The Compliance Conundrum

The development of the compliance and ethics field has been nothing short of phenomenal. Spurred on by popular opinion, regulatory and judicial fiat, and good common sense, the vast majority of large-scale US public companies have created a professional ethics and compliance mechanism that was virtually unheard of as little as a decade ago.

Compliance programs are now ubiquitous, with more checks and balances than ever before, so why has the wave of corporate scandals not abated?

Written by Charles M Elson and Craig K Ferrere

The development of the compliance and ethics field has been nothing short of phenomenal. Spurred on by popular opinion, regulatory and judicial fiat, and good common sense, the vast majority of large-scale US public companies have created a professional ethics and compliance mechanism that was virtually unheard of as little as a decade ago.

The rise of the Chief Compliance and Ethics Officer as a vital part of every company’s senior management team and the creation of a plethora of concomitant professional organizations and publications (including Ethisphere) dedicated to the area are a testament to the growing significance of this subject.

But all is not well in the compliance house. While the establishment of a compliance infrastructure is critically important to ensuring an ethical organization, our present approach to assuring compliance may, oddly enough, be working against maintaining the kind of ethical organization that all of us desire and the investing public demands.

The history of the formal ethics and compliance program dates to the 1970s, and the passage of the Foreign Corrupt Practices Act by Congress in 1977.1 In response to the Act’s requirements, a number of corporations, mainly in the defense industry, which was the situs of the bribery scandal that sparked the Act’s implementation, created the first general ethics and compliance programs to prevent violations of the Act, or at least reduce the governmental penalties involved where they occurred.

In the early 1990s, the federal courts, through the Federal Organizational Sentencing Guidelines, adopted the same approach and expanded compliance requirements beyond bribery to include any kind of illegal act; consequently, compliance programs multiplied dramatically in nature, scope, and industry.

Then, in 1996, the Delaware Court of Chancery in the now legendary Caremark ruling effectively mandated that all public companies establish some sort of compliance program so that directors may meet their “duty of good faith.”2 Thereafter, all companies were effectively required to establish compliance and ethics programs. This was the final governmental push that created what has now become a substantial compliance function throughout corporate America.

Ostensibly, this should have been a good thing. And, in many respects, it has been successful in raising pubic and corporate consciousness of the importance of ethical business practices. But, as the cavalcade of corporate scandals seems to continue unabated, we have to ask, why hasn’t our compliance culture done much to change this?

The answer is quite simple. Our focus on compliance is heavily form-based and responsive to the mandated legal compliance obligations created by the courts. Companies and their boards act to meet a legal standard to avoid liability for themselves rather than simply because good ethics make good sense. This is classic form-over-substance and has led to the creation of large-scale compliance bureaucracies that meet legal muster and protect directors. All would be well, however, if a vast compliance program alone would prevent misconduct. But, as we have painfully learned from the many corporate scandals post-Caremark (including Enron), complex compliance structures don’t necessarily prevent unethical conduct.

It really is all about culture. Companies with historically strong ethical cultures rarely find themselves in an ethics-based scandal. In such organizations, a pervasive ethical tone at the top, starting with the board and chief executive, permeates the ranks. Those who act problematically are not tolerated. Ethical direction does not emanate from the bottom of a culture and percolate up. It must start at the top and cascade downward. If the top is rank, the rest of the organization will be too. If the top is ethical, the rest will follow and those who don’t rarely stay.

One of us, as a director, has witnessed this on numerous occasions. While we believe that compliance structures are important, it is the tone of the organization directed by its leadership that ultimately saves the day. Even the best compliance structure cannot work if those at the top lack values. They subvert or simply ignore the warnings their compliance mechanisms send and ultimately they and the organizations fail. This is true at both for- and not-for-profit entities. Culture and tone matter.

How then should the board and investors approach this problem? Clearly an appropriate compliance structure must be in place. But the inspiration must be organizational, not legal. A compliant and ethical culture creates more motivated employees, better relations with customers and suppliers, and ultimately, greater shareholder value. Any formal structure that encourages such a culture is worthwhile, but the key is the insistence by the board and shareholders that ethics and integrity are key attributes of the organization’s leadership. They must insist that the CEO communicate continuously the values of an ethical culture throughout the organization, not only by personal example, but in management style as well. Those who show a lack of fundamental integrity must not remain with the organization regardless of how “valuable” they may seem. As the late Judge Elbert Tuttle once wrote, “…for what is a share of a man worth? If he does not contain the quality of integrity, he is worthless. If he does, he is priceless. The value is either nothing or it is infinite.”3

Additionally, the board must promote an ownership culture within the organization through broad-based equity ownership. If all have a stake in the company’s success, which an ethical gap threatens, the sort of employee vigilance that leads to a compliant culture will be fostered.

Finally, the board must be independent of management both in form and substance, and this independence must be highly visible to the entire organization. This makes it much more likely that, should a problem occur, a vigilant employee will feel the comfort level necessary to come to the board rather than silently allowing a managerial ethical lapse within the organization to become a cancer enveloping the entire corporation.

The past decade has been an amazing and exhilarating period for those of us involved in the ethics and compliance arena. But, to reach the ultimate goal of a more compliant and ethical business organization, we must look beyond the procedural and focus instead on the internal. Integrity and ethics are qualities that cannot be externally imposed, but must be an integral part of who we—and our organizations—are from within.

1 P.L. 95-213, Title I; 91 Stat. 1494 (1977).

2 698 A.2d 959, 2 EXC 21 (Del. Ch. 1996)

3 Elbert P. Tuttle, Heroism in War and Peace, 13 EMORY U.Q. 129, 138-39 (1957).

Subscribe to our bi-weekly newsletter Ethisphere Insights for the latest articles, episodes, and updates.

RELATED POSTS

Free Magazine Access!

Fill out the form below, and get access to our Magazine Library

Free Magazine Access!

Fill out the form below, and get access to our Magazine Library

%d