Practical insights for compliance and ethics professionals and commentary on the intersection of compliance and culture.

Round-up on developments in client due diligence in the financial services industry

Client due diligence and related processes in financial services – client acceptance, know your customer, anti-money laundering, sanctions monitoring – are central to modernizing and improving compliance programs. Current trends indicate that cultural differences, technological advances, and cooperation of enforcement authorities are all driving investigation and improvement.

In the ever-increasingly complicated global marketplace, client due diligence as a practice will continue to involve, taking into account local practices, changes in technology, and shifting regulatory priorities.


Zappos and the ethics of change management

Zappos is a leading online retailer and presents an interesting ethics case as it copes with the challenges of remaining competitive. A remaining pioneer of the dot-com boom and now a subsidiary of Amazon, Zappos has thrived and innovated under the leadership of Tony Hsieh, known not only for the selection of products it offers, but also for its customer services standards and social media engagement.

Like all enduring enterprises, Zappos faces the challenge of reinventing itself to strive for longevity and sustainability. Paradoxically, one way leaders try to retain relevance and stay appealing to both customers and employees is to embrace change. The thinking often goes that fixing things before they are broken is better than turning up one day and realizing suddenly nothing works. This self-inflicted evolution can lead to positive growth and a more forward-facing structure that is built for the future, but it can also be destructive to a corporate culture that people rely on for consistency and security. In these times of change, ethical considerations taking a backseat to a lean business model is not a sustainable approach.

The 2008 financial crisis has seemingly convinced an entire generation of leaders that business has entered new, uncharted territory and leaders must continually attempt novel structural disruptions to their organizations as a response. Established companies seek to retain their footing or get a leg up on their competitors, both for customers and for employees, by reimagining management in unusual and often highly-conceptualized ways. This took shape at Zappos in 2015 via a new management structure called Holacracy. This abstract system eliminates managers and much of the corporate hierarchy in favour of esoteric, philosophical concepts and flat, self-directed leadership.

These modern visions of management seek to enfranchise the individual. However, if not carefully implemented, they can have the opposite effect. Instead, they create a leadership vacuum and a change process where no one is in charge because everyone is, at least in theory, empowered. The efforts of Zappos to reinvent itself as a flatter, evolved organization with far-out corporate-speak structures, ambitious manifestos, and abstract solutions to common sources of modern employee dissatisfaction are interesting to study but challenging to implement. At their worst, they can lead to employee disengagement and a company that proceeds rudderless, having been stripped of its long-tenured employees via voluntary leave packages and its conventions through generic, buzzword-driven processes that have no intrinsic meaning or applicability to the specific needs of that business.

Change management is a delicate process which must be grounded in a sensitivity for the humans experiencing the change and concretely connected to real considerations like individual development, pay, and productivity. Making choices about the direction of a business which affect people’s livelihoods directly cannot be done ethically if it is done experimentally. Prepared, careful communication and incremental change with absolute transparency and clarity, especially toward the way people will work and be trained and paid, is imperative to maintain integrity.

For a comprehensive look at the radical corporate reorganization efforts at Zappos and their effects on employees, Roger D. Hodge’s 2015 story for New Republic is a great read.


Enron and the mood in the middle

The Enron scandal is one of the most famous examples of modern corporate fraud and corruption. The publicity of the fraud, subsequent bankruptcy of the firm, trial of principals Kenneth Lay and Jeffrey Skilling, and the cascading negative impact on employees and shareholders form a notorious history of corporate malfeasance and misleading investors.

Enron was an energy company that dominated its market in the 1980s and 1990s. Originally involved in the distribution of electricity and natural gas and creation of the related infrastructure, through a series of mergers and acquisitions and expansions of corporate strategy, Enron extended its business into commodities trading, retail energy, water distribution, and data management. Enron was well-known for its commercial success, immense corporate wealth, and aggressive marketing and promotion strategies. Enron was also a fraud, with many of its purported assets overestimated in value or non-existent, and its immense liabilities and losses hidden in other entities so that its financial statements appeared much more positive than they ever actually were.

More has been written about the pervasively fraudulent practices that led to Enron scandal, and the individuals and motivations behind them, than probably any other corporate bankruptcy in history. Many of the principles of, and the unfortunate justifications for, a robust compliance and ethics program can be illustrated by this case. One of the more interesting points of analysis involves the conduct of employees during the fraud and their reaction to signs they may have noticed but not reported, followed by the eventual widespread discovery of the scandal.

Professional skepticism is undervalued in many corporate cultures. Enron employees were so enchanted by the aspirational allure that the company offered that they too often became blind to risks and unethical behavior, and missed or refused the opportunity to get out or to report the fraud.   The focus in discussions over corporate governance and compliance programs often focuses on “tone at the top” (senior management and supervisory boards) or the impact corporate collapses have on shareholders and the public – but a more important question is what about these employees who were there during the fraud, may have noticed signs, did not or could not do anything, and after are left with nothing but a sense of betrayal? The question of how to encourage these employees to mitigate risks or report wrongdoing, even in the face of personal loss or certain reprisals, challenges and inspires compliance professionals to strive for positive change.

This tale of corporate non-governance, as it was, demonstrates that putting compliance and ethics on the back burner in favor of commercial and competitive pursuits can have a far-reaching disastrous impact. The intersection of business and compliance will always be a tense spot, underscored by commercial pressures, cultural differences, and never-ending change. However, a closer, more understanding relationship between the two disciplines is the best path to modelling the employee conduct that is necessary for longevity and sustainability of success.

For compelling anecdotes from a personnel perspective of the Enron scandal, this 2002 article by Charles Fishman is a good read.


Guiding principles for a compliance advisory practice

Guiding principles formalized in mission statements or charters have long been seen as essential to positioning businesses and individuals in them for success. Virtually every major organization has such a mission statement at the center of its business principles, which is used to succinctly define its internal strategy as well as it to represent the image it wishes to present to its stakeholders and the public. Famously, the business or personal mission statement is prominently featured in Habit 2 of Stephen R. Covey’s 7 Habits of Highly Effective people. This reasoning indicates that acting with a defined purpose and memorializing it by creating a formal mission statement for this credo gives power and motivation to decision-making. This concept can be powerfully applied to a compliance officer working within an advisory practice, a function which is greatly supported by having a basis in well-articulated guiding principles and values.

  • Express and adhere to a bright-lined scope within the advisory model. Defining and sticking to a scope is essential for success. The compliance officer’s role must be well-defined and meet shared objectives determined by business needs and risk awareness analysis. The compliance officer who fails to plan scope adequately, fails to plan in the grand scheme of efficient and strategic self-positioning.   An advisory model is not a finite scope of work, such as in the Legal function where an issue-limited “go or no-go” opinion is often expected. Nor is it an operational approach, such as in Human Resources, where queries on and exceptions to practices and procedures are handled case-by-case. Instead, the compliance advisory anticipates both solicited and unsolicited advices and focuses on building a practice with business management where both modes are equally appreciated and expected.
  • Promote a risk management profile consistent with the clearly-defined role of compliance. A successful compliance advisor must represent and broadcast a profile consistent with his or her position in an integrated system of compliance risk management. Ownership of risk must be thoughtfully distributed and articulated. In the popular three lines of defense model, for example, the business is responsible for management control in the first line. Independent assurance is owned by audit in the third line. Compliance sits in the second line responsible for risk and control oversight functions. Strict adherence to this model or any other defense structure is necessary to promote the establishment, implementation, and evaluation of effective controls.
  • Pro-actively align with colleagues in other functions to strengthen integrated efforts. Strategy for compliance advisors often focuses on gaining buy-in from business management.   Foundational to this, however, is successful cooperation with other functions that also face the business from on oversight perspective. Compliance advisors should value cooperation and coordinated efforts with close peers before communicating to others. This starts with fellow compliance colleagues but extends immediately to frequent partners such as Risk, Legal, Finance, and Human Resources. All of these functions succeed in their work because of reliable credibility within the organization. High cohesion among the partner functions is crucial to model collaboration and prevent the business from shopping across functions to find favorable outcomes.
  • Incorporate the spirit of customer excellence/continuous improvement practices. A compliance advisor should embrace a service-oriented and relationship-focused way of working. In a clear and evolving view of what is needed to support the compliance function and from whom, imbuing the role with a commitment to ongoing improvement of advice provided, with the cooperation and expertise that entails, will help to maintain relevance and flexibility. Feed-forward input from business partners and a focus on efficiency and evolution helps to make sure that compliance initiatives have the support they need to be implemented and compliance investments can be viewed as integral to business strategy.
  • Demonstrate added value to business partners. Successfully persuading management that compliance adherence can support commercial sustainability under the right circumstances, rather than undermine it, more than justifies the costs of implementing and maintaining effective compliance controls. In giving advices, compiling reporting, providing and analysing management information, and updating on the intersections of business objectives and regulatory developments, compliance advisors can earn trust by demonstrating integrity as a core practice. Once this becomes a genuine shared goal, compliance can not only add value to the business, but indeed be seen as an active participant in these interests.

The ideal compliance advisory profile is one of an individual who is trusted, professional, and collaborative.  This profile, in combination with strong guiding principles setting ground rules about scope, role, and sustainability via high standards and added value, is the basis for the compliance advisor’s way of working, promoting a progressive and professional profile that is visible to the business served and functional partners.


This week on Compliance Culture

Be sure to visit Compliance Culture this week for posts on these topics.

  • Monday: Compliance advisory best practices
  • Tuesday: Enron’s employee engagement through boom and bust
  • Wednesday: Zappos and corporate reorganization
  • Thursday: Trends in client due diligence in financial services
  • Friday: The 2011 movie Margin Call and the ethics of crisis management

Don’t miss it!


Selected TED/TEDx talks for compliance and ethics insights

TED and TEDx conferences and events have become important and popular venues for speakers from all walks of life.  This includes academics and business leaders but also ordinary people who have had inspiring or extraordinary experiences, to share their insights and stories. Given how ever-present ethics and morality are in business and life, many talks touch on useful compliance topics.

  • Creating Ethical Cultures in Business (Brooke Deterline) – We must question why we don’t speak up on behalf of other people or ideals, and how it makes us feel after we encounter a situation where we want to say something but don’t. Challenging discomfort and fear can help us advocate for each other and our principles and create corporate cultures where standing up courageously and speaking our values is seen as safe and helpful. Courage is an inspiring and powerful antidote to corruption and unethical behavior.

  • Building Business on Character Ethic (Kevin Byrne) – Commercial profitability and competitive advantage dominate most metrics of business success, but how can these be achieved and sustained without integrity? Taking care to do the right thing in all areas of business – from dealing with customers to retaining employees and everywhere in between – and avoid reputational risk are powerful drivers in building a business designed to last.

  • Why Credibility is the Foundation of Leadership (Barry Posner) – Speaking to the perennial compliance topic of tone at the top, leaders must be people worth believing and following. We evaluate whether those in senior management or supervisory positions are competent and credible. Expertise, intelligence, passion, and innovative thinking – all of these things are also necessary for leadership to succeed, but in order for anyone to believe in them, integrity must come first.

  • We Need a “Moral Operating System” (Damon Horowitz)  A strong, developed moral framework is necessary for knowing what to do with all the information and power we possess and must make decisions about how to use on a regular basis in both business and life in general. Ethical decision-making is challenging and nuanced and can even be awkward. Thinking, discussing, debating, and defining beliefs are all integral to understand our human ability to distinguish right from wrong and make a principled choice on how to act.

  • Our Buggy Moral Code (Dan Ariely) – Confronting the theory that purely bad people are to blame for the majority of bad things that happen in society, the work of behavioral economists such as Dan Ariely suggests that human behavior is far more complex than static good or bad values. Rather, wrongdoing in decision-making is influenced greatly by intuition and context. Situational awareness and a strong affinity for personal morality are therefore important mitigating factors to unethical behavior.

This is merely a brief selection of TED/TEDx talks touching upon personal empowerment, entrepreneurship, leadership, decision-making, and behavioral economics – all topics which are linked powerfully to compliance and organizational ethics.


Round-up on compliance investigation and enforcement trends

Keeping up to date on developments in compliance investigation and enforcement priorities is important for planning compliance programs and setting strategic agendas. In a constantly changing regulatory environment, continuing education is a must. Recent developments suggest that regulators are regrouping and preparing new priorities, while companies are trying to contend with regulations and avoid looming legal challenges.

  • Prosecution of white-collar criminals is at an all-time low as some companies appear to be considered “too big to jail” and risk-adverse trial strategy rules the day:  Why Corrupt Bankers Avoid Jail
  • Airbnb, possibly setting precedent for other “shared economy” companies without traditional regulatory compliance frameworks, looks to pre-emptively contend with legal challenges by striking deals with municipalities:  Airbnb Tries to Clear Away Political and Legal Challenges in New York and San Francisco
  • The ECJ may declare Uber a transportation company later this year, opening the tech giant to much stricter regulatory scrutiny; in anticipation, Uber has withdrawn from some EU member states where the regulatory burden already overwhelms its appetite for the market: Europe’s Top Court Leaning Towards Dealing Uber a Big Regulatory Blow
  • HSBC, amidst negotiations with the U.S. Department of Justice as it is under investigation for its role in the bond market pre-2008 crisis, is concerned over regulatory gaps in the global financial market that may be unpredictably fragmented by Brexit, in which cooperation between regulators and investigators could become more problematic:  HSBC chief sounds alarm over financial regulation and Brexit
  • Amid mounting prosecutorial pressure and investigation efforts worldwide, a guilty plea and cooperation from ex-Credit Suisse Banker:  Ex-Credit Suisse Banker Helping U.S. After Tax Guilty Plea
  • Scandal at Wells Fargo continues to unfurl its tentacles into new areas of the bank’s business, now reaching into auto loan customers who were charged for unauthorized car insurance; previous attempts at punishment or reform now seem insufficient in light of the scope and scale of the wrongdoing, upping the ante on what is considered justice in corporate crime:  Give Wells Fargo the Corporate Death Penalty

This summer’s trends indicate diminished enforcement efforts, regulators regroup and try to ascertain a new approach to holding corporate criminals accountable for their ethical lapses, in light of previous attempts failing to adequately discourage wrongdoers. In the meantime, companies finding themselves cornered by regulatory pressures hope to gain time to comply or the blessing to continue as-is by negotiating agreements or reaching settlements with regulators.


Theranos and the clash of financing emerging high-tech enterprises and regulatory compliance

The mysterious corporate life of Theranos illustrates many of the challenges that a disruptive business model faces when competitive ambitions take precedence over business foundations. A corporate environment that tolerates, or indeed relies, on a lack of ethical controls develops a culture where misleading and non-compliant conduct becomes the unsustainable norm.

Theranos is a technology company in the health care industry. It has become well-known for its eccentric, charismatic founder Elizabeth Holmes, a precocious and provocative entrepreneur who began developing the blood testing technology Theranos purports to be producing while she was a student at Stanford University. Theranos received tremendous attention from the media, undertaking several successful fundraising rounds and winning prized corporate partnerships and awards for its innovations on the basis of this publicity, all before any of its devices were ever proven effective.

Typical of many high-tech startups, Theranos operated in secrecy, with Holmes acting as its chief evangelist and marketer but speaking always in aspirational terms. Confidentiality, of course, has its place in launching new products to market – especially in the highly competitive and fast-changing technology industry. Beating other firms developing in the same space can make or break disruptive products and the companies that market them. However, these companies and their products have to be real, and an overemphasis on secrecy can also be a red flag for a pervasive fraud.

Unfortunately, all that glitters does not seem to be gold with Theranos. Despite huge valuations and capital raises, the blood testing technology has been criticized for lack of peer-review and has failed to stand up to validation studies. FDA inspection reports necessary before the devices could be sold on the commercial market indicated that the devices were not validated or approved. The media and scientific community turned skeptical of Theranos as time went on, and corporate partners have suspended or cancelled their engagements with the company, which is under criminal investigation by the U.S. government. Laboratories have failed inspections, lost their licenses and certificates to operate, and been closed. A whistleblower came forward regarding design defects in the blood testing technology, leading to a storm of negative publicity and investigations. The future viability of Theranos, and possible liability of Holmes herself for potential wrongdoing, remains uncertain.

Theranos and Holmes, who created a cult of personality around herself which even if briefly convinced the media, investors, the board, and the employees of Theranos to accept her at her word, perfectly illustrate the integrity pitfalls of financing a new company about which the investors are only allowed to know what they are told. Traditional critical review and the studied analysis of outside observers shouldn’t be abandoned in the heat of the venture capital moment due to the persuasion of a person who seems ambitious and charismatic. To do so could be as serious as enabling fraud at the expense of due diligence.

For more insight on the case of Theranos, Nick Bilton’s investigative report for Vanity Fair is an excellent resource.


Ford Pinto and organizational integrity

The Ford Pinto debacle of the 1970s demonstrates vividly that focusing on commercial pursuits at the expense of integrity considerations can have a disastrous effect on consumer safety.  No historical survey of organizational ethics and decision-making is complete without a study of the controversial production of this vehicle.

The Ford Pinto was a subcompact car made and sold by Ford Motor Company from 1970-1980. The design of the car left it vulnerable to fire in the event of a rear-end collision due to the location of the fuel system between the rear axle and rear bumper. Though crash testing indicated heightened risk, and safety was questioned by some engineers, Ford proceeded with manufacturing the vehicle as designed. As early as 1973, Ford began receiving reports of catastrophic injuries in fires after rear-end collisions at low speeds in Pintos. Relying on standard review routines, Ford found no justification for a recall. Issues with the Pinto’s safety and continued non-action on the part of Ford continued until Ford finally recalled the Pinto in 1978, while claiming it was only doing so due to public outcry and still not acknowledging any design defect in the car. Subsequently over 100 lawsuits were brought against Ford in connection to the Pinto.

This is perhaps the seminal case of business choices to value commercial interests over consumer protection. Individual designers and engineers at Ford realized that the Pinto could have safety issues, but they worked under immense time pressures and in a structured, hierarchical project management system where people made decisions that were disconnected from the ultimate outcome of the product. The production of the Pinto was a process dominated by routines that emphasized expediency and profit. Relaxed regulations due to political pressures on the marketplace meant that companies like Ford Motor Company could choose whether it was economical or expedient to meet certain standards rather than making these decisions based on regulatory requirement or safety concerns alone.

The Ford Pinto case also lays bare the “bad apples” theory of ethics, in which corporate scandals that harm the public are often blamed on a bad person doing bad things. In reality, most people involved in these situations are good people who do not intend to do bad things, but make choices in isolation or under duress, as part of routines, which have a knock-off effect and can lead to disastrous results later.

For a very complete and powerful contemporary analysis of the Ford Pinto case, Mark Dowie’s 1977 Pinto Madness article in Mother Jones is a must-read.