A Scorecard Approach to Improve Compliance and Ethics Across the Enterprise

At Flex, one of the world’s foremost global electronics manufacturing, services, and original design manufacturers, EVP and General Counsel Scott Offer has led the recent implementation of an innovative, data-backed integrated compliance scorecard program to improve compliance and ethics across all 100 Flex sites globally. In this exclusive interview, Scott discusses how the Flex scorecard took shape and the impact it has had on the organization.

 

At times, ethics can be vague and hard to quantify. Can you share why you turned to data for your scorecard project?

Scott Offer: We have 160,000 employees spread over 100 sites and 30 countries, so we have an enormous amount of data already coming through many feeds. The challenge we had was that the data was siloed between the different feeds, from ethics line reporting to fraud risk assessment to employee engagement score. The data was there and was measured in all sorts of ways, but we felt it was not being used appropriately or collated together. The manager was not getting a look at that data as a whole, so they couldn’t be responsible for it because in some cases, they didn’t even know about it.

Where this came to life for me was with our quarterly employee engagement questionnaire. One of the questions was, “Does my manager live and breathe the values of the company?” We got a very good score across 600 people in my group but I dug in and asked if there was a good score everywhere. We found by digging in a couple of layers there were some pockets of red. We were able to map out those individuals and groups and discover what was going on. That got me thinking about what other pockets of red—or green, for that matter—were out there that are hidden, and could we bring them together in a cohesive way so that managers would be able to track and trace them.

Once you do that, the big question is, how do you change behavior? We studied how to change behavior using data in a competitive way. There are several reviews that show that people like to compete with each other; I saw one about using utilities. It’s really hard to stop people from using gas electricity even if you pay them to do so, but if you show them, a competitive score against their neighbor in a building, they will change their behavior. Data gives you some enthusiasm to compete through nudges and social comparison. So that was what we are trying to do with this data. Not just collect it, but also create the visibility and transparency to affect change.

Your data-backed integrated ethics complaint scorecard is a big part of your overall program. Could you talk about what we’re into its design and implementation? Now that it’s up and running, do you envision there being a version 2.0 of it anytime soon?

Scott Offer: I think it will continue to evolve. What we did first was identify which data could we grab quickly, and that was ethics line data. We did all sorts of splits on it: anonymous and not anonymous; levels one, two, and three; breaking down the seriousness of the allegation so you know whether it’s fraud, or some other kind of misconduct. This was a rich data set, and by the way, even though you ultimately want to drive down the number of bad things that are happening, its really important that you encourage reporting through this.

But then, if you add to that those other things I mentioned earlier—about quarterly questionnaires about do we live our values, do we say what we’re going to do, does my manager respect me, etc.—then our internal audit team can do a lot of work with fraud risk perception.

The HR team has their standards, too, and we are now integrating our scorecard with the rewards system, so you are not going to get bonuses if you behave badly. But this has just started. We’re piloting it, and we present regularly to different constituents, and I envisage it will evolve over time.

To me, the Holy Grail would be if you could come up with three things you measure that give you a high statistical correlation to bad or good activity. That’s going to be the question: do you get better data if you have a really broad look across data sets, or are there two or three things that correlate heavily to a well-managed organization in this in this area?

You’ve been incorporating AI into your programs better anticipate potential issues, but has this created any extra communications challenges for you? People often make assumptions about what AI can and cannot do that may not be exactly accurate.

Scott Offer: Our CEO, Revathi Advaithi, is a huge proponent of [AI], as is the Board and the Audit Committee. Once we got this scorecard up and running for the top 50 sites, she said that it was interesting but a little static…could we get to a point where we could be predictive? That is a hypothesis we are testing. The challenge is knowing what the key patterns are for the AI tools to recognize.

For example, we have two countries which have very distinct issues. One was an issue with sexual harassment. It looked like it was a country issue, but when we peeled the first layer of data away, it was actually a site issue, and we have several sites in that country. When you peel it further, it was actually a building issue. And then, if you peel it further, it becomes maybe a shift issue or a manager issue. And then it was also people who are under pressure to deliver on particular lines. So you might have a bad actor or a non-trained actor who thinks it’s appropriate to do certain things. But it has an impact on a larger group. We’ve seen that as we’ve increased training, we see more reports, which is good. That means that people are aware. But we’ve also seen the behavior change from less manager-on-peer activity to more peer-on-peer activity. Once we get more behavior statistics to put into the system, we may be able to predict what might happen over time.

In another area, in another country, we have a high incidence of supply chain petty fraud, like self dealing, dealing with a supplier who is a relative, using a limo company that belongs to somebody you know, etc., I think that one correlates more heavily with the Transparency International-type risk perception indices for general, ambient levels of corruption, and so maybe it reflects society more. We’ll be able to build some of these assumptions into the AI tool and maybe have a different way of looking at certain countries or plants. It’s very interesting because we don’t know yet. We’re just developing it. But over time, I think there will be indicia of corruption or bad behavior that will become clear indicators of bad behavior.

Is there a limit to how far data and data analytics can drive the effectiveness of a truly great ethics and compliance program? Or are we just sort of scratching the surface of what the potential really is?

Scott Offer: If you look at where these programs have come from job during my career, you start by having compliance groups being the thin blue line and the policing function, and your legal departments, finance departments and others have an important key foundational control function. But we’re 160,000 people, and maybe less than two percent of that group is actual compliance monitoring and policing. So how do you move the responsibility into the organization? You make the data and the tools compelling, interesting, transparent, and instill a level of competition. That’s one piece of it.

Another piece is relying on management all the way through the organization. Every time our CEO visits a site, she wants to see their ethics compliance scorecard data. She encourages people to identify where they’re not doing so well, and that is spreading down through the organization. Recently, we had an executive team meeting and the head of operations, who has about 150,000 people report to him, said he wants all of his town halls for all of his sub managers to include ethics compliance scorecard data.

So I think we’ve done really well with tone from the top, from the Board to the CEO to the executive team. That’s super important. And I think we’ve got a good tone at the bottom; people want to do the right thing. In the middle, we’ve got store managers that maybe don’t quite get it yet or aren’t convinced. We’re constantly in this in this battle where we need managers to be more aggressive in meeting their financial targets. But it’s not a binary thing; we also need to send equal messaging that they can’t cut corners to get there. I hope finding that balance makes us more intelligent at this.

Have you encountered any resistance or skepticism to your data driven ethics and compliance approach, and, if so, how have you addressed it to get a wider buy-in across the enterprise?

Scott Offer: The first skepticism we had was from our senior leaders as to whether we could actually do it: How long is it going to take? How many resources will be involved in this? We’ve overcome that.

We had some skepticism from the lawyers, frankly, who didn’t want to do this. If someone gives you your scorecard and you’re being told about things you are not aware of, and you get a bad score—I’ve had it done to me, and it’s not it’s not necessarily pleasant—you have to be persuaded that it’s in your interest to own it. Then you’ve got to negotiate an action plan with the ethics specialist who’s reviewing it. A lot of lawyers didn’t want to do that. They were more comfortable proclaiming and passing judgement, and I didn’t want that. So that was something we had to get through.

With any change like this you’ll have some pockets of resistance. At one site, there was a bit of denial about data we had gathered around how our female employees felt about coming to work. Our CEO said, “Look, I’m female, I’ve got daughters and sisters and I want you to have this place so that you’d feel proud with your daughter or your sister coming here and working on that line, even on the third shift in the middle of night. I want them to feel safe and that they can grow here. That’s what we need, and that’s why we’re doing this.” That broke through.

Where we’ve had people who are more hard-nosed about it and difficult to break through, especially if they’ve got issues, we’ve required them to come in and explain themselves to the CEO. We’ve also had them present to the audit committee, because nothing makes people pay attention more than having to appear in front of the board, especially when the audit committee is seeing a persistent thing like a country or a site that always has more theft issues or management misconduct. The last time we did that, the senior manager said, “What do you want me to say?” and we replied, “No, what are you going to say.” It gets back to making sure that people understand they have a P&L to run. They have a budget to run. No one argues with that. But now they have this to run as well, and this is as important as those budgets.

How has your scorecard help to drive a top down approach for ethics and compliance at Flex?

Scott Offer: It’s helped drive top-down simply because the CEO likes to see the scorecards and the board asks to see the metadata and for us to pull out trends. We’ve been doing that for a few years, and as the Board gets more familiar with that, they’ll be able to tell you what they think will be other hot topics by region or by site.

The next thing is going to be building it into performance reviews. We’ve established new values that include “always doing the right thing,” so everybody will get feedback from their employees and from their manager on whether they are doing that?

I don’t mean to suggest that this scorecard is a substitute for good control tools and systems that are automated where possible, so you have failsafes. For example, if you can have automatic screening of products without any human intervention, so it’s not relying upon manual work, then that that’s a lot safer. This scorecard is no substitute for that. What the scorecard will be able to show you, however, is if there are any breaches from that. That would show up at a site, and then you can go and address it.

Some might think that what you’re doing with the scorecard program is perhaps outside the scope of the legal department. Can you talk about the evolving role of your department? Is ethics and compliance everyone’s responsibility?

Scott Offer: This is a really fascinating topic that lends itself to quite a lot of philosophical discussion. On one hand, you could say that as a control function, lawyers should be compensated based on salary and bonus, rather than the company’s performance, to prevent a conflict of interest. On the other hand, you could say—which I believe—is if you’re fully integrated into the business, you have a much better ability to influence behavior and change the culture.

As a legal function, we always want that underpinning of the control function, but we’ve progressed through various stages of development. But I think our legal department is being charged with being more than just a control function. We’ve gone from trusted specialists—which is mainly individual, siloed contributors—to trusted advisors brought in on executive staff teams, people who are co responsible for outcomes. If you take an ethics or compliance breach, the responsibility for that now is shared. That is a very different standard.

 

About the Expert
Scott Offer is EVP and General Counsel at Flex, one of the world’s foremost global electronics manufacturing, services, and original design manufacturers. Scott leads Flex’s legal function which includes government relations, corporate governance, brand protection and security intellectual property, contracts, litigation, and ethics and compliance. He is also responsible for Flex’s marketing, communications, and sustainability organization.

Subscribe to our bi-weekly newsletter Ethisphere Insights for the latest articles, episodes, and updates.

RELATED POSTS

Free Magazine Access!

Fill out the form below, and get access to our Magazine Library

Free Magazine Access!

Fill out the form below, and get access to our Magazine Library

%d