Companies Need More Than Just Compliance Programs
Slowly, companies seem to be learning that awareness is a better long-term strategy than compliance. The bottom line is that you should want to know what’s happening in your own company.
These words are so true!
In an article called Compliance Alone Won’t Make Your Company Safe, the author talks about companies not really knowing what happens within their own offices.
Many business leaders agree that knowing what happens within their company is a prerequisite for business success. Sure, however, many companies blame instances of failure or fraud on not knowing what was going on in their own departments:
- In 2007-2008, a former Credit Suisse Group AG trader committed wire fraud and manipulated the books on mortgage-backed securities to enhance performance and boost year-end bonuses. As a reaction to the case, Credit Suisse said they did not know and portrayed themselves as victims of the actions taken by their employee.
- In 2009, an Indian IT services accounting firm, called Satyam, was found to have boosted its revenue by $1.5 billion through the actions of their founder and chairman who falsified revenues, margins, and cash balances. The company eventually found out because the chairman himself wrote a resignation letter to its board.
- In 2012, a JP Morgan Chase & Co trader, nicknamed the London Whale, led the Chief Investment Office to lose $6.2 billion from a series of high-risk trades. Despite some early warnings, both the regulators and the company did not really follow up the case until it was too late. This lack of attention resulted in JP Morgan paying hefty fines.
The article goes on to state that many companies are hiring teams of compliance officers to nip the “we didn’t know” response in the bud. That underlying these decisions is the belief that a strong focus on compliance will make companies smarter by bringing dirt to the surface.
But Will It Work?
From the article, “compliance relies primarily on controlling employees’ behaviors and decisions through a strict set of rules and laws. One executive recently described this as “a policeman culture.” The analogy is instructive. Would you tell a police officer that you had made a bad or wrong decision? Many probably would not. The same dynamic is at work in excessively controlling company cultures – leading us to believe that too much control can actually backfire and important information being concealed.”
The writer goes on to say that one shortcoming of compliance programs is that they assume misconduct comes from bad apples, rather than good people doing bad things. That research in the area of behavioral business ethics has demonstrated that most of the initial ethical transgressions in business go unnoticed, even for those committing the transgression. That we rationalize our bad behaviors to such an extent that we do not realize we are crossing ethical boundaries until it is too late. That we possess the ability to convince ourselves that we are not doing anything wrong, whereas at that exact moment we may have set the first step on a slippery slope.
Companies Need a Speak-Up Culture and a Whistleblower Program
What do leaders to do? Acknowledge that slippery slopes are inevitable, and that they need to know about them as soon as possible. A compliance only system will primarily breed a culture where information about bad decisions will not be communicated. Control driven systems create a culture in which those who have transgressed will only act in self-serving ways to avoiding damage to their moral self-image.
What companies need instead is a forgiveness culture, a culture motivated by the goals of learning from failures and identifying slippery slopes as quickly as possible.
“Slowly, companies seem to be learning that awareness is a better long-term strategy than compliance. The bottom line is that you should want to know what’s happening in your own company.” It’s another valid reason to implement a whistleblower program – download the eBook.