Compliance

In this section we examine how the various “tools” of a C&E program can be deployed to mitigate COIs, as well as other matters regarding the interaction of COIs and C&E programs. Please see the various sub-categories for information about each of these tools.

Conflicts of interest: why we fight

The current attention to President Trump’s using his official position to bring business to his properties – discussed here – has drawn national (and even global) focus on the area of conflicts of interest. It is thus an opportune time for the COI Blog to review some basic principles.

First, as Justice Louis Brandeis famously said: “Our government is the potent, the omnipresent teacher. For good or for ill, it teaches the whole people by its example.” While Brandeis was speaking about violations of law the point seems just as applicable to ethics.

Second, and as one would expect, the impact of COIs can go beyond the economic value of the transaction at issue. How much does it matter that organizations, individuals and governments pay close attention to identifying and mitigating conflicts of interest? One way to answer this question is to consider – as I used to ask students in my business school ethics class to do – what the world would look like without such focus and sensitivity. Below are some of the observations that I have heard from them over the years:

– Individuals might be reluctant to take the medicines that their doctors recommend for fear that those recommendations are motivated more by the doctors’ financial relationships with pharma companies than by the patients’ well-being.

– Individuals and organizations might not use financial advisors for fear that the advice they receive is driven by hidden, adverse interests – and would instead devote otherwise productive time to trying to become their own financial experts, resulting in a significant misallocation of capital as well as time.

– Organizations could hesitate to take a wide range of everyday actions for which they need to trust their employees and agents to do what’s right by the organizations – or would proceed only with highly intrusive and costly surveillance-like measures in place.

In short, Conflict of Interest World is a place of needlessly diminished lives, resources and opportunities.

Finally, and returning to the issue of Trump’s COIs, the negative impact of presidential impunity regarding COIs is particularly worrisome in a way that is unique in our history.  In the coming years we will be compelled to make sacrifices to address increasingly urgent needs regarding climate change and public debt. If government’s motives on these and other critical issues are subject to question due to COI’s then the (already small, in my view) likelihood of sufficient sacrifice being made is further diminished, with potentially catastrophic consequences for our country and planet. (For more on the link between morality-based sacrifice and the success of human societies see Jonathan Haidt’s The Righteous Mind.)

What is in a name?

A recent letter to the editor of Nature argues:

Transparency about competing interests is essential when reporting scientific data. However, use of the term ‘conflict of interests’ for such declarations can be misleading in some biomedical papers. A genuine example of a conflict of interest is when academic researchers are financially rewarded for their work by commercial partners. The situation can be more nuanced for reports of biomedical discoveries that could be applied in clinical situations. After all, developing such treatments for patients is a moral obligation for academic researchers, both to their funders and to society — even though it can mean working with biotechnology or pharmaceutical companies. Disclosing a financial arrangement as a ‘conflict of interest’ under such circumstances implies that engagement with for-profit companies is a nefarious activity, potentially at odds with what society expects from biomedical scientists. In that context, a ‘declaration of interest’ would be a more accurate term for a mandatory and transparent disclosure of financial relationships. A ‘conflict of interest’ should instead be reserved for authors who cannot document efforts to translate their discoveries to the clinic. (The author of the letter is  René Bernards of the Netherlands Cancer Institute.)

I do not know enough about biomedical research conflicts of interest to gauge the merits of this suggestion, but I would be surprised if some scientists couldn’t  still have a conflict of interest even if they translated their discoveries to the clinic. However, the larger point about a COI disclosure seeming to unfairly suggest nefarious conduct basically seems sound.

More generally, I believe that in organizations of all kind,  policies, training and disclosure documents should communicate that not all ostensibly conflicting interests are  wrongful. (This point is sometimes made, but  in my view  not often enough.) The alternative may be to discourage desirable conduct and to drive other conduct underground.

The toll at the top

As recently reported by NPR: For decades, the main reason chief executives were ousted from their jobs was the firm’s financial performance. In 2018, that all changed. Misconduct and ethical lapses occurring in the #MeToo era are now the biggest driver behind a chief executive falling from the top. That’s according to a new study from the consulting division of PwC, one the nation’s largest auditing firms. It is the first time since the group began tracking executive turnover 19 years ago that scandals over bad behavior rather than poor financial performance was the leading cause of leadership dismissals among the world’s 2,500 largest public companies… Thirty-nine percent of the 89 CEOs who departed in 2018 left for reasons related to unethical behavior stemming from allegations of sexual misconduct or ethical lapses connected to things like fraud, bribery and insider trading, the study found…”Employees are starting to say, ‘how can you enforce a policy on us without holding CEOs accountable?’ ” said Bill George, a senior fellow at Harvard Business School and former chief executive of Medtronic, who has served on the boards of Goldman Sachs and Exxon Mobil. “The CEO’s behavior has to be beyond reproach. Boards are aware of this and are really feeling pressure around that now.”

But what exactly should boards do to respond to this pressure? As noted in an earlier post in the COI Blog:

In recent months, the unprecedented sexual misconduct allegations against (among others) high ranking officials in prominent businesses has brought unprecedented attention to the need to prevent and detect such wrongdoing using high-level solutions. For instance, writing recently in the Harvard Law School corporate governance blog, Subodh Mishra, Executive Director at Institutional Shareholder Services, Inc., identifies the following five components of an effective sexual misconduct risk management policy:

– Sexual misconduct risk is specifically enumerated and oversight assigned to a board committee.

– The board has expertise in workplace and employee issues.

– Material penalties are in place for perpetrators and abettors.

– Executive compensation structures—at a minimum—contain incentives for creating a safe and equitable workplace.

– The company models the behavior it seeks to promote.

These seem like generally sound observations, but the point of my post is not to add to the conversation on this particular area of risk but rather to suggest that ideas of this sort can and should be applied to compliance risks more broadly.

Certainly, assigning a board-level committee compliance  responsibility with an emphasis on risks (such as corruption or antitrust ones) at the top, would be a sound measure generally for companies to take.  And the board having expertise regarding compliance issues is compelling for the same reason that having such expertise in workplace/employment issues is – though for both areas expertise can (in my view) sometimes be provided by access to an outsider adviser rather than appointment to a seat on the board.

Moreover, I certainly think that the emphasis on penalties for those engaged in misconduct is important to preventing wrongdoing of various kinds at the top, particularly the suggestion that “These policies may also be extended to any individuals that willfully concealed violations or engaged in retaliation against whistleblowers.” And, on the other side of the coin, reflecting compliance success generally in executive compensation structure makes sense just as it does for promoting diversity (part of Mishra’s recommendations), although doing so with the former may be more methodologically challenging than it is with the latter. Still, it can be done.

Finally, the point about modeling behavior is every bit as important to promoting compliance generally as it is to preventing harassment and discrimination in particular. For a board committee overseeing compliance at the top, this aspect of effective risk management has implications for a wide range of conduct – both substantive (e.g., how conflicts of interest are dealt with by senior managers) and procedural (such as ensuring that managers take the required training).

Cross references:

CEOs’ ethical standards and the limits of compliance

Catching up on CEOs’ COIs.

CEOs’ ethics: what’s new

 

 

Behavioral ethics training for managers

In “Companies Need to Pay More Attention to Everyday Unethical Behavior” – published last month in the Harvard Business Review  – Yuval Feldman, Professor of Legal Research at Bar Ilan University, argues:

Many large scandals have sounded the alarm on the need to monitor corporate corruption. The typical response from policy makers is to propose a patchwork of reforms to address various corporate transgressions. But by and large, these reforms focus on preventing gross and blatant violations of the law – and they ignore the more banal, ordinary acts of unethicality that are far more common in organizations. Numerous studies have documented the prevalence of practices such as stealing office supplies, inflating business expenditures reports, and engaging in behaviors that raise conflicts of interest. While these may sound negligible, these violations reduce trust over time and alter prevailing business and legal norms. Their aggregated effect can be quite harmful. Behavioral ethics research suggests that this type of misconduct occurs not because people are unethical or deliberately choose to act unethically, but because they fail to understand that their behavior is indeed unethical and can have harmful consequences. Thus, sanctioning rule breaking and looking for “smoking guns” will not prevent most employees from acting unethically. If organizations want to do a better job at preventing misconduct, they need to adopt a two-stage approach. The first stage focuses on increasing people’s awareness of the illegality and unethicality of their behavior. The second stage is about ensuring that employees clearly recognize that misconduct will be penalized.

Achieving what is contemplated by both of these stages could sound daunting – particularly the first. However, for companies that already have compliance and ethics (“C&E”) training for managers and supervisors there may be an opportunity to use that training to increase employees’ awareness of the sort of risks described by Professor Feldman.

That is, such training can be expanded to include:

– A brief explanation of the findings of the above-referenced behavioral ethics research.

– An explanation that managers’ C&E duties include identifying seemingly negligible risks in their respective parts of the organization that could over time adversely affect trust there.

– An expectation that these risks will be addressed by managers when speaking to the workforce (e.g., in townhalls, staff meetings, etc.) and through written communications.

Note that I am proposing a more or less “local” approach to this issue, as opposed to a top-down one, as I believe that having managers of various ranks involved in the process is necessary to make the effort risk based. Also, hopefully being given this role will lead managers to reflect on their own ethical performance.

Note that there is much more that can be done in communications and training to use behavioral ethics information and ideas to prevent and detect  wrongdoing. See prior posts collected in this index.

There is also more to be said about slippery slopes, some of which can be found in this prior post.

Finally, here is an article on drafting managers’ C&E duties.

Essential ingredients of an effective conflict of interest policy

In today’s edition of the FCPA Blog.

I hope you find it useful.

“Just-in-time” risk assessment

In 1994 I spoke at a meeting of a company’s executives that took place shortly before the end of the company’s financial quarter, and in the same session the CEO made the point that the executives needed to be vigilant against any mischief designed to dress up the quarter. This was my first exposure to “just-in-time” training/communication. And although more companies time their compliance measures in this sort of way now than did then (mostly because there are more measures to time), it is an area where many organizations can and should up their respective games.

The basic idea of just-in-time communications (also sometimes called “point of risk” communications) – as described in this post – is that compliance communications are most likely to have the desired impact if delivered shortly before exposure to the risk in question. As noted in that post, this mechanism could be used to address a wide range of risks: “anti-corruption – before interactions with government officials and third-party intermediaries; competition law – before meetings with competitors (e.g., at trade association events); insider trading/Reg FD – during key transactions, before preparing earnings reports; protection of confidential information – when receiving such information from third parties pursuant to an NDA; … accuracy of sales/marketing – in connection with developing advertising, making pitches; and employment law – while conducting performance reviews…”

To his discussion I would like to add the notion of a just-in-time risk assessment.  Specifically, when conducting risk (or program) assessment interviews or surveys, compliance personnel should inquire a) for any given area or risk, whether there is a need for just-in-time training/communications; and b) if so, what the specifics of such training/communications should be.

Finally, the need to look for opportunities of this sort can be added to lists of managers’ C&E duties (e.g., those set forth in the code of conduct, training for new managers, and perhaps personnel evaluations). This will not only help companies develop more “just-in-time” communications but will raise the level of managers’ C&E knowledge and commitment generally.

Conflict-of-interest policies and procedures

My latest column in C&E Professional (3rd page of PDF).

I hope you find it useful.

Deadly – and small – gifts and entertainment

Virtually every conflict of interest policy contains monetary limits for individual acts of gift giving or entertainment, but not all seek to quantify how many of such acts are permitted to occur in a given time period. This issue was raised in a particularly grim way – as described in this article in MarketWatch – by a recent study which “found that both deaths from opioid overdose and opioid prescriptions rose in areas of the country where physicians received more opioid-related marketing from pharmaceutical companies, such as consulting fees and free meals,…”

Relevant to the specific issue in this post, Magdalena Cerdá, director of the Center on Opioid Epidemiology and Policy at NYU Langone Health and the senior author on the study, stated: “A lot of the discussion around the pharmaceutical industry has been around high value payments, but what seems to matter is really the number of times doctors interact with the pharmaceutical industry,… ‘A physician’s prescribing pattern could be influenced more by multiple inexpensive meals than a single high-value speaking fee,’ she noted.”

She also said: “’We think it’s because the more times physicians interact with someone from the pharmaceutical industry, the easier it is to build a relationship of trust,… ‘We in no way think the prescribing is some kind of nefarious intentional behavior by physicians. The fact that it is the frequent, low-level payments that have the most effect shows that it’s more unintentional ‘…” Of course, unintentional conflicts tend to be more difficult to address than are intentional ones.

More generally, this finding  seems to me to be significant in a broad-based way as it presumably applies to other commercial contexts as well. And, compliance officers in all industries should make sure that their COI policies address not just high-value gifts and entertainment but also high volumes of such.

International Chamber of Commerce publishes conflict of interest guidelines

The International Chamber of Commerce – apparently the world’s largest business organization – recently published Guidelines on Conflicts of Interest in Enterprises. It is available for free download here.

Among other things, the Guidelines provide a useful summary of what should generally be included in a COI compliance policy:

Objective: first, the prevention of Conflicts of Interest, and if nevertheless they do arise, dealing with them, disclosing them and finally mitigating the risks of them arising;

Scope: applicable and binding for all directors, officers, managers, employees, agents and representatives (Associates) of the Enterprise;

Definitions: include clear definitions;

Provisions:

– comply with all applicable laws and regulations in addition to internal regulations of the Enterprise, including privacy laws and policies;

– all decisions and actions by all Associates shall be taken in the best interest of the Enterprise;

– Associates shall not take business opportunities that belong to the Enterprise for themselves;

– Associates shall immediately disclose any Conflicts of Interest;

– Associates shall abstain or withdraw from debating, voting, or other decision-making processes or activities when a Conflict of Interest exists or might arise;

– Senior Management shall lead by example and give guidance on Conflicts of Interest;

– job applicants and newly hired or appointed Associates shall disclose any Conflicts of Interest immediately during the hiring or appointment process;

– every member of Senior Management shall update his/her disclosure on Conflicts of Interest at least annually to the Compliance Officer, or any other person in charge of the Conflict of Interest Policy;

– provision on communication and training on Conflicts of Interest;

– provision explaining where guidance may be obtained in case of questions or concerns; and

– provision on regular reporting of Conflicts of Interest and evaluation of the Policy.

Overall, I agree with these recommendations, but to me the principal value of the Guidelines lies more in the very fact that it exists than the particulars of its various provisions.

That is, perhaps because COIs are so widespread and diffuse (meaning not the subject of a unified legal regime), they often seem to discourage meaningful efforts to mitigate them in the type of programmatic way that one typically sees with anti-bribery and competition law. The Guidelines – issued by an organization with six million members – is an important step in the direction of making such approach a mainstream expectation.

(For more information on the components of a COI compliance program see the various entries and subentries under “Compliance” on the index on the left hand part of this blog – also available here.)

Conflict of interest? Who decides?

Many companies have, of course, escalation provisions for responding to allegations of wrongdoing. But do they need such provisions with respect to routine self disclosures of conflicts of interest?

At least for some companies that allow line managers to approve disclosed conflicts the answer is, in my view, Yes. That is in part because managers may – thanks to the behavioral ethics phenomenon of  “motivated blindness” – be inclined to “go easy” on a particularly valued employee who has disclosed a COI.  Line managers may also fail to appreciate in such situations the danger to the compliance program generally of an overly liberal approach to COIs – particularly to the sense of “organizational justice” at the company.

But what should an escalation provision entail? Here are some possibilities, meaning circumstances where the line manager should be required to enlist the help of HR, Compliance or Legal in addressing a disclosed COI:

– Disclosure is by a relatively high-level person.

– Disclosure is by a person in a controls function.

– Conduct would tend to diminish trust of key stakeholders in the company. (Most important of all the criteria – but also hardest to apply.)

– Conduct involves a relatively high degree of money or other tangible or intangible  interests.

– Resolving disclosed conflict would entail complicated fact finding.

– Resolving conflict would entail interpretation of legal or regulatory mandates.

Finally, and perhaps less obvious than the others, going forward, would the manager be sufficiently aware of the relevant actions of the disclosing employee to help ensure adherence to Company COI standards? In other words, can the manager act like a de facto COI monitor?