Compliance Culture

Practical insights for compliance and ethics professionals and commentary on the intersection of compliance and culture.

Values and interests in decision-making

Samantha Power is an academic and author who was the United States Ambassador to the United Nations from 2013 to 2017.

Power’s diplomacy is founded in her career origins as a journalist covering the Yugoslav Wars of the 1990s as a war correspondent for various publications.  Later, Power became a professor and then a foreign policy fellow and advisor working for Barack Obama, and was then appointed to the National Security Council before her nomination as the ambassador to the UN.

READ MORE

Compliance and risk

As the compliance profession continues to mature, a cross-functional, integrated approach emerges as the most productive and effective operating model.  Compliance officers must continually seek to present themselves as partners to and promoters of the work of other functions – including legal, HR, sustainability, communications, and many more.  Compliance programs should strive to be powerful sparring partners and sources of important subject matter expertise that are willing to work together to give the business the most value for its controls framework.  The alternative – being seen as potential hindrances to progress or wallflowers that prefer to come only when they are called – must be avoided at all costs.

One of the most important partners for compliance in this capacity is the risk function.  It’s extremely important to have a healthy cooperation across the functional line between risk and compliance and to establish a respectful and enthusiastic system of knowledge sharing and collaboration, both internally as well as in facing the business.

Below are some important considerations for compliance programs to incorporate in aligning with risk.

READ MORE

Happy Easter – and a look at the second book of Mere Christianity

Happy Easter from Compliance Culture!

In honor of the holiday, please check out the below extracts from the seminal work of C.S. Lewis, Mere Christianity, which are especially pertinent to ethics and morality.  For commentary on the first book of Mere Christianity, check out this post.  The below post contains selections from the second book of Mere Christianity.

Book II of Mere Christianity, “What Christians Believe,” explains the points which were persuasive to Lewis as he turned away from atheism and toward Christian devotion.  Lewis reckons with this personal transformation through logic and by seeking to make the abstract and unknowable both concrete and comprehensible where possible while relevant if not fully within the reach of human understanding.

READ MORE

Corporate cultural change: Awareness and dialog, not training

This is the final entry in a series of five posts suggesting best practices for implementing corporate cultural change.  For an overview of all the tips on this subject, check out this preview postThe first post in the series was about tone and conduct at the top and the importance of operationalizing these. The second post discussed how to tangibly encourage organizational justice via consistent, visible investigation and enforcement efforts. The third post focused on policies to have in place, while last week’s post was about the procedures to complement and support those. Today, the fifth and last post in the series will provide ideas for how compliance programs can go beyond traditional training to create a culture which risks and values are addressed and integrated into awareness and communication efforts.

The last four posts have discussed the management controls and organizational structures that are important to implement in order to address needed cultural change and manage compliance risks. Motivating management to act as leadership and vice versa and then taking advantage of their fluency to leverage buy-in for enforcement efforts, policies, and procedures that will contribute to reform and improvement initiatives has been the focus so far. The final area for compliance and ethics professionals to take on in this process is employee and organizational education.

READ MORE

Corporate cultural change: Concise and accessible procedures

This is the fourth in a series of five posts suggesting best practices for implementing corporate cultural change.  For an overview of all the tips on this subject, check out this preview postThe first post in the series was about tone at the top and conduct to support it. The second post discussed the role of consistent, visible enforcement in promoting organizational justice and fairness.  Last week’s post focused on the importance of putting concrete, values-based policies in place.  Today’s post will be about implementing procedures that are consistent with those policies.  Next week, on March 27, the fifth and last post in the series will suggest how compliance professionals can foster a culture where employees are effectively engaged in awareness and communication to combat risks and support controls.

Last week’s post focused on the importance of creating and implementing policies that sufficiently and authentically support systemic responsibility for reform and intention for improvement.  Just as the appropriate tone and conduct must be observed from the highest levels of the organization in order to support enforcement efforts in the event of misconduct and abuse, corresponding policies must follow in order for the cultural norms to thrive.

For the standards set by the policies to succeed, organizations must put in place procedures that dictate practices which are consistent with and supportive of them.

Creating and implementing concrete, values-based policies is critically important for organizations to demonstrate operational commitment to improvement.  In order to take material advantage of momentum for reform in the examples set at the top in both attitude and behavior, as well as to nurture the culture of compliance created to support organizational justice and fairness, the policies in place must formalize this all.

Corporate compliance professionals should seek to create and communicate procedures that include the following traits in order to support a culture of compliance and enable progress, encourage organizational integrity and moral engagement, and protecting the vulnerable while punishing and preventing wrongdoing.

In order to accomplish this lofty goal, keep in mind “The 5 C’s” of procedures to implement for corporate cultural change:

  • Credible – Any procedure intended to prevent abuse, punish wrongdoing, and protect individuals must be believable.  Individuals asked to follow procedures must find them credible and believe that if faithfully executed, the risks and dangers they are intended to prevent or mitigate will be successfully addressed.  Regular review and the opportunity for ad-hoc adjustments, and transparency about the frequency and seriousness with which both of these tasks can be undertaken, will promote the believability and reliability of procedures.
  • Concise – It’s imperative that procedures are understandable by all.  They should not be so academic or theoretical that individuals using them struggle to know what they require and direct.  Concise procedures are practical ones.
  • Convenient – Convenience has two aspects with procedures: first, the ease of physical delivery and retrieval, and second, the quality of actual user experience.  Don’t put the procedures deep in the labyrinth of an intranet site or high on a shelf in a binder no one will ever open, and be sensitive to employees who may work remotely or with alternative accommodations.  Taking care of people who may not see e-mails or receive announcements at head office also allows compliance officers to “put a face to the name” and get some important personal contact with these individuals so that they know who to contact with questions and may feel more comfortable doing so.  The procedures also cannot be so burdensome in their steps or include so much complicated background information that they can’t be followed by the average reasonable employee.
  • Considerate of the audience – Further to concise, clear language in, and practical delivery of, the procedures, organizations should consider the audience fully in all stages of procedure provision.  The procedures should never be written and provided just to tick a box.  It’s so important to keep in mind that these are not just regulatory compliance obligations or requirements on a spreadsheet that must be completed.  Procedures must be used and relied upon by individuals.  Those audience members are the most important stakeholders and participants in the procedures, and drafting and implementing the procedures must be done so with great intention toward being considerate of them as the top priority.
  • Constructive – In reliance of the foregoing posts, and above all other considerations, the efficacy of procedures is imperative to make them useful.  Therefore the procedures must be constructive and aimed toward encouraging and enabling the real processes and interactions that are necessary for reform.  The desired result is a positive, fair corporate culture where people can speak up and speak out as well as work together toward creating an organization which reflects their own values.

Check back next week, Monday March 26, for the final post in this series of five, which will suggest best practices for going beyond training, in order to create convincing and compelling employee education campaigns and communications.

READ MORE

Corporate cultural change: Concrete and values-based policies

This is the third in a series of five posts suggesting best practices for implementing corporate cultural change.  For an overview of all the tips on this subject, check out this preview postThe first post in the series discussed tone and conduct at the top.  Last week’s post was about the importance of consistent, visible enforcement.  Today’s post will discuss strategies for creating and implementing effective policies.  The fourth post in the series, on March 19, will focus on putting in place procedures that are complementary to those policies.  Finally, on March 27, the fifth and final post will discuss tips for going beyond training in order to create effective and engaging employee education initiatives to boost awareness and compliance culture.

As discussed in the last two posts in this series, concrete changes to organizational culture cannot be accomplished through mere rhetoric, even when it is underlaid by sincere desire for progress.  Compliance program best practices must be observed and supported by senior management and top leadership in order for effective controls and cultural values to take root throughout the organization.

READ MORE

Corporate cultural change: Consistent and visible enforcement

This is the second in a series of five posts suggesting best practices for implementing corporate cultural change.  For an overview of all the tips on this subject, check out this preview postLast week’s post discussed tone and conduct at the top.  Today’s post is about enforcement.  Next Monday’s post, on March 12, will discuss effective policies.  The fourth post in the series, on March 19, will focus on procedures to complement those policies.  Finally, on March 27, the fifth post in the series will discuss tips for going beyond training in order to create effective and engaging employee education initiatives to boost awareness and compliance culture.

Last week’s post discussed the importance of commitments by executive boards, senior management, and top leadership in organization to expressing tone and modelling conduct to enable change.  Once the path is cleared for institutions to follow, by the statements and actions that aim to define and promote the necessary change, effective and bold enforcement actions must follow.

READ MORE

Corporate cultural change: Tone and conduct at the top

This is the first in a series of five posts suggesting best practices for implementing corporate cultural change.  For an overview of all the tips on this subject, check out this preview post.  Today’s post will discuss tone and conduct at the top.  Next Monday’s post, on March 5, will be about enforcement.  The third post in the series, on March 12, will discuss effective policies.  The fourth post, on March 19, will focus on procedures to complement those policies.  Finally, on March 27, the fifth and final post will provide insights about innovative approaches to take employee and organizational education beyond the basics of routine training.

Building on the momentum created in 2017 by the brave and bold disclosures of the Silence Breakers, the #MeToo movement, and the #TimesUp initiative, in 2018 it is more timely and important than ever to throw major weight behind the need for disclosure, self-analysis, and change within organizations in all industries.  The focus on individuals – both in protecting those who have spoken up, enabling others to speak out, and keeping people safe in the future, and in properly punishing those who abused and harmed others as well as deterring further misconduct – must continue.

READ MORE