Hui Chen has had a long career as a compliance officer in multinational organizations. Now, fresh off a stint as the Compliance Counsel Expert at the United States Department of Justice, she wants to see ethics and compliance professionals take measurement seriously. She recently spoke with Ethisphere CEO Tim Erblich about the value of measurement.
Tim Erblich: Measurement matters, in terms of compliance and ethics. What does this mean to you?
Hui Chen: It means having the discipline and integrity to be precise in what we say, and to provide evidence for our claims. This is something I have advocated strongly since starting my role as the Compliance Counsel Expert at the Department of Justice and have become ever more convinced since then. In the ethics and compliance space, a lot of claims are made: “We have a robust compliance program,” “we have strong tone from the top,” “we have effective training,” etc. What do those adjectives mean? Where is the evidence that supports those claims? The rest of the business functions are setting Key Performance Indicators and measuring Returns on Investments. To gain credibility, ethics and compliance functions cannot continue to rely on vague adjectives.
TE: Adjectives can be pretty empty without a standard, or a target the company is trying to hit. What role do organizations like Ethisphere or regiments like ISO 37001 have to play in defining what is “good” in our space?
HC: In the beginning of the 19th century, the stethoscope was invented, and that allowed doctors to start taking blood pressures. That’s where I feel we are in measuring compliance: just starting. Until the practice of taking blood pressure became widespread, we didn’t have enough to data or established methodology to know what was good or bad blood pressure in a more precise way: what was a good pressure range for a 20-year-old versus an 80-year-old. Similarly, until everyone starts measuring using comparable methodologies, it will be premature to start defining what is “good” or “bad.” What organizations such Ethisphere and systems like ISO 37001 need to do is to explain the why and how of measurements and develop and standardize methodologies.
TE: What do you think companies ought to be trying harder to measure that they aren’t yet?
HC: Everything! The effectiveness of training, the impact of communications on behavior, the usage of whistleblower mechanisms, the level of stakeholder engagement and trust, the effectiveness of controls, and I can keep going.
TE: Who are some of your key influencers in terms of compliance and ethics in the notion that C&E should be measured like any other key performance metrics of a business?
HC: In terms of my personal appreciation for measurements, most of it comes from outside of the ethics and compliance space. I am a fan of the Freakonomics series of books by Steven Levitt and Stephen Dubner, and recommend them to all ethics and compliance professionals. I also have a sister who is a research psychologist, and we banter about research methodologies. I have searched for sound scientific and statistical studies in the ethics and compliance space, and have found that the vast majority of the studies and measurements have relied on self-reporting and often confuse correlation with causation.
They also suffer from unclear definition of terms and concepts. For example, when people say “good compliance leads to good business,” how do you define and measure “good compliance” and “good business”? Even some of the social scientists who engage in this space somehow seem to relax their research and statistical standards when they work in the corporate space. For example, I have seen sample reports compiled by consultants who are trained in social sciences draw conclusions about corporate cultures from a survey of 200-plus people. The report gives no indication if that is 200 out of 200,000 or 200 out of 300, or where are the respondents located functionally or geographically. This lack of scientific and statistical rigor appears unfortunately common in the ethics and compliance space.
I have, however, seen and been inspired by effective use of key performance metrics in the legal space. When I was at Microsoft in the 1990s doing anti-piracy work, Brad Smith was very focused on measuring the anti-piracy program: number of enforcement actions, number of hotline calls, incremental revenue contributions, etc. It was the first time I had seen such focus on measurement in the legal space, and it was helpful in both measuring our success and in advocating for our work. I have also seen effective use of measurements by ethics and compliance practitioners like Kurt Drake at Kimberly Clarke and Patrick McGowan at United Technologies.
TE: You just returned from Brazil and Europe. How has measurement played out with global companies and jurisdictions around the world? How does this relate to culture and transparency?
HC: My impression is that the notion of measuring ethics and compliance is even newer in those jurisdictions than it is in the US. My sense is that this has more to do with timing and phase than with culture and transparency. The development of ethics and compliance in ex-US jurisdictions are in their earlier phases, responding to recent scandals and enforcement interests. Many are in the nascent stages of their program, where their focus is getting the pieces in place and not on how they are going to measure it down the road. What I have tried to convey is that measurement is not something down the road, but should guide how programs are built. Really thinking through how you will measure success can help build programs that are better set up to deliver efficiency and results.
TE: For multinational companies operating all over the world, what additional data points should they be trying to measure that perhaps domestic companies don’t have to worry about?
HC: That would be highly dependent on their industries: an oil and gas company would need to focus on very different measurements than a financial services company, whether domestically or internationally. Their clienteles and business models will also highly influence measurements. The point I would emphasize is to be mindful of the cultural components of measurements. I learned very early on in my career, for example, that Americans tend to be more enthusiastic in our ratings (five out of five!) whereas most of the rest of world is more conservative (four out of five is very good, five out of five is almost never given). It may have something to do with the grade inflation in our schools!
TE: The highly successful Japanese management philosophy kaizen, or “continuous improvement,” featured prominently in manufacturing and quality discussions in the eighties and nineties. Are there parallels that come to mind with compliance?
HC: A couple of parallels come to mind. One is the Cockpit Resource Management (CRM) method of the aviation industry, which I discussed in my last article with Ethisphere Magazine in July. The other is the CompStat method in law enforcement that was pioneered with the New York City Transit Police then brought over to NYPD by William Bratton. It revolutionized law enforcement, and has now evolved into predictive analysis to drive more effective and preventative law enforcement. There appears to be interest in predictive analysis among some mature compliance programs in the US. My view is that a program need not be super developed or mature to make use of basic data for continuous improvement.
TE: You have taken a fairly public stance on issues of integrity with the current administration in the US. Nearly every day, we see CEOs of global businesses, from all industries, publicly speaking out on their corporate values. What’s your take on this?
HC: I believe a person’s value is not something that can or should be compartmentalized. I also believe ethical issues do not cease to be ethical issues just because the people involved happen to be elected. A huge part of being a leader is to lead by example. That means if you expect others to speak up when they see something wrong, you need to speak when you see something wrong. A business leader cannot credibly ask employees and business partners to act with integrity, respect people, stand up for values, and then pretend not to see failures of integrity, respect, and values at the highest level of the land. So to me it is not so much taking a public stance vs. a private one: it’s about being consistent in who you are and what you believe in.
About the Expert:
Hui Chen has served as compliance officer at Microsoft, Pfizer, and Standard Chartered Bank on location in Munich, Beijing, New York, and London, and conducted compliance training and investigations throughout the world. Until recently, she was the Compliance Counsel Expert at the United States Department of Justice’s Fraud Section.