Compliance and Ethics – they’re the same thing right?


Post By: Art Weiss

Nope.  This is a surprisingly common misconception.  Although many of us have both in our title, the functions are not the same.  I recently had a vigorous discussion with another compliance professional who insisted the roles are the same: to make sure an organization does what it is supposed to do.  My first question was “Who is deciding what the organization is supposed to do, the government or the organization?”  One is dictated by culture, the tone at the top.  The other is dictated by thousands of ever-changing and not-uniformly enforced laws and regulations imposed upon organizations by governmental bodies.  Not the same.

Ethics is quite simply “Doing the right thing.”  We act ethically because we have a strong conviction to do so, not because someone tells us to.  Ethics is part of our organization’s culture.  Compliance is obeying the law, not because we necessarily agree with it, but because someone is making us.  Not the same.

Tell me if you see any aspect of culture in the definition of compliance:

  1. the act of conforming, acquiescing, or yielding.
  2. a tendency to yield readily to others, especially in a weak and subservient way.
  3. conformity; accordance: in compliance with orders.
  4. cooperation or obedience: Compliance with the law is expected of all.

Now look at the definition of ethics. Do you see any mention of obedience?

  1. a system of moral principles: the ethics of a culture.
  2. the rules of conduct recognized in respect to a particular class of human actions or a particular group, culture, etc.: medical ethics; Christian ethics.
  3. moral principles, as of an individual: His ethics forbade betrayal of a confidence.
  4. (usually used with a singular verb) that branch of philosophy dealing with values relating to human conduct, with respect to the rightness and wrongness of certain actions and to the goodness and badness of the motives and ends of such actions.

You can have 100% compliance within your organization and still not be doing “the right thing.” 100% compliance should be the minimum.  It’s simple.  If your organization consistently pushes the outer boundaries of the law, the letter but not the spirit of the law, you may be 100% compliant, but are you doing “the right thing”?  Do you do only the minimum?  Do you treat employees legally, but not with respect?  Do your safety, privacy, environmental, accounting, and intellectual property policies do only the bare minimum that the law requires? Or, do you raise the bar and do what is right?

Support for this is found in recent Federal Sentencing Guidelines amendments that dictate that not only must organizations have a means to prevent and detect violations of law, but they must also foster an ethical culture.  Having policies in place is great, and necessary, but they are worthless if you don’t have the culture to support them.

No, compliance and ethics are not the same.  You must have compliance; you need to have ethics.

Art Weiss ( is Chief Compliance and Ethics Officer at TAMKO Building Products in Joplin, MO.



  1. Very good article. Here in Brazil, medium and big companies are working hard to have a good compliance system and consider it as enough. They look to create a compliance culture and not an ethics culture.

  2. Agree, very well said, practice ethical ways and you are in compliance, be compliant only and you lack ethics.

Comments are closed.