This article originally appeared in our Top 10 Ethics & Compliance Predictions & Recommendations for 2018
Economic growth is not just continuing, but accelerating – in the United States, Europe, Japan, and other parts of the world. That’s the good news.
The compliance corollary to that growth is a bit more cautious. As companies continue to grow more quickly and reach more markets, they encounter more ethics and compliance risks, and hit those risks earlier in their corporate lives than ever before. Younger companies will often responds to these compliance risks by checking more of the regulatory boxes. This may suffice through a company’s adolescent stage, but real growth comes with real scrutiny. As Hui Chen puts it:
“…prosecutors are smart people with common sense who can see through charades. Prosecutors can detect the difference between a program that’s designed to satisfy them versus a program that’s designed to work.”
So organizations will need structures in place to govern their ethical culture and compliance practices as they shift into higher gears of activity.
The 2017 example of this challenge was Uber. The year opened with one of its female engineers blowing the whistle on a culture of rampant sexual harassment, and things went downhill from there: investigations into possible FCPA violations; the departure of CEO Travis Kalanick and most other senior executives; and by Thanksgiving, disclosure that Uber’s (now former) top security officer paid $100,000 to hackers to hush up the data breach of 57 million customer records. This all sent shockwaves through the company that resulted in change in leadership, drop in market share and extensive brand damage that will define the company for some time to come.
Growth with ethics and governance won’t simply be a feel-good mantra in 2018, it will be a business imperative this year and beyond.
We should give Uber the credit it’s due. Few companies see their names turn into a verb (in only eight years!) and spawn legions of startup dreamers saying, “We want to be the Uber of…” But growth without ethics and governance does nobody any favors. Growth with ethics and governance won’t simply be a feel-good mantra in 2018, it will be a business imperative this year and beyond.
Key Steps for Companies to Take
Understand the Importance of Governance, Culture, & Support from the Top
Rapid business growth doesn’t leave much time to create a compliance infrastructure on the fly. Can it be done? Sure – but with more cost, and more disruption to business processes already in place. This leaves the compliance function viewed as a drag on business operations, rather than a benefit.
The good news is that startups and high-growth businesses invent new processes all the time; they have the opportunity to embed ethics and compliance into those processes from the start.
For that to happen, however, the senior executives overseeing those processes truly need to value ethics, compliance and good conduct. They need to value an ethical culture.
Appreciate the Difference Between Policy & Procedure
A policy states objectives of the organization: we will never pay bribes; we will always vet third parties; we will investigate allegations of harassment immediately. Those policies can exist even as a company grows rapidly, across multiple markets.
Procedures are the steps you take to fulfill those policies – and sometimes procedures will need to differ from one business unit to the next. For example, worker protection laws in some countries might make investigations more complicated. Vetting of third parties might be done by local managers in one division and by a procurement function in another.
The mechanics of how compliance is achieved is less important than what you want to achieve.
The mechanics of how compliance is achieved is less important than what you want to achieve. Compliance achieves its full ROI when we don’t check a box but instead use our processes to influence employee behavior. A compliance function can often let local managers guide procedures, especially so the procedure respects local law or business practicalities. But policy goals should be as universal as possible, rooted in the corporate ethical culture cited in our first point, above.
Is that a tricky balancing act to achieve? Yes. It’s the chief ethics and compliance officer’s job to help everyone achieve it.
Secure the Independence & Authority to Manage Risk
A compliance program without authority will never keep pace with the risks a high-growth business faces. But as the organization grows and encounters more jurisdictions with anti-bribery, data security, and other corporate conduct laws – the common thread for all is that the company has a compliance program that’s allowed to work.