Episode 112 — Why compliance is your friend: Christof Layher
Everyone says they hate compliance. But what they actually hate is being told the truth at the worst possible moment.
The problem is not the regulation, though. It is the moment you involve the people who understand it. Too late, under pressure, with no room to course-correct.
And then look at the fact that 65 to 95% of digitization projects fail. The answer is not to run them faster. It is to slow down enough to get them right — and that starts with bringing the right people in before the damage is done. So we brought in an expert in that topic: Christof Layher.
Christof is a digitalization and compliance specialist with over 20 years of hands-on experience in the pharmaceutical and biotech industries, having worked with organizations including BioNTech and mid-sized pharma and biotech companies. He operates at the intersection of IT, quality assurance, and business operations — precisely where those functions most often work against each other rather than together. His focus is on bringing structure, decision-making clarity, and clean execution to highly regulated environments where the consequences of getting it wrong are real. No slide-deck transformations, no tool evangelism — just repeatable, field-tested approaches built for GxP realities that hold up both in daily operations and under audit.
Christof’s methodology follows a clear sequence: establish order first, then drive targeted change, and build organizations that don’t collapse every time something shifts. He describes himself not as an outside consultant but as someone who works shoulder-to-shoulder with teams as a structural partner. He also hosts the ChaosHacker podcast, where he speaks openly about what actually goes wrong in digital transformation — and why common sense frequently outperforms any framework. His goal is straightforward: to set up digital initiatives so that people can make calm, confident decisions even when things get turbulent.
In this episode of the podcast, we talk about:
- Compliance is the messenger, not the cause. Like a doctor pointing out a broken leg you’ve been walking on, compliance teams surface uncomfortable truths that organizations already sense but choose not to address.
- Non-compliance is rarely intentional. In roughly 95% of cases, organizations fail compliance not by design but through blind spots, ingrained habits, and the bias that “it’s been working fine.”
- The “superhero fixer” problem masks systemic risk. When individuals compensate for broken processes to keep things running, the underlying issue becomes invisible — until it isn’t. Resilience can be a crutch.
- Compliance is sometimes weaponized to block change. People who don’t know how to handle new initiatives — or simply don’t want to — hide behind regulatory language rather than engaging honestly.
- Gold-plating regulations create the real slowdown. Rules often require one signature; companies implement ten. The organizational waste comes from over-interpretation, not the regulation itself.
- Shift left — bring compliance in early. The cost to fix issues compounds with every project milestone. Involving compliance at the requirements stage costs far less than presenting them a finished product that fails the checklist.
- Compliance is a competitive advantage, not just a checkpoint. Used as an indicator of where your processes diverge from reality, it becomes a continuous improvement engine — improving service delivery, reliability, and customer experience.
- Slow is smooth, and smooth is fast. With 65–95% of digitization projects failing (per McKinsey), the answer is not more failed projects delivered faster. Taking time upfront — including for compliance — produces better outcomes.
- Process owners must own compliance — not just the compliance team. Pharmaceutical law frames it clearly: the person who operates a process is responsible for running it compliantly. That shift in ownership changes everything about how people engage with the rules.
- Trust must be given before it can be earned. Leaders who model psychological safety — where failure is a shared learning, not a personal liability — unlock the early, honest conversations that prevent compliance crises.
- One bad actor spoils the basket. Building a culture of integrity requires leaders to live it visibly — and to remove those who exploit openness — regardless of their level in the organization.
Check out Christof’s LinkedIn here and his podcast here!
Please reach out to us by either sending an email to hello@whatsyourbaseline.com or signing up for our newsletter and reading articles about process and architecture on our Substack… Go and subscribe at whatsyourbaseline.substack.com.
And if you like to support “the little podcast that could,” become a Patron at https://www.patreon.com/c/whatsyourbaseline. We appreciate you!
Additional information
- This is the episode that we referred to when we discussed “Shift Left”: https://www.whatsyourbaseline.com/blog/2021/09/28/episode-6-scaled-agile-and-architecture/
- And here is the episode where Roland was the guest on Christof’s podcast: https://www.youtube.com/watch?v=mlngmBu_Ov8&list=PLWEgWjdgXspbaLzdlZDACPd1eBLDfE4DQ&index=2
- And here is the swing cartoon. Enjoy!
Credits
Music by Jeremy Voltz, www.jeremyvoltzmusic.com
Roland Woldt has spent nearly 30 years helping organizations cut through complexity — transforming how they think about their architecture, processes, and strategy. A former officer in the German Armed Forces, he has held executive and leadership roles at Accenture, Software AG/IDS Scheer, KPMG, and iGrafx, leading engagements across the full project lifecycle from solution design to rollout.
Roland is the author of Successful Architecture Implementation and Successful Process Mining Projects, and co-hosts the podcast What’s Your Baseline?, where he demystifies Enterprise Architecture and BPM for practitioners worldwide. Learn more at woldt.de.
