Moral Hazard and Bias

These two “cousins” of COIs – which are related in that they tend too fall outside of traditional COI analysis, but still can be harmful in ways similar to the harm caused by COIs – will be the source of relatively consistent focus in the blog, with each discussed under its respective tab below.

Reverse behavioral ethics

I am a member of LinkedIn and for the past few months have periodically received a message saying: “2 people in your network are using LinkedIn Sales Navigator to be more effective.” Given that I have – as I assume is the case with many members – more than 500 people in my network (most of whom I don’t actually know), this piece of information may be less persuasive than LinkedIn presumably intends it to be. Indeed, the apparent strategy of telling all members about how many in their network are using “Sales Navigator” – regardless of how small that number is – might actually be hurting Linked In.

As described on the Ethical Systems website,  the work of Professor Robert Cialdini has shown that communicating how many people are engaged in undesirable activity can increase that number by suggesting that “everyone is doing it.” I imagine the same dynamic applies to communicating how few people are engaged in desirable conduct, i.e., what LinkedIn is doing.

But this dynamic can also be a force for good, including compliance-related good. As described in this 2012 article from Reuters: “Applying [Cialdini’s] insight, the British tax agency, Her Majesty’s Revenue and Customs (HMRC), has tested different form letters on delinquent taxpayers. In one letter, this sentence – ‘Nine out of 10 people in the UK pay their tax on time’- increased positive response by 1.5 percent. Adding another sentence – ‘You are one of the few who have not paid us yet’ – raised the success rate 3.9 percent. HMRC also found compliance rose 6.8 percent when taxpayers were told they were one of few delinquents in their hometowns.”

Of course, LinkedIn would presumably love to be able to have statistics like these to use in promoting Sales Navigator. But in the absence of such it might be better to say nothing on the subject, and follow the old adage to “always tell the truth but don’t always be telling it.”

For compliance and ethics people, the opportunities to tell the truth in an effective way may be numerous. Among other areas, the good news can concern code of conduct certifications, training completions, conflict of interest disclosures, helpline use and audit results – as some companies have already found.  But the first rule for all in the persuasion business – which includes C&E professionals, as well as marketers –  is to do no harm.


The Wells Fargo Bank case and behavioral ethics

In 1170 King Henry II of England, unhappy with Archbishop Thomas Becket, asked of his knights: “Will no one rid me of the meddlesome priest?” Taking his words (the specifics of which have been the subject of historical dispute) as royal instruction, several of those knights assassinated the clergyman. Correctly or not, the story is often used as an example of how a powerful person can cause others to engage in wrongdoing without himself  being provably guilty.

Late last week, the Consumer Financial Protection Bureau and several other agencies announced a settlement involving Wells Fargo Bank arising from sales practices abuses  – a settlement which was condemned from many corners. As noted in the American Banker : “It’s become an all-too-familiar story – a big bank is caught doing something bad, it pays a fine, some lower-level employees are let go while higher-level executives appear to get off scot-free and no criminal charges are assessed. Wells Fargo became the latest example of that cycle this week, when it paid $190 million in fines and restitution after some 5,300 employees were caught opening more than 2 million unauthorized bank and credit card accounts.” The American Banker piece also reported: “Wells insisted the problems were not systemic.”

The notion that 5300 employees could be involved in this sort of wrongdoing but the problem not be systemic is laughable. Indeed, it calls to mind a classic Doonesbury strip about the trial of China’s “Gang of Four,” in which the defendants claimed that they had not committed mass murder but “34,375 unrelated acts of passion.”

The bank’s contention is also contradicted by this account from the Charlotte Observer (among others): “Julie Miller was working in Pennsylvania for Wachovia when Wells Fargo took over the Charlotte bank in 2008 and began changing more than the name on its branches. Miller said she watched with dismay as Wells Fargo increased her branch’s sales goals and lowered bonuses for meeting the new targets…That’s when she also started noticing Wells Fargo customers complaining they were being signed up for products they never asked for.”

The understanding that undue pressure can lead otherwise good people to engage in wrongdoing is, of course, common sense. It is also one of the central tenets of “behavioral ethics.” Indeed, in one landmark experiment from more than forty years ago, individuals put under time pressure were about six times more likely to engage in unethical conduct than were those not under such pressure. I should emphasize that behavioral ethics didn’t create this understanding of human nature. But it does prove the point with a force that anecdote cannot match.

To my mind, results such as these (of which there are many) must inform how we seek to promote lawful and ethical conduct in banks and indeed business organizations of all kinds. For the government, it means pursuing enforcement strategies based not only on direct involvement by executives in wrongdoing but those who use the modern day equivalent  of the indirect approach apparently taken by King Henry.  For companies it means doing the same when it comes to internal investigations and disciplinary decisions.

Finally, for companies faced with a scandal where there is a temptation to protect the executives, consider how the apparent Wells Fargo approach is likely to discourage employees from reporting wrongdoing internally.  And the related question for audit committees:  if your company takes this route and suggests that compliance is only for the “little people,” how can you meet your Caremark obligation to have an effective  whistleblower system?

Behavioral compliance: back to school edition

In the waning days of summer, here is a roundup of some recent  notable writings about using behavioral ethics to enhance corporate compliance efforts.

First is a post on the Compliance and Enforcement web site by Timothy Lindon, the Chief Compliance Officer of Philip Morris International. In it, he suggests that companies should start down this path by establishing “an in-house compliance curriculum to educate the compliance function and others about relevant research and learnings. At a minimum, the curriculum should include discussion of research in behavioral ethics, behavioral economics, and psychology. Other relevant topics include organizational theory and case studies of notable disasters such as the NASA Space Shuttle explosion and the Fukushima nuclear meltdown, which demonstrate the role of power and hierarchy. Another useful topic,” he suggests,“is corporate lingo given the use of euphemisms such as ‘creative accounting’ and ‘technical violation’ in companies to hide and rationalize misconduct.”

Lindon further recommends: “Once the company’s compliance professionals are trained on academic research,” seek to determine if “they routinely use these learnings in all aspects of the company’s compliance program? This can include revising a Code of Conduct to harness the power of peer influence; anticipating the problem of ethical fading though just-in-time training or training which places employees in real life ethical dilemmas while under business pressure; and developing a communications toolbox to drive employee behavior and minimize employees’ rationalizations of misconduct.” Finally, he suggests that companies use data analytics “to check on and enhance the behavioral approach…” These are all good ideas from my perspective.

Second, writing in Compliance Week in last Spring, Jose Tabuena argues that compliance program auditors should act as behavioral scientists: “In the field of behavioral economics, priming has proven to be an effective tool to subtly encourage honest behavior. Priming occurs when an individual is exposed to a specific stimulus that influences his or her ensuing actions. In studies by behavioral economist, Dan Ariely, experiments were designed to influence honest behavior when researchers ‘primed’ people with a stimulus that involved morality and then observed how often cheating occurred when solving small math problems. When the participants were asked to recall the Ten Commandments, cheating significantly decreased compared with those who were instead asked to recall the names of Shakespeare’s sonnets.” Tabuena also notes: “Similar studies provide additional behavioral insights. It is easier to be just a little dishonest. Experiments show that we are more likely to cheat over a small amount of money than a large amount. People also tend to find it harder to be dishonest when interacting with another person than with an impersonal mechanism. The belief that we make rational decisions is a myth that belies the complexity of human behavior.”

Auditors play an important (but not always appreciated) role in C&E programs. Hopefully, Tabuena’s article will help “recruit” more of them to the behavioral perspective, particularly given that he is one of the true experts in the field of C&E auditing.

Finally, in an interview in the August issue of Compliance & Ethics Professional (available to SCCE members on that organization’s web site), Joel Rogers of Compliance Wave speaks about a behavioral approach to C&E marketing, particularly  the role that conditioned responses play in spawning unethical conduct, and how C&E marketing campaigns can provide “pattern interrupts” to such forces. Among other things, such a campaign can help mitigate the phenomenon, noted by Ariely and others, that people do “tend to forget moral and ethical reminders really quickly.”

This interview was conducted by the SCCE’s Adam Turtletaub, who – like Rogers – is a long-time champion of the behavioral approach to C&E. I recommend the interview to you, not only for its behavioral-related insights but also for the ideas and information it has about the C&E field generally.

The Behavioral Ethics and Compliance Index

While in the more than four years of its existence the COI Blog  has been devoted primarily to examining conflicts of interest it has also run more than fifty posts on what behavioral ethics might mean for corporate compliance and ethics programs. Below is an updated version of a topical  index to these latter posts.  Note that a) to keep this list to a reasonable length I’ve put each post under only one topic, but many in fact relate to multiple topics (particularly the risk assessment ones); and b) there is some overlap between various of the articles.  Also, on June 3 I’ll be speaking at a conference on behavioral ethics at NYU’s business school (see program agenda here) and will do a post summarizing compliance-related aspects of the program shortly thereafter. Finally, in 4Q 2016 I hope to flesh some of these ideas out into a Behavioral Ethics & Compliance Handbook.


Business ethics research for your whole company (with Jon Haidt)

– Overview of the need for behavioral ethics and compliance

– Behavioral C&E and its limits

– Behavioral compliance: the will and the way


Risk assessment

–  Too big for ethical failure?

– “Inner controls”

– Is the Road to Risk Paved with Good Intentions?

– Slippery slopes

– Senior managers

– Long-term relationships

– How does your compliance and ethics program deal with “conformity bias”? 

– Money and morals: Can behavioral ethics help “Mister Green” behave himself? 

– Risk assessment and “morality science”

 Advanced tone at the top

Communications and training

“Point of risk” compliance

–  Publishing annual C&E reports

– Behavioral ethics and just-in-time communications

– Values, culture and effective compliance communications

– Behavioral ethics teaching and training

– Moral intuitionism and ethics training

Positioning the C&E office

– What can be done about “framing” risks


– Behavioral Ethics and Management Accountability for Compliance and Ethics Failures

– Redrawing corporate fault lines using behavioral ethics

– The “inner voice” telling us that someone may be watching


– Include me out: whistle-blowing and a “larger loyalty”

Incentives/personnel measures

– Hiring, promotions and other personnel measures for ethical organizations

Board oversight of compliance

– Behavioral ethics and C-Suite behavior

– Behavioral ethics and compliance: what the board of directors should ask

Corporate culture

Is Wall Street a bad ethical neighborhood?

– Too close to the line: a convergence of culture, law and behavioral ethics

Values-based approach to C&E

– Values, structural compliance, behavioral ethics …and Dilbert

Appropriate responses to violations

– Exemplary ethical recoveries


Conflicts of interest/corruption

– Does disclosure really mitigate conflicts of interest?

– Disclosure and COIs (Part Two)

– Other people’s COI standards

– Gifts, entertainment and “soft-core” corruption

– The science of disclosure gets more interesting – and useful for C&E programs

– Gamblers, strippers, loss aversion and conflicts of interest

– COIs and “magical thinking”

– Inherent conflicts of interest

Insider trading

– Insider trading, behavioral ethics and effective “inner controls” 

– Insider trading, private corruption and behavioral ethics

Legal ethics

– Using behavioral ethics to reduce legal ethics risks


New proof that good ethics is good business

How ethically confident should we be?

– An ethical duty of open-mindedness?

– How many ways can behavioral ethics improve compliance?

– Meet “Homo Duplex” – a new ethics super-hero?

Behavioral ethics and reality-based law


Must we choose between ethics and compliance?

Ethics and compliance have long been seen by some as representing essentially inconsistent approaches to promoting desirable conduct in companies.  I have never been persuaded by this oddly Manichean worldview. Rather, and as previously argued in Compliance & Ethics Professional (page 2 of  the PDF), I believe that compliance can give ethics “body” and ethics can give compliance “soul.” Or, as the 2004 amendments to the U.S. Sentencing Guidelines for Organizations indicate, companies should have “compliance and ethics” programs.

Moreover, many “middle-aged” programs (discussed more generally in this piece on the CCI web site ) need all the help they can get.  For those struggling to maintain a sense of urgency in their programs, the answer to the question “Ethics or compliance?” is a resounding “Both, please.”

Of course, there are some C&E challenges that companies face that largely require “C” but little or no “E.” (A recent posting here suggests that these include dealing with requirements of anti-corruption, export control and competition law.)  The converse is true as well.

But some risk areas – such as conflicts of interest – clearly need healthy elements of both. More importantly, so does the overall platform for ensuring that companies do the right thing, such as paying due attention to C&E in incentive structures.

The importance of incentives to C&E was addressed in a piece last weekend in the NY Times by Gretchen Morgenson  about a recent proposal by Professors Claire A. Hill and Richard W. Painter of the University of Minnesota Law School “for making financial executives personally liable for a portion of any fines and fraud-based judgments a bank enters into, including legal settlements” regardless of fault.  The proposal, she notes, quoting one of the professors, “would help instill a culture… ‘that discourages bad behavior and its underlying ethos, the competitive pursuit of narrow material gain.’”

Clearly the goal here is to go beyond traditional notions of compliance to promote a more truly ethics-driven approach to banking.  But by using the mechanisms of “carrots and sticks” to achieve that goal, it is also very much in the heartland of compliance.

While the case for this sort of an approach may be strongest in the financial services industry, its logic is applicable more broadly.  For instance, a large company in any industry might adopt a policy that if any of its divisions are prosecuted the leaders of that division will bear some of the costs incurred by the company.  However, and in the spirit of the Sentencing Guidelines themselves, I think that an executive who could show that she made a strong effort to promote C&E in her division – going beyond promoting mere rule abidance, to embrace a truly cultural view of ethics – should be spared some of this punishment.

Of course, few, if any, other industries have had the perverse incentives C&E-wise that financial services (generally speaking) have, which is why I would temper the no-fault aspect of the Hill and Painter proposal as applied to other areas of business.  But any company in which the managers are not the owners faces the potential for at least some “moral hazard” when it comes to mitigating C&E-related risk, as discussed in the prior posts collected here.  That is why  companies of all kinds need to consider how they provide incentives for ethics and compliance.


Too big for ethical failure?

An article last month in a magazine published by the NY Times provided the occasion for a noteworthy COI discussion.  The Times had given Laura Arrillaga-Andreessen the assignment of profiling the head of Airbnb for an issue of “T” magazine. However, her husband, Marc Andreessen, is a substantial investor in that company – which was not disclosed in T’s (very favorable) article about Airbnb, as described here.

T’s editor explained the lack of disclosure as follows: “it was my mistake in not asking her if there were any potential conflicts. This was an oversight on my part. I say this not as an excuse, but she is, separately from her husband, a billionaire (making her through marriage a billionaire twice over) and for that reason I think I failed to consider any monetary conflict in her case.”

A writer in Gawker characterized this explanation as saying, in effect, that billionaires are too rich to have conflicts of interest.  I think that’s a fair comment.

While the specifics of this case are particularly interesting to Silicon Valley watchers, for C&E professionals the notion of being too rich to be corrupted is sadly an oft-told tale.   It comes up most frequently in the gifts/entertainment and other COIs areas when C&E officers are asked to approve a transaction (e.g., entertainment provided by a vendor) for a high-level employee that would be impermissible for others in the organization. The basic thought is that the individual in question already has so much money (or what money can buy) that more won’t affect her judgment.

There is a logic to this, but it is based on the increasingly discredited homo economicus view of human nature.   This view would presumably treat the corruptibility of a person in a given situation as fraction with the amount being offered as the numerator, the individual’s total wealth the denominator, and the larger the overall number the greater ethical risk.

By contrast, when viewed through the lens of behavioral science (and human experience), the rich and powerful can be seen as more corruptible than others, as discussed in prior posts such as this one.   The most memorable expression of this may be the saying attributed to the late Leona Helmsley that “only the little people pay taxes.”   But the reflection of actual COI risk being concentrated near “the top” echoes through our new stories on a nearly daily basis.

Additionally, there are many types of conflicts that cannot be measured in a purely monetary way, such as those involving  glory (as described here), friendship (discussed in the second case in this post) or family relationships (discussed here). Even if  they are not inherently more susceptible to COIs, from a situational perspective, the high and mighty presumably are faced with more frequent pressures and temptations of this sort than are most other individuals (as briefly touched on in this earlier post).

“Behavioral compliance”: the will and the way

“Behavioral ethics” information and ideas have, to date, been used far more to identify ethical challenges than to design approaches to address such challenges. In “Behavioral Ethics, Behavioral Compliance” (which can be downloaded for free here ) Professor Donald C. Langevoort of the Georgetown University Law Center takes up this latter task, and provides a  number of practical suggestions for compliance-and-ethics (“C&E”) professionals to consider in applying this body of knowledge to their day-to-day work.

Among these are:

– Certifying compliance in advance – rather than after the fact – of the conduct in question.

– Using behavioral insights – particularly concerning loss aversion – to identify monitoring strategies and priorities.

– Avoiding too much monitoring, as that can “crowd out the kind of autonomy that invites ethical thinking.”

– A more behaviorally attuned approach to compliance incentives and interventions.

Perhaps most importantly, Professor Langevoort offers this broader perspective on what exactly is meant by “behavioral compliance”:  “To be clear, it is not some new or different brand of compliance design, but rather an added perspective. Just as compliance requires good economics skills, it requires psychological savvy as well, to help predict how incentives and compliance messages will be processed, construed and acted upon in the field… The behavioral approach to compliance offers some concrete interventions to consider, but is mainly about doing conventional things (communication, surveillance, forensics) better.” (I agree with this view and in prior posts  – collected here  – have offered suggestions of several other ways to use behavioral insights to do conventional C&E things better.)

But more than the sum of such parts, I believe that the real significance of the field lies in the potential that its overarching message – “we are not as ethical as we think” –  can help corporate directors and senior managers appreciate the need for C&E programs generally.  While know-how is important here, what’s most wanting in many companies is making C&E a top priority. By showing the C&E risk that is seemingly inherent in the human condition, behavioral ethics can help make this case.

Behavioral ethics and compliance – what to do about “framing” risks

Over the past few years, the COI Blog has devoted a fair bit of attention to considering what “behavioral ethics” can mean for corporate compliance programs.  An index of these writings can be found here.  Conspicuously absent from this compilation was anything on the important behavioral concept of “framing.”

But blogs abhor a vacuum, and fortunately this gap has now been filled courtesy of an excellent article by Scott Killingsworth (of the Bryan Cave law firm) in the latest issue of Ethisphere magazine.  As he notes:

Psychologists have much to say about the phenomenon of “framing”—the process by which we decide “What kind of situation is this? What rules and expectations apply?” How we frame a situation affects our thinking and our behavior. We know, for example, that merely framing an issue as a “business matter” can invoke narrow rules of decision that shove non-business considerations, including ethical concerns, out of the picture. Tragic examples of this “strictly business” framing include Ford’s cost/benefit-driven decision to pay damages rather than recall explosion-prone Pintos, and the ill-fated launch of space shuttle Challenger after engineers’ safety objections were overruled with a simple “We have to make a management decision.” We are surprisingly susceptible to external cues about how a situation should be framed. For example, researchers have found that simply renaming “The Community Game” as “The Wall Street Game” cuts cooperation in half: the business frame suggests not only what is expected of us, but what tactics we should expect from our opponent.

There’s much more to this article, but I won’t quote or summarize anything else as I encourage you to read the original. However, I do want to add two thoughts about what framing means from a C&E program perspective.

The first is pretty obvious: framing – and other key behavioral ethics concepts – should be part of C&E training.  In particular, companies should consider including a high-level review of behavioral ethics concepts (with examples) for general employee training and a more detailed version for senior managers and “controls” personnel.

The second is less obvious: these dangers underscore the importance of having a C&E  officer whose “reach” makes it likely that she’ll be at the table when framing risks  first surface.  Moreover, that may be an additional reason to have a CECO who also wears the General Counsel hat (as discussed in this recent post),  since by definition these risks don’t appear to be ethics-based; i.e., the GC in most companies is more likely to be part of what is ostensibly a general business discussion than is a non-GC CECO.

Inherent conflicts of interest and behavioral ethics

At his trial for Libor rigging, evidence was introduced last week that former trader Tom Hayes had told the Serious Frauds Office that “many of the people responsible for submitting panel banks’ Libor rates also traded products linked to the rate, creating an inherent conflict of interest” and that “’[n]ot even Mother Teresa wouldn’t manipulate Libor if she was trading it,…’”

While obviously somewhat self-serving, this colorful bit of analysis still  helps to underscore the overarching behavioral ethics point that to reduce the risk of ethical transgression often one cannot always count on the characters of those involved.  Rather, the situation will play the decisive role.

Inherent COIs are an instance of that. Granted, they are just one of many such types, but they may also be more common than most others, and hence worth further study.

And beyond an area of interest to behavioral ethicist scholars, seeing some COIs as being inherent (or near to inherent) can be useful to others, too, such as:

– C&E professionals, who should consider the category of inherent COIs in their risk assessments.

– Senior managers and directors, who should – as part of their C&E program oversight – make sure that nothing their company is doing or contemplating doing falls into (or anywhere near) this category of risk.

– Enforcement personnel, who often can find good fishing in the inherent COI waters.

– Individual business people, who – in making career decisions – should steer clear of jobs that could involve inherent conflicts of interest.

On this last point, Mr. Hayes would surely agree.

And on the point about the role of enforcement personnel, in my view the “fishing” shouldn’t be limited to those individuals who succumbed to the pull of the inherent COIs, but should also include the senior managers and directors who allowed the COIs to exist in their respective organizations. (For further reading on how a behavioral understanding of ethics and compliance should inform our approach to liability see this earlier post.)

(Thanks to Scott Killingsworth of the Bryan Cave law firm for letting me know about this story.)

Is compliance still just “putting on its shoes”?

Mark Twain famously said “A lie can travel half way around the world while the truth is putting on its shoes,” and one might think something similar about risk and C&E. Perhaps it has always been this way and maybe it always will be, at least to some extent.  But forward looking companies should look for ways to narrow or possibly eliminate the gap between the immediacy of the problem and that of the solution.

In a sense, this is much of the point of the “cultural” approach to compliance and ethics, and it can also be seen as part of the promise  – albeit still largely theoretical  – of  “behavioral” C&E.  Both seek to have C&E operate, in effect, as an instinct. (For more on behavioral ethics visit the Ethical Systems web site.) But, at least in part, the idea goes back much earlier  –  to Aristotle’s focus on ethics and habit.

There are various avenues for pursuing this goal but, as a general matter, a valuable though often underutilized approach lies in the realm of incentives. Incentives tend, I believe, to reach employees more deeply than policies and procedures do – and thus can help create instinct-like ethical behavior.

Companies indeed do seem to be more interested than ever in exploring ways to use incentives to promote strong C&E. For instance, one company I know now uses the results of internal controls testing in setting compensation for its senior executives. This kind of measure might not sound particularly exciting, but it could  – at least over time – help make compliance operate as something of a reflex, in that it presumably contributes to  managers being focused on risk on a day-to-day basis (and not just on the far less frequent occasions of responding to cases of possible violations).  More generally, this and other incentive measures could be part of a larger C&E strategy of moving from  a necessary but somewhat limited “culture of honesty” to also include a broader and deeper “culture of care,” as described in this earlier post.

Moreover, C&E incentives need not be solely of the negative type, nor need they be tangible. Appealing to the better angels of our nature through praising pro-social behavior could, to my mind, be a powerful force for helping ethics move at the speed of risk, particularly with the somewhat idealistic generation of younger employees.

But, in some cases traditional economic incentives are indeed called for. That is why  – as discussed in these earlier posts – the notion of “moral hazard” should play a greater part than it currently does in many C&E programs.

Finally, note that incentives are just one type of tool in the C&E “tool box.”  And, whether it be through a cultural/behavioral approach or something else, the risk-reduction discussion should include consideration of all available tools – which is what a C&E risk assessment offers …or, at least, should. (For more on risk assessment generally, please download this complementary e-book, available at CCI.)