Corporate governance has never been more critical to organisational success, yet the complexity of today’s regulatory environment continues to challenge even the most seasoned executives. Tom O’Neil, Managing Director at Berkeley Research Group, brings a rare combination of boardroom expertise and operational insight to these challenges. With a distinguished career spanning prosecutor, global law firm partner, and C-suite leadership at major corporations including Cigna Corporation and WellCare Health Plans, O’Neil has navigated some of the most demanding governance scenarios in modern business.
His tenure as Global Chief Compliance Officer at Cigna Corporation—overseeing compliance frameworks for 70,000 employees across a company generating approximately £160bn in revenue—positioned him at the forefront of large-scale organisational transformation. Now at BRG, O’Neil combines his real-world experience with academic rigour, having taught corporate governance at Georgetown University. In this exclusive interview with The Executive Magazine, he reveals how boards and executive teams can move beyond reactive crisis management to build proactive, values-driven organisations that thrive under regulatory scrutiny. His insights offer a roadmap for leaders seeking to transform compliance from a defensive necessity into a strategic advantage.
Throughout your career spanning both private and public sectors, what fundamental shifts have you observed in how boards approach compliance and risk management?
“Over the past 25 years, boards and governing bodies of public, private, for-profit and nonprofit organizations have increasingly prioritized compliance, business ethics and risk management. To ensure they are fulfilling their oversight responsibilities, they have adopted new governance models, invested in educational initiatives, embarked on periodic self-assessments and sought independent reviews of their protocols and operational efficacy. In the United States, the series of corporate scandals that led to the passage of the Sarbanes-Oxley Act collectively served as a catalyst for these developments.”
At Cigna Corporation, you served as global chief compliance officer for a company with 70,000 employees and approximately £160 billion in revenue. How did this experience shape your perspective on creating ethical frameworks that drive sustainable growth?
“I was fortunate to join Cigna when the company was accelerating its growth strategy as a leading global health company. Cigna is a value- and mission-driven organization; that is an optimal environment for building a compelling compliance and ethics program that focuses on sustainable success rather than perpetual crisis management. It was a fantastic professional opportunity, and I learned a great deal from my colleagues around the world. In a global organization, the ethical framework has to be clear, succinct and readily perceived as consequential. And it has to be grounded in the principles of integrity, individual accountability and transparency.”
The compliance landscape is evolving rapidly. Based on your experience with regulatory bodies, what changes do you anticipate will most significantly impact global corporations in the next 18-24 months?
“I expect the terrain to become increasingly complex and rigorous in the consumer, financial services, healthcare and technology sectors. Quite apart from the kinetic and increasingly polarized geopolitical environment, the pace of innovation in each of these segments of the global economy continues to accelerate at almost supersonic velocity, with unprecedented competition in the marketplace. New, unforeseen risks will arise, and ethical guardrails will be tested, domestically and internationally. It will be a fertile environment for robust regulatory oversight and enforcement proceedings.”
Your background includes work as a prosecutor and partner at global law firms like DLA Piper. How does this legal foundation inform your approach to corporate governance?
“Legal training and in-depth professional experience are invaluable in the field of corporate governance. A director or trustee’s core fiduciary duties are governed by common law as well as statutes and regulations. When advising a board or governing body, it is critical to understand all dimensions of its oversight responsibilities as well as the organization’s values, culture, strategic imperatives and business model. My work today as an advisor and board member is highly informed by all that I learned while serving as a general counsel and as outside counsel to boards and their committees.”
BRG emphasises the combination of academic credentials with business expertise. As someone who has taught corporate governance at Georgetown University, how do you harness this dual perspective when advising organisations facing compliance challenges?
“I feel strongly that our analyses have to be driven by the rigor of academia, while our advice has to be informed by industry experience and pragmatic judgment—in a word, reality. The paths and solutions that we propose have to be operationally feasible, fiscally viable, scalable and sustainable. Our clients deserve no less.”
You’ve mentioned that effective compliance teams rise above mere crisis management. How can C-suite executives champion this elevated approach within their organisations?
“It is critical that corporate leaders empower their compliance and ethics teams, providing them with a “seat at the table.” To create enterprise value, those professionals need to understand the key pillars of the growth strategy, potential barriers to success—both internal and external—and expectations of key stakeholders including customers, clients, regulators and enforcement authorities. Only then can a compliance and ethics team help construct the guardrails that will enable the business leaders to drive growth prudently.”
In your work, you’ve emphasised the concept of cultural stewardship—where values-driven leadership begins at board level and cascades throughout an organisation. What practical steps can boards and executive leadership take to ensure this cultural framework becomes embedded in daily operations rather than remaining an abstract concept?
“Establishing effective communication channels is mission-critical. The board must endorse and prioritize the organization’s compliance and ethics program, ensuring that it is properly designed and adequately resourced. The board should approve annually the code of conduct and business ethics, and it can be helpful to include in that document a communication from the board chair or a committee chair. Boards should also receive incisive reports on engagement survey findings as well as compliance and ethics concerns that have been lodged through a hotline or “open door” channels.
“For its part, the executive leadership team needs to define the organization’s ethical North Star, collaborate effectively and make clear that each employee plays a critical role in the company’s success. Every leader needs to accept joint responsibility for compliant behavior and ethical decision-making. Discussing timely challenges during team meetings and town halls can be invaluable, including examples of gaps that have been identified and addressed effectively.
“Perhaps most important, the leadership team is responsible for cultivating a work environment that embraces candor and a “speak up” culture that is free from fear of retaliation.”
At WellCare Health Plans, you navigated significant corporate challenges as Executive Vice Chairman. What specific lessons did you learn about maintaining trust with regulators and investors during these periods of corporate restructuring and transformation?
“Trust is earned through both words and conduct in the marketplace. Commitments and promises must be fulfilled, and it is essential to develop a keen understanding of the stakeholder’s perspective and, in the case of a government agency, its authority and responsibilities.
“Once lost, trust is not easily restored. It is an arduous process, and time is always of the essence.
“Vigilance and exceptional transparency are essential, and the path to credibility has to be paved one brick at a time. Situations often require vigorous and consistent enforcement of “zero tolerance” policies and recruitment of new talent.”
Your background suggests a unique perspective on the relationship between compliance teams and boards. How can C-suite executives develop more strategic partnerships with these teams to strengthen organisational resilience?
“The board’s oversight is certainly helpful because the direct dialogue with the chief compliance, ethics and risk officers underscores the importance of their roles and work. Ideally, they serve effectively as both partners and “sources of truth” for certain stakeholders, including the board. It can be helpful to have other senior leaders attend board committee meetings to deepen their understanding of those dynamics and the board’s key priorities.
“But high-performing leadership teams are not forged through participation in quarterly board meetings. The executives have to align around the organization’s strategy, embrace the core values and empower their teams, prioritizing and rewarding effective collaboration with the corporate functions and across the business units.”
Given your experience across healthcare, financial services, and legal sectors, what critical governance insights would you share with fellow established executives who are looking to elevate their organisation’s approach to compliance in today’s risk environment?
“Effective governance and oversight require engagement by every member of the senior leadership team. Establishing and actively supporting compliance and risk management committees, with appropriate memberships, is vital in building an effective program. Those committees serve as not only key controls but also important fora in which risks can be identified, assessed and prioritized for mitigation.
“Ensuring that challenges and concerns are promptly reported is imperative. It is equally important to ensure that concerns and matters are timely assessed and, as warranted, investigated and resolved in accordance with the organization’s protocols. Sometimes, this can require a “root-cause analysis” and adoption of a corrective action plan. The senior leadership team needs to oversee effectively all of these critical work streams.
“As the compliance and ethics—and risk management—programs mature, the leadership team needs to prioritize periodic assessments with a firm commitment to continuous improvement that considers evolving best business practices.”