Conflict of Interest Blog

Approvals of conflicts of interest: what is the appropriate standard?


While some organizations bar conflicts of interest in all cases, many opt for allowing COIs  to exist where appropriate. But how should appropriate be defined for these purposes?

One formulation that I have recommended is:

A COI may be approved only where doing so would clearly be in the best interest of the company.

Two comments about this.

First, the word “clearly” is intended to require a showing greater than a mere preponderance of the relevant facts. Of course, it is not as high as “beyond a reasonable doubt,” which, in my view, would be widely seen as overkill in this setting.  But, it is still a high standard  and presumably would require rejection of any proposed COI where there was a lack of genuine clarity on this issue.  Indeed, given that COI problems often involve lack of clarity, the use of the word in a COI policy should itself be helpful.

Second, the “best interest of the company” should be read broadly. It requires more than an absence of corruption or other  outright misconduct. Rather, it also mandates consideration of how  the COI at issue could impact the ethical culture of the organization and related matters.

For more on COIs and harm see this recent piece from the FCPA Blog.

PLI briefing on revised DOJ compliance program standards

Rebecca Walker and I hope to see you then and there. 

Are you a member of the “compliance elite”?

In “Compliance Elites ”Professor Miriam Baer of Brooklyn  Law School writes:

“As corporate compliance has expanded its influence, so too has the status of those who implement and oversee the firm’s compliance function. Chief compliance officers (CCOs), who are often (but not exclusively) lawyers by training, increasingly boast the types of resumes one associates with elite lawyers. In many ways, this is good news for compliance. There may, however, be several downsides to a strategy of relying so heavily on a cadre of compliance elites. The aim of this Article is to discuss one of these downsides.”

At the outset, I question how significant the phenomenon of compliance elites is.  (As used by Baer, “the term ’elite’ refers to an attorney’s academic and postgraduate achievements: her education, her awards while in law school, her clerkship, and the various positions she held after law school.” )  In my nearly thirty years in the field I have encountered many CCO’s who, while not elite, have been very successful in developing and implementing sound compliance programs. We still have a ways to go before elite is the norm,  And that to me is a good thing.

Still, as noted above, there are many “pluses” to having elite compliance personnel. Baer lists here recruiting top-flight human capital and otherwise securing necessary resources for the compliance program.  To me this is key, both as a matter of common managerial sense and because the U.S. Department of Justice places great emphasis on these factors in its criteria in evaluating programs.

Additionally, by hiring members of the compliance elite, “the organization emits potent internal and external signals. Within the firm, the CCO’s arrival affirms to its rank-and-file employees that corporate management is committed to improving its compliance effort. That, in turn, improves morale among those inclined to follow the law and potentially induces broader and earlier internal whistle-blowing.”

Finally, on the downside,  Baer argues: “imagine a new CCO confronts a series of performance targets upon entering the firm. Which ones merit the closest attention, and which ones deserve to be shelved immediately? If the firm is emerging from a scandal, the worst systems may be obvious to everyone. Beyond this, however, reasonable people will differ. It will be the CCO’s responsibility to tread carefully but thoroughly in determining which additional performance goals merit a closer look, and it may not be the goal itself that is the problem. It may be how the firm measures the goal, how it compensates (or punishes) performance aimed at achieving said goal, or how quickly it expects its employees to meet its goal that induce different degrees of misconduct. It is within this ambiguous gray zone that performance blind spots are most likely to emerge and do their damage. Absent blunt evidence to the contrary, someone who has repeatedly scored in the top percentiles nationally on standardized tests; who has then followed up that performance by scoring at the top of a law school’s grading curve; and who has bested many of her competitors in series of workplace mini tournaments might not find a series of severe or unforgiving performance targets problematic.”

This is interesting but, in my view, a stretch. While lots of life experiences can contribute to cognitive biases, I just don’t think doing well on  a standardized test rises to that level.

Nearly 1500 C&E professionals have downloaded the free risk assessment e-book

Have you?

It is available from Corporate Compliance Insights.

I hope you find it useful.

Making the most of risk assessment

Today the FCPA Blog published a post I authored on risk assessment.

I hope you find it useful.

Moral hazard and the revised DOJ compliance standards

One of the great afflictions of our age is moral hazard. As noted in an earlier post: “The concept of moral hazard was used originally to refer to the phenomenon that providing insurance tended to promote risky behavior by insured parties.  Subsequently, the idea has been applied more generally to mean the provision of incentives that encourage unduly risky conduct by shifting the impact of a bad decision to a party other than the decision maker.”

Another way of thinking about this area is that moral hazard can arise from of lack of appropriate accountability. A notable example of this can be found in an SEC report several years ago on ratings agencies quoting an e-mail between two analysts concerning their plans to give positive ratings to certain financial instruments that were, in fact, unworthy of such ratings: “Let’s hope we are all wealthy and retired by the time this house of cards falters.” A more consequential example is climate change: those who are most likely to be affected by this unparalleled calamity are generally not the same as those who have the power to slow it down (and ultimately reverse it).  And, the Pandemic presents millions of  moral hazard influenced decisions concerning wearing safety masks and other issues.

Moral hazard is not the same thing as conflicts of interest. But they are close enough to each other to be considered “cousins.”   However, the former does not get nearly the attention that the latter does. (See prior posts on moral hazard collected here.)

Moral hazard poses a significant challenge to law enforcement in many types of business crime cases. That is, the Sentencing Guidelines provide for large fines for organizations convicted of federal offenses, but those who bear the brunt of such punishments (mostly the shareholders) are often different than the individuals (usually executives) who benefit from the wrongdoing. The problem, of course, is that their organizations do not hold them to account through the investigation and disciplinary processes.

The history of corporate business crime enforcement is, in part, an effort to close this moral  hazard gap. The latest chapter of this history was released June 1 when the Criminal Division of the Justice Department published its  third iteration of Evaluation of Corporate Compliance Programs.

The prior iterations of the guidance already had included considerably strong approaches to promoting accountability by individual wrongdoers.  In the new version what  most struck me as relevant to the moral hazard issue was the following question: “Does the compliance function monitor its investigations and resulting discipline to ensure consistency?”

I am not suggesting that this is some sort of panacea for moral hazard in companies.  Moreover, adding this to a  compliance program works only if the compliance function is indeed independent and has a sufficient degree of “clout.”  As well, a company needs to publicize that it is doing such monitoring and also that it imposes discipline for violations in a sufficiently rigorous way.

But if taken to heart a corporation’s having the compliance function monitor its investigations and resulting discipline to ensure consistency could be a helpful (albeit only partial) antidote to moral hazard.

For more information about the revisions to the Evaluation of Corporate Compliance Program see this post on the Compliance Program Assessment Blog.



Revised DOJ compliance program standards: what is new

In the most recent posting on the Compliance Program Assessment Blog Rebecca Walker and discuss what is new in the  June 1, 2020  update  to the Department of Justice’s standards for evaluating compliance programs.

We hope you find it useful.

Assessing conflict of interest compliance programs

Here is a just-published article in Corporate Compliance Insights by Rebecca Walker and me on conducting assessments of conflict of interest compliance programs.

We hope you find it useful.

Beyond the attorney-client privilege

In my latest column in Compliance & Ethics Professional I consider the issue of whether program assessments should be conducted under the attorney-client privilege.

I hope you find it useful.


Mapping the field of “”behavioral business ethics”

In “Toward a Better Understanding of Behavioral Ethics in the Workplace,”  David De Cremer of the Business School, National University of Singapore, and Celia Moore of the Cambridge Judge Business School, review literature that is part of the growing area that they call “behavioral business ethics.” They use this formulation to “build a bridge between business ethics and behavioral ethics,” and they consider the various implications of “behavioral business ethics” research.

As their article is itself largely a compilation of summaries of various studies I won’t attempt to summarize it, but do note generally that the article considers the significance of this body of knowledge on three levels: intrapersonal, interpersonal and organizational. They “conclude by recommending future research opportunities relevant to behavioral business ethics and discuss its practical implications.”

For instance, they note that on an intrapersonal level, “understanding what drives people to act unethically is essential to the behavioral ethics approach. Behavioral business ethics helps us identify psychological processes that can be harnessed to ensure that employees and managers do not fall prey to basic human frailties that can derail one’s good behavior. One important practical goal of a behavioral business ethics approach is to gather evidence so managers can be trained to act more ethically themselves, and elicit more ethical behavior from their subordinates, as well as to refrain from moral licensing, where people give themselves credit for initial ethical behavior, allowing them to follow it up with unethical behavior ….”

The article is filled with useful and interesting information, and I do think the “behavioral business ethics” formulation works. And this also poses an appropriate occasion to take note of the formulation I have used in this blog and elsewhere – “behavioral ethics and compliance” – and the mapping (in this blog and elsewhere) relevant thereto.

In brief, behavioral ethics and compliance seeks to:

– Use the overarching message of behavioral business ethics that we are not as ethical as we think to persuade boards of directors and managers of the need for strong C&E programs.

– Use that same message to persuade governmental bodies of the need to adopt enforcement approaches that incent business organizations to develop and maintain effective programs.

– Provide C&E professionals with information that can be used to develop and utilize risk assessments, training, enforcement approaches and other C&E program elements in a behaviorally informed way.

– Provide a similar approach with respect to specific types  of wrongdoing, such as conflicts of interest and insider trading.

The current iteration of the map for this can be found here. I hope you find it interesting.  Finally, note that there is obviously a lot of overlap between the two fields. But hopefully having one specifically tied  to compliance is worthwhile, particularly for compliance personnel.