Tag: compliance

Today, I wrap-up a two-part series on the intersection of a toxic culture and the Fraud Triangle. We began by exploring the attributes of a toxic culture and how they might lead to the rationalization prong of the Fraud Triangle. Today, we consider the Fraud Triangle and how a compliance professional can use its insights to help adapt a compliance program to prevent fraud which leads to bribery and corruption.
Todd Haugh, an assistant professor of business law and ethics at Indiana University’s Kelley School of Business, posited in a MIT Sloan Management Review article, entitled “The Trouble With Corporate Compliance Programs”, that even best practices compliance programs fail to take into account behavioral best practices and one important, but too often overlooked, key to strengthening both individual and overall corporate behavior is eliminating rationalizations.
Haugh’s conclusions were drawn from long-term research he has been doing on the causes of white-collar crime and more general corporate wrong doing. His research has led him to flagrant rationalizations engaged in by those who commit white collar crimes. This insight led him to see the behavioral aspect of compliance programs as lacking but that can be remedied. He listed out eight different types of rationalizations.
The first is simply denying responsibility where offenders “deny responsibility by pleading ignorance, they were acting under orders, or contending that larger economic forces caused them to act.” In denying an injury, “an offender often excuses his or her behavior if no clear harm exists.” In denying a victim, the offenders claim the “victim deserved the harm; or when the victim is unknown or not clearly defined.” Through condemning the condemners, “offender’s conduct to the motives of others, such as regulators, prosecutors, and government agencies.” By appealing to higher loyalties, the fraudster claims “to protect a boss or employee, shore up a failing business, or maximize shareholder value.” By using a ledger metaphor, employees claim there is a “behavioral balance sheet” whereby employees “balance out negative actions against positive accomplishments.” Through claiming entitlement offenders assert “that they deserve the fruits of their illegal behavior.” In claiming acceptability or normality employees compare their “bad acts with those of others to relieve moral guilt.” The FCPA violator has probably several of these rationalizations going on at once. The compliance professional needs to look for ways to counter-act or overcome them.
Haugh considers the Wells Fargo scandal, not from the actions of the former Chief Executive Officer (CEO) or other senior executives but on the failure of the company’s ethical culture and compliance program to stem illegal conduct. He believes the scandal occurred in large part because of multiple rationalizations at multiple levels, stating “preliminary reports suggest it allowed an environment riddled by employee rationalizations. On the heels of the bank’s $185 million settlement agreement with the Consumer Financial Protection Bureau, a number of former employees have reported that despite ethics training and messages from headquarters to not create fake accounts, the bank’s aggressive sales culture drowned out any explicit compliance measures.”
Haugh believes the “compliance program failed to address the systemic problem of managers pressuring employees to meet unrealistic sales goals.” He cited to one former employee on the pressure employees felt, quoting “The reality was that people had to meet their [sales] goals. They needed a paycheck.” It was this push by management which led employees, under pressure to meet unrealistic goals, to rationalize their conduct by denying responsibility and claiming relative normality in creating fraudulent accounts. Also remember that the fraudulent accounts were not limited in geographic or any other scope. They were literally created across the US by Wells Fargo branches.
As a prescription, Haugh recommends several steps. The first was one of the most intriguing and it was for a company to employ a behavioral specialist to take current research and theory into practice in an organization. He believes such a behavioral specialist could help multiple corporate departments construct both training and communications by creating “a behavioral compliance curriculum tailored to various groups of employees, giving all members of the organization insight into their ethical decision-making processes. Such a curriculum can become the backbone of a behaviorally cognizant compliance program.” Note how Haugh’s suggestion on a tailored approach to training echo’s the language from the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (Evaluation) to have tailored anti-corruption training. Wedding these two types of tailored employee training, anti-corruption and anti-fraud, could be quite powerful.
Haugh’s next suggestion was to “use behavioral best practices to eliminate rationalizations.” He believes that the compliance practitioner should use behavioral insights to improve company practices. When you consider that most compliance programs were initially written by lawyers, this is not too surprising and, he wrote, “This will necessarily go beyond the traditional law-driven compliance practices employed by the vast majority of Fortune 500 companies.”
Haugh advocates that compliance programs should attack rationalizations directly, with an aim towards eliminating them. Here Haugh provided the simple yet direct example of an honesty certificate on an employee gift, travel and entertainment (GTE) reimbursement form as a starting point. I would add this has the added significance of an effective internal control. He also noted companies should facilitate communications around fraud, rationalizations and compliance by encouraging “employees to openly discuss rationalizations and how they affect ethical decision-making. This can be accomplished through storytelling by employees and the company. Employees should be encouraged, even required, to meet periodically in small groups to explore the potential effects of compliance violations and white-collar crimes.” To make this communication technique more powerful and to make this strategy more powerful is to fully operationalize by having business leaders guide such discussions including “topics such as what regulations are relevant to the business, common compliance pitfalls, and how some business practices produce externalities that negatively impact stakeholders.”
Finally, every compliance practitioner is well-aware of the role of financial incentives in compliance. I write about this topic on a regular basis. But Haugh takes the incentives discussion in a different direction, suggesting there are non-monetary incentives which could positively impact compliance. Haugh concludes by noting that companies should “use incentives to influence behavior in the right direction” by understanding how rationalizations come into play. Most interestingly, Haugh believes that employee “praise and expressions of gratitude motivate more than money”. Think of the cost of a good word now and then or a pat on the back. But more than a pat on the back, such an approach emphasizes that good compliance is seen as the “governing ethos” of the company where the goal is “to build a corporate culture that incentivizes the rejection of rationalizations through the creation of shared values.”
Haugh concludes by recognizing that no compliance program will always eliminate bad employee behavior. However, his article and research give the compliance practitioner new insights into how to motivate employees and make compliance more effective in an organization. Further, many of the ideas and suggestions put forth by Haugh would help to more fully operationalize your compliance program as specified by the DOJ in the Evaluation. Finally, the use of behavioral techniques can add a powerful tool to the compliance practitioner in more fully integrating compliance into the fabric of an organization.