Categories
Blog

Reimagining Compliance as a Product

In the modern corporate environment, compliance must transcend its traditional role as a set of rules and regulations. Instead, it should be reimagined as a product—something employees actively choose to engage with daily. Inspired by product design principles, this approach positions compliance as a value-driven offering that meets employee needs while supporting organizational integrity.

In an HBR article entitled Reimaging Work as a Product, authors Eric Anicich and Dart Lindsley ask if there is a better way to approach the employee experience. The authors challenge traditional paradigms by proposing that work be viewed as a product employers offer employees. They advocate that reimagining work as a product addresses the disengagement and dissatisfaction rampant in the workforce and aligns employees’ needs with organizational goals. I have adapted their piece for a compliance audience.

This concept is about something other than making compliance easier. Instead, it is about making it indispensable and aligned with employee motivations. By redesigning compliance as a product employees “purchase” with their engagement, compliance professionals can enhance participation, foster a culture of ethics, and drive long-term success.

It all begins with why compliance must be seen as a product to be delivered inside an organization. Compliance often needs help to capture employee attention. Mandated training modules and periodic policy updates can feel disconnected from day-to-day work. Employees may view compliance as a checkbox task rather than a meaningful element of their roles. Yet, disengaged employees pose significant risks, from regulatory violations to ethical breaches.

Reimagining compliance as a product addresses these challenges. Like any successful product, compliance should do such things as (1) solve employee pain points, (2) offer clear and personalized value, and (3) foster ongoing loyalty and engagement. How can compliance move to this approach or at least be seen?

The Product Design Approach to Compliance

  • Understanding Why Employees “Hire” Compliance.

Drawing on Clayton Christensen’s Jobs to be Done theory, employees engage with compliance to fulfill specific personal, professional, or organizational needs. Some examples of compliance jobs are reducing risk for a corporation and its employees, as everyone wants protection from liability or disciplinary action. Compliance enables growth and profitability, as more effective compliance = more efficient business process = greater profitability. Finally, compliance aligns with the values of almost all employees, as they want a workplace that mirrors their ethics.

This approach has another benefit for the compliance function. It requires an assessment of your organization from a cultural perspective. In the 2024 ECCP, the DOJ made clear that companies must use data to help manage their corporate culture. The information gleaned will also help the corporate compliance professional understand what the employees want and need from a compliance solution. You can use these insights to craft messaging that positions compliance as a solution to their unique challenges.

  • Segmenting Compliance Customers

Not all employees interact with compliance in the same way. Tailoring the compliance product to different groups ensures it resonates broadly. Just as the DOJ mandates tailored training and communications, you can tailor the delivery of compliance solutions for your employees. This can include using the Customer Segments in your organization, such as new employees, who will need a greater foundational understanding of policies and reporting channels. For managers, it could require advanced training on fostering ethical cultures, monitoring compliance, and learning how to the first intake in a speak-up culture. Finally, there will be employees in your organization who, because of their specialized roles, will require targeted knowledge, such as export controls for logistics teams or anti-bribery rules for sales.

The compliance professional can work to create tiered compliance offerings. For instance, beginner courses for new hires, role-specific modules for specialists, and leadership workshops for managers. This is also true for the targeted communications you use on a more regular basis for employees. For instance, more communications on facility payments could be a useful service for employees who travel internationally.

  • Balancing Employee Needs with Compliance Requirements

While compliance professionals must meet regulatory demands, they can still design programs that respect employee time and preferences. There are some easy ways for a compliance professional to not only think about this step but also act on it. You can consider the modular design of your compliance training by breaking it into smaller, digestible segments that employees can complete at their convenience. Interaction can also drive engagement, so consider using interactive formats such as gamification, simulations, or role-playing to make compliance training engaging and memorable.

Your first step should be to use analytics to identify bottlenecks in compliance processes. If employees find certain tasks burdensome, redesign them with user-friendly tools or workflows. From there, take the information and craft a solution that meets the users’ needs, not just those from the compliance department. As Carsten Tams continually reminds us, it’s all about the UX.

Measuring the “Success” of Compliance as a Product

Successful products are evaluated by customer satisfaction and retention. Similarly, compliance success should be measured by how effectively it engages employees and fosters a culture of ethics. As Megan Daugherty also reminds us, it is about the numbers. So, what are your metrics for compliance engagement? What are your adoption rates? How many employees complete optional compliance training or use reporting tools? Equally important are your retention rates. You must determine if your company’s employees consistently follow compliance protocols. Finally, go outside the box with something like the Net Promoter Score (NPS), which helps you determine how likely employees are to recommend their company’s compliance program to peers.

There are multiple tools you can use for feedback. You can use a Pulse Survey, which gauges employee perceptions of compliance processes. You can use Focus Groups to explore pain points and opportunities for improvement in depth. You can use behavioral data garnered through monitoring adherence to compliance requirements through key performance indicators (KPIs). Finally, tools such as the Culture Audit can provide both a benchmark and framework to help compliance professionals understand the state of their culture and how to assess and improve it.

Addressing Challenges in Compliance Product Design

There will be challenges in taking this approach. Some key (and early) challenges will include overcoming resistance, particularly from employees who view compliance simply as an obligatory burden. Yet framing compliance as a resource, not a restriction, highlights how it protects employees, supports their career goals, and aligns with organizational values. Another employee concern could be balancing personalization with fairness, as some employees might view personalized compliance experiences as creating perceptions of favoritism. The solution should be to set clear criteria for personalization, such as role-specific training requirements, and communicate them transparently to avoid misunderstandings.

Finally, the biggest challenge will be to change the Tone at the Top by shifting your senior leadership’s mindsets. Typically, senior management prioritizes short-term goals over longer-term compliance initiatives. Here, you can quantify the value of compliance. For example, demonstrate how ethical lapses affect revenue, reputation, and employee retention to gain leadership buy-in.

Practical Steps for Redesigning Compliance as a Product

You should begin mapping the compliance journey by identifying key touchpoints, such as onboarding, annual training, and reporting. From there, look for pain points where employees disengage and redesign those interactions. Feedback loops can be useful to share survey results with employees to show that their input shapes compliance initiatives. Compliance Champions can work to empower managers and ethical leaders to advocate for compliance within their teams. Always remember to celebrate employees who model ethical behavior as brand ambassadors for compliance. Finally, in 2024, leverage technology by implementing AI-driven dashboards to monitor real-time compliance risks and engagement. Another key tool is chatbots, which provide instant answers to employee compliance queries.

Building a Compliance Product Employees Choose Daily

Reimagining compliance as a product transforms it from a mandate into a partnership. Compliance can become a trusted ally in the workplace by delivering value, fostering engagement, and respecting employee needs. This approach not only enhances compliance outcomes but also strengthens the ethical fabric of the organization. So, as Carsten Tams says, It’s all about the UX: are you treating compliance as a product employees want to engage with? The time has come to innovate compliance for the modern workplace, making it a cornerstone of trust, integrity, and success. Work to build a compliance program employees want to subscribe to every day.

Categories
Blog

Assessing and Aligning Your Corporate Values

One of concepts enshrined in the Monaco Memo is that the Department of Justice (DOJ) will assess corporate culture for any company that may find itself under investigation for Foreign Corrupt Practices Act (FCPA) violations. This enshrinement is not exactly new as Deputy Attorney General (DAG) Lisa Monaco announced this new DOJ focus in October 2021 in her speech to the ABA White Collar Bar Conference. The parameters of how the DOJ will assess culture are still being worked out but Chief Compliance Officers (CCOs) and compliance professionals need to be considering this issue in the context of their own compliance programs and corporate culture in case the DOJ ever comes knocking. Over the next several blog posts, I will be exploring how a corporate compliance function can assess, monitor and improve your corporate culture.

We begin with assessing your corporate values and then aligning them within your organization. In a recent Harvard Business Review (HBR) article, entitled What Does Your Company Really Stand For?, authors Paul Ingram and Yoonjin Choi explored these and other issues. I have adapted their work for the compliance professional. The authors believe that corporate values are more critical then ever.

New technologies, the lingering effects of the Covid-19 pandemic and the continued fallout from the Russian invasion of Ukraine have forced companies to “reassess what they value in their relationships with their employees, their customers, and even their societies… Across industries and sectors, companies have been forced to ask themselves, “What do we stand for?” and “What binds us to one another and to the community?” Through their research, the authors discovered, “They discovered that when a company’s official values match those of its employees—a situation they call values alignment—the benefits include higher job satisfaction, less turnover, better teamwork, more-effective communication, bigger contributions to the organization, and more-productive negotiations, not to mention more diversity, equity, and inclusion.”

The authors developed a five-step approach for values alignment. The first step is to identify the values within your employee base and create what they call a “values structure” which represents “the eight values that are most significant for each individual and the interdependencies that person perceives among them. For example, someone might believe that pursuing excellence will help satisfy the value of achievement.” Step two is to identify key priorities from strategy to determine “What is the most important thing the organization can do to achieve its strategy?” This determination will allow you align your official values with your organization’s mission.

The next step is to wed values that serve both the organization and its employees. Here you can use a group or groups of employees to make these connections to create value statements based upon the outputs from steps one and two. You may create many value statements, but these can be refined down. The authors note, “values alignment does not require exact matches; someone who identifies achievement as an individual value is likely to feel aligned with a similar organizational value—say, accomplishment. So you have some flexibility in creating your potential value statements.”

Next, in step four, you should begin the assessment process. Here try to be as wide and inclusive as possible. The authors state, “any member of the organization whose input is significant to its ultimate success should be invited to weigh in.” The benefits are clear as the more employees and other stakeholders involved, the wider the engagement will be going forward. This will lead to greater buy-in at the end of the day as well. The fifth and final step is to generate a final list of organizational values. In this process, senior management may become more involved.

The authors concluded their article by noting, “when properly aligned, values are powerful. They serve your strategy and provide your employees with authentic connections, and in so doing they create a foundation for better group performance and higher personal satisfaction. But values are not magic. They don’t become real or effective just because you announce them to your organization in a town hall meeting or etch them into marble at HQ. If you want to enjoy their benefits, you need to work with everybody in your organization to identify and align them. That requires the kind of careful attention and hard work that we’ve described in this article. We can assure you that it’s worth it.”

From the compliance perspective, the protocol the authors have set out can be quite useful. Recognizing that values are but one part of an overall corporate culture, this gives you a mechanism to think through how to begin an overall assessment of your organization. Values do make a portion of an overall culture. Through the engagement advocated herein, you can not only get a good reading on such key values as trust and respect, but, more importantly, learn how to incorporate them as overall assets into your corporate culture.

Categories
Blog

Principals of Effective Organizations: Part 2 – Olivia Newton-John and Operationalizing Compliance

We also lost someone Monday who was a cultural phenomenon for many decades, Olivia Newton-John, the beautiful Australian singer who burst on the US scene in 1974. She is probably best known as the heartthrob Sandy in the movie version of Grease where she put the singer’s chaste image behind her. According to her New York Times (NYT) obituary, “her character, Sandy, transformed from a pigtailed square smitten with John Travolta’s bad-boy Danny to a gum-smacking bad girl. “Grease” became one of the highest grossing movie musicals ever, besting even “The Sound of Music.” Its soundtrack was the second best-selling album of the year, beaten only by the soundtrack for “Saturday Night Fever,” which also starred Mr. Travolta.” If you can watch Grease without singing along, you are probably dead.

For my personal tribute I will quote a Facebook post from my friend Bill Dyer who I have known since 1976 when he was my RA at the University of Texas. Dyer penned the following, “In the summer of 1974, before my senior year at Lamesa High School, I was a full-time DJ at KPET-AM. Olivia Newton-John’s “If You Love Me, Let Me Know” album had come out in May, and we had a promotional copy at the station…The single I was *supposed* to play from this album was the country & western(ish) title song, “If You Love Me, Let Me Know” — consistent with our station’s C&W format. But the track that I personally preferred from the album was this song, I Honestly Love You. The programming director gave me grief about it, and I did indeed also play “If You Love Me, Let Me Know.” But this was THE heart-throb song of the summer. And yeah: It still gets me. Requiescat in pace, Olivia Newton-John. You were jaw-droppingly talented and lovely, and your music will continue to summon forth some of my most vivid memories of my young adulthood.”

We are currently exploring 10 Principles of Effective Organizations, by Michael O’Malley. The author identified 10 research-backed principles from the field of organization development to guide companies and I have adapted them for the compliance professional. Yesterday in Part 1, we took up his first five, focusing on the Chief Compliance Officer (CCO), and today we conclude with his final five, focusing on operationalizing your compliance program.

Diversify your workforce — and create an inclusive environment

 Every CCO should be modeling diversity, but the author makes clear the benefits of diversity, noting “Complex tasks require a diverse mix of viewpoints and abilities to satisfactorily complete.”  For compliance this need will only grow with the need for a diversity of subject matter expertise (SME) in a corporate compliance function, including compliance, legal, behavioral psychology and behavioral organization, data scientist and a host of others.

Compliance functions in 2025 and beyond will “require large numbers of different agents to enhance system reliability and resilience.” In addition to the diverse workforce and discipline need for any compliance program, you should consider diversity of citizenship so that not all your compliance talent is from the domicile from your home country. You should also consider bringing other corporate disciplines into your compliance function on a rotating basis such as sales leaders, senior executives and Human Resource (HR) functionaries as well.

Promote personal growth

Almost stating table stakes in the 2022 corporate world, the author states, “An effective talent management program is one in which a company has a large pool of able, external job candidates, sufficient competent coverage of existing positions, succession plans throughout the organization, and a panoply of support programs: career counseling and development, career planning workshops and vocational assessments, mentoring and coaching programs, and in-house training and educational assistance to augment employees’ career objectives.”

Now take this base line and overlay what the Department of Justice (DOJ) has told us over the years. In theFCPA Corporate Enforcement Policy it states, “The quality and experience of the personnel involved in compliance, such that they can understand and identify the transactions and activities that pose a potential risk;”. This means not simply hiring competent compliance department personnel but also that they continue to grow within the compliance profession by going to conferences and growing professionally in other ways (such as reading blogs and listening to podcasts).

 Empower people

 While many CEO-types believe “the practice of empowerment in organizations is often like a parent handing the keys of a high-performance vehicle to their teenager and hoping, day after day, that the car will return intact.” CCOs and other compliance professionals recognize that empowering not simply your compliance team but indeed your employee base to ‘do compliance’ is a key manner to operationalize your compliance program to make it effective.

Always remember that as a CCO or compliance professional, your customers are your employees, and this can extend to other stakeholders such as key third-party partners. Empower these groups to do compliance and they can become not simply your good friends but also will allow you to move from a detect mode to a prevent mode. This also ties into having a true speak up culture in an organization.

Reward high performers

Here the author focuses on based pay for performance plans for employees. He believes that rewarding high performers can “increase job satisfaction and motivate action and, when appropriately structured, are instrumental in producing environments in which the best help the rest. Indeed, it is common in teams that the top members will lift the performances of good, but less capable, members.”

Yet when you consider rewarding your employee base for doing business ethically and in compliance you should consider the same benefits as a part of your compliance program. The DOJ has long recognized this as far back as the original edition of the FCPA Resource Guide which continues to state in the 2nd edition, “DOJ and SEC recognize that positive incentives can also drive compliant behavior. The incentives can take many forms such as personnel evaluations and promotions, rewards for improving and developing a company’s compliance program, and rewards for ethics and compliance leadership.” So, reward your high performers for doing business ethically within your company’s values in addition to your compliance function personnel who do great work.

Foster a Leadership Culture

Even in 2022, ethics and compliance all starts at the top. The author correctly notes, “Everyone who has worked in an organization knows the affective power of leadership and its effects on culture, both good and bad.” Appropriate tone at the top and a compliance program and function to back up “supportive, inclusive management practices that provide assurances of safety allow people to take reasonable risks, make mistakes, speak up and challenge the status quo, and ask for help and request resources to make improvements” will help your organization going forward.

Senior management who create safe environments encourage “employees to more openly and beneficially interact, learn and grow, display greater creativity, and think of themselves as potent and efficacious actors will reap those benefits. Despite the known value of leadership, organizations frequently show little genuine interest in the quality of leadership by foregoing meaningful assessments and by being far too accommodating of managerial miscreants who may be productive but are toxic to the organization’s culture.”

The author concludes, “Fulfilling these 10 principles is a tall order.” Nonetheless, any CCO who puts these into practice will have a compliance function that should be resilient and able to respond to market or regulatory changes when needed and does business ethically and in compliance through a fully operationalized compliance regime.

Tom’s Top 5 Olivia Newton-John Playlist (all from YouTube)

I Honestly Love You

You’re the One I Want

Summer Nights

Xanadu

Let Me Be There

Categories
Blog

Fostering Ethical Conduct Through Psychological Safety: Part 3 – Fixing an Unsafe Workplace

Bill J. Allen died last week. Not familiar with the name? Then check out his New York Times (NYT) obituary. Perhaps outside of Illinois or Ohio, he ran one of the most brazen state legislature corruption schemes around, in the state of Alaska. His power and influence were so great that he was the cooperating witness who brought down a sitting Senator, Ted Stevens, although the Indictment was withdrawn after conviction but before sentencing due to prosecutorial misconduct.
Allen held court at a suite at the Westmark Baranof, a luxury Art Deco hotel four blocks from the State Capitol in Juneau, where he and his cronies “dished out money and told their visitors what they wanted in return. Mr. Allen and his circle seemed to revel in their shamelessness. He and Mr. Smith always booked Suite 604, and Mr. Allen always sat in the same chair. He bragged that he kept $100 bills in his front pocket, the easier to dole them out to friendly politicians. The girlfriend of one politician even had hats embroidered with the letters CBC, for “Corrupt Bastards Club.””
Allen and his brazen corruption schemes seem like a good way to introduce the concluding Part 3 of my series on fostering an ethical culture through psychological safety. This series is based on a recent article in the MIT Sloan Management Review, Summer edition, entitled “Fostering Ethical Conduct Through Psychological Safety” by Antoine Ferrère, Chris Rider, Baiba Renerte, and Amy Edmondson. In Part 1 we introduced the concept of psychological safety and why it is so important to creating an ethical culture in a business. In Part 2, we considered how to determine the state of psychological safety in your organization. Today in Part 3 we consider what happens in an organization where psychological safety is lacking and steps an organization can take to remedy this deficiency.
The authors believe that “when psychological safety is lacking, it may be a consequence of the employee having witnessed unethical behavior.” Moreover, the inversion of psychological safety “correlated to the quantity of unethical behavior noticed. Put simply, the more unethical behavior a person saw, the more likely they were to feel psychologically unsafe. This suggests that the experience of seeing more unethical behavior may diminish the psychological safety experienced by an employee.” Simply put if your bosses engage not only in corrupt behavior but simply unethical behavior, it will send a message throughout the organization that reporting unethical behavior will not be favored. One only need think of Jes Staley, former Chief Executive Officer (CEO) of Barclay’s who engaged in illegal behavior in attempting to unmask an internal whistleblower. In November 2021, Staley resigned amid a regulatory probe into whether he mischaracterized his relationship with the financier and sex offender Jeffrey Epstein. In many ways Barclays has never recovered.
The authors basically state the obvious when they write, “it makes intuitive sense that being in a work environment where unethical behavior is prevalent might diminish psychological safety.” Put another way “people are most reluctant to speak up in ethically troubled environments, where we most need them to do so.” This is an important issue for every Chief Compliance Officer (CCO) and business leader. To overcome such a deficiency, they found that “several other factors correlated with strong speak-up behavior, keeping everything else constant: moral engagement, moral attentiveness, and organizational justice combined with clarity of expectations.”
Moral engagement. As a CCO you should endeavor to create an atmosphere where ethical conduct matters, “so that when employees recognize a potentially unethical situation, they will be motivated to do what’s right.” At Novartis International AG, the authors noted the company “created a decision-making framework called the Decision Explorer to support associates in making ethical decisions. Rooted in the company’s code of ethics, the tool helps employees work through a situation to surface ethical considerations.”
Moral attentiveness. You can educate employees to recognize the ethical dimensions of situations. They point to the example at Novartis who “runs practical ethics training sessions that immerse employees in hypothetical scenarios where they must practice ethical decision-making. Another approach is to have managers highlight examples of ethical and unethical behavior with their teams and encourage dialogue on workplace ethics. Such grassroots employee contributions build trust and commitment by giving employees a role in strengthening the code of behavior by which they are expected to live.”
Organizational justice. Obviously talk is cheap and it is actions, not deeds, that matter. The Department of Justice (DOJ) has made clear in the Update to the Evaluation of Corporate Compliance Programs that the keeper and responsibility of institutional justice sits with the CCO and the authors find that this same concept “is vital to building a reputation of organizational justice.”
Clarity of expectations. CCOs must communicate a clear message to employees so that employees will have “an understanding of organizational standards and are clear about expectations.” Second, CCOs must act decisively in response to employee reports of misconduct to show that there are consequences for unethical behavior. To foster greater psychological safety, coach and empower line managers to create safe spaces for discussing ethical concerns, and help them react appropriately when such issues are raised.
The siloed nature of this issue must also be addressed. As previously noted, this issue touches multiple corporate disciplines including HR, ethics and integrity, risk management, legal and compliance. There must be a cross-functional approach in building a culture of ethics and performance. For example, Novartis created a cross-functional working group focused on the notion of ethical leadership.
The authors concluded, “Building a psychologically safe environment to facilitate speaking up about ethical conduct is relevant to both company reputation and long-term business performance. Unethical conduct can remain hidden for a time but is likely to be discovered eventually, causing far more harm than if it were caught and corrected early. Psychological safety thus can help organizations respond and improve quickly instead of allowing misconduct and unethical behavior to fester and further degrade workplace psychological safety, thus triggering a vicious cycle.” Every compliance professional should use the research from the authors study to craft a program to create or improve the psychological safety at your organization. The authors frankly state that organizations which have relied on speak-up channels or ombudspersons as mechanisms for reporting unethical behavior is no longer sufficient. “They need to be complemented by efforts to actively shape and promote an ethical climate in which managers are equipped to support employees’ ability to say what they think and react appropriately to what they hear.”

Categories
Blog

Ethical Conduct Through Psychological Safety: Part 2 – Safety in the Middle

According to Juan Toribio, writing in MLB.com, Blake Grice waited patiently with his right hand raised for about two minutes to hear his name called inside the Dodgers’ interview room. When he was finally noticed, LA Dodgers star pitcher Clayton Kershaw asked “Whatcha got?” The 10-year-old related that his dying grandfather, Graham, had created a bucket list of things he still wanted to do, one of which was to meet Kershaw. Blake was credentialed by MLB to attend the Post-Game Press Conference and when he did, he dedicated the moment to his now deceased  grandfather.
As reported by Toribio, Blake told Kershaw ““My grandpa loved you. He watched the 1988 [World] Series and he wanted to meet you and Vin Scully one day. So this moment is important to me because I’m meeting you for him.” Before he finished telling Kershaw the story, Blake began to cry” and Kershaw responded by going over to Blake and consoling him with a hug. Kershaw the said to him, “Come here, dude, great to meet you. Thanks for telling me. That took a lot of courage to tell me that. Great to meet you. Your granddad sounded like an awesome guy. Thanks for coming up.””
With a nod of the (St. Louis Cardinals) hat to Tim Erblich for sending me this story, I thought it was a very good way to introduce Part 2 of my series on advancing ethical culture through psychological safety. This series is based on a recent article in the MIT Sloan Management Review, Summer edition, entitled “Fostering Ethical Conduct Through Psychological Safety” by Antoine Ferrère, Chris Rider, Baiba Renerte, and Amy Edmondson. The authors believe “there are a number of things organizations can do to make it more likely that people will speak up when they observe unethical behaviors.” But one key is psychological safety, defined by co-author Edmondson as “a shared belief held by members of a team that the team is safe for interpersonal risk-taking” — or, put another way, that “we can say what we think” or “be ourselves around here.” Today, we look at how to determine the state of psychological safety in your organization.
The authors’ research concluded that while many employees “said that they spoke up after witnessing perceived unethical behavior, a substantial minority said that they did not speak up.” The authors found that “those who felt less psychologically safe were significantly less likely to report those behaviors via channels where organizational leaders might act on them.” Conversely, employees “who felt the most psychologically safe were most likely to have reported the misconduct they observed. This held true even after taking into account a range of other psychological factors that could influence incident reporting, such as perceived levels of organizational justice, fairness, and trust. Psychological safety is therefore important for more than just team effectiveness and well-being; it may also be critical for forming strong ethical cultures where employees feel comfortable speaking up.”
Interestingly, the authors realize the non-siloed nature of psychologically safety at the workplace. They note that ethics, risk management, legal and compliance functions, plus Human Resources (HR) all share an interest in fostering such an environment. This mandates a cross-functional approach as an essential requirement of molding an organization’s culture to include psychological safety. The authors believe, “Managers throughout a company must become aware of the blind spots created by a psychologically unsafe environment, along with the associated risk of underreported misconduct.” They also caution that a formal program such as a reporting hotline “may capture only a fraction of the problematic behaviors that occur.” This leads the authors to posit that gauging psychological safety “may help companies determine whether misconduct is being reported and, in turn, enhance the effectiveness of their formal speak-up programs.”
After 15 years of the Department of Justice (DOJ) and other regulators talking about “tone at the top”; the authors credit that most organizations appear to have senior leadership that talks about ethics positively. They believe “CEOs emphasize that integrity is a core value of their organizations, and that point is reiterated in calls with shareholders and during employee town hall meetings.” Unfortunately, while this messaging is important, the research indicated “it is not sufficient to prevent the derailers of ethical conduct that occur deep within an organization.”
The authors recognize what compliance professionals have known for some time, that it is middle managers, and “not just official speak-up channels are often on the front lines when it comes to hearing about unethical behavior.” They found that 80% of employees who did report internally, went to their direct managers, who are almost always in middle management. This is because middle managers are the company leaders play who play the critical role in ensuring that an employee speaking up feels supported and heard. The authors noted, “Our data shows that how line managers act has a disproportionate impact on the way potentially unethical behavior is addressed within organizations.”
Unfortunately, simply because a middle manager may feel psychologically safe you must not assume that their direct reports feel the same way. Confirming the findings from the ECI Report of its 2021 Global Business Ethics Survey, “managers and senior leaders tend to feel more psychologically safe than their employees and have a more positive perception of their organization’s ethical climate than the rest of the workforce. When you put these two findings together it makes clear that the higher up in the organization you go, there may well be “an ethical blind spot. That makes the role of team managers even more important when it comes to fostering an environment conducive to both engaging in ethical behavior and talking about ethics in an open, constructive way.”
The authors also confirmed a greater problem which is that “in a global context, psychological safety is not uniform across nations.” Survey respondents from “the Americas and Europe tended to score higher on psychological safety than respondents from Asia.” This suggests to the authors that “the potential effectiveness of tailoring interventions that promote speaking up in order to address the specific circumstances of different groups of employees.” Moreover, “global organizations that seek to build psychological safety must assess its various region-specific drivers and derailers to adjust their activities to specific seniorities and cultures.”
Join us tomorrow in Part 3 where we consider why a company that does not have psychological safety throughout it can not only be so toxic but in serious danger as well.

Categories
Blog

Driving the Digital Transformation of Compliance

The digital transformation of compliance will probably be the biggest change in our profession since the move to operationalizing compliance in the past decade. Legal professionals are generally ill-suited to lead this effort due to the legal focused training we all received, not quantitative training that most business students received. This means that many Chief Compliance Officers (CCOs), compliance professionals and corporate compliance functions struggle to reap the benefits of investments in digital transformation. I was therefore intrigued by a recent Harvard Business Review (HBR) article, by Marco Iansiti and Satya Nadella, Microsoft Chief Executive Officer (CEO), on a five-step approach to digital transformation. The article, Democratizing Transformation, sets out how innovation can be pushed out throughout a company’s workforce. I have adapted it for the compliance professional.
For a true digital transformation, technologists and data scientists alone cannot bring about the kind of wholesale innovation both a compliance function and a business unit need. This means that your organization should pair “data scientists with business [and compliance] employees who had insight into where improvements in efficiency and performance were needed.” Another strategy, which is near and dear to the heart of Carsten Tams, Ethical Business Architect and founder and CEO of Emagence LLC, is to use Design Thinking concepts in designing and implementing a digital innovation of compliance. The authors note, “A growing number of teams adopted agile methods to address all kinds of opportunities. The intensity and impact of transformation thus accelerated rapidly, driving a range of innovation initiatives.” This same strategy can work in sales as well as compliance.
It is this step which “democratize access to data and technology” outside of compliance and can lead to true and permanent innovation. The potential for employee-driven digital innovation cannot be accomplished by small groups of technologists and data scientists walled off in organizational silos. It will require much larger and more-diverse groups of employees – executives, managers, and frontline workers – coming together to rethink how every aspect of the business should operate. Once again this is what Tams has talked about with his articulation of Design Thinking, the engagement of business unit employees can well be a significant driver of compliance.
To achieve the type of engagement which will drive real digital transformation, a CCO must create synergy in three key areas: Capabilities, Technology and Architecture. The authors state, “Digital transformation requires that executives, managers, and frontline employees work together to rethink how every aspect of the business should operate.”

  1. Capabilities. It is axiomatic that successful transformation and innovation efforts in compliance requires “that companies develop digital and data skills in employees outside traditional technology functions. These capabilities alone, however, are not sufficient to deliver the full benefits of transformation; organizations must also invest in developing process agility and, more broadly, a culture that encourages widespread, frequent experimentation.” It is all a long-winded way of saying “Call Carsten Tams” and use his framework for Design Thinking as a starting point for your digital transformation.
  2. Technology. As always, “investment in the right technologies is important, especially in the elements of an AI stack: data platform technology, data engineering, machine-learning algorithms, and algorithm-deployment technology. Companies must ensure that the technology deployed is easy to use and accessible to the many nontechnical employees participating in innovation efforts.” Fortunately, there are more compliance product providers you can provide the right tech to you. See the Rise of ComTech.
  3. . One of the things that many compliance professionals do not often consider is that of architecture. The authors believe the “investment in organizational and technical architecture is necessary to ensure that human capabilities and technology can work in synergy to drive innovation. That requires an architecture—for both technology and the organization—that supports the sharing, integration, and normalization of data (for example, making data definitions and characteristics consistent) across traditionally isolated silos. This is the only real, scalable way to assemble the necessary technological and data assets so that they are available to a distributed workforce.” This is similar to what the Department of Justice (DOJ) intoned in the 2020 Update to the Evaluation of Corporate Compliance Program where they mandated for the first time that both the CCO and corporate compliance function should have access to all corporate data, literally cutting across all siloes.

The authors concluded, “mandate for digital transformation creates a leadership imperative: Embrace transformation, and work to sustain it.” I would add that these words apply even more so to the CCO who is leading the digital transformation of a compliance program. You should put together a clear strategy and sell it to the Board and senior management as well as communicating it “relentlessly” throughout your organization. Work to inaugurate a compliance “architecture to evolve into as you make the myriad daily decisions that define your technology strategy. Deploy a real governance process to track the many technology projects underway, and coordinate and integrate them whenever possible. Champion agility in all business initiatives you touch and influence. And finally, break free of tradition. Train and coach your employees to understand the potential of technology and data, and release the innovators within your workforce.”
Momentum is growing for the digital transformation of compliance; from the regulators to business units to investors. Indeed, it will be the driving strategy for compliance in 2025 and beyond. But we must always remember that it is the human element that will be the critical component to drive the transformation and more importantly use those tools to drive compliance up to the next level of effectiveness and engagement.

Categories
Blog

Macbeth and Transformation of Your Compliance Leadership Team

Over the weekend I saw Joel Coen’s The Tragedy of Macbeth on Apple TV. To say it blew me away would be putting it mildly. I have been reviewing the film this week and exploring my love of all things Shakespeare in this week’s blog posts. Today, I want to consider Denzel Washington in his starring role as Macbeth.
Jourdain Searles, writing in okayplayer.com, said, Washington’s “acting style has always been theatrical, and he’s an obvious choice for any role that requires the ability to monologue while still keeping the audience engaged. Washington is definitely up to the task, making a meal out of every scene. And yet, his motivations in the film feel murky. Due to his age and visible exhaustion, it seems like Washington’s Macbeth would rather retire than vie for the Scottish throne. When his wife Lady Macbeth (Frances McDormand) urges him to seize the throne, it comes off more of a burden than a shining opportunity. Having the couple be older is an inspired choice, transforming the characters from youthful schemers to weary elders making their final grasps at greatness.” I noted this world-weariness, as well as the issue of succession. I want to use those twin concepts to introduce today’s subject of your compliance team leadership.
In a recent Harvard Business Review (HBR) article, entitled “Reinventing Your Leadership Team”, authors Paul Leinwand , Mahadeva Matt Mani, and Blair Sheppard, all with PwC,  posited that “in our increasingly complex world, what companies really need to do is build new forms of competitive advantage and transform themselves for the future. And that requires fundamental changes in their top leaders—not just in individuals’ capabilities but in the way they collectively steer the ship. Drawing on their research at 12 prominent global firms, the authors note the contradictory-seeming skills that leaders are expected to have—being both great visionaries and expert executors.” I use their article as a starting point for the Chief Compliance Officer (CCO) to put together a top-notch compliance leadership team.
As legally trained CCOs continue to become less relevant to a corporate compliance function and  with the new-found compliance framework focused largely on digitizing and digital analysis, what companies and their employees need from compliance leadership is evolving. CCOs must be able to reimagine a compliance function’s place in the world and transform the organization to live up to a more ambitious purpose. That will mean fundamental change not only in CCOs themselves but also in how they collectively manage and lead a corporate compliance function.
Within the broader context of corporate leadership, the authors stated, “Consider, for example, how the skills that leaders need for success have evolved—and the degree to which many executives are seen to struggle with these new demands. A recent survey conducted by Strategy&, PwC’s global strategy consulting business, highlighted the importance of balancing certain characteristics that on the surface look paradoxical. We used to accept, for instance, that leaders could be either great visionaries or great operators. No longer. Companies now need their top people to perform both roles—to be strategic executors, in other words. They’re also expected to be tech-savvy humanists, high-integrity politicians, humble heroes, globally minded localists, and traditioned innovators. Not only did large majorities of the survey respondents agree on the importance of those roles, but they also voiced alarming concern about leaders’ lack of proficiency in them. Addressing a company’s leadership gaps, however, is not merely a matter of building individual executives’ skills. Although that’s certainly desirable, the need to improve collective leadership is urgent.” That certainly holds true for the compliance function.
The authors identified four key components for leadership change, which I have adapted for the corporate compliance function.
Identifying the leadership roles needed to transform compliance for the future. For compliance to remain relevant, it will need distinct capabilities that allows it to deliver on its purpose, along with leaders who can envision its new place in the world and mobilize it to get there. What positions does your CCO need on their team to make that happen? Obviously, the basic legal skills of reading and writing are now only the basics. There must be digital talent, innovation talent, behavioral psychology talent, as well as communications. Moreover, all these roles will need to work collaboratively not simply with each other but with a much wider variety of internal and external stakeholders than ever.
Assembling the right people. Having the right roles is not enough as once you have identified the roles your compliance function needs, “you next have to think about who will best fill them. Which individuals should you bring together so that you have the necessary talent and diversity…to generate new ideas, challenge traditional thinking, and collaborate on meaningful change?” You will need team members who can not only see around corners but also respond to the ever-changing compliance landscape of today’s business as usual, through continually recalibrating the risks your organization faces.
Focusing your leadership team on driving your compliance transformation. Obviously as CCO, you and your compliance team “will need to advance the company’s agenda—and that means spending energy and time on the big priorities for the future, not just responding to the demands of the organization today. What structures and mechanisms will help you lead the company to its new destination?” How can compliance initiatives work to increase business efficiencies, drive greater employee engagement and move the need on overall company profitable? It is not simply business efficiencies you must master as you must build trust in your organization to create a true ‘speak-up culture’ so you can reap the benefits of this increased efficiency.
Taking ownership of your team’s behavior. At first blush this would seem like a natural for compliance. Afterall, compliance is all about taking ownership and transparency. However, the authors’ focus is a bit different, “Creating ownership around the vision isn’t enough. You must also create a shared purpose: Why does your team exist? What big issues is it here to solve? When defining their areas of responsibility, your people should believe that leading the company through its transformation is their most important task and that success will depend on the collaboration of team members rather than on the sum of individual units’ performance.” In other words, build on the trust you created by giving the credit out so that all will be invested in your compliance transformations.
No major corporate transformation can be successfully achieved by the compliance team alone. There must be engagement, buy-in and not simply acceptance but an embracing by the employees. The authors conclude that you should “Surround yourself with talented people who can balance seemingly paradoxical leadership behaviors and challenge one another to collectively accomplish big things. Most importantly, make sure your leadership team truly leads—setting aside the time and energy to define a bold agenda and launch the ambitious initiatives that your future relies on. Failing to do that will be a costly mistake. Succeed and you will have a powerful team that can position your firm to thrive in an increasingly complex world.”
Tomorrow, Frances McDormand and Lady Macbeth.

Categories
FCPA Compliance Report

John Katsos – Due Diligence in Conflict Zones


In this episode of the FCPA Compliance Report, I visit with John Katsos, Assistant Professor and Scholar at American University of Sharjah. John has researched and performed due diligence in conflict zones in the Middle East and Africa. He was part of a research team that published a series in the Big Idea section of the Harvard Business Review entitled Preparing for the Era of Uncertainty, which is a must read for every compliance professional. He brings a unique perspective to a variety of compliance topics. Highlights of this podcast include:

  1. Academic and professional background.
  2. Why due diligence in conflict zones so difficult?
  3. What are some of the important differences in performing DD in conflict zones?
  4. What are some keys to successfully performing DD in conflict zones?
  5. Key lessons you observed on DD in Cyprus?
  6. Where did you come up with the idea for this series of articles, Preparing for the Era of Uncertainty?
  7. A discussion of each article in the series.?
  8. What is it like teaching anti-corruption and other forms of compliance outside the US?
  9. How do you see your work tying into a broader ESG discussion?
  10. How does climate change and migration across borders influence your thinking?

Resources
Preparing for the Era of Uncertainty-Harvard Business Review
John Katsos website, including some great research and papers
John Katsos LinkedIn profile