Q&A With IKON's General Counsel & Secretary

This profile is the latest in a series of weekly conversations with executives at U.S. public companies who are currently involved in establishing and developing compliance programs. An index of previous conversations is available here.

You are general counsel and corporate secretary, as well as chief compliance officer. How much of your time goes to compliance?

It’s difficult to give an exact percentage ... The roles somewhat blend into each other; there is a considerable amount of synergy between the two, and the better job I do on the general counsel side, the more benefit there is on the compliance side and vice versa. I’d say about a quarter of the job regards solely the compliance role, but on any given day it could be substantially more than that.

You’ve been with IKON since 1999. Your responsibilities must have evolved since then, right?

Yes, they have. On the general counsel side it probably hasn’t changed that much, except that we needed to beef up our staff for Sarbanes-Oxley compliance. On the compliance front, I added that role in the last two years.

When did that happen? Did the board decide it, or did management?

It probably happened simultaneously. Ultimately it was a recommendation of management to have me become the compliance officer, but as you can imagine, in the last few years the board and management have had a lot of discussion on compliance. As our thoughts evolved, it made sense for me to be the compliance officer as we saw the synergy with my general counsel role.

What structure does IKON use to manage the compliance function?

Overall compliance is administered through our business ethics committee, which consists of me, the head of HR and our chief financial officer. I’m the chair of that committee, and we have monthly meetings, at which we have numerous different departmental support and attendance. Included in that meeting would be the head of internal audit; an HR staff member in charge of strategic policies and procedures; the head of security, who reports to me; and then ethics counsel. And then we add any number of people depending on the topics we talk about at that meeting.

What would be an agenda item for the ethics committee?

For example, through the committee we receive every report of alleged compliance issues—whether it’s a potential violation of law, or ethics, or even questions that may come up under our code of ethics. So on any given day we could go from a new set of issues that have come up under the code of ethics from the field ... to any fairly significant investigation we might be involved with, to any trends in certain types of reporting. We’re looking for both individual matters and significant trends over time, that might require new training or new security.

How much staff is involved in the nuts-and-bolts of compliance?

It’s a considerable number. If you’re talking about Sarbanes-Oxley in the overall sense, it’s the internal audit folks, HR, legal folks ...

Who reports to you directly?

I have ethics counsel, who runs the day-to-day issues that come up under compliance. I have the head of security, who reports to me. Among those people who don’t report directly to me, but who still have a close relationship with me are the vice president of internal audit and the HR head of policy and procedure. Those four people are the most in-touch with me when it comes to compliance.

And what about your reporting relationship to the board and other executives?

Obviously I report to my CEO, who gets regular updates on any significant matters or trends we follow. I also report those matters to the full board, the audit committee and the corporate governance committee on a regular basis. I also give biannual updates to the entire senior staff of significant trends that each member of management might be interested in. For example, we have trends that focus on significant reporting issues ... by each business unit, so each business-unit head can delve into details about his unit.

You’ve said elsewhere that a well-governed company shouldn’t find Sarbanes-Oxley and Section 404 overwhelming. What has IKON’s experience been?

My guess is that we’ve accomplished as much as any company that focuses on compliance, in terms of volume of work. I’d say the challenge wasn’t overwhelming, because most of the new SEC rules and NYSE guidelines—well, we were substantially in compliance prior to their effective date. There were a number of things that were well underway or already been accomplished ... so sure, while there was plenty of detail work, I would not say the challenges were that difficult.

ETHICS CODE

IKON's Code of Ethics Summary

A copy of IKON's Code of Ethics is provided to all employees with the understanding that compliance with the Code is required as a condition of employment. The Code of Ethics highlights the following principles:

Principle #1: Conflicts of Interest

You must conduct yourself in a manner that avoids conflicts of interest and that upholds IKON's business reputation.

Principle #2: Protection of IKON's Assets and Resources

You must be committed to the protection of IKON's assets and resources. Illegal or improper use of such assets and resources is prohibited.

Principle #3: Fraud, Dishonesty and Criminal Conduct

Fraud, dishonesty and criminal conduct by IKON employees will not be tolerated.

Principle #4: Confidential, Prop-rietary & Other Nonpublic Info.

You must appropriately safeguard IKON's confidential, proprietary and other non public information.

Principle #5: Compliance with Law and IKON Policies

You are expected to comply fully with all federal and state laws and with IKON's internal policies.

Principle #6: Interacting with the Media and Other Parties

You should not make any public communications on behalf of IKON without proper authorization.

Principle #7: Securities Transactions

You are prohibited from trading securities while in possession of material non public information.

Principle #8: Intellectual Property

IKON's intellectual property must be protected from improper use or disclosure.

SOURCE: The Corporate Governance section of IKON's investor relations Website.

Download Complete Version Of IKON's Code Of Ethics

Could you give us an example?

The requirement to have an effective code of conduct, for example. Our business ethics committee had been meeting for years prior to that; we had a little bit of fine-tuning to do to meet the Sarbanes reporting requirement, but much of that structure and process had already existed. We simply used the policies and procedures that had already been in place.

When were you tackling these items: long before Enron and Sarbanes, or as corporate governance began rising to the fore?

We viewed it simply as good governance and best practices, that we had adopted several years before Sarbanes was even being mentioned, quite frankly. We certainly did not have any foresight about the governance problems that everyone learned about in the last few years.

Who at the department takes point on Sarbanes-Oxley?

For Section 404, that role is spearheaded by the vice president of internal audit. He is the quarterback and coordinates with IT, finance and the other departments affected by 404. He regularly attends the ethics committee meetings, so he gives updates to the committee as well as senior management and the entire board.

If you’re talking about broader Sarbanes compliance, that probably is my role. I keep the board and the management updated on new requirements and how we should meet those requirements.

Have you enlisted outside consultants to help you shape your Section 404 project?

For 404, we have had one of the Big Four firms help us. On the rest of overall compliance matters, we have not used outside help; they have primarily been spearheaded by internal staff.

What about accelerated filing deadlines—how do you track triggering events and explain the changes to employees?

Just like the business ethics committee, prior to Sarbanes we had something called the disclosure committee. They are primarily responsible for 8-K disclosure or any other disclosure that needs to be made, either because it’s required by law or because it’s good practice. The disclosure committee consists of representatives from each department of the company. It’s the disclosure committee that reviews the 10-K, 10-Q, 8-K or any other events that should be considered for disclosure.

Overseas compliance is a common headache for executives we interview, and IKON has offices all over Europe. Your thoughts on the subject?

We have two challenges on that front. It’s not so much the people whom we need to convince; based on my trips to Europe, the individuals within our company understand what has happened in the U.S. and the need to implement better compliance.

The issue has been more on the front of the specific country laws that may become obstacles to applying U.S. compliance rules as is. In some countries, if you simply try to apply the U.S. requirements as is, you might technically violate the local laws. You have to adapt to the local requirements before you impose the U.S. policies and procedures.

The second issue is cultural difference. People do have a different way of seeing things because of their local country, and I’d say it’s more those two issues than a people issue.

What is your typical day like?

I don’t have a typical day; sometimes I wish I had one! Seriously, it could be any number of things ... that will change my calendar, whether it’s a call from the board members, or a meeting that the CEO might pull me into with one of the managers, to visiting the field.

BENCHMARKING

Compliance Week has partnered with The Open Compliance & Ethics Group to administer an extensive benchmarking study regarding governance, compliance and ethics programs. Companies that want to be included in the survey should register by Nov. 15 using the link below.

Details On OCEG Compliance Benchmarking Study

Do you benchmark IKON’s compliance? How?

I regularly track statistics and read publications—like your magazine, quite frankly—to see what statistics there are. I don’t think there are state-of-the-art statistics yet where people can compare apples to apples, but something like that would help. I do look at statistics pulled together by very different sources to determine whether we’re in the ballpark or outside. [Editor's Note: See box at right for related survey]

And your top compliance priorities for the next 12 months?

I’d spend a little more time making sure that our overseas compliance is in a healthy state, to make sure we have no local legal requirements that may become an issue as we beef up compliance overseas. We’re primarily in Europe for overseas, and we’re expanding into new countries as we speak.

The second priority would be better types of reporting from all aspects of the business—including those items that might not be an ethical question for the company, but help me identify opportunities for improvement.

Thanks, Don.

Click here for upcoming Webcasts with compliance officers.