Edited by Jeff Kaplan
|
Standards and Procedures
Setting meaningful but also feasible standards of conduct can be among the most challenging aspects of COI compliance efforts, as is the related area of COI processes (regarding, e.g., disclosure and approval), both of whch will be explored in the sub-categories to this section of the blog.
|
A recent letter to the editor of Nature argues:
Transparency about competing interests is essential when reporting scientific data. However, use of the term ‘conflict of interests’ for such declarations can be misleading in some biomedical papers. A genuine example of a conflict of interest is when academic researchers are financially rewarded for their work by commercial partners. The situation can be more nuanced for reports of biomedical discoveries that could be applied in clinical situations. After all, developing such treatments for patients is a moral obligation for academic researchers, both to their funders and to society — even though it can mean working with biotechnology or pharmaceutical companies. Disclosing a financial arrangement as a ‘conflict of interest’ under such circumstances implies that engagement with for-profit companies is a nefarious activity, potentially at odds with what society expects from biomedical scientists. In that context, a ‘declaration of interest’ would be a more accurate term for a mandatory and transparent disclosure of financial relationships. A ‘conflict of interest’ should instead be reserved for authors who cannot document efforts to translate their discoveries to the clinic. (The author of the letter is René Bernards of the Netherlands Cancer Institute.)
I do not know enough about biomedical research conflicts of interest to gauge the merits of this suggestion, but I would be surprised if some scientists couldn’t still have a conflict of interest even if they translated their discoveries to the clinic. However, the larger point about a COI disclosure seeming to unfairly suggest nefarious conduct basically seems sound.
More generally, I believe that in organizations of all kind, policies, training and disclosure documents should communicate that not all ostensibly conflicting interests are wrongful. (This point is sometimes made, but in my view not often enough.) The alternative may be to discourage desirable conduct and to drive other conduct underground.
|
|
|
In today’s edition of the FCPA Blog.
I hope you find it useful.
|
|
|
The International Chamber of Commerce – apparently the world’s largest business organization – recently published Guidelines on Conflicts of Interest in Enterprises. It is available for free download here.
Among other things, the Guidelines provide a useful summary of what should generally be included in a COI compliance policy:
Objective: first, the prevention of Conflicts of Interest, and if nevertheless they do arise, dealing with them, disclosing them and finally mitigating the risks of them arising;
Scope: applicable and binding for all directors, officers, managers, employees, agents and representatives (Associates) of the Enterprise;
Definitions: include clear definitions;
Provisions:
– comply with all applicable laws and regulations in addition to internal regulations of the Enterprise, including privacy laws and policies;
– all decisions and actions by all Associates shall be taken in the best interest of the Enterprise;
– Associates shall not take business opportunities that belong to the Enterprise for themselves;
– Associates shall immediately disclose any Conflicts of Interest;
– Associates shall abstain or withdraw from debating, voting, or other decision-making processes or activities when a Conflict of Interest exists or might arise;
– Senior Management shall lead by example and give guidance on Conflicts of Interest;
– job applicants and newly hired or appointed Associates shall disclose any Conflicts of Interest immediately during the hiring or appointment process;
– every member of Senior Management shall update his/her disclosure on Conflicts of Interest at least annually to the Compliance Officer, or any other person in charge of the Conflict of Interest Policy;
– provision on communication and training on Conflicts of Interest;
– provision explaining where guidance may be obtained in case of questions or concerns; and
– provision on regular reporting of Conflicts of Interest and evaluation of the Policy.
Overall, I agree with these recommendations, but to me the principal value of the Guidelines lies more in the very fact that it exists than the particulars of its various provisions.
That is, perhaps because COIs are so widespread and diffuse (meaning not the subject of a unified legal regime), they often seem to discourage meaningful efforts to mitigate them in the type of programmatic way that one typically sees with anti-bribery and competition law. The Guidelines – issued by an organization with six million members – is an important step in the direction of making such approach a mainstream expectation.
(For more information on the components of a COI compliance program see the various entries and subentries under “Compliance” on the index on the left hand part of this blog – also available here.)
|
|
|
Many companies have, of course, escalation provisions for responding to allegations of wrongdoing. But do they need such provisions with respect to routine self disclosures of conflicts of interest?
At least for some companies that allow line managers to approve disclosed conflicts the answer is, in my view, Yes. That is in part because managers may – thanks to the behavioral ethics phenomenon of “motivated blindness” – be inclined to “go easy” on a particularly valued employee who has disclosed a COI. Line managers may also fail to appreciate in such situations the danger to the compliance program generally of an overly liberal approach to COIs – particularly to the sense of “organizational justice” at the company.
But what should an escalation provision entail? Here are some possibilities, meaning circumstances where the line manager should be required to enlist the help of HR, Compliance or Legal in addressing a disclosed COI:
– Disclosure is by a relatively high-level person.
– Disclosure is by a person in a controls function.
– Conduct would tend to diminish trust of key stakeholders in the company. (Most important of all the criteria – but also hardest to apply.)
– Conduct involves a relatively high degree of money or other tangible or intangible interests.
– Resolving disclosed conflict would entail complicated fact finding.
– Resolving conflict would entail interpretation of legal or regulatory mandates.
Finally, and perhaps less obvious than the others, going forward, would the manager be sufficiently aware of the relevant actions of the disclosing employee to help ensure adherence to Company COI standards? In other words, can the manager act like a de facto COI monitor?
|
|
|
An early post on this blog noted that among the more interesting phenomena of behavioral ethics was the impact that knowing or not knowing a party could have on how one treated that party.
A set of circumstances that is relatively likely to lead to an ethical shortfall is where we do not know who will be impacted by a contemplated act. As described in this paper by Deborah A. Small and George Loewenstein, in one study “subjects were more willing to compensate others who lost money when the losers had already been determined than when they were about to be” and in another “people contributed more to a charity when their contributions would benefit a family that had already been selected from a list than when told that the family would be selected from the same list.” Beyond their direct application to the area of charitable giving, these findings may be relevant to a broader range of ethics issues, and, for instance, could help explain the relative ease with which so many individuals engage in offenses where the victims are not identifiable.
One example of this is insider trading – a crime which, although widely known to be wrong, seems utterly pervasive (based, among other things, on the extent of trading in securities right before public disclosure of market moving events). A behavioral ethics perspective suggests that (at least part of) the reason for this “inner controls” failure is that the victims of insider trading are essentially anonymous market participants.
Another offense of this sort is government contracting fraud (where the victims tend to be everyone), and indeed Ben Franklin famously described the risks of an ethics shortfall here as well as anyone could: “There is no kind of dishonesty into which otherwise good people more easily and more frequently fall than that of defrauding the government.” Understanding why “otherwise good people” do bad things is much of what behavioral ethics is about.
But what about COIs? The picture there is mixed, as some COIs do involve identifiable victims – such as the job applicant who does not get hired because the position was filled by the boss’s son. Similarly, an organization might suffer identifiable harm when its procurement process is corrupted by a COI – e.g., paying too much or getting too little.
However, with other sorts of COIs the harm is less apparent. It is the damage to trust in key relationships.
For this reason, organizations might consider including the following question in their COI resolution protocols: “How likely would it be at that the COI would diminish the trust that stakeholders (shareholders, employees, customers, business partners, suppliers or regulators) would have in the Company or otherwise adversely impact the Company’s reputation?”
Of course, this thought experiment works only if you truly try to put yourself in the shoes of one of these parties. Or, to use the memorable words (albeit from another setting) of philosopher Martin Buber: “Imagine the real.”
|
|
|
An earlier post explored the various contexts – such as board meetings, hiring interviews, employee engagement surveys, training, compliance audits and exit interviews – where asking the right question can help promote C&E at a business organization. To this list should be added frequently added questions documents (“FAQs”).
FAQs are used with some frequency to supplement codes of conduct and policy statements. They can provide a greater level of information than is feasible in a traditional policy statement – because they are generally easier to read than the latter.
FAQs can be particularly useful in promoting COI-related compliance measures. That is because the issues raised in the COI realm tend to be more personal than are other types of C&E issues and so employees might welcome a chance to have their questions answered in this way rather than through actual contact with someone in their organization – at least as an initial matter.
Those seeking a model for drafting a COI FAQ, should take a look at what Walmart has done in this area – which can be found here. It is a very comprehensive document, covering in some detail what are presumably all the major COI risk areas for the company (financial interests, gifts and entertainment, outside employment, personal relationships with other associates, personal relationships with suppliers, protecting personal and business information and information sharing). For each, the document recites the relevant company policy and follows that with one or more questions and answers. (E.g., the Outside Employment section asks and answers questions about working for a competitor, operating a side business and working for a supplier.)
The Walmart FAQ document also does a good job in explaining the reasons for the company’s position on the issues raised in the questions. For instance: I supervise an associate who does odd jobs on the side. I would like to hire the associate to do some work at my home. Is this okay? As a manager with direct reports, it’s important to remain objective regarding your associate’s work. This situation requires a manager to think through all of the potential issues and use good judgment. This particular situation could potentially create a real or perceived conflict of interest since the work done for you at home may appear to influence how you view your direct report at work. If you hire someone you supervise to do work on your home, the boundaries between work and personal life may become blurry and difficult to manage. For instance, if you are not pleased with the outcome of the work, it could impact your perception of the associate. It may also appear to others that you are more lenient on that associate’s performance at work since the associate is doing work for you at your home. Finally, the associate may not want to do personal work for their manager for these same reasons, but may feel obligated to do so.
Of course, not every C&E program needs an FAQ – for COIs or any other risk areas. Those that do tend to be large and have relatively complex compliance profiles. And in considering whether to go this route companies should consider the total mix of relevant information about the risk area in question (i.e., not just what is in the code and policy document, but also the treatment of the risk area in training and other communications). As with any part of a C&E program, one has to be mindful of the dangers here of doing too much as too little.
|
|
|
Groucho Marx famously said: “Those are my principles, and if you don’t like them… well, I have others.” When it comes to companies committing to follow key principles to guide their behavior – what are often called “core values” – there is clearly no shortage of options. Indeed, this posting on the Threads web site offers 500 ideas for those in the market for values.
One value that I see occasionally (but not frequently) selected for “core” status is humility. Kellogg, for instance, includes humility among several other core values. Humility is not principally about ethics – Kellogg embraces an integrity value too (as is the case with a large number of companies). But I do see humility as having an important role to play in promoting compliance and ethics in business organizations, in several ways.
First, humility is a logical and arguably inevitable response to the vast body of behavioral ethics research showing “we are not as ethical as we think.” Thinking and acting with humility is indeed a way of operationalizing behavioral ethics. (For a list of behavioral ethics and compliance posts click here. Also, please see this recent article in the NY Times on behavioral ethics and the notion of “servant leadership.”)
Second, humility is well suited for addressing ethical challenges that are based not on the purposeful failure to be honest but on the less well-appreciated dangers of being careless. (For a post on that click here.) Recognizing the limits of one’s abilities – which is part of being humble – should help underscore the need for carefulness.
Finally, humility has the potential to resonate deeply in our political, as well as business, culture. By this I mean humility can help form part of a broader mutually supporting relationship between business ethics and what might be called societal ethics of the sort described in other posts.
From a professional viewpoint the benefits to the business side are of most immediate interest to me, but as a citizen (hopefully in the broad sense) I know that the societal dimension is of greater importance. So, let me close by quoting what is one of the best (albeit largely forgotten) expressions of humility’s role in societal ethics, which can be found in Learned Hand’s “Spirit of Liberty” speech: “The spirit of liberty is the spirit that is not too sure that it is right [and] which seeks to understand the minds of other men and women…” Delivered in 1944 – when the US and other democracies were engaged in a truly existential battle for survival – these words have never been more compelling than they are today.
|
|
|
It was – at least according to this Blog – the most interesting COI story of 2015 (as of February of that year): the head of the New York/New Jersey Port Authority (the PA) – David Samson – had persuaded United Airlines to reinstate a money-losing route that was convenient for his personal use in return for his giving them favorable treatment on certain PA matters. But what has happened since? And what can C&E professionals learn from it?
In July of 2016, Samson “pleaded guilty to one charge of bribery for accepting a benefit of more than $5,000 from” the airline. “At the same time, United–which was not criminally charged–agreed to pay a fine of $2.25 million and pledged to institute ‘substantial reforms’ to its compliance program.” And earlier this month the airline settled related charges with the Securities and Exchange Commission.
Above all, that settlement – which involved violations of the FCPA’s books-and-records and internal accounting controls provisions – is a reminder that an effective anti-corruption compliance program must be addressed to domestic bribery, as well as the foreign kind. In that regard, it is worth remembering that the US is not at or near the top of the Transparency International Corruption Perception Index: it is tied for 16th. And for certain parts of the country – including New Jersey, where Samson worked (and I live) – the picture is worse.
Yet, in my experience some companies don’t address domestic bribery risks with the same rigor that they do foreign ones – even those involving “cleaner” countries than the US. So, this settlement may be a useful opportunity for companies to consider whether their anti-corruption policies and procedures – including risk assessment – are sufficient to address domestic bribery.
Less significant but perhaps more interesting to C&E practitioners is the SEC’s discussion of the issue of code of conduct waiver – and specifically the failure to get a waiver of the code’s gift provision in connection with the reinstatement of the unprofitable route. The SEC noted that a companion document to the code had provided that: “exceptions would be granted only in accordance with the following procedure: Generally, requests for exceptions must be submitted in writing to the Director – Ethics and Compliance Program. Approvals for an exception will also be in writing and must be obtained in advance of the action requiring the exception.” Yet “no one at United sought a waiver of United’s Code of Business Conduct prior to initiating the … Route for Samson’s personal benefit. Nor did anyone at United seek or obtain an exception to Continental’s Ethics and Compliance Guidelines [which was still in effect following the merger of the two carriers] prior to initiating the … Route. As a result, no written record reflecting the authorization for the … Route was prepared or maintained, as required by United’s Policies.”
Code of conduct waiver-related requirements are based on, among other things, rules of the New York Stock Exchange and SEC . They derive,, to some extent, from the Enron case. Yet in recent years I’ve heard very little about them. That may be because the NYSE and SEC standards apply to a narrow band of senior officials at public companies. Yet waiver requirements can go beyond this, as United’s ostensibly did.
So, is there any takeaway for C&E professionals from this aspect of the United case? One idea would be to include questions about waivers in audit interviews – which might pick up information that a question about violations might miss. A second is to include a discussion of waivers in training boards and senior executives – who may have at one point known the Enron-related origins of the waiver provision requirement but have likely forgotten this piece of C&E history.
Finally, for those revising their codes of conduct, one might consider requiring that waivers be granted only upon a clear showing that doing so would be in the best interests of the Company – and that all meaningful circumstances surrounding a waiver be documented in a complete and accurate way. Indeed, given that the SEC has taken the occasion of the United case to speak about code waivers, this is an area where companies should take a moment to make sure they are doing everything right.
|
|
|