Use your Code of Ethics to fight fraud!

Posted by Shannon Walker

on June 3, 2013

Use your Code to Ethics to fight fraud!An ethics reporting system is such a simple and cost effective way for businesses to protect themselves from employee misconduct. Every day (literally, every day) we at WhistleBlower Security hear stories related to frauds committed in the workplace. In the vast majority of cases there is someone who was privy to the impropriety, didn’t necessarily benefit from it, yet never reported it. Usually the witness is afraid of some type of retaliation. Whether it’s being ostracized in the workplace, passed over for advancement, or harassed in some manner, the easiest thing to do is often to look the other way. By having an anonymous and confidential reporting system in place, a whistleblower can confidentially report anything that seems out of line with company policy. After all, isn’t this the behaviour stakeholders want and require when hiring employees?

Once upon a time, the Securities and Exchange Commission (SEC) and Institutional Shareholder Services (ISS) settled public administrative and cease-and-desist proceedings initiated against ISS by the SEC. The SEC alleged that ISS violated Section 204(A) of the Advisers Act by failing to establish, maintain, and enforce written policies and procedures designed to prevent the use of nonpublic information. ISS has agreed to pay a $300,000 fine, hire an SEC approved consultant and implement that consultant’s recommendations.

The case against ISS resulted from the sale (by ISS employees) of confidential shareholder voting information to proxy solicitors in exchange for meals and entertainment. Although several employees and even managers at ISS were involved, much of the investigation focused on a single ISS employee and a single proxy solicitor.

ISS had a computer system that allowed its employees to access the instructions of all of its institutional clients regarding voting. The proxy solicitor would e-mail the ISS employee with the names of ISS clients, the name of an issuer, and a particular ballot proposition, and ask “how many and how voted.” From a remote location late at night or early in the morning, the ISS employee would access the information and forward it to his personal e-mail account for sharing with the proxy solicitor. This practice went on from 2007 to 2012, involved more than 100 ISS clients on hundreds of occasions, and included a number of significant proxy votes.

It was evident from the e-mail correspondence between the ISS employee and the proxy solicitor that the vote information was provided in exchange for meals and gifts. The ISS employee even tells the proxy solicitor at one point, that certain information will cost him “another game.” The proxy solicitor provided approximately $11,500 in sporting and concert tickets to the ISS employee, as well as approximately $20,000 in meals.

The SEC found much more evidence of systemic problems at ISS, such as;

  1. The ISS Code of Ethics failed to establish policies designed to prevent ISS account managers from sharing confidential client information in exchange for gifts.
  2. ISS did not exert sufficient control and monitoring over the access to client voting information.
  3. The computer system used by ISS had built in audit capabilities that could have easily identified an employee who was accessing voting records more frequently than appropriate and from locations and at times that raise suspicion, but ISS failed to utilize the audit capabilities.
  4. ISS managers were aware that proxy solicitors sought to establish relationships with ISS employees, even though there was no legitimate business reason for such relationships.
  5. ISS managers were aware that proxy solicitors were providing entertainment and meals to ISS employees, and sometimes even partook in the entertainment and meals themselves.

In the words of the SEC, “ISS lacked policies or procedures concerning the relationship between its account managers and proxy solicitors even though the potential misuse of material nonpublic information should have been clear to ISS’ managers and compliance personnel.”

Although the parent company of ISS had a written policy prohibiting ISS employees from receiving gifts of more than nominal value, ISS account managers were unclear on how the policy should be applied and interpreted.

This is but one example of how important it is to communicate policies accurately.

eBook 5 Steps to Communicate Your Ethics Reporting Program