Conflict of Interest Blog

A 25-year experiment in ethics and compliance

In his 2008 book Experiments in Ethics, Anthony Appiah made a strong and important case that behavioral science ideas and information should be used to address ethical challenges. But for me the most compelling ethics-related experiment of modern times comes from the realm of political – rather than behavioral – science: the experiment that began in 1991 with the advent of the Federal Sentencing Guidelines for Organizations and which continues to this day.

Although we have become accustomed to living in an “Age of Compliance,” the Guidelines were initially considered “developmental,” as the then Chair of the Sentencing Commission put it. The notion of government providing businesses with incentives for C&E programs and direction on how to make such programs effective was largely new and untested at the time. Of interesting historical note to behavioral ethics aficionados: before the Sentencing Commission chose its current C&E-program-based approach to preventing corporate crime it considered applying an “Optimal Penalties” strategy.  The Commission’s ultimate rejection of that approach – which was premised on a hyper-rational (“Chicago School”) view of how business crime occurs – in favor of one that promotes strong C&E programs can be seen as an early (albeit presumably intuitive) official endorsement of the behavioral science based view of human nature.

A quarter of a century later, it is fair to ask: has the Guidelines experiment been a success?

It would be hard to prove or disprove success using traditional tools of measurement, since the Guidelines are, of course, a policy interacting with a wide range of real-world factors in an uncontrolled way, not a true self-contained experiment. But if the results were not positive to a significant degree then it is hard to imagine that other governmental bodies – in the U.S. and increasingly around the world  – would have followed suit to the significant degree that they have. While “success breeds imitation” is not an iron-clad rule, it is a pretty good description of what happens much of the time including, I think, in this instance.

Another way to think about success here is to imagine a “counterfactual” world where C&E wasn’t as important as it has become under the Guidelines approach. Would we be better off with little or no sexual harassment training or protection of whistleblowers in corporations? Would we want to work for or do business with a company that made little or no effort to prevent its employees and agents from engaging in corruption, bid rigging or fraud? Indeed, one doesn’t have to strain one’s imagination to picture these counterfactual possibilities: they are the way things used to be before the Guidelines, at least in many companies.

Looking forward, while a compliance-based strategy to business crime prevention no longer faces a serious threat from the Optimal Penalties view of the world, one does hear what are occasional critiques of the C&E approach from a behavioral science perspective (which is somewhat ironic, given the above-described history). The argument goes that C&E programs – by treating employees with suspicion, and thereby making employees resentful – can actually spawn wrongdoing.

As described in an earlier post, this does not ring true to me, at least not insofar as it concerns serious offenses. Although there is no question that some companies engage in overkill with aspects of their C&E programs, employees should not (and I think do not) feel resentful that their employers try to help keep them safe from the risk of being sent to prison and having their careers destroyed. And even if there is some resentment, that is presumably a small price to pay for preventing serious harm to company, employees and others.

Finally, I am very aware that my musings are themselves not scientific, and hope that the next 25 years  scholars and practitioners will find ways of assessing the efficacy of the many different strategies and tools for having C&E programs. There is lots of room for improvement in this area – and experimentation. At least to me, that’s much of what makes the field exciting to be part of.

But as to the basic notion of C&E  itself – I think that’s here to stay, not so much as a matter of proof but of logic. On this point I give the last word to Joe Murphy – the visionary lawyer who (together with Jay Sigler of Rutgers) first wrote about what was ultimately to become the Guidelines approach: “For those who ask ‘does compliance work,’ my response is to ask them, ‘does management work?’ One question makes as much sense as the other. C&E is a management commitment to do the right thing and management steps to make that happen. If you do not use management steps to do something in an organization, how on earth do you do so?”


The role of the Board

How can a board of directors (or board committee) effectively oversee a C&E program without crossing the line into program management?

In my latest column in Compliance & Ethics Professional  (see page 2 of PDF) I suggest six C&E areas on which boards should focus – to meet their fiduciary duties and leverage their power to promote program efficacy.

I hope you find it useful.

The Behavioral Ethics and Compliance Index

While in the more than four years of its existence the COI Blog  has been devoted primarily to examining conflicts of interest it has also run more than fifty posts on what behavioral ethics might mean for corporate compliance and ethics programs. Below is an updated version of a topical  index to these latter posts.  Note that a) to keep this list to a reasonable length I’ve put each post under only one topic, but many in fact relate to multiple topics (particularly the risk assessment ones); and b) there is some overlap between various of the articles.  Also, on June 3 I’ll be speaking at a conference on behavioral ethics at NYU’s business school (see program agenda here) and will do a post summarizing compliance-related aspects of the program shortly thereafter. Finally, in 4Q 2016 I hope to flesh some of these ideas out into a Behavioral Ethics & Compliance Handbook.


Business ethics research for your whole company (with Jon Haidt)

– Overview of the need for behavioral ethics and compliance

– Behavioral C&E and its limits

– Behavioral compliance: the will and the way


Risk assessment

–  Too big for ethical failure?

– “Inner controls”

– Is the Road to Risk Paved with Good Intentions?

– Slippery slopes

– Senior managers

– Long-term relationships

– How does your compliance and ethics program deal with “conformity bias”? 

– Money and morals: Can behavioral ethics help “Mister Green” behave himself? 

– Risk assessment and “morality science”

 Advanced tone at the top

Communications and training

“Point of risk” compliance

–  Publishing annual C&E reports

– Behavioral ethics and just-in-time communications

– Values, culture and effective compliance communications

– Behavioral ethics teaching and training

– Moral intuitionism and ethics training

Positioning the C&E office

– What can be done about “framing” risks


– Behavioral Ethics and Management Accountability for Compliance and Ethics Failures

– Redrawing corporate fault lines using behavioral ethics

– The “inner voice” telling us that someone may be watching


– Include me out: whistle-blowing and a “larger loyalty”

Incentives/personnel measures

– Hiring, promotions and other personnel measures for ethical organizations

Board oversight of compliance

– Behavioral ethics and C-Suite behavior

– Behavioral ethics and compliance: what the board of directors should ask

Corporate culture

Is Wall Street a bad ethical neighborhood?

– Too close to the line: a convergence of culture, law and behavioral ethics

Values-based approach to C&E

– Values, structural compliance, behavioral ethics …and Dilbert

Appropriate responses to violations

– Exemplary ethical recoveries


Conflicts of interest/corruption

– Does disclosure really mitigate conflicts of interest?

– Disclosure and COIs (Part Two)

– Other people’s COI standards

– Gifts, entertainment and “soft-core” corruption

– The science of disclosure gets more interesting – and useful for C&E programs

– Gamblers, strippers, loss aversion and conflicts of interest

– COIs and “magical thinking”

– Inherent conflicts of interest

Insider trading

– Insider trading, behavioral ethics and effective “inner controls” 

– Insider trading, private corruption and behavioral ethics

Legal ethics

– Using behavioral ethics to reduce legal ethics risks


New proof that good ethics is good business

How ethically confident should we be?

– An ethical duty of open-mindedness?

– How many ways can behavioral ethics improve compliance?

– Meet “Homo Duplex” – a new ethics super-hero?

Behavioral ethics and reality-based law


A big step forward for compliance & ethics officers

A long time ago, I learned of a company at which – I was told – an individual had been hired into a compliance role precisely because he would be unlikely to notice (and thus stop) the crimes in which the company was engaged.  I could not then tell if this explanation – which seemed to be based more on informed speculation than hard fact –  was true. Still, years later the company and its executives were prosecuted but the compliance person was not – perhaps because the government concluded that he had in fact been in the dark. (Presumably this wouldn’t be featured on a resume, but it  beats going to prison.)

C&E programs are not machines that run by themselves.  It takes the involvement of many – and, on some level, all – employees to make a program truly effective. But in any company the quality of the C&E officer is central to the effort.  Oddly, however, this aspect of efficacy has historically not been part of the principal official definitions of an effective C&E program.

Last week, the Department of Justice issued a new pilot policy to encourage self-reporting of FCPA violations. Here is a link to the announcement.  Much will doubtless be written about the self-reporting aspects of the policy but for me of greatest interest is the definition of an effective C&E program.

While  containing various items that are typical for lists of this sort (such as compliance culture, risk assessment, auditing and discipline for violations) it also includes the following two elements that are now to be considered by the government in assessing C&E programs:

– The quality and experience of the compliance personnel such that they can understand and identify the transactions identified as posing a potential risk.

– How a company’s compliance personnel are compensated and promoted compared to other employees.

The inclusion of these items on this list is – to my mind – a big step forward for the C&E profession.

Of course, the ways in which they are assessed by the government in investigations remains to be seen – and note that the one about promotions will be hard to apply to small organizations.   But, as a general matter, placing these items on the assessment agenda should lead to companies having more top-notch programs by recruiting and retaining top-notch people.

A compliance biography – with a dash of early compliance history

I’m very happy to announce that Ethical Systems has chosen me as their featured collaborator for April.  Here is an interview in which, among other  I discuss with “Eth Sys” various research projects I’ve worked on (or am planning) and briefly look back at aspects of the C&E field’s early history.

I hope you enjoy it.

Like “Car Talk” for C&E

On April 12 at noon ECI will present a web cast in which Steve Priest and I answer questions – on ethical culture, effective programs and other topics – submitted in advance by attendees. We will follow the free-flowing (and at times edgy) approach taken in our recently issued e-book. And, the web cast will use an audience response voting mechanism, which we’ll deploy for bench-marking some of the questions among attendees.

The web cast is free to all.

More information about it (including a link for registering) and the e-book (which is also free) can be found here.

We hope you can attend.

Assessing compliance programs

On April 6 Rebecca Walker and I will be presenting a webinar for PLI on assessing C&E programs.

More information is available here.

We hope you can attend.

Does your risk assessment touch all the bases?

Virtually every company with a compliance program conducts risk assessments, but not every risk assessment does all that the government could be expecting of it.

In my latest column in Compliance & Ethics Professional  (page 2 of PDF) I examine what a lot of companies are missing on this key point.

The Ethics Exchange

I am very pleased (and proud) that the Ethics & Compliance Initiative has just published Ethics Exchange:  Conversations on Behavior, Ethics and Compliance – a series of dialogues I had with the great Steve Priest over the past two years.

In this e-book Steve and I examine a wide range of issues relevant to the E&C field, including the importance of a “behavioral” approach to E&C practice;  the different ways in which culture plays a part in E&C work; how to make programs truly effective – through, among other things,  E&C monitoring and risk assessments; and issues relating to E&C as a career choice.

The Ethics Exchange e-book is available for free download here.

Steve and I hope you enjoy it.

A useful and underutilized tool for enhancing tone at the top

In our latest Ethics Exchange for ECI, Steve Priest and I discuss C&E on-boarding for directors and executives.

We hope you enjoy the conversation.