Moral Hazard

A condition of moral hazard exists when an employee or other agent’s compensation creates an incentive for her to perform her duties in ways that are not consistent with the interests of her employer/ principal. We will examine how C&E programs can identify and address risks of this sort.

Have you checked your behavioral externalities?

In The Case for Adding Darwin to Behavioral Economics posted on the Ethical Systems web site,  Robert H. Frank  of Cornell University’s Johnson Graduate School of Management writes:

I use the term “behavioral externalities” to describe choices that affect social environments… Because social environments influence us so profoundly, both for good and ill, we have a powerful and legitimate interest in them. We would prefer to live in ones that bring out the best in us and to avoid those that harm our interests. Yet behavioral externalities have received virtually no serious attention from policy analysts, and it’s here that lie many of the most exciting opportunities for young researchers. Once you’ve been alerted to their existence, it quickly becomes apparent that behavioral externalities are ubiquitous. Careful empirical studies have documented the importance of behavioral contagion in such diverse domains as, among many others, excessive drinking, sexual predation, cheating, bullying, obesity, greenhouse-gas emissions, and compliance with public-health directives. Research has tended to focus on negative peer influences, but there is also compelling evidence of positive influences. The adoption of rooftop solar panels, hybrid cars, and plant-based diets, for example, have all been shown to be highly contagious…. As Darwin understood clearly, our fate depends not only on our own decisions and capabilities but also on those of rivals and partners. And that, in a nutshell, is the case for a broader and more inclusive behavioral economics, one that incorporates the rich insights of behavioral biology.

Several points about this.

First, in addition to policy analysts and young researchers, the notion of behavioral externalities should be of interest to compliance and ethics professionals seeking to understand and address cultural risks facing their respective organizations. (Among other things behavioral externalities are relevant to risk assessment.)

Second, I like the idea of adding to behavioral economics  information from other fields of knowledge. My personal favorite in this regard is moral hazard, which – like  Frank’s example – also involves choices that entail  a “rational man” making decisions that work for her/him but which are bad for the relevant larger group.

Finally, for those of you who haven’t read it I strongly recommend Frank’s Passions Within Reason: The Strategic Role of the Emotions. It is one of the most important works in our field.

The moral hazard moment

For governments, business organizations and even individuals every moment might have a “moral hazard” dimension. But it would be hard to find one as potentially consequential as that presented by the US general election. Does the compliance and ethics field have a role to play in addressing this?

The concept of moral hazard was used originally to refer to the phenomenon that providing insurance tended to promote risky behavior by insured parties.  Subsequently, the idea has been applied more generally to mean the provision of incentives that encourage unduly risky conduct by shifting the impact of a bad decision to a party other than the decision maker.

Most recently, moral hazard was seen as playing a major role in the economic crisis of 2008, as some of the individuals creating the risks at issue there evidently did not have interests sufficiently aligned with those jeopardized by their actions.  A perfect example of this can be found in an SEC report on ratings agencies quoting an e-mail between two analysts concerning their plans to give positive ratings to certain financial instruments that were, in fact, unworthy of such ratings: “Let’s hope we are all wealthy and retired by the time this house of cards falters.”

Notwithstanding its name, moral hazard is generally viewed as more of an economic phenomenon than a moral one.  Moreover, moral hazard risks are often seen as somewhat distinct from COIs, perhaps because the interests at issue in the former are not external or unknown to an affected organization.  (A typical COI concerns ownership of or compensation from an entity other than one’s employer, whereas a typical moral hazard risk is likely to be based on the employer’s own compensation scheme.) However, the two are similar in that both tend to diminish the fidelity of employees to their employers’ interests – a decidedly moral consideration in the traditional sense of the word.

Something similar concerning the misalignment of risks and incentives can be said about the political realm. Most importantly, with climate change those who are most likely to be affected by this unparalleled calamity are generally not the same as those who have the power to slow it down (and ultimately reverse it). The same phenomenon is at work with a host of other risks (including incurring dangerous levels of public debt) where the consequences will be borne by individuals who were not the primary causes of the risks.

Where does C&E fit into this picture?

The full promise of C&E programs goes beyond the business realm to nurturing habits of mind that can be helpful to addressing a wider range of challenges than traditional corporate law abidance and ethicality. Among other things, such habits could include thinking systemically about risk, having a deep appreciation for the interests of other individuals, insisting on transparency where it is reasonable to do so, embracing meaningful approaches to accountability for doing what is right and for stopping what is wrong and protecting truth telling at all costs. It should also – in my view – include identifying and addressing situations of moral hazard

None of these approaches were invented by C&E practitioners. But for many millions of Americans and others there is now a steady reminder through C&E programs of the importance of thinking in these and related ways – and this could provide a foundation for promoting greater ethicality in the broader societal realm, including addressing moral hazard.

There is a lot more that can be said about how ethical thinking in one realm can inspire and support such thinking elsewhere. See this prior post for the somewhat similar suggestion that ethical thinking in the private sphere can strengthen C&E  in the business world. It is not a new idea. But I doubt the importance of adopting a robust approach to moral hazard will ever be greater.


Program assessments and moral hazard

Rebecca Walker and I hope you enjoy this article from today’s edition of Corporate Compliance Insights.

Moot compliance court for corporate directors?

In their paper, “Short-Changing Compliance,”  John Armour (University of Oxford), Jeffrey N. Gordon (Columbia Law School), Geeyoung Min (Columbia Law School), argue: “Corporate compliance programs play a central role in society’s current response. Prosecutors give firms incentives—through discounts to penalties—to implement compliance programs guiding and monitoring employees’ behavior. However, focusing on the incentives of firms overlooks the perspective of managers, who decide how much firms invest in compliance.” They further note: “stock-based pay, ubiquitous for corporate executives, creates systematic incentives to short-change compliance. Compliance is a long-term investment for firms, whereas managers’ time-horizon is truncated at the date they expect to liquidate stock. Moreover, investors find it hard to value compliance programs, because firms routinely disclose little or nothing about their compliance activities.” Also, “stock-compensated managers prefer not to disclose compliance, because it can reveal private information about a firm’s propensity to misconduct: the greater a firm’s misconduct risk, the more valuable to it is an investment in compliance. As a result, both managers and markets are likely myopic about compliance.”

To remedy all of this they “propose more assertive directors’ liability for compliance failures,…” but which would avoid incenting directors to overinvest in compliance.

I agree that the prospect of director liability for compliance failures under existing law is weak, as described in this recent post.. However, I don’t see the political will among shareholders, courts or legislatures to change that.

But should it come to pass, the next issue would be how the standard would be applied. In this regard, the authors propose: “[I]f the firm resolves a compliance enforcement action, criminal or civil, through payment of a fine or accepting some other sanction, an appropriate board committee, perhaps the governance committee, should trigger an ‘accountability proceeding.’ This proceeding could be presided over by a panel of compliance and industry experts, perhaps three, who would conduct an internal investigation that would (i) evaluate the compliance system within the firm as well as the particulars of the compliance failure, (ii) assess the extent of directors’ responsibility, and (iii) determine the appropriate clawback of the accumulated stock of responsible former and current directors.”

Indeed,  one might – as part of board compliance program governance –  deploy a “moot court” accountability proceeding to help directors avoid ever having to face the “real deal.” I suggest this because much of the underlying logic of compliance programs is based on the realization that merely threatening punishment is not enough to prevent wrongdoing. And just as employees need training in various compliance areas for that threat to be meaningful, so directors should be periodically reminded about the risks they face.

As noted above, the heightened standard of board liability for compliance failures proposed by the authors is a long way from coming to pass. But, even under the current, relatively lax standards, the “moot court” idea might be worth trying, as it would undoubtedly cause some directors to focus on compliance more than they currently do.

For an earlier post on compliance incentives and managers click here.

Moral hazard: the final compliance frontier?

Moral hazard exists when there is a gap between the interests of those who can create risks and those who bear the consequences of risk taking. Moral hazard is not the same as conflict of interest, but is conflict like. As described in various prior posts,  C&E programs need to take moral hazard into account in identifying and mitigating risk.

This week, the Society of Corporate Compliance & Ethics  published the results of a survey which showed that “despite the importance of compensation in affecting risk compliance [personnel] rarely play[] a role in evaluating incentive programs” at their respective companies.  The report noted: “just 23% report reviewing the plan prior to the plan’s approval. Just 8% do so after it is approved, and 52% report that the compliance team never reviews the plan. The balance did not know whether the incentive plan is reviewed.”

While disappointing, these numbers are not surprising. Indeed, based on what I have seen at many companies, I would have expected that the percentage of those who reviewed an incentive plan prior to its approval to be even lower than the survey results.

But practices in this key area could change, given – as the SCCE survey notes – the recent publication of  the Department of Justice’s compliance program evaluation guidance document which suggests that prosecutors assessing programs ask (among other questions):  How has the company considered the potential negative compliance implications of its incentives and rewards? Of course, the question does not necessarily mean that compliance professionals need to be part of this determination. But surely the consideration would be seen by the government as more serious (and more informed) if they were involved.

As well, involving the compliance staff in this determination can be seen as empowering them. Such involvement – if made known throughout the company, as it should be – enhances Compliance’s “clout,” which has long been viewed by Justice as fundamental to an effective C&E program.

Also,, note that there are many other ways that C&E can be incented – as described in this post from the FCPA Blog. But all companies, in my view, should involve Compliance in reviewing incentive plans.

Finally, I recently suggested that ethical thinking from the business realm can fortify ethics at the societal level. Understanding the pernicious effects of moral hazard in the two  highly consequential areas of climate change and irresponsible fiscal policies may be a way in which such fortification can work. (For a related post on “Two conflicts of the apocalypse” click here.) Indeed, while the notion of moral hazard being a final frontier has one meaning in terms of C&E program practices, it has a more urgent significance when thought of in terms of these risks.

Must we choose between ethics and compliance?

Ethics and compliance have long been seen by some as representing essentially inconsistent approaches to promoting desirable conduct in companies.  I have never been persuaded by this oddly Manichean worldview. Rather, and as previously argued in Compliance & Ethics Professional (page 2 of  the PDF), I believe that compliance can give ethics “body” and ethics can give compliance “soul.” Or, as the 2004 amendments to the U.S. Sentencing Guidelines for Organizations indicate, companies should have “compliance and ethics” programs.

Moreover, many “middle-aged” programs (discussed more generally in this piece on the CCI web site ) need all the help they can get.  For those struggling to maintain a sense of urgency in their programs, the answer to the question “Ethics or compliance?” is a resounding “Both, please.”

Of course, there are some C&E challenges that companies face that largely require “C” but little or no “E.” (A recent posting here suggests that these include dealing with requirements of anti-corruption, export control and competition law.)  The converse is true as well.

But some risk areas – such as conflicts of interest – clearly need healthy elements of both. More importantly, so does the overall platform for ensuring that companies do the right thing, such as paying due attention to C&E in incentive structures.

The importance of incentives to C&E was addressed in a piece last weekend in the NY Times by Gretchen Morgenson  about a recent proposal by Professors Claire A. Hill and Richard W. Painter of the University of Minnesota Law School “for making financial executives personally liable for a portion of any fines and fraud-based judgments a bank enters into, including legal settlements” regardless of fault.  The proposal, she notes, quoting one of the professors, “would help instill a culture… ‘that discourages bad behavior and its underlying ethos, the competitive pursuit of narrow material gain.’”

Clearly the goal here is to go beyond traditional notions of compliance to promote a more truly ethics-driven approach to banking.  But by using the mechanisms of “carrots and sticks” to achieve that goal, it is also very much in the heartland of compliance.

While the case for this sort of an approach may be strongest in the financial services industry, its logic is applicable more broadly.  For instance, a large company in any industry might adopt a policy that if any of its divisions are prosecuted the leaders of that division will bear some of the costs incurred by the company.  However, and in the spirit of the Sentencing Guidelines themselves, I think that an executive who could show that she made a strong effort to promote C&E in her division – going beyond promoting mere rule abidance, to embrace a truly cultural view of ethics – should be spared some of this punishment.

Of course, few, if any, other industries have had the perverse incentives C&E-wise that financial services (generally speaking) have, which is why I would temper the no-fault aspect of the Hill and Painter proposal as applied to other areas of business.  But any company in which the managers are not the owners faces the potential for at least some “moral hazard” when it comes to mitigating C&E-related risk, as discussed in the prior posts collected here.  That is why  companies of all kinds need to consider how they provide incentives for ethics and compliance.


Compliance programs for the “big people”

Imagine a company where all the senior managers took compliance and ethics as seriously as they do traditional aspects of business (R&D, production, sales & marketing).  In this company, not only would senior managers do whatever was reasonably necessary  to prevent and detect violations in their own business unit or function, they would use their knowledge of and clout within the entity as a whole for making sure their peers were equally committed to promoting law abiding and ethical conduct.  While thought experiments are more art than science, I find it hard to imagine any other single C&E-related factor being as powerful a force for good in organizations as this would likely be.

Leona Helmsley is reported to have said that “only the little people pay taxes” and sometimes it feels like C&E programs are only for the little people – given how often it is the “big people” who engage in the types of unlawful and unethical practices that cause the greatest harm in businesses. Indeed, the “C Suite” seems to be the “final frontier” when it comes to effective ethics and compliance programs. In an article in yesterday’s NY Times, Gretchen Morgenson identifies two recent (and somewhat similar) proposals that offer a path to addressing this area of great weakness in many companies.

One is a proposal to Citigroup shareholders that would “require that top executives at the company contribute a substantial portion of their compensation each year to a pool of money that would be available to pay penalties if legal violations were uncovered at the bank. To ensure that the money would be available for a long enough period — investigations into wrongdoing take years to develop — the proposal would require that the executives keep their pay in the pool for 10 years.”

The other is an article by Greg Zipes in the Michigan State Journal of Business and Securities Law  which “calls for the creation of a contract to be signed by a company’s top executives that could be enforced after a significant corporate governance failure. Executives would agree to pay back 25 percent of their gross compensation for the three years before the beginning of improprieties. The agreement would be in effect whether or not the executives knew about the misdeeds inside their companies.” Its requirements would be triggered if, among other things “a company pleaded guilty to a crime [or]…if an executive signed a financial document filed with the S.E.C. that subsequently proved false and required an earnings restatement of at least $5 million.”

Both of these proposals make sense to me. While a company should, of course, use traditional forms of compliance (e.g., training, auditing, monitoring) to address C-Suite risks, the best mitigant of all may be other “big people” – if they are properly motivated to prevent and detect wrongdoing by their peers.

For further reading:

– “Redrawing corporate fault lines using behavioral ethics”

“Behavioral ethics and C-Suite behavior” (discussion of paper by Scott Killingsworth)

“Behavioral Ethics and Management Accountability for Compliance and Ethics Failures”

– “Where is the accountability?” (a dialogue with Steve Priest in ECOA Connects).


Prosecutors, massive fines and moral hazard

Many years ago, I lived next door to a young police officer and his family who, while presumably paid a modest salary, drove a pretty expensive car.   He was able to do this, I learned, because his department seized autos (and other property) of various suspected offenders and then let its officers drive the vehicles for their personal use.  Although he seemed in every respect like an honorable young man, the impact that this practice could have – and also appear to have – on law enforcement decisions left me feeling uneasy.

The latest issue of The Economist has a sweeping indictment of the US system of business law enforcement.  There are many components to this assault, including that: large fines are, in effect, extorted from companies, but the guilty individuals often go free (which, in my view, is quite true); settlements of these cases often obscure facts that should be made known to the public (with which I also agree); US laws are so numerous and complicated that companies face a grave risk of prosecution for conduct that they never could have suspected was wrongful (with which I agree only slightly); and part of the cost of this system is that “[e]normous amounts of time and money are now being put into compliance programmes that may placate judges, prosecutors, regulators and monitors but undermine innovation and customer services” (which I also think is an overstatement,  but also is true enough for companies to be careful not to go overboard in their compliance programs).   But the critique that interested me the most concerned the view that the prospect of recovering large fines influences law enforcement decisions, i.e., a corporate variation on the story in the first paragraph of this post.

This part of The Economist article relied in part on a paper in the January 2014 Harvard Law Review – “For-Profit Public Enforcement,” by Margaret H. Lemos (Professor, Duke University School of Law)   and Max Minzner, (Professor, University of New Mexico School of Law), in which the authors seek to show “that public enforcers often seek large monetary awards for self-interested reasons divorced from the public interest in deterrence. The incentives are strongest when enforcement agencies are permitted to retain all or some of the proceeds of enforcement – an institutional arrangement that is common at the state level and beginning to crop up in federal law. Yet even when public enforcers must turn over their winnings to the general treasury, they may have reputational incentives to focus their efforts on measurable units like dollars earned. Financially motivated public enforcers are likely to…undertake more enforcement actions [and] focus on maximizing financial recoveries rather than securing injunctive relief,… Those effects will often be undesirable, particularly in circumstances where the risk of over-enforcement is high.”

I don’t know if it is quite right to call this a conflict of interest, but it does seem close to a moral hazard, in that those with power to reduce risks (prosecutors) may have interests that are not well aligned with those who bear the consequences of their actions (the public).  Moreover, and independent of this concern, prosecutors sacrificing tomorrow’s interests (as the benefits of deterrence take place entirely in the future ) for a quick buck today – the very trade-off for for which guilty companies are often castigated  – itself can be harmful because, as Justice Brandeis famously said: “Our government is the potent, the omnipresent teacher. For good or for ill, it teaches the whole people by its example.”  

(For more on moral hazard see the posts collected here. And here is a post on implications for risk assessment of the government’s seeking large financial recoveries from corporate defendants.)

A ray of sunshine at the end of an ethically dreary week

From the COI Blog’s perspective, the past week was dominated by two discouraging developments:

– The Supreme Court’s decision in the McCutcheon case, further eroding – on free speech grounds – the federal campaign finance reform legal edifice.  Particularly unfortunate was the holding that Congress’s ability to attempt to curtail corruption in this area is limited to the exceedingly  (one might almost say comically, if it wasn’t so sad) narrow category of cases of “quid pro quo” bribery.

-The various stories, prompted by the publication of Michael Lewis’ The Flash Boys, suggesting that stock exchanges effectively sell customer order information to high-speed traders, which the traders use to financially disadvantage  the customers.

While these two stories are, of course, different in many ways, given the deep connection between democracy and capitalism – and the fact that each requires a widely shared sense of fair play to succeed – they seem to reflect a dangerous insensitivity at high levels of both government and business  to the ethical dimension of the ties that bind us together as a society.

But the week actually ended with some good news concerning the promising but generally underutilized mechanism of ethics-related  “clawbacks,” which was reported in a story by Gretchen Morgenson – “The Wallet as Ethics Enforcer” – in today’s NY Times.  She writes that while the “vast majority of [companies] across corporate America, require recovery of bonuses in only a few circumstances, mostly related to accounting… [and not] other types of unethical behavior … some large shareholders have been working to expand these so-called clawback provisions.”  Among other things, she reports: “the New York City comptroller… and his staff have successfully negotiated expanded thresholds for clawbacks at five companies this year:  Allergan, Halliburton, Northrop Grumman, PNC Financial and United Technologies” and that “[t[hese new clawback thresholds also state that executives can be forced to give back pay even if they did not commit the misconduct themselves; they could run afoul of the rules by failing to monitor conduct or risk-taking by subordinates.”

This is a promising development indeed, for just as financial incentives can serve as a powerfully corrupting force in both politics and stock markets so can such incentives – if properly directed – unleash energy and attention in the service of promoting ethical conduct … and building trust.   (For more on the importance of – and great challenges in – aligning incentives with ethical standards, see the posts collected here.)  

Are private companies more ethical than public ones?

To those in the C&E field, the notion that privately held companies could, as a group, be more ethical than publicly held ones seems implausible.  After all, public companies are required by law to be transparent in ways that private ones are not – and are also required to have various compliance measures that are not mandated for the latter.  Moreover, at least based on anecdotal evidence, when companies go from public to private they tend to cut back on their C&E programs.

But that might not be the whole picture.  As mentioned in a post last week, research in a recently published paper  – “The Value of Corporate Culture,” by Luigi Guiso, Paulo Sapienza  and Luigi Zingales   –  found that public firms seem to have a greater difficultly in maintaining cultures of integrity than do private ones.  In that earlier post we focused not on that finding but what could be described as the “headline” story of that piece: that “high levels of perceived integrity are positively correlated with good outcomes, in terms of higher productivity, profitability, better industrial relations, and higher level of attractiveness to prospective job applicants.”   Today, we return to the article to consider what could be the cause(s) of the link between private ownership and ethical cultures – for which the authors offer three possible explanations.

First, they note that there could be greater integrity-related communications challenges facing a public company than a private one: “if a violation of internal norms is discovered in a public corporation, in deciding the punishment, the CEO has to send two signals: an internal one to the managers and employees that also serves as deterrent for future violations and an external one to the market that maintains transparency of internal procedures. The latter poses the risk of being (wrongly) interpreted by the market as the tip of an iceberg rather than an isolated episode, inducing the top manager to dilute the punishment and the internal message. These complications may weaken integrity norms in publicly traded companies vis-à-vis private firms.”

This is indeed an interesting possibility, and something that I’ve not heard before.  But the very fact that I have not heard it mentioned previously – in more than two decades of advising companies on C&E matters, attending C&E conferences  and otherwise keeping track of the field –  makes me somewhat skeptical about it.

Second, the authors note: “Public ownership…changes …the trade-off between the costs and benefits of strict integrity norms…  If… some assets are not considered (or underappreciated in the short term), public ownership creates a distortion in decision making…” They further argue that integrity may in fact be underappreciated in the market, so that “a CEO who allocates company resources to maximize the current stock market value of a company will tend to underinvest in integrity.”

Unlike the first explanation, this one seems virtually self-evident, given the absence of any meaningful indication (at least of which I am aware) that capital markets really give sufficient weight to integrity cultures.  Fortunately, the above-noted “headline” finding of the authors’ research  –  linking ethical cultures with profitability and other desirable business outcomes –  itself has the power to change that, at least if it becomes widely appreciated and further developed by practitioners and researchers.

Finally, they state: “public ownership comes with a separation between ownership and control and the CEOs of a public corporation are not always driven solely by shareholder value maximization, since they do not fully internalize the cost of deviating from value maximization.”   This, too, seems compelling to me.  It has  its roots in Adam Smith’s powerful insight that “[M]anagers of other people’s money [rarely] watch over it with the same anxious vigilance with which . . . [they] watch over their own,”  and is, of course, broadly consistent the notion of “moral hazard,” about which much has previously been written in this blog and elsewhere.  

So, for C&E professionals what is the import of these findings?

For those who work in/with public companies I think the overriding lesson is that the board needs to be involved to a meaningful extent with the C&E program.  That is because directors are generally far better able to resist the pernicious effect of short-terming thinking and “moral hazard” on a company’s integrity culture than is management. Of course, much has already been written about the need for strong board oversight of compliance.  But, having the relevant data from this paper should help some directors who are under-involved with C&E see the business case for stepping up their game.

Private companies, meanwhile,  should not get cocky.  While good news for them in a general sense, the paper doesn’t mean the pressure is off.   Indeed, the overwhelming percentage of companies punished under the Federal Sentencing Guidelines tend to be small    – and therefore (I assume, though can’t be totally sure) are mostly private.  Moreover, as discussed in this recent posting on the D&O Diary  (which was based on the results of the Chubb 2013 Private Company Risk Survey): “‘private companies increasingly are at risk of professional and management liability from a vast range of events, including costly lawsuits, governmental fines, data theft and other criminal activities’.”’