Coffee & Compliance - Interview with Linn Thuvesson

Today North House are thrilled to publish the next edition of Coffee & Compliance, an interview series that delves into the world of corporate governance and the ever-evolving landscape of regulatory compliance. In this edition, we're happy to feature an interview with Linn Thuvesson, a seasoned professional in the field of Compliance. With an extensive background that includes serving as the Chief Compliance Officer at Nasdaq Clearing, she currently leads as the Head of IT Resilience at Folksam.

Join us as we uncover valuable insights, expert advice, and intriguing perspectives on driving better compliance practices within organizations.

‍

‍Compliance plays a crucial role in ensuring corporate governance. In your experience, what are the key elements that make an effective corporate governance framework?

Effective corporate governance is a broad topic but focusing on its internal rules’ framework narrows it down and the following are some key point (assuming that fundamentals for a company’s possibility of compliance with the internal rules already are in place);

The content needs to consider the company’s specific objectives, fulfill the legal requirements, enable good business, and provide a structure for good governance and compliance in practice.

For me this requires involvement and for support the following is helpful:

·      For the users: internal rules should be kept short, with simple language and easy access to the mandatory requirements. The framework and underlying documents should be easily accessible and searchable, if possible, not only in its entirety but also broken up into searchable components of the requirements to support processes connected to risk management, internal control and follow up metrics/ performance indicators.

·      For the management/board: I believe in easy access to overviews (version history, decision history, entire framework), underlying information (to understand context, earlier decisions, and considerations etc.) and to receive reporting on the compliance/performance/indicators for follow ups/assessments/decisions related to the governance framework.

·      For the administrators of internal rules: processes and tools to support easy updates yearly and ad hoc. For example, easy access to earlier versions, supporting tools for document administration, easy or automated processes for reviews, and publications to the relevant stakeholders/users.

With the rapidly evolving regulatory landscape, how do you stay up-to-date with the latest compliance requirements and incorporate them into your organization's governance practices?

To stay up-to-date, I always try to (regardless of role) read and listen to information shared for example by subscribing to regulatory notices, monitor selected websites, receive information from the market/industry/community etc, and attend courses/seminars.

Within the organization I actively try to promote a culture and create platforms/forums for internal information sharing and dialogue to support each other with this important task.

‍When it comes to governing documents, what are some common challenges faced by companies in maintaining compliance? How can these challenges be overcome?

Challenges that comes to mind are; too formal, long, complicated and beautifully written internal governance documents. Very manual processes connected to the administration of the governance framework. Documents too far from the users and reality.

Some solutions to overcome are the following: easy and quick access to the documents, with clear structure and ownership of the documents, tailored and addressed for the specific recipients,  be strict on keeping documents short (to the point) and hands on/anchored/aligned/understood, and consider a cost connected to every sentence written (the last might not be the case but is a useful way of thinking to keep the words down, focus on the substance and to not include more cumbersome tasks than is needed).

Based on your long experience within compliance, what advice would you give to legal- and compliance professionals who want to make a positive impact on corporate governance and drive better compliance practices within organizations?

Key is to focus time and energy on the things where you (in your role) can make a difference and to catch momentums.

But a few general recommendations; is to “walk the talk” (to be promoter of the words written in the internal rule documents), to be a trusted advisor and predictable in your advice given, to be visible and close to the organization (as possible) to accomplish the earlier mentioned, and hopefully also loop back to the documents for updates to keep the words alive and relevant.

What are you most looking forward to this spring?

So much to look forward to! Privately; with two small children, every day brings new joys and development. Professionally; I have taken on a new role, which I’m thrilled and excited about to see what we can accomplish together. Regulatory; DORA and how it will change the landscape.

We all know that compliance can sometimes feel like navigating a labyrinth of rules and regulations. If you were to compare compliance to a popular board game, which game would it be and why?

I think of a labyrinth game that was a wooden box that I played as little. As mentioned the game was all about navigating a small ball through the playing field but it also required a lot of balance since the board was wobbly – and I believe compliance is a balance act (for example strict/helpful, guiding/auditing, pragmatic/orthodox),  and you all the time need to find the right path (and what is best) for the specific company.

‍