Earlier this month I had the opportunity to moderate three roundtables across Europe—in Copenhagen, Paris and London—where more than 30 leading ethics and compliance executives discussed their challenges and opportunities around creating a strong organisational "speak-up" culture.
Similar to the roundtables we held last autumn in Stockholm and Geneva, the executives who participated shared some great insights and practical takeaways organisations in EMEA and across the globe can use to strengthen their programs today.
Top recommendations and insights gleaned from executives at the roundtables include:
1) Build Awareness of Compliance Programmes—and Showcase Results
Organisations can’t rely on one big launch to spread the word about their ethics and compliance programmes, said executives. Key programme messages need to continue to be advertised so they stay in the forefront of employee’s minds. As you launch your compliance programme, treat it like an exercise in internal branding. Get marketing involved to help really sell and market the programme internally. This will help to embed the programme in the hearts and minds of employees.
Furthermore, in the experience of the executives at the roundtable, the biggest help in truly shifting culture occurs when organisations consistently and openly talk about their ethics and compliance programmes—and demonstrate and share results.
Practical Takeaways:
- Find ways to demonstrate that senior leadership endorses the programme; employees take their cues from the top.
- Broadcast select issues (anonymised of course) to the entire staff and show them how an incident was addressed and resolved.
- Showcase the positive benefits that the ethics programme is bringing to the company, employees, shareholders and customers.
- Find opportunities to reinforce the organisation’s commitment to speak-up culture—such as a corporate newsletters, company-wide meetings or other avenues.
2) Encourage Employees to “Speak Up” and Report
As an example of the importance of getting employees to speak up, we discussed a statistic from the CEB’s Compliance and Ethics Leadership Council: 40% of misconduct is lost or never reported and a further 50% is siloed or trapped so it never reaches ethics and compliance. Beyond encouraging whistleblowing, having an incident management system in place to ensure reports are routed to the right people so they can be tracked and investigated is critical.
Employees are much more likely to report when they feel they won’t be retaliated against—and trust that their management team will investigate their report thoroughly and rigorously. If employees feel uneasy about any of the above, executives say, it impacts the integrity of the entire system and employees are unlikely to report at all.
Practical Takeaways:
- When you first launch a new programme, reporters will likely choose to submit issues anonymously. As employees learn to trust the system, more will come forward with a named report. If, after the programme is well-established, you’re still getting a high volume of anonymous instead of named reports, it may be that employees fear retaliation.
- Give feedback so reporters know that their issue is being investigated. You should have a secure way to communicate with anonymous reporters.
- Train managers on how to handle reports and deal with reporting employees sensitively. As importantly, managers must have a way to “report the report” so it gets routed to the right people and it can be tracked and investigated ASAP.
3) Make Sure Employees Understand Programme Expectations & Reporting Options
The foundation of any compliance programme needs to be stated in clearly defined behavioural and ethics standards in an organisation’s Code of Conduct and other policies. Clear reporting lines are also essential—ideally issues should start with a manager, then go up to internal compliance teams. Employees should use an anonymous hotline as a last resort if uncomfortable with other reporting options.
Practical Takeaways:
- Avoid using overly complex language in policies—everyone from the top down should be able to understand and apply your policies.
- Have the right tools in place:
- Whistleblower hotline and web reporting forms to take both named and anonymous reports
- Incident management system as a centralised repository for reports for addressing and tracking
- Policy management software to create, distribute and track attestation of policies
- High-impact compliance training to reinforce programme messages
- Launching a programme in the U.K. should be different than launching a programme in the Philippines. Localise programme rollouts using regional resources.
- Use a program launch as a chance to give a face to compliance—introduce the entire compliance team to your employees and find ways to stay visible. Nothing beats face-to-face interaction.
- Make sure that the plan is actually being implemented—do periodic checks when travelling on site and/or conducting risk assessments.
4) Measure Your Programme to Spot Trends and Improve Effectiveness
Organisations can and should be measuring programme effectiveness by tracking outcomes and trends, say executives. These critical pieces of data will help inform the future development and growth of your ethics and compliance programmes, and help best protect your organisation.
Practical Takeaways:
- Use your report data to spot trends and patterns. For example, if you get multiple reports from a specific region or on a specific topic, you may have a larger overarching issue to address.
- Closely monitor case resolution time. Reasonable resolution times help build trust amongst reporters and reduce risk within the business. (NAVEX Global recommends a best-practice target of 30 days for case closure time.)
- Employee engagement surveys are a great way to gauge effectiveness and perception of compliance programmes internally. Ask the hard questions: Are you afraid of retaliation? Do you believe that reports will be acted on? The results of this kind of qualitative survey are measurable and can show trends over time.
Conclusion
A strong culture of ethics and transparency—where employees feel encouraged to speak up, and where all reports are properly handled—is one of the best risk mitigation tools an organisation can have.
