and not know where to start. It's especially true when you take charge of the function.

You really need advice from those with years of experience and feedback from those in the same position.

Skillcast's new quarterly CCO roundtables provide just that. Our roundtable dinners offer: 

  • support from your peers
  • advice from those with experience
  • the opportunity to bounce around ideas
  • the chance to learn from others in compliance

To attend one of our events, just confirm your details in the form opposite and we will be in touch to confirm.

If you have any questions you can contact us at

Book your seat