Conflict of Interest Blog

The toll at the top

As recently reported by NPR: For decades, the main reason chief executives were ousted from their jobs was the firm’s financial performance. In 2018, that all changed. Misconduct and ethical lapses occurring in the #MeToo era are now the biggest driver behind a chief executive falling from the top. That’s according to a new study from the consulting division of PwC, one the nation’s largest auditing firms. It is the first time since the group began tracking executive turnover 19 years ago that scandals over bad behavior rather than poor financial performance was the leading cause of leadership dismissals among the world’s 2,500 largest public companies… Thirty-nine percent of the 89 CEOs who departed in 2018 left for reasons related to unethical behavior stemming from allegations of sexual misconduct or ethical lapses connected to things like fraud, bribery and insider trading, the study found…”Employees are starting to say, ‘how can you enforce a policy on us without holding CEOs accountable?’ ” said Bill George, a senior fellow at Harvard Business School and former chief executive of Medtronic, who has served on the boards of Goldman Sachs and Exxon Mobil. “The CEO’s behavior has to be beyond reproach. Boards are aware of this and are really feeling pressure around that now.”

But what exactly should boards do to respond to this pressure? As noted in an earlier post in the COI Blog:

In recent months, the unprecedented sexual misconduct allegations against (among others) high ranking officials in prominent businesses has brought unprecedented attention to the need to prevent and detect such wrongdoing using high-level solutions. For instance, writing recently in the Harvard Law School corporate governance blog, Subodh Mishra, Executive Director at Institutional Shareholder Services, Inc., identifies the following five components of an effective sexual misconduct risk management policy:

– Sexual misconduct risk is specifically enumerated and oversight assigned to a board committee.

– The board has expertise in workplace and employee issues.

– Material penalties are in place for perpetrators and abettors.

– Executive compensation structures—at a minimum—contain incentives for creating a safe and equitable workplace.

– The company models the behavior it seeks to promote.

These seem like generally sound observations, but the point of my post is not to add to the conversation on this particular area of risk but rather to suggest that ideas of this sort can and should be applied to compliance risks more broadly.

Certainly, assigning a board-level committee compliance  responsibility with an emphasis on risks (such as corruption or antitrust ones) at the top, would be a sound measure generally for companies to take.  And the board having expertise regarding compliance issues is compelling for the same reason that having such expertise in workplace/employment issues is – though for both areas expertise can (in my view) sometimes be provided by access to an outsider adviser rather than appointment to a seat on the board.

Moreover, I certainly think that the emphasis on penalties for those engaged in misconduct is important to preventing wrongdoing of various kinds at the top, particularly the suggestion that “These policies may also be extended to any individuals that willfully concealed violations or engaged in retaliation against whistleblowers.” And, on the other side of the coin, reflecting compliance success generally in executive compensation structure makes sense just as it does for promoting diversity (part of Mishra’s recommendations), although doing so with the former may be more methodologically challenging than it is with the latter. Still, it can be done.

Finally, the point about modeling behavior is every bit as important to promoting compliance generally as it is to preventing harassment and discrimination in particular. For a board committee overseeing compliance at the top, this aspect of effective risk management has implications for a wide range of conduct – both substantive (e.g., how conflicts of interest are dealt with by senior managers) and procedural (such as ensuring that managers take the required training).

Cross references:

CEOs’ ethical standards and the limits of compliance

Catching up on CEOs’ COIs.

CEOs’ ethics: what’s new

 

 

Behavioral ethics program assessments

Rebecca Walker and I have an article in the Spring 2019 issue of Ethical Boardroom on behavioral ethics program assessments.

We hope you find it interesting.

E-book on compliance & ethics risk assessment

I am pleased that Corporate Compliance Insights has just published a revised and expanded edition of my e-book on risk assessment: Compliance & Ethics Risk Assessment: Concepts, Methods and New Directions.

You can get a free download here.

Risk assessment expectations under DOJ C&E program evaluation criteria

A column in Corporate Compliance Insights.

I hope you find it interesting.

Preventing investigative failures

It is too soon to know how history will judge the efficacy of the Mueller special counsel investigation. But there is no shortage of clear investigative failures in the private sector, such as in the Wells Fargo debacle.

In Complex Compliance Investigations – a soon-to-be-published article in the Columbia Law Review – Professor Veronica Root Martinez of Notre Dame Law School argues that many recent compliance failures “within organizations might have been avoided if more robust processes –  meaning the actions, practices, and routines that firms can employ to communicate and analyze information  – had been in place to ensure investigations were conducted in a manner that allowed the firm to analyze information from diverse areas within the firm.” She further notes: “The task of creating effective compliance programs has been made more challenging, however, by the shift from small, discrete organizations to complex ones. The challenge for complex organizations is, quite simply, more complicated than what’s faced by those with a smaller footprint and reach.”

She makes the following recommendations for addressing these challenges:

Track Similar Unlawful Behavior within the Firm. She suggests this because “[w]hen firms focus on policing and structural components of a compliance program, they sometimes focus too heavily on particular compliance areas, when they might otherwise benefit from assessing certain types of behavior.”

Engage in Consistent Compliance Assessments. Specifically, “Complex organizations could choose to develop formal, prospective processes in an effort to ensure that members throughout their organizations engage in similar investigative methods when misconduct is detected.”

Aggregate Potential Compliance Concerns. As she notes: “sometimes a seemingly innocuous or isolated event is actually an indication of a larger problem within the firm,…”

However, she also notes that: “ The promise of process is, however, limited in that for it to be effective it requires a firm to have (i) a strong organizational structure (ii) free from a corrupt culture.”

There is far more to Professor Martinez’s very fine article than I have space to address here. I encourage you to read all of it.

Additionally, for more information about making investigations effective please see this post in the Compliance Program Assessment Blog.

False allegations of conflicts of interest

Over the course of the nearly two years that Robert Mueller served as Special Counsel, President Trump complained that Mueller had conflicts of interest that should have prevented him from being  in that role. One of these concerned Mueller’s having supposedly been turned down for a job as Trump’s FBI chief. Another was based on Mueller’s former law firm  having done legal work  for certain Trump family members. A third alleged COI arose out of a purported dispute regarding a membership fee paid by Mueller at a Trump golf club.

The specifics of each are not particularly interesting. What is noteworthy is that – for legal or factual reasons – each of them is utterly without merit, as described in this piece from FactCheck.Org.

Making false accusations of conflicts of interest is not the worst thing that Trump has done as president. Indeed, probably is not  in the top 100.

But – at least from the perspective of this blog – such accusations are particularly pernicious as they can make it difficult for companies and individuals to identify and address genuine COIs.

I should stress that I am not suggesting that companies adopt “zero tolerance” for inaccurate reports of conflict of interest. Doing so would undoubtedly discourage reporting of accurate – as well as inaccurate – COIs pursuant to companies’ compliance & ethics programs.

But when a COI accusation is made not to protect an organization and/or individuals from unethical conduct but rather as part of a campaign of falsehoods being pursued for personal and political reasons that is another matter. As Oliver Wendell Holmes Jr. famously said: “Even a dog knows the difference between being kicked and being stumbled over.”

A webcast on effective COI compliance programs

https://www.pli.edu/programs/effective-conflict-of-interest-program

Rebecca Walker and I hope you can attend.

Designing compliance incentives

A new article from SCCE’s  Compliance & Ethics Professional on an always challenging area.

I hope you find it interesting.

Shifting Perspectives on COI in the Modern Workforce

An article by Rebecca Walker and me on the Navex Global website.

We hope you find it interesting.

Behavioral ethics training for managers

In “Companies Need to Pay More Attention to Everyday Unethical Behavior” – published last month in the Harvard Business Review  – Yuval Feldman, Professor of Legal Research at Bar Ilan University, argues:

Many large scandals have sounded the alarm on the need to monitor corporate corruption. The typical response from policy makers is to propose a patchwork of reforms to address various corporate transgressions. But by and large, these reforms focus on preventing gross and blatant violations of the law – and they ignore the more banal, ordinary acts of unethicality that are far more common in organizations. Numerous studies have documented the prevalence of practices such as stealing office supplies, inflating business expenditures reports, and engaging in behaviors that raise conflicts of interest. While these may sound negligible, these violations reduce trust over time and alter prevailing business and legal norms. Their aggregated effect can be quite harmful. Behavioral ethics research suggests that this type of misconduct occurs not because people are unethical or deliberately choose to act unethically, but because they fail to understand that their behavior is indeed unethical and can have harmful consequences. Thus, sanctioning rule breaking and looking for “smoking guns” will not prevent most employees from acting unethically. If organizations want to do a better job at preventing misconduct, they need to adopt a two-stage approach. The first stage focuses on increasing people’s awareness of the illegality and unethicality of their behavior. The second stage is about ensuring that employees clearly recognize that misconduct will be penalized.

Achieving what is contemplated by both of these stages could sound daunting – particularly the first. However, for companies that already have compliance and ethics (“C&E”) training for managers and supervisors there may be an opportunity to use that training to increase employees’ awareness of the sort of risks described by Professor Feldman.

That is, such training can be expanded to include:

– A brief explanation of the findings of the above-referenced behavioral ethics research.

– An explanation that managers’ C&E duties include identifying seemingly negligible risks in their respective parts of the organization that could over time adversely affect trust there.

– An expectation that these risks will be addressed by managers when speaking to the workforce (e.g., in townhalls, staff meetings, etc.) and through written communications.

Note that I am proposing a more or less “local” approach to this issue, as opposed to a top-down one, as I believe that having managers of various ranks involved in the process is necessary to make the effort risk based. Also, hopefully being given this role will lead managers to reflect on their own ethical performance.

Note that there is much more that can be done in communications and training to use behavioral ethics information and ideas to prevent and detect  wrongdoing. See prior posts collected in this index.

There is also more to be said about slippery slopes, some of which can be found in this prior post.

Finally, here is an article on drafting managers’ C&E duties.