Write on. The KA blog. 

Bookmark us and please pay us a visit now again to keep up on all the goings on at Kerwin Associates.  
Mark Kinzie, Vice President, Compliance, Sophos

Mark Kinzie, Vice President, Compliance, Sophos

January 23, 2020

Tell us how you got into the compliance field and what do you love about the work? I was a trial lawyer for 18 years, defending companies in commercial and product lawsuits across the country. After some significant burnout, I received some excellent advice from a career counselor: take what you love about your current job and fold it into your next one. For me, that was the strategy defending a lawsuit and common sense embedded in a set of regulations. So, in part, I expanded an existing legal career into compliance to help a Company see and act earlier. What I found was a passion for creating alignment and adding value where it had been left on the table, while also reducing the Company's exposure to liability. I couldn't do those things as a trial lawyer. I could only clean up the mess that had been left afterwards.

What do you feel are the most interesting developments in the compliance sector for the technology industry as a whole? For your specific business/industry?  Data protection, wireless product certification, and import classification. Data protection will continue to be embraced by additional jurisdictions following a GDPR or CCPA scheme, and some may add their own special interest (e.g., see the BRIC countries that regulate manufacturing differently). Product certification will continue to hold specialized requirements country-by-country regulating legal access to its radio frequency spectrum. Import HTS classification can be engineered into design and may be structured into the supply chain to meet substantial transformation requirements, or otherwise, that will determine the application of tariffs and free trade agreements. These may seem to be older regulatory regimes, but they are dynamic, and the ability to identify their common thread and to construct a matrix that empowers the Company is a value-add.

What are some of the most difficult parts of building compliance teams in an extremely complex regulatory environment?  Different regulations operate differently. Some require due diligence and a file reflecting sufficient due diligence efforts. Others require active participation transaction-by-transaction or a steady view of informational mapping, whether it's supply chain routes, data flow, product development, customer base, or market expansion. For me, the key is creating work streams, which bring regulatory requirements into alignment with the business function, and not vice-versa. This can leverage efficiency, such as pushing compliance requirements upstream where it properly sits; it can add resources, such as supporting cross-functional controls owned by other Teams; or it can be the basis to create the business case when the Company requires resources to act on new controls. This can be further enhanced by challenging team leads within work streams to do more than remove the Company's exposure to regulatory liability but, instead, find the best practice that adds strategic value. Not all regulations work that way, but you wouldn't want to miss those that do. It can change the way the Company does business.

What advice would you give someone who's interested in a career in compliance? Interest in the law and how a regulator's mission operates are table stakes. Giving it practical application in a way that facilitates the Company's objectives is where you should look for your passion. In this space, you can make a difference, move the needle, reduce the Company's exposure to regulatory liability while also gaining the confidence of cross-functional Teams responsible for executing on compliance controls. In short, don't aim to be a policeman, or even a speedbump. Instead, be the one paving the way for the success of others by finding the right risk/benefit for the Team and marshalling that through to conclusion. If you're interested in that, you might consider a career in compliance.