As the role of the E & C professional has grown and regulators have become more demanding, budgets, staffing and investment haven’t necessarily kept pace. Thus, the question of what are the “must haves” that drive program effectiveness and without which programs fail has become even more important to E & C professionals facing limited resources.
Combining our expertise as two former Chief Ethics and Compliance Officers and practitioners, our joint research and experience points to five areas that can act as catalysts, driving ethical culture and principled behavior and transforming a less impactful program into a more effective one. See our white paper on this topic for an in-depth discussion. With that in mind, here are our top five priority action areas that underpin ethics and compliance program effectiveness and advice on how to implement them:
- Managers Must Practice What They Preach
If employees see their managers modeling behaviors and following the rules, there is a good chance the employees will do the same. The converse is also true: if a manager engages in unethical behavior himself or herself, it legitimizes misconduct in their teams. The bottom line is that ethics and compliance messages are only effective when they are incorporated into the actions of the company and its management at all levels.
Since many managers are not familiar or necessarily comfortable with ethics and compliance topics, practical training to provide them with the resources they need and incentives to do so as part of performance management are good initiatives to pursue. LRN’s 2019 Program Effectiveness Report showed a significant increase in the use of ethical behavior criteria: 28% more respondents said it mattered in performance reviews in 2019 versus 2018, and almost three times more said it figured prominently in bonus allocations year over year.
- Organizational Justice
Employee perceptions that the company is “fair” in allocating both rewards and sanctions is both a foundation and driver of ethical culture. Failure by an organization to hold everyone to the same standards undermines program effectiveness. A good first step is developing and embracing transparent and clear standards for determining workplace rewards and sanctions, and including formal audits or assessments in these areas – with transparent results – to verify that organizational justice is taken seriously and working as intended (or warrants refinement). A second is an open approach to investigations and disciplinary actions. Simple measures such as a disciplinary matrix to identify how compliance breaches will be evaluated, an outline of investigative process to identify the steps taken when a concern is lodged and sanitized summaries of significant investigation results can build trust in the organization’s processes.
- Speaking Up and Listening Up
One behavioral ethics study distilled 45 potential predictors of misconduct to five factors that strongly predict the frequency of misconduct in an organization. At the top of the final five was lack of a speak up/listen up culture. Investing in this area should be a priority, including offering and advertising multiple channels of reporting, such as email, messaging, internet drop-boxes, external compliance committees or ombudsmen. Training managers how to listen to employee concerns and providing a means of intake and resolution for such employee feedback can capture critical data and identify problems before they metastasize. Utilizing surveys creatively to capture feedback on investigations, at the end of training modules or more generally can go a long way to promoting speaking up in the normal course of business and facilitates more robust data collection.
- Simplify and Operationalize
Many company policies can be described as a kitchen sink filled with every conceivable legal requirement and caveat (sometimes taken verbatim from statutes and regulations) in dense, formal language. Procedures to comply with policies can resemble mazes that the employee must navigate to obtain advice and/or approval. Policies and procedures that are simple, straightforward, and easy to understand are more likely to be understood and followed. By the same token, policies and procedures should be highly accessible and convenient, something DOJ recognizes in its revised guidance. A one sentence invitation that pops up on the mobile phone of an employee landing in China and invites them to click on the relevant gift and entertainment rules is more likely to be heeded than a five-page policy on the legal website.
- Localize Your Program (But Not Your Values)
Staying focused and uncompromising when it comes to fundamental values such as integrity, respect and transparency is essential no matter where an organization operates. But soliciting input, creativity and participation from employees and their community can better identify local risks and design strategies to mitigate them. Input from local employees that describes the fraud schemes that arise in that geography, and which government agencies or officials can pose the greatest complications or risks better prepares employees to deal with challenges. Inviting local speakers to help deliver training or compliance messages can build relationships as well as enhance impact. Global subscription databases in complex jurisdictions may not capture key risks with respect to suppliers or other third parties, but online domestic resources – such as national tax identification numbers, or litigation databases – can be more useful.
Too many E & C programs still spend most of their resources and efforts on rules and checklists, the “skeleton” that outlines the program’s structure and components. By focusing on elevating manager behavior, implementing organizational justice and speaking up/listening up, an organization can establish and enhance an ethical culture, the “heart” of any effective E & C program. Going further by simplifying, operationalizing and localizing the program puts it in “the bloodstream,” making it part of how the organization makes decisions and operates.
About the Author:
Susan Divers is a senior advisor with LRN Corporation. In that capacity, Ms. Divers brings her 30+ years’ accomplishments and experience in the ethics and compliance area to LRN partners and colleagues. Prior to joining LRN, Mrs. Divers served as AECOM’s Assistant General for Global Ethics & Compliance and Chief Ethics & Compliance Officer. Under her leadership, AECOM’s ethics and compliance program garnered six external awards in recognition of its effectiveness and Mrs. Divers’ thought leadership in the ethics field.
Jonathan Drimmer is a partner at Paul Hastings LLP and is the former Chief Compliance Officer and Deputy General Counsel at Barrick Gold Corp.