Conflict of Interest Blog

Compliance risk – and mitigation – at the top

 

Many years ago, the CEO of a client company told me that he wanted to fire another corporate officer there. I asked him what basis he had for this contemplated action and he said it was that the officer had failed to take mandatory compliance training. I responded by asking if he – the CEO – had taken the training, to which he replied (without a trace of irony)  that he had not.

In recent months, the unprecedented sexual misconduct allegations against (among others) high ranking officials in prominent businesses has brought unprecedented attention to the need to prevent and detect such wrongdoing using high-level solutions. For instance, writing recently in the Harvard Law School corporate governance blog , Subodh Mishra, Executive Director at Institutional Shareholder Services, Inc., identifies the following five components of an effective sexual misconduct risk management policy:

– Sexual misconduct risk is specifically enumerated and oversight assigned to a board committee.

– The board has expertise in workplace and employee issues.

– Material penalties are in place for perpetrators and abettors.

– Executive compensation structures—at a minimum—contain incentives for creating a safe and equitable workplace.

– The company models the behavior it seeks to promote.

These seem like generally sound observations, but the point of my post is not to add to the conversation on this particular area of risk but rather to suggest that ideas of this sort can and should be applied to compliance risks more broadly.

Certainly, assigning  a board-level committee compliance  responsibility with an emphasis on risks (such as corruption or antitrust ones) at the top, would be a sound measure generally for companies to take.  And the board having expertise regarding compliance issues is compelling for the same reason that having such expertise in workplace/employment issues is – though for both areas expertise can (in my view) sometimes be provided by access to an outsider adviser rather than appointment to a seat on the board.

Moreover, I certainly think that the emphasis on penalties for those engaged in misconduct is important to preventing wrongdoing of various kinds at the top, particularly the suggestion that “These policies may also be extended to any individuals that willfully concealed violations or engaged in retaliation against whistleblowers.” And, on the other side of the coin, reflecting compliance success generally in executive compensation structure makes sense just as it does for promoting diversity (part of Mishra’s recommendations), although doing so with the former may be more methodologically challenging than it is with the latter. Still, it can be done.

Finally, the point about modeling behavior is every bit as important to promoting compliance generally as it is to preventing harassment and discrimination in particular. For a board committee overseeing compliance at the top, this aspect of effective risk management has implications for a wide range of conduct – both substantive (e.g., how conflicts of interest are dealt with by senior managers) and procedural (such as ensuring that managers take the required training, to go back to the example at the top of this post).

Expiration dates for conflicts of interest?

“The past is never dead. It is not even past…” wrote William Faulkner. Should something similar be said of conflicts of interest?

While this blog has addressed future COIs it has never previously done so with past ones. The latter was suggested to me by a recent posting in MedPage Today by Milton Packer MD, which posed the question: “Does a financial conflict of interest ever expire?” Doctor Packer – writing about COIs in the medical research realm – noted: “All organizations that worry about conflicts of interest have a ‘sunset’ provision. It is the identification of [a] date before which the influence of a prior relationship is deemed to be irrelevant. You can argue about whether it should be 1, 3, 5 or 20 years. But at some point in time, the influence of that relationship becomes negligible.”

However, formal sunset provisions of this sort do not necessarily exist in all COI management regimes. For instance, it would be rare to find one in a corporate code of conduct, although presumably organizations without such provisions would take the time factor into account in applying more general COI standards in their respective codes. The same might be the case regarding various professional services and other ethical standards.

So, what criteria should those handling conflicts of interest – either in drafting or applying COI policies – consider in determining whether a given COI is really “past”?

First, one should assess whether the COI at issue is based purely on the economics of the relationship or if “substance” comes into play. As a general matter, the logic of having an expiration date for a COI of the former sort seems sound, since the impact of receiving such a benefit would indeed tend to diminish over time. By contrast, where the COI is more qualitative – meaning based more on the substance of such work– then its influence is less likely to be negligible, particularly if the prior work is related to the contemplated opportunity.

Second, size matters. The larger the financial benefit in question, the further back one may need to go to reach a point where its influence is negligible.

Third, appearance matters. As a general matter, some types of COIs will seem more worrisome than others – particularly when they are difficult to evaluate by key constituencies.

Fourth, one should consider in these deliberations – as Doctor Packer’s post does – the implications of a given sunset provision vis a vis recruiting the most able individuals for the task at hand. I.e., the maximum ethical approach does not always yield the best results. While this consideration is of perhaps of most obvious relevance in designing or applying medical research COI regimes, it can come up in other contexts too.

Fifth, I’ve lumped a lot of things together in this short post, but want to emphasize that whether a COI should be deemed to be in the past may be a narrower test than what needs to be disclosed in the first instance. This distinction may be necessary to ensure that the party with the putatively past COI is in fact applying the applicable expiration date appropriately.

 

Managers’ C&E program duties: some drafting tips

One of the essential  ingredients of a compliance & ethics program is having well-articulated and effectively promoted program-related duties for managers.

In my latest column in Compliance and Ethics Professional (page 4 of PDF) I offer some suggestions for meeting this challenge.

I hope you find it useful.

Learning from Wells Fargo

Although I was a pretty decent student in college my best grade there wasn’t an A. It wasn’t even a B. It was a “C Minus Over an F.” The reason I considered it my best grade – even though it certainly wasn’t my highest one – is that I’d earned it by ignoring the professor’s instructions about the assignment. Learning to follow instructions – even in this costly way – was more valuable to me (particularly over time) than was doing well in any of my other classes.

While learning from one’s own missteps may be the most effective form of instruction, the missteps of others can be helpful too, and in the world of business education a time-honored vehicle for facilitating such learning is the case study. In that regard, I was pleased to see that Ethical Systems  has just published an excellent case study for the ethics realm, Under Pressure: Wells Fargo, Misconduct, Leadership and Culture. which was created by Bharathy Premachandra, Ethical System’s 2017 Bryan Turner Intern in Business Ethics, and Azish Filabi, the organization’s Executive Director. The study is written principally for use in the classroom, but I believe that it can be a helpful tool in the corporate compliance & ethics program world as well.

By way of background: “About a year ago, Wells Fargo announced a settlement of $185 million with federal regulators after admitting to having opened millions of unauthorized customer accounts, falsifying bank records, forging customer signatures and contact information, and even manipulating/transferring funds between accounts to charge overdraft fees, all without customer knowledge or consent.” Moreover, since then a second scandal has emerged at the bank, concerning fraudulent auto insurance sales practices.

Applying well respected ethical cultural and leadership models to the case, the study’s authors identify and describe various infirmities with the bank’s culture contributing to these unhappy developments. Included are those concerning incentives (e.g., “It was reported that some branch and district managers considered only sales performance for overall performance rating. Hence, for many, this meant that selling more than your colleagues was a prerogative and failing to do so meant penalization, transfer and even termination.”); leadership (“the complicity of leadership went hand-in-hand with the high pressure, numbers-focused sales culture”); employee selection systems (“Even before new hires joined the Bank, they were socialized to think that winning over competitors, at any cost, is a priority”); and informal systems (“Decentralization encouraged independence and self-reliance, which on the one hand had benefits for financial performance, but on the other hand likely fueled unethical behaviors through lack of oversight and accountability for how business goals were accomplished.”) The authors also note that formal compliance systems – such as the hotline and associated non-retaliation policies and procedures – were evidently not “built into the bedrock” of bank’s culture.

There is, in sum, a goldmine here of ethical learning for business organizations of various kinds, and I hope that C&E professionals will use it to inform key aspects of their respective programs – such as risk assessment, training and board oversight.

I should emphasize that I’m not suggesting that the full report be made required reading throughout a company. (It is 23 pages.)

But I do think that a company-specific version can be created for any given organization and used to facilitate  a discussion regarding the key points in the study. For instance, seeing the shortfall at the bank regarding ethics in the employee selection process would probably give many other organizations suggestions for their own improvement in that area.

Of course (and to borrow from Tolstoy –  sort of) every company is somewhat different when it comes to C&E needs and optimum solutions. But there is a lot of commonality in these areas too.

And in any event, the main alternative to learning from the missteps of others is learning from one’s own. That was a painful exercise for me in college, but is presumably many times worse for those who do so in the “real world.”

 

An ethical obscenity

Consider – as my law school professors used to say – the following hypothetical:

You are the CEO of  an organization and are looking to hire a head of procurement. You think a good person for the job would be X, who currently works for one of your suppliers. You discuss this with X, who is interested in the job, and tell him that if he comes to work for you he would need to stop working for the supplier and also give up his ownership interest in that entity. He responds that he shouldn’t have to give up both – either surrendering his management role or ownership should be enough. How do you respond?

Today is the one-year anniversary of the start of Donald Trump’s presidency. While there is a fair bit of disagreement on whether he has used this tenure to help the country, there should be no doubt that he has helped himself – by benefitting from conflicts of interest to a degree that previously would have been unimaginable for a U.S. president.

As reported last week by Reuters and others, Sixty-four trade groups, foreign governments, Republican candidates and others stayed at or held events at properties linked to U.S. President Donald Trump during Trump’s first year in office, a political watchdog group said in a report released on Tuesday. The arrangements represented “unprecedented conflicts of interest” because Trump oversees the federal government and has not divested from properties he owns or that carry his name, Public Citizen, a nonpartisan group, said in the report. Shortly before taking office last year, Trump said he would hand off control of his global business empire to his sons Donald Jr. and Eric, and move his assets into a trust to help ensure that he would not consciously take actions as president that would benefit him personally. Many government and private ethics watchdogs said the president should have gone farther, divesting assets that could cause a conflict of interest.

The absurdity of the notion that giving up control of an asset mitigates conflicts of interest arising from ownership of such asset will be evident to anyone who has filled out a COI questionnaire – meaning not just those in the public sector but private sector as well (including those involved in the above “hypo”). On such forms, employees must disclose asset ownership AND asset control – not one or the other. As long as an owner can know who is spending money in ways that benefit his asset – and if Public Citizen can know such things President Trump surely can too – then the conflict is there. Period.

Getting more attention last week was a report that President Trump’s lawyer had paid $130,000 to a porn star to keep silent about an affair she and Trump had allegedly had some years ago.  While actually press worthy for reasons that most salacious stories are not, the greater obscenity to me was in the COI story – in some ways worse precisely because it is not being hidden. 

Synergy – or conflict of interest?

“What used to be a conflict is now a synergy,” said then telecom securities analyst Jack Grubman in an economically frothier time. Conflict of interest aficionados will remember that that story didn’t end well – and not just for Grubman, but the larger industry of which he was a part.

The credit ratings industry has long been the focus of similar conflict of interest concerns – particularly those arising from the receipt of consulting-related fees from issuers whose credit-worthiness the agencies are rating. In a posting this week on the Harvard Law School Corporate Governance and Financial Regulation Forum, Professors Bo Becker and Ramin Baghai of the Stockholm School of Economics  describe their recently published research findings related to this area:

Among consulting clients, those issuers that generate higher revenues have the highest ratings (relative to ratings from agencies with less consulting revenue from the same issuers). These effects are particularly large for issuers close to thresholds in the ratings spectrum that are important for regulatory and contracting purposes…There are two explanations for these higher ratings: either payment for consulting services is related to lenient treatment by agencies, or the provision of such services is associated with learning. In the second, benevolent interpretation, consulting clients are perceived as safer borrowers by the rating agency that does consulting (but not by its peers), and this effect is stronger for consulting clients that pay higher fees.

In other words, maybe it really is a synergy this time!

Or not – as the authors continue:

A direct way to test these competing interpretations is to examine default rates of firms that pay for consulting and those that do not; if the higher ratings of consulting clients are warranted, then—within a given rating category—default rates should be similar for issuers that are consulting clients and issuers that are not. Instead, we find that issuers that pay for consulting services have much higher default rates; this effect is increasing in the amount of fees paid. Overall, these results are consistent with a fee-driven conflict of interest between rating agencies and security issuers: when an issuer is directly important to an agency through the fees it generates, the ratings it receives are upward biased. Among consulting clients, those issuers that generate higher revenues have the highest ratings (relative to ratings from agencies with less consulting revenue from the same issuers).

This seems to me to be an important finding – not just with respect to the topic at hand (COIs in credit ratings agencies) but for the broader point of COIs being more harmful than is generally appreciated.  Finally, the research results may also be a useful source of caution for companies looking for synergistic opportunities without due regard for conflict of interest risks.

Charitable contributions and behavioral ethics

In one of the all-time great episodes of Seinfeld, George falsely tells various of his colleagues around Christmas time that a charitable gift has been given in their respective names to “The Human Fund,” which prompts his boss to give George a company check for $20,000 made out to this non-existent entity. What does this have to do with behavioral ethics and compliance?

As described in a post several years ago – Is the path to risk paved with good intentions?  – the act of doing good can “morally license” doing bad. This is often less a matter of committing outright fraud (as in George’s case), and more about “gray area” conduct or (in the case of his boss) a lack of due diligence.

To address these risks, companies (that haven’t already done so) should consider implementing charitable contributions policies and related procedures. Such policies and procedures should address risks arising from charitable contributions of bribery, fraud and conflicts of interest. They should generally permit  contributions only to entities recognized by the law as charitable; prohibit contributions to entities that engage in unlawful discrimination or other misconduct; not permit contributions to be made in cash or through third parties; and allow contributions only after required due diligence has been completed and approvals documented.

So that this doesn’t make me sound too Grinch like, let me close the post (and open the New Year) with a slightly belated greeting for fellow Seinfeld alumni: Happy Festivus!

Comey, Mueller and conflicts of interest: a thought experiment

According to an article published yesterday in Newsweek: “A majority of American voters believe that Russia investigation special counsel Robert Mueller and former FBI Director James Comey are friends, despite the fact the two men have never visited each other’s homes or spent much time together outside of work.” As noted in the piece by one individual who knows Comey well: the two are essentially no more than “cordial former colleagues…” Yet “[n]ew polling by Harvard’s Center for American Political Studies shows that 54 percent of Americans think their relationship amounts to a conflict of interest.”

Should this kind of relationship – meaning a professional or work-related friendship – be deemed a conflict of interest of the sort that would require Mueller’s removal from his position as Special Counsel? One way to analyze a possible COI standard in any given context is to ask if we would be willing to apply the same standard in other contexts, i.e., here, to ask if work-related friendships should generally be viewed as giving rise to COIs beyond the Special Counsel setting.

At least for me, that thought experiment leads to a pretty strong No. Among other things, I see a world in which supervisors and subordinates are discouraged from being friendly with each other, i.e., where workplace friendships are disqualifiers in terms of reporting relationships. In this imagined world, vendors would hesitate to act in a friendly way with their customers, as doing so could lead to a loss of business. I can also envision a host of undesirable consequences of viewing work-related friendships as COIs in other contexts – including scientific research, journalism and even corporate compliance. In short, this imagined world is colder and less productive than the actual one we inhabit.

Of course, not all friendships should be beyond the reach of COI scrutiny. The philosopher Mencius once said, “Friends are the siblings God never gave us,” and for friendships of that sort of depth and nature COI treatment is entirely appropriate. But the great majority of office friendships are not truly family like – and do not create conflicting loyalties of any significance.

More broadly, the issue of where to draw the line is  already addressed in many codes of conduct, which do not deem all friendships as COI creating but only “close personal” ones. From what I know, that standard has worked well in organizations generally, and I see no reason to doubt that it would do so in the case at hand.

Compliance & ethics officers in the realm of bias

Bias and conflicts of interest are, of course, related to each other;  but they also differ, in that the former can be based purely on thoughts (or feelings or beliefs) whereas the latter generally requires something truly tangible, such as an economic or familial relationship. Prior postings on bias – particularly those underpinning the field of behavioral ethics – can be found here. But, the world of bias is a vast one, and there is much to be explored about it.

A study recently summarized on the Harvard Law School Forum on Corporate Governance and Financial Regulation offers an interesting example of one type of bias among CEOs. The author of the study – Scott E. Yonker, of Cornell University – sought to determine “Do Managers Give Hometown Labor an Edge?”, based on a review of certain employment-related decisions affecting company operations of varying distances from the hometowns of the companies’ respective CEO’s. The answer – somewhat unsurprisingly, at least to me – was Yes: “The results show that following periods of industry distress, units located near CEOs’ hometowns experience fewer employment and pay reductions, and are less likely to be divested relative to other units within the same firm. Units located closer to CEO birthplaces experience 4.1% greater employment growth and 2.4% greater wage growth compared to similar units. Since employment and wages fall by 3.0% at the average firm unit following industry distress, these findings suggest that hometown units are largely spared. Moreover, these differences have seemingly permanent effects, the wage differences last at least three years, while employment differences revert about three years after industry downturns. With regard to divestitures, units that are more distant from CEO birthplaces are about 6% more likely to be divested.”

Is this at all relevant to the work of compliance & ethics professionals? I think the answer to that is Yes, as well. Or more accurately, It should be.

Of course, “hometown” forms of bias are not as pernicious as are those concerning race, gender and other categories of individuals who have historically been the victims of societal oppression. But the true promise of C&E programs extends to addressing all forms of unfairness, both because non-merit-based decision making in the workplace is (from an economic  efficiency perspective) presumptively bad for businesses (i.e., an inefficient use of resources); and because such decisions can lead to demoralization of a workforce (adversely impacting, among other things, the ethical conduct of those so affected).

Ultimately, for a company to have not only a strong compliance program but also an ethics one, the CEO and other leaders would empower the C&E officer to identify and challenge decisions that may be based on bias. (Note that I don’t mean literally  all such decisions, but those that are significant in potential impact and have a meaningful  ethics/fairness dimension.) The leaders would do so because they would understand that being fair is not just a matter of good intentions; rather, it can  also require expertise and effort – both  of which the C&E officer can bring to a challenging set of circumstances.

The C&E movement has  made a lot of progress in the past quarter century, but we are a long way from getting to such a place. Still, as is often said, it is good to have a goal.

Discipline for C&E violations: four components of program efficacy

For all sorts of reasons, maintaining an effective system of discipline can be  among the most challenging aspects of C&E work.

In my latest  column in Compliance & Ethics Professional  (page 2 of attached PDF) I examine the four essential components of such a system.

I hope you find it useful.