Behavioral anti-corruption compliance and its limits
Previous posts here have suggested ways in which behavioral ethics research findings can enhance the practice of corporate compliance and so I was interested in a recent piece in the FCPA Blog about the potential for a behavioral ethics approach to anti-corruption compliance. “How fewer controls leads to more compliance” is authored by Prof. Dr. Johann Graf Larmbsdorff, who designed the Corruption Perceptions Index on behalf of Transparency International, oversaw its realization until 2008 and has published extensively in the field.
The post – which summarizes a recent paper of his – makes six points about undesirable consequences of a traditional controls-based approach to corruption prevention. Some I agree with, like the need for having compliance certifications executed in a more time-sensitive way. (Indeed, as noted in this recent post, such an approach can be helpful with risk areas beyond corruption). Others – e.g., “elimination of official discretion has counterproductive effects in development aid” – are outside my realm of knowledge/experience, but make intuitive sense.
Lambsdorff’s overall conclusion about controls is that they make “officials and employees … [be] seen as potentially corrupt actors, who must be rigorously controlled. Behavioral science points to the hidden costs of such methods. It provides us with impressive evidence that in most circumstances people are trustworthy and willing to take individual responsibility. Rather than adding more and more controls, we should allow people to use their discretionary power for preventing corruption.” I certainly agree with some of this, but not all.
To begin, the basic point that that more is not always better when it comes to compliance is, from my experience, clearly right. (See this post on the need for “Goldilocks compliance.”) Indeed, part of the advice I generally give clients is that they should continuously be reviewing their compliance program measures – anti-corruption and other – to make sure they aren’t engaging in overkill, which can be both inefficient and ultimately unsustainable.
But I am less certain about the behavioral science premise underlying Lambsdorff’s overall conclusion. According to his paper, laboratory experiments have shown that assuming a distrustful attitude toward individuals (which controls inherently do) causes those individuals to act in a less compliant/ethical manner. I have not read the research that he cites, but question whether anything done in a laboratory can sufficiently replicate the effect of the real-world conditions – particularly the pressures and risks, both of which can be extreme – that business people face when it comes to dealing with corruption.
Indeed, in my – concededly anecdotal – experience, many business people welcome controls, as controls can help minimize the prospect of going to prison for making a wrong decision or having one’s employer economically ruined based on a colleague’s malfeasance. (This is particularly true with risk areas involving complex, often non-obvious rules – such as corruption, and also competition law and export controls.) Viewed in this light, having anti-corruption controls is no more disrespectful than is going to a doctor for an annual checkup.
Moreover, one can argue that behavioral science supports the need for strong compliance controls, as it teaches us we are not as ethical as we think. (I.e., it shows that our “inner controls” may not be all that we believe them to be. ) A compliance program grounded in behavioral science should help employees appreciate this.
Finally, there is this important view, from long-time compliance practitioner and scholar (and, by way of disclosure, my co-author on a compliance treatise) Joe Murphy in the comments section to Lambsdorff’s post: “One of the points missed in some of the behavioral work is that these principles apply to averages. So certain techniques have ‘tendencies’ to reach certain results. ‘Most’ people will act a certain way. XX% will not steal if there are pictures of eyes looking at them. Trust and feeling good are really nice things to have. But relying on this alone misses the point that companies are responsible for all the acts of all their people all the time. Any companies with large numbers of employees need also to recognize that there will be sociopaths and psychopaths among those large numbers – bad actors, no matter what the culture may be. … As one of my friends has observed, ‘trust is not a control.’ …. The behaviorists’ insights are useful, but I still side with Lord Acton, who observed that power tends to corrupt and absolute power corrupts absolutely. I believe this is no less true in business than it has been in politics. Those with power in corporations need to be subject to checks and balances, in addition to any behavioral steps we may try.”
Or, as the old Russian proverb goes, Trust, but verify.