Why Line of Business (LOB) Managers Should Own Compliance

There's a persistent practice in organizational management where compliance is separated from the business—a parallel universe where auditors live and checklists multiply.

The segregation of duties, span of control, functional decomposition, job specialization, along with aligning around regulatory frameworks and audit objectivity all contribute to this practice.

However, at a basic level, the main reason we separate compliance from the business is that we view compliance as a verification process not as an operational commitment to meet organizational obligations.

Whichever the case, this practice results in the creation of silos, inefficiencies, and a fundamental disconnect between what the business does and how it keeps its promises associated with its legal and stakeholder obligations.

But what if this organizational divide was closed?

The Lines that Separate

In traditional models, we draw clear organizational lines. On one side, we have Lines of Business—the revenue generators, the product developers, the operational managers who drive value streams forward.

On the other side, we have Lines of Compliance—the functions responsible for ensuring that all obligations connected with safety, security, sustainability, quality, ethics, and finance are met.

The problem with this separation is that it treats compliance as something done to the business rather than something that is the business.

When we think of compliance as verification, we miss the fundamental point: compliance is about meeting obligations which happens by making and keeping promises.

Every regulatory requirement, every quality standard, every environmental commitment, every customer assurance—these are all promises. And promises aren't kept through monitoring; they're kept through deliberate action and accountability.

Two Lines, One Owner

What if LOB managers owned both: business and compliance obligations?

When business leaders are accountable for both delivering value and keeping compliance promises that come with that value creation, something important happens. Compliance stops being a monitoring function and becomes an operational commitment.

The person responsible for business outcomes is also responsible for keeping safety promises. The manager driving customer acquisition also owns data privacy commitments. The executive overseeing operations ensures environmental obligations—both mandatory and voluntary—are fulfilled.

This isn't about adding responsibility—it's about recognizing what business accountability actually means. It’s about owning all your obligations, not just those connected with meeting growth and sales targets.

Integrated Obligations, Integrated Accountability

When obligations are integrated so is accountability which makes decisions inherently better.

A business manager who owns both value stream and compliance commitments can't rationalize shortcuts or defer difficult conversations. They can't claim ignorance of obligations because those obligations are woven into their mandate. They can't externalize accountability for meeting compliance obligations because they are part of their responsibility.

This integration also eliminates wasteful cycles that plague siloed organizations. Instead of separate teams monitoring whether promises were kept after the fact, business managers build operations that maintain integrity by design. Resources that were once spent on checking, remediation, and firefighting can be redirected toward proactive value protection and creation.

Perhaps most importantly, this approach fosters genuine ownership. When leaders are accountable for value chain and compliance obligations, they develop a more sophisticated understanding of what it means to operate responsibly. They see mandatory regulatory requirements and voluntary commitments not as constraints, but as integral to how they do business.

From Principle to Practice

Making this shift is not easy; it requires, among other things— vision— of what an integrative approach looks like.

It requires re-imagining job descriptions, rewriting accountability frameworks, and often challenging entrenched organizational habits. But organizations that embrace this integrative model will consistently create better outcomes for the business—not just reducing waste, although that will happen, but also building stakeholder outcomes, most importantly the outcome of trust.

Business and compliance functions aren't separate streams that occasionally intersect. They're the same river, flowing in the same direction: toward mission success.

When we stop treating compliance as an audit function and instead recognize it as the fundamental means of ensuring mission success—we unlock both better performance and greater assurance.

And this can happen with the same people, the same resources, and a clear understanding that every business manager is, at their core, a creator of value. Not just financial value measured by margins, but all the value that stakeholders demand: safety, security, sustainability, quality, ethics, and ultimately trust.

That's lean compliance in action.