Bias

Two very different types of bias topics will be examined in the blog: A) Under what situations involving business organizations should bias be treated like a traditional COI. B) How often-unrecognized biases can inhibit ethical decision making, which is one of the principal teachings from behavioral ethics (i.e., “cognitive biases.”)

Is ethics being short-changed by compliance?

In the beginning of this field there was ethics. But with the advent of the Sentencing Guidelines in 1991 compliance entered the picture and where there were once ethics programs now stand “compliance and ethics” ones.

Has ethics been short-changed in this transition?

In a recent posting in the Harvard Law School Forum on Corporate Governance and Financial Regulation  Veronica Root Martinez of Notre Dame Law School  – based on a forthcoming paper in the University of Chicago Law Review  – writes: “firms should implement specific and explicit ethical infrastructures within their compliance programs, which fall somewhere between the floor set by professional ethics and standards and the hazy ceiling found within moral philosophy as applied to business ethics. By which I mean, firms should attempt to create tangible policies, procedures, and programs that promote ethical behavior within their ranks. In doing so, I suggest firms look to the fields of behavioral ethics, social psychology, and organizational behavior to provide guiding principles when they attempt to craft tangible ethics policies. For my own contribution, I suggest that firms look to commit to adopting policies and procedures that (i) protect the dignity of, (ii) promote the flourishing of, and (iii) advance the interests of the various stakeholders of firms as a baseline to be used for establishing the ethics components of their ethics and compliance programs. Thus, ethics and compliance programs should ensure employees feel valued and are viewed as vested partners within the organizational enterprise and consider the ways the program might impact individuals both within and outside of the firm. Firms might choose to emphasize other attributes as part of their ethics programs, but the thrust of the Essay is that firms should more actively engage in thinking about the implementation of programs that go beyond rote compliance and focus equally on efforts targeted at creating strong ethics programs. That is not to suggest that creating ethical infrastructure will be easy, but the persistent scandals plaguing sophisticated organizations all across the globe suggest that it is time to at least experiment with creating More Meaningful Ethics within ethics and compliance programs at firms.”

I greatly agree with both her analysis and recommendations and think that this is an important article that all within the compliance and ethic field should read. However – and perhaps it is a matter of semantics more than substance – I am a bit concerned that compliance is being given somewhat of a bad rap.  That is, she argues that various prominent business scandals demonstrate that too much compliance and too little ethics can create risks of wrongdoing. That might be so, but these cases might also be examples of bad compliance programs. In that connection the importance of tone at the top is a fundamental ethics precept. But it is a pillar of compliance expectations as well.

She also suggests that firms rely should more on behavioral ethics for risk mitigation. I agree with that, too, but do think that behavioral ethics can support compliance approaches as well, as described in some of the posts collected here.

However, these are small points and there is much more that can be said in support of the author’s basic thesis that “firms should attempt to create tangible policies, procedures, and programs that promote ethical behavior within their ranks.”

In this vein, here are some other thoughts on connections between compliance and ethics in an article from  a few years back in Compliance and Ethics Professional:  Body and Soul: Points of Convergence between Ethics and Compliance (page 2 of PDF).

“First, companies should assess ethics, as well as compliance, risks.” This is extremely rare, and has the potential to be extremely valuable.

“Second, ethics should be prominently featured in training and communications. This means, among other things: providing true ethics training on methods for ethical decision making, using values-based communications, giving real-life (and ideally company-specific) examples that go beyond what the law requires/prohibits, and in otherwise deploying training and other communications to show that ethical action is attainable and desirable in business.”

“Third, following the old adage that what’s measured is what counts, companies should measure ethics-related, as well as compliance-related, conduct. Such conduct should be included in personnel evaluations, employee surveys, and program assessments (self or external).”

 

Sweating the small stuff

In Behavioral Ethics as Compliance  (Cambridge Handbook of Compliance (Van Rooij & Sokol Eds)) Yuval Feldman and Yotam Kaplan write:

“[C]urrent approaches to law enforcement and compliance tend to focus on “smoking guns” and extreme violations of the law as the core case and as the ultimate manifestation of the problem of illegality. This tendency is understandable, as it would seem most important to prevent wrongdoing in those cases where it produces the most harm. However, behavioral ethics findings challenge this prevailing wisdom. While devastating in their effects, extreme violations of the law are relatively rare as they are difficult for most people to ignore or justify. On the other hand, most people can, and very often do, ignore and justify “minor” violations, or acts of “ordinary unethicality:” supposedly small deviations from legal and ethical norms common in day-to-day activities. This means that acts of ordinary unethicality can be by far more common, and therefore by far more harmful in the aggregate. Ordinary unethicality can be found in all areas of the law, from contract breach and disregard for the property of others, to corruption in administrative law, corporate misconduct, or insensitive interpersonal behavior. Behavioral ethics research suggests that ‘minor’ wrongs are endemic, widespread and difficult to regulate and prevent.”

This analysis dovetails to some degree with the notion of “slippery slopes.” As noted in an earlier post :  “One of the most important facets of behavioral ethics research concerns slippery slopes. As described in a paper by Francesca Gino and Max Bazerman: “Four laboratory studies show that people are more likely to accept others’ unethical behavior when ethical degradation occurs slowly rather than in one abrupt shift. Participants served in the role of watchdogs charged with catching instances of cheating. The watchdogs in our studies were less likely to criticize the actions of others when their behavior eroded gradually, over time, rather than in one abrupt shift.”

Of course, the points that Feldman and Kaplan are making go beyond slippery slopes – and apply broadly to the overall approach to risk assessment that companies take. E.g., their article essentially suggests an inverse relationship between risk impact and risk likelihood.

What should C&E officers do with this information? Among other things, it should be used to train employees on the importance of not allowing seemingly trivial unethical acts to go unchecked, a particularly important point when dealing with busy business leaders who may believe that their attention should be saved for only “serious” infractions. This can be part of a general approach to training that presents “heightened ethical awareness” as a core leadership skill.

 

Behavioral ethics, the board and C&E officers

In Conflicts and Biases in the Boardroom, recently posted on the Harvard Law School Forum on Corporate Governance and Financial Regulation, Frank Glassner, of Veritas identifies five ways that cognitive bias can inhibit great governance:

– A board is reluctant to ask the right questions

– The group is unable to fully and effectively involve new board members

– Excessive deference is afforded to a few board members with a long company history

– Peer pressure and conformance minimize constructive dissent

– Inflexible adherence to tradition limits consideration of new initiatives.

He further writes: “Every board member must acknowledge that implicit biases impact his/her objectivity.”

Not surprisingly (given the focus of the COI Blog), I agree with this. But I also wonder if there is a place for the compliance  and ethics officer in helping to address this daunting area.

In an earlier post  I wrote: Ultimately, for a company to have not only a strong compliance program but also an ethics one, the CEO and other leaders would empower the C&E officer to identify and challenge decisions that may be based on bias. (Note that I don’t mean literally all such decisions, but those that are significant in potential impact and have a meaningful ethics/fairness dimension.) The leaders would do so because they would understand that being fair is not just a matter of good intentions; rather, it can also require expertise and effort – both of which the C&E officer can bring to a challenging set of circumstances.

Here is another prior post addressing the issue:  Behavioral ethics and compliance: what the board should ask..

Finally, here is an index of  behavioral ethics and compliance posts generally.

 

 

Extra compliance for high-risk-potential employees

In “The Power Few of Corporate Compliance,” 53 Georgia Law Review 128 (2018), Todd Haugh of Indiana University’s Kelley School of Business argues: “Corporate compliance in most companies is carried out under the assumption that unethical and illegal conduct occurs in a more or less predictable fashion. That is, although corporate leaders may not know precisely when, where, or how compliance failures will occur, they assume that unethical employee conduct will be sprinkled throughout the company in a roughly normal distribution, exposing the firm to compliance risk but in a controllable manner. This assumption underlies many of the common tools of compliance—standardized codes of conduct, firmwide compliance trainings, and uniform audit and monitoring practices. Because regulators also operate under this assumption, what is deemed an ‘effective’ compliance program often turns on the program’s breadth and consistent application. But compliance failures—lapses of ethical decision making that are the precursors to corporate crime—do not necessarily conform to this baseline assumption.”

I agree that in many – but certainly not all – companies there is too much emphasis on C&E breadth and too little on depth. Indeed, many years ago, Joe Murphy  – who can be justly called “the father of compliance” – cautioned against overreliance on employee compliance surveys with the memorable words “criminal conspiracies do not operate by majority rule.” I also recall a CEO advising me, as I set out to conduct a risk assessment of his company, “not to spread the peanut butter too thinly.” Moreover, compliance program evaluation standards recently issued by the Justice Department’s Criminal and Antitrust divisions  will likely cause more companies to make their respective programs risk based.

Haugh further argues that: “Extreme failures are more likely the result of small groups of individuals acting unethically or illegally, who by virtue of their social and organizational networks account for an outsized amount of bad conduct, and therefore harm. These individuals are the power few of corporate compliance…Companies seeking to improve compliance, and therefore corporate governance, should no longer focus indiscriminately on organizational culture writ large. Instead of designing compliance programs aimed generally at promoting ethical culture as suggested by the Organizational Sentencing Guidelines and adopted by regulators and compliance professionals, compliance should be approached from a behavioral ethics risk management paradigm. Compliance efforts should target those individuals within the company whose unethical decision-making pose the greatest risk according to behavioral and organizational factors such as job task, leadership role, propensity to rationalize wrongdoing, and social and organizational networks. This risk-based approach may be consistent with current compliance efforts to improve companies’ ‘tone at the top,’ assuming that is where the behavioral ethics risk lies. But it also recognizes that the focus of these efforts may correctly bypass the C-suite in order to lessen the significant compliance risk caused by the power few, wherever they may be within an organization.”

Being of the behavioral persuasion I generally agree with this too. But I do think there will always be a need for enterprise-wide compliance efforts, both as an operational and symbolic matter.

Finally, Haugh identifies other compliance program recommendations based on the “power few” theory including:

– “Identify employee ethics during the hiring stage.”

– “Identify the power few in the organization…Once identified, these employees are monitored for risk-taking behavior, and how they manage it factors into promotion and compensation decisions.”

– “To ensure unethical employee decision-making is properly targeted, companies ‘need to frame [their] training around . . . specific, risky job tasks ‘.”

– “Finally, as ethical employees advance in the company and become hubs of influence themselves, they should be leveraged as ‘behavioral compliance ambassadors.’”

These are generally sound ideas and to some extent are already in use (as Haugh notes), particularly the risk-based training one. Still, having what is in effect an employee integrity watch list may be a tough sell in many companies.

Lawyers as compliance officers: a behavioral ethics perspective

What role do corporate lawyers play in preventing wrongdoing by executives in their client organizations? And how is this role impacted by behavioral ethics?

In “Behavioral Legal Ethics Lessons for Corporate Counsel,” to be published in the Case Western Reserve Law Review, Paula Schaefer of the University of Tennessee College of Law  first examines “the corporate lawyer’s consciously held conceptions and misconceptions about duty owed to her corporate client when company executives propose a plan that will create substantial liability for the company—when and if it is caught.” As she shows, lawyers often have an unduly limited view of what that duty is.

Schaefer next “turns to behavioral science and highlights some of the key factors that corporate attorneys are unconsciously influenced by as they try to decide how (or if) to address client conduct that may amount to a crime or fraud.” Those factors are:

Attorney self-interest. A key point on this: “Corporate advisors keep their jobs (as inside or outside counsel) when they keep executives happy; they do this by finding ways to implement corporate executives’ plans, and not by saying no.” Of course, on some level this is obvious but, based on the research of Tigran W. Eldred of New England Law School,  she notes that lawyers are often not aware of the extent to which self-interest corrupts the professional conduct of attorneys vis a vis clients.

Obedience Pressure. A key point here: “Obedience research explains the power an authority figure or colleagues have to influence bad advice.” The best-known study in this area is, of course, that conducted by Stanley Milgram, which measured the extent to which participants were willing to inflict shocks on apparent learners in the experiment when instructed to do so by an apparent authority figure and which demonstrated just how powerful obedience pressure could be. As Schaefer notes: “In the case of a corporate attorney addressing planned conduct that may be criminal or fraudulent, the authority figure is likely the corporate executive that the attorney reports to in the professional relationship.” And as she notes this is likely to create more pressure than the instruction of some man in a white coat in Milgram’s experiment.

Conformity Pressure. Here, Schaefer describes experiments by Solomon Asch concerning the extent to which the participants gave knowingly incorrect answers to a question because of the fact that other participants did so. The results showed a high degree of such correlation. As she notes: “Asch’s research should be particularly concerning for lawyers. For Asch’s subjects, the stakes were low—the subjects likely did not know the other participants in the study and had no ongoing relationship with them. Further, the right answer was black and white, and they still felt pressured to choose the wrong answer selected by the majority. For a corporate lawyer addressing possibly fraudulent or criminal conduct, the group (with whom she feels pressure to conform) might be fellow attorneys or other decision makers at the corporation.”

Partisan Bias. Schaefer writes: “The research reveals that partisanship makes it difficult for a lawyer to filter and interpret information objectively. One study found that students who participated in a moot court competition overwhelmingly perceived that their assigned side had the better case. In another study, subjects were asked to play the role of attorney for plaintiff or defendant in determining the settlement value of a case. Even though both sides received identical information, those who were randomly assigned to play the plaintiff predicted an award substantially higher than that predicted by the defendant.”

Schaefer next considers “interventions to combat a corporate attorney’s wrongful obedience and conformity.” All of these seem sound, but I don’t have space to discuss them here.

However, I do want to add that – although not the focus of Schaefer’s paper – the research may also be relevant to the longstanding debate about whether the general counsel or other member of the law department should serve as chief ethics and compliance officer (CECO)  or if the individual in that role should be independent with respect to reporting purposes. At least to me, the research suggests that it may be more difficult for in-house attorneys to rise above the potential conflicts in this role than is generally thought.

Of course, even an independent CECO would be subject to the various biases described in this article. However, they would still – in my view – stand a better chance of ethical success since the notion of independence is truly foundational to their role, i.e., there is presumably not the same confusion about their duty than Schaefer found was the case with in-house attorneys.

Finally, note that I am not saying that this means that the General Counsel can never serve in a CECO role – only that the implications of this research should be considered along with various other factors in determining what approach makes the most sense for a given company.

For further reading:

– The Legal Ethics Blog

– An earlier post from the COI Blog with a different view on lawyers as compliance officers

Ethics made easy

We justly praise those who show true ethical heroism.  But to protect business organizations  and society generally from legal and ethical breaches we need to aim our efforts more broadly.

In “How to Design an Ethical Organization” in the May-June 2019 issue of the Harvard Business Review, Nicholas Epley, John Templeton Keller Professor of Behavioral Science at the University of Chicago Booth School of Business, and Amit Kumar, an assistant professor of marketing and psychology at the University of Texas at Austin, argue: few executives set out to achieve advantage by breaking the rules, and most companies have programs in place to prevent malfeasance at all levels. Yet recurring scandals show that we could do better. Interventions to encourage ethical behavior are often based on misperceptions of how transgressions occur, and thus are not as effective as they could be. Compliance programs increasingly take a legalistic approach to ethics that focuses on individual accountability. They’re designed to educate employees and then punish wrongdoing among the “bad apples” who misbehave. Yet a large body of behavioral science research suggests that even well-meaning and well-informed people are more ethically malleable than one might guess…Creating an ethical culture thus requires thinking about ethics not simply as a belief problem but also as a design problem. We have identified four critical features that need to be addressed when designing an ethical culture: explicit values, thoughts during judgment, incentives, and cultural norms.

The first of these is “explicit values.” Among the key points here are that:

Strategies and practices should be anchored to clearly stated principles that can be widely shared within the organization. A well-crafted mission statement can help achieve this, as long as it is used correctly. Leaders can refer to it to guide the creation of any new strategy or initiative and note its connection to the company’s principles when addressing employees, thus reinforcing the broader ethical system.

A mission statement should be simple, short, actionable, and emotionally resonant. Most corporate mission statements today are too long to remember, too obvious to need stating, too clearly tailored for regulators, or too distant from day-to-day practices to meaningfully guide employees.

The second design consideration is “thoughts during judgment.” Among the key points here are that:

– Most people have less difficulty knowing what’s right or wrong than they do keeping ethical considerations top of mind when making decisions. Ethical lapses can therefore be reduced in a culture where ethics are at the center of attention. … Behavior tends to be guided by what comes to mind immediately before engaging in an action, and those thoughts can be meaningfully affected by context.

– Several experiments make this point… In a large field experiment of approximately 18,000 U.S. government contractors, simply adding a box for filers to check certifying their honesty while reporting yielded $28.6 million more in sales tax revenue than did a condition that omitted the box.

The third consideration is incentives. Here the authors note: Along with earning an income, employees care about doing meaningful work, making a positive impact, and being respected or appreciated for their efforts… An ethical culture not only does good; it also feels good.

The final design consideration is cultural norms. Here the authors recount the results of several experiments showing the often underappreciated power of such norms in creating ethical risk.

The authors conclude the article with several helpful suggestions for putting ethical design into practice – including in the contexts of hiring, personnel evaluation, compensation.

Note that there is a lot more that could be said about how behavioral ethics can inform and fortify compliance programs. (See this index of prior posts on this subject.) But the ideas and information is this article are very helpful, and the overall point – that [o]rganizations should aim to design a system that makes being good as easy as possible – seems exactly right to me.

Point-of-risk compliance

Here is my latest column from C&E Professional – on  “point-of-risk compliance.”

I hope you find it useful.

Behavioral ethics program assessments

Rebecca Walker and I have an article in the Spring 2019 issue of Ethical Boardroom on behavioral ethics program assessments.

We hope you find it interesting.

Being a parent as a source of ethics risk

In 1973, in speaking to colleagues on the  Cook County Democratic Committee, Mayor Richard Daley of Chicago defended his having directed a million dollars of insurance business to an agency on behalf of his son John with the immortal words: “If I can’t help my sons, then [my critics] can kiss my ass. I make no apologies to anyone.”

I thought of this when I read about the college admission bribery scandal that emerged this past week. The scandal called to mind other cases where parents violated the law to benefit their children. A famous instance of this sort from the 1980s concerned the hiring (by a former Miss America) of a NY judge’s daughter to influence the judge’s decision on a pending case.  In 2016, JP Morgan settled a “Princeling” case, which involved the bank’s hiring the sons and daughters of important Chinese officials in return for business. And there are many other cases like these – presumably going back to our early history.

The behavioral ethics and compliance perspective focuses on structural causes of wrongdoing. There are many fruitful avenues for behavioral ethics inquiry suggested by the college admission bribery scandal. The one that most interests me is whether it is easier to commit a crime when one is doing so not to help oneself but to help one’s child.  (Note that I understand that there are also personal reputational benefits that parents get from having their child admitted to a prestigious university but still think that the principal beneficiaries of this corruption are the children.)

Given how powerful the drive to help one’s offspring is – both as a matter of the instincts we are born with and the social norms that we adopt – the answer is almost certainly Yes, at least as a general proposition. If this turns out to be an operative fact in the admissions bribery scandal, then I hope a lesson will be that parents should refrain from doing things for their children that ethically they wouldn’t do for themselves.

As the scandal unfolds I’ll also be interested in learning what was the role – or lack thereof – of risk assessment and auditing in the respective compliance programs of the universities involved. Based on the press accounts it seems as if this kind of corruption was probably fairly common. If that is so, where were the compliance programs?

Behavioral ethics and compliance assessments

New from the Compliance Program Assessment Blog.

Rebecca Walker and I hope you find it interesting.