The legal department at Sunnyvale-based NetApp Inc. has proven that a team need not be massive to find big success in achieving companywide compliance goals. The legal team, which has 38 lawyers worldwide, is responsible for training on and maintaining ethics and compliance standards for a company with 12,000 employees and revenue in 2016 of $5.546 billion.
For NetApp, a superlative compliance program starts with training that grabs employees’ attention and resonates.
“We don’t want people to think of compliance as being a mandatory check the box,” said Spencer Mazyck, senior manager and counsel, global integrity & compliance at NetApp. “We’re focused on making compliance fun and making the training smart and simple.”
This can involve a multimedia approach. This year, for instance, Mazyck composed a song with compliance messaging to the tune of Maroon 5’s hit song, “Moves Like Jagger.” He said he chose the song in part because it was well-known, not just in the U.S. but in other regions around the world where NetApp has many employees. NetApp’s in-house lawyers starred in the corresponding music video, which was shown at the company’s annual sales kick-off meeting.
Other recent training initiatives, according to Mazyck, have included several ethics and compliance training films (one on side agreements was styled as an old-fashioned black-and-white detective movie), a videotaped compliance-themed “Jeopardy!” competition starring NetApp GC Matthew Fawcett as Alex Trebeck and in-house lawyers as contestants, as well as a crossword puzzle challenge about NetApp’s gifts and entertainment policy.
Training aside, NetApp also has achieved a major overhaul of its partner risk assessment and due diligence process. “When it started it was a manual process, it was a resource-intensive process that took a lot of lawyers to who were involved with it pretty much full-time,” Mazcyk said.
NetApp right-sourced these processes by developing a new digital workflow in which the company’s potential partners fill out an electronic questionnaire that puts them into a risk category. They are then routed to the corresponding offshore team that can provide the appropriate level of due diligence. A third-party legal services provider helps with much of the more routine due diligence work, but requests are escalated to in-house lawyers if necessary. A similar process has been applied for gifts and entertainment and conflict of interest issues at NetApp, getting the company away from spreadsheets and making work more efficient.
The company, Mazcyk added, has also developed a real-time dashboard to monitor metrics around training, due diligence and other compliance issues.