Conflict of Interest Blog

Moot compliance court for corporate directors?

In their paper, “Short-Changing Compliance,”  John Armour (University of Oxford), Jeffrey N. Gordon (Columbia Law School), Geeyoung Min (Columbia Law School), argue: “Corporate compliance programs play a central role in society’s current response. Prosecutors give firms incentives—through discounts to penalties—to implement compliance programs guiding and monitoring employees’ behavior. However, focusing on the incentives of firms overlooks the perspective of managers, who decide how much firms invest in compliance.” They further note: “stock-based pay, ubiquitous for corporate executives, creates systematic incentives to short-change compliance. Compliance is a long-term investment for firms, whereas managers’ time-horizon is truncated at the date they expect to liquidate stock. Moreover, investors find it hard to value compliance programs, because firms routinely disclose little or nothing about their compliance activities.” Also, “stock-compensated managers prefer not to disclose compliance, because it can reveal private information about a firm’s propensity to misconduct: the greater a firm’s misconduct risk, the more valuable to it is an investment in compliance. As a result, both managers and markets are likely myopic about compliance.”

To remedy all of this they “propose more assertive directors’ liability for compliance failures,…” but which would avoid incenting directors to overinvest in compliance.

I agree that the prospect of director liability for compliance failures under existing law is weak, as described in this recent post.. However, I don’t see the political will among shareholders, courts or legislatures to change that.

But should it come to pass, the next issue would be how the standard would be applied. In this regard, the authors propose: “[I]f the firm resolves a compliance enforcement action, criminal or civil, through payment of a fine or accepting some other sanction, an appropriate board committee, perhaps the governance committee, should trigger an ‘accountability proceeding.’ This proceeding could be presided over by a panel of compliance and industry experts, perhaps three, who would conduct an internal investigation that would (i) evaluate the compliance system within the firm as well as the particulars of the compliance failure, (ii) assess the extent of directors’ responsibility, and (iii) determine the appropriate clawback of the accumulated stock of responsible former and current directors.”

Indeed,  one might – as part of board compliance program governance –  deploy a “moot court” accountability proceeding to help directors avoid ever having to face the “real deal.” I suggest this because much of the underlying logic of compliance programs is based on the realization that merely threatening punishment is not enough to prevent wrongdoing. And just as employees need training in various compliance areas for that threat to be meaningful, so directors should be periodically reminded about the risks they face.

As noted above, the heightened standard of board liability for compliance failures proposed by the authors is a long way from coming to pass. But, even under the current, relatively lax standards, the “moot court” idea might be worth trying, as it would undoubtedly cause some directors to focus on compliance more than they currently do.

For an earlier post on compliance incentives and managers click here.

Imagine the real

 

An early post on this blog noted that among the more interesting phenomena of behavioral ethics was the impact that knowing or not knowing a party could have on how one treated that party.

A set of circumstances that is relatively likely to lead to an ethical shortfall is where we do not know who will be impacted by a contemplated act.   As described in this paper by Deborah A. Small and George Loewenstein,  in one study “subjects were more willing to compensate others who lost money when the losers had already been determined than when they were about to be” and in another “people contributed more to a charity when their contributions would benefit a family that had already been selected from a list than when told that the family would be selected from the same list.”   Beyond their direct application to the area of charitable giving, these findings may be relevant to a broader range of ethics issues, and, for instance, could help explain the relative ease with which so many individuals engage in offenses where the victims are not identifiable.  

One example of this is insider trading – a crime which, although widely known to be wrong, seems utterly pervasive (based, among other things, on the extent of trading in securities right before public disclosure of market moving events).  A behavioral ethics perspective suggests that (at least part of) the reason for this “inner controls” failure is that the victims of insider trading are essentially anonymous market participants. 

Another offense of this sort is government contracting fraud (where the victims tend to be everyone),  and indeed Ben Franklin famously described the risks of an ethics shortfall here as well as anyone could: “There is no kind of dishonesty into which otherwise good people more easily and more frequently fall than that of defrauding the government.”   Understanding why “otherwise good people” do bad things is much of what behavioral ethics is about.

But what about COIs? The picture there is mixed, as some COIs do involve identifiable victims – such as the job applicant who does not get hired because the position was filled by the boss’s son. Similarly, an organization might suffer identifiable harm when its procurement process is corrupted by a COI – e.g., paying too much or getting too little.

However, with other sorts of COIs the harm is less apparent. It is the damage to trust in key relationships.

For this reason, organizations might consider including the following question in their COI resolution protocols: “How likely would it be at that the COI would diminish the trust that stakeholders (shareholders, employees, customers, business partners, suppliers or regulators) would have in the Company or otherwise adversely impact the Company’s reputation?”

Of course, this thought experiment works only if you truly try to put yourself in the shoes of one of these parties. Or, to use the memorable words (albeit from  another setting) of philosopher Martin Buber: “Imagine the real.”

The parade of horribles

My latest column in Compliance & Ethics Professional (page 3 of PDF).

I hope you enjoy it.

A free SCCE podcast on conflicts of interest

 I hope you find it useful

Webinar on C&E program assessment

On September 28, Rebecca Walker and I will be leading a Practising Law Institute One-Hour Briefing on assessing  compliance & ethics programs.

More information on the webinar can be found here.

We hope you can join us.

Our fiduciary future?

There is, of course, no one body of law governing all conflict-of-interest issues. But the law regarding fiduciary duty comes closer to doing so than does any other body of law.

In “The Rise of Fiduciary Law,” recently posted on the Harvard Law School Forum on Corporate Governance and Financial Regulation, Professor Tamar Frankel of Boston University School of Law notes: Fiduciary rules appear in family law, surrogate decision-making, laws of agency, employment, pensions, remedies, banking, financial institutions, corporations, charities, not for profit organizations, medical services and international law. Fiduciary concepts guide areas of knowledge: economics, psychology; moral norms; and pluralism. Fiduciary law was recognized in Roman law and the British common law. It was embedded decades ago in religious Jewish, Christian, and Islamic laws. Internationally, fiduciary law appears in European, Chinese, Japanese and Indian laws.

Frankel traces the growth of fiduciary expectations to the increasing need in modern societies to share expertise while minimizing the risks that can arise from such sharing. Power can be used to benefit or harm. The recipients’ inability to check the experts’ power and services quality can result in suspicion and withdrawal from the expert. This result conflicts with society’s interests. After all, the financial, health, legal and education systems, to name a few, are built on offer and exchange of expertise. In response, fiduciary law establishes duty of care ensuring expert services and duty of loyalty prohibiting conflicting interests which undermine trust. Fiduciary law can entice and protect those who need expert services to rely and trust their experts. The lower the ability to check the experts’ expertise and honesty, the higher the fiduciary duty of experts and their punishment for abuse will be.

Looking forward, Frankel notes: The impact of fiduciary law is likely to rise. Fiduciary law issues are expanding. Inequality of knowledge and expertise exist and is likely to continue, depending on the degree to which those who rely on the experts can trust the experts, and the degree to which society benefits from this degree of trusting by expanding and exchanging knowledge and helpful services to its members….Regardless of whether they are enforced by law, by social rules, or by cultural pressures, fiduciary rules are a condition to the long-term well-being of a human society.

(For an earlier post on the many harms that can come from a COI-based lack of trust click here.)

For legislators, enforcement personnel and business leaders the lesson of this analysis is clear: fiduciary standards should be strongly defined and enforced. But what is the take-away for the fiduciaries themselves?

Frankel notes, in this regard: Fiduciary law should be based on one guiding test by a party that offers trusted fiduciary expert: “Would I, the trusted person, like to be treated the way I treat those who trust me?

I understand and partly agree with this proposal, but also worry – based on behavioral ethics research showing that people often underestimate the impact on them of others’ wrongdoing – that it might not produce the desired result enough of the time.  So, my friendly amendment is to put this suggested question into a third-party framework: Would the proposed action if taken by people generally tend to reduce trust generally in the context at issue?  (E.g., would non-disclosure of a payment by a pharmaceutical manufacturer to a doctor tend to reduce  the  trust of patients in their doctors generally.)

Just to be clear, I am not advocating a rewrite of the Golden Rule. I  am just suggesting that it can be easier to recognize vulnerabilities in others – i.e., people generally – than in ourselves, and this might be relevant to designing a guiding principle for fiduciaries.

 

Conflict of interest self assessments

C&E program assessments sometimes have a general scope and sometimes are focused on a single substantive risk area – such as corruption or competition law. For some companies it makes sense to do such a targeted assessment for conflicts of interests – particularly those responding to a significant COI violation or “near miss.”

The scope and approach of such assessments for any given company at any given time should vary based on a variety of circumstances. Hopefully, however, the following questions/comments can be helpful to some organizations seeking to determine whether/how to go down this road.

Risk Assessment. Has the company assessed COI risk? If so, has it used the results of the assessment(s) in designing and implementing other aspects of the COI program?

Governance. Have the respective COI oversight roles of the board of directors and senior management been formalized? Do they receive appropriate reports of COI program activity? Are there sufficient escalation provisions regarding COIs?

Culture. Are COI rules followed or are there double standards? What is the sense of “organizational justice” vis a vis COIs?

Policies. Presumably nearly every business organization has a COI provision in its code of conduct – but there are also many that need but do not have a standalone policy as well.

Procedures. Are disclosure procedures clear, easy to use and well known? Do those tasked with reviewing COIs have sufficient knowledge and independence for the job?

Training/other communication. Is there enough training given relevant COI risks (which tend to be high for senior managers/board members and in certain functions). Is training reinforced through other communications?

Auditing and monitoring. Is the COI disclosure practice audited? Same question for monitoring (of conditionally approved COIs)..

Responding to allegations/request for guidance. Do employees feel comfortable seeking guidance on possible COIs? Are investigations truly independent? Are violations of the COI policy treated with sufficient seriousness? Does the company conduct a “lessons learned” analysis of significant COI failures?

Of course, there is much more that could be included in a COI self-assessment (and I encourage you to browse the blog for ideas in this regard). But hopefully the above will be a useful foundation for starting.

 

 

Assessing compliance incentives

The latest from the Compliance Program Assessment Blog.

Rebecca Walker and I hope you find it useful.

Disclosure’s two-edged sword

Several prior posts reviewed the findings of various studies which raised questions about the efficacy of disclosure as a COI mitigant, including that:

Disclosure can “morally license” the conflicted party to act in a COI-based way.

– Individuals impacted by the COI may not fully understand/be aware of what is being disclosed.

– A “reverse conflict of interest” could occur, meaning that an individual dealing with the conflicted party could overcompensate for it.

“Disclosure can place inappropriate pressure on the audience to heed the advice — for example, in order to avoid insinuating that the [disclosing party’s] advice has been corrupted.”

A study recently authored by Sunita Sah of the Samuel Curtis Johnson Graduate School of Management of Cornell University; and Prashant Malaviya and Debora Thompson, both of the McDonough School of Business, Georgetown University  — “Conflict of Interest Disclosure as an Expertise Cue: Differential Effects Due to Automatic Versus Deliberative Processing,” which  was published in July in Organizational Behavior and Human Decision Processes — adds to this intriguing body of knowledge.

As described in a recent issue of the Cornell Chronicle, “the researchers examined two years of posts in 60 influential fashion and beauty blogs. Fewer than 350 of more than 150,000 posts contained disclosures [itself a troubling number]; but the higher the rate of disclosures, the more positive the reader comments. The researchers then did a series of experiments comparing participants’ reactions after reading blog posts with and without various types of disclosures. Study participants who read a blog post about apartment decorating were more likely to share the post if they read the version with a conflict of interest disclosure,…”

As noted by the authors, the reason COI disclosures have this positive effect is that they act “as a heuristic cue [i.e., a mental short cut] to infer greater trust in the blogger’s expertise and consequently greater persuasion.” Looking forward, however, as “COI disclosures become more pervasive, the heuristic effect of COI disclosure might disappear over time.” But until that day comes, C&E professionals need to make sure —  in reviewing COI disclosures and designing mitigation plans —  not to be unduly affected by the fact of disclosure itself.

Indeed, this study might be worth mentioning  in training managers.  That is, the message that COI disclosure could actually be good for business — which seems a fair reading of the results — could be a persuasive (albeit novel) way of encouraging disclosures.

(There is much more to this paper than what I have touched on above, and I encourage you to read the original.)

 

 

How to assess compliance investigations

The latest post by Rebecca Walker and me in the Compliance Program Assessment Blog.

We hope you find it useful.