Tag: HBR

Categories
Blog

Building Trust in AI with Blockchain: A Compliance Perspective

Artificial Intelligence (AI) has rapidly become a key driver of business decision-making across industries, from financial services to healthcare. Yet, despite its enormous potential, AI remains a “black box” that raises serious concerns about transparency, accountability, and fairness. According to Pew Research, 52% of Americans are more concerned than excited about AI, while only 10% express enthusiasm. This trust deficit presents a critical challenge for compliance professionals: how can organizations demonstrate responsible AI use and ensure compliance with evolving regulatory expectations?

I was therefore intrigued to read a recent article in the Harvard Business Review by Scott Zoldi and Jordan T. Levine entitled, Using Blockchain to Build Customer Trust in AI. Their response to this quandary was to look at FICO, a leader in financial analysis and ratings, which developed a private blockchain that automated documentation and standards in model development. FICO’s approach leaned directly into a series of strategies used by compliance professionals.

The Compliance Challenge of AI

AI’s ability to analyze vast amounts of data and generate predictions is its greatest strength and its most significant liability. Machine learning models can reinforce biases, lack interpretability, and operate without clear accountability. Compliance professionals must address these challenges head-on by ensuring that AI models are:

  • Interpretable: Customers and regulators need to understand how AI models make decisions.
  • Auditable: Organizations must maintain detailed records of AI development and deployment.
  • Enforceable: Compliance teams need mechanisms to ensure adherence to ethical AI standards.

Without these three pillars, AI risks becoming a compliance nightmare that could lead to regulatory penalties, reputational damage, and loss of customer trust.

Blockchain ensures that AI models are developed following internal guidelines and regulatory requirements. Every modification to the model, from data selection to algorithmic tuning, is permanently recorded, making it easier for compliance officers to track decisions and pinpoint the cause of any discrepancies. This immutable nature benefits industries with strict regulations, such as finance and healthcare, where audits and regulatory reviews are routine.

Additionally, blockchain helps prevent unauthorized alterations by requiring cryptographic verification before changes are accepted into the system. Any attempt to introduce bias, manipulate datasets, or adjust algorithms must be documented and approved transparently. This enhances accountability and strengthens organizational trust in AI.

Blockchain’s integration into AI governance fosters cross-functional collaboration between compliance, legal, and data science teams. Using a single, tamper-proof source of truth, organizations can streamline communication and ensure that AI-related decisions align with corporate policies and industry standards. This collaborative approach mitigates risks and reduces inefficiencies, allowing businesses to innovate responsibly while maintaining regulatory compliance.

For compliance professionals, blockchain provides an operational framework supporting continuous AI model monitoring and improvement. It facilitates real-time oversight, allowing organizations to identify potential compliance risks before they escalate into regulatory violations or reputational damage. As AI technology evolves, blockchain’s role in governance will likely expand, offering even greater opportunities for secure, transparent, and ethical AI development.

Blockchain: A Path to AI Accountability

Blockchain technology offers a potential solution by providing an immutable, transparent record of AI model development and decision-making. The authors reviewed FICO’s adoption of blockchain. They learned, “Making this system work was less a tech challenge than a people one. They learned it was important to start with standards, then develop the tech; that making the system user-friendly was non-negotiable; that it was essential to iterate on quick wins; that they had to build repositories to hold large AI assets in alternate storage; and that they needed capable IT teams to handle the maintenance demands of this system.”

By moving from traditional documentation methods (such as Word documents) to a private blockchain, FICO:

  • Reduced model support issues and recalls by over 90%.
  • Created a single source of truth for AI model development.
  • Ensured absolute adherence to AI governance standards.

Blockchain’s ability to create an auditable trail of every change, test, and decision made during AI model development provides a powerful compliance tool. Unlike conventional documentation, blockchain prevents unauthorized changes and ensures compliance teams can verify AI decisions long after they are made.

Beyond compliance, blockchain enhances the efficiency of AI governance by automating tracking mechanisms that reduce administrative burdens. Traditionally, managing AI development required extensive oversight, documentation, and verification processes, often prone to human error or oversight. By leveraging blockchain, organizations can automate this oversight, ensuring that model updates, training datasets, and algorithmic adjustments are securely recorded in a tamper-proof ledger. This improves compliance and accelerates AI innovation by reducing bottlenecks in model validation.

Additionally, blockchain’s transparency enables better cross-functional collaboration between compliance officers, data scientists, and IT security teams. Instead of relying on disparate documentation and periodic audits, stakeholders can access a real-time, immutable ledger of AI development activities. This fosters greater accountability and ensures that AI models align with ethical guidelines, regulatory requirements, and corporate governance policies from inception to deployment.

Blockchain can mitigate risks associated with AI bias and ethical concerns by providing a structured framework for tracking model modifications and testing processes. Any deviation from approved methodologies is recorded, allowing organizations to detect and address potential issues before they impact decision-making. This proactive approach strengthens AI reliability and fosters trust among regulators, customers, and stakeholders who demand greater transparency in automated decision-making processes.

By integrating blockchain into AI governance, organizations gain a robust compliance tool that ensures models are developed responsibly, deployed ethically, and maintained transparently. As regulatory scrutiny around AI continues to grow, adopting blockchain-based governance is not just an operational advantage; it can provide both a strategy and mechanism for maintaining trust and regulatory compliance in the evolving AI landscape.

Key Compliance Lessons from FICO’s Blockchain Approach

1. Standards Must Come First

Before implementing blockchain, organizations must establish clear AI development standards. This includes defining acceptable algorithms, ethical testing methodologies, and regulatory compliance requirements. Without these guardrails, blockchain is just another technology without purpose.

2. User Adoption Requires a Seamless Experience

One of the biggest hurdles in AI governance is ensuring that data scientists comply with established processes. At FICO, blockchain-based AI governance became non-negotiable—developers could not release models without following the blockchain-tracked workflow. Making compliance seamless rather than burdensome is key to adoption.

3. AI Governance Must Be Iterative

FICO’s blockchain approach evolved, starting with small proofs of concept before scaling across its AI development teams. Compliance professionals should take a similar approach, testing blockchain governance in high-risk areas before expanding its use across the organization.

4. Immutable Records Are Key for Regulatory Defense

Regulators are increasingly scrutinizing AI-driven decisions, especially in highly regulated industries such as finance and healthcare. An immutable AI development, testing, and deployment record provides a powerful defense against regulatory inquiries. It also enables organizations to demonstrate compliance rather than scrambling to justify decisions afterward proactively.

5. Blockchain Is a Tool, Not a Silver Bullet

While blockchain enhances AI governance, it is not a substitute for a strong compliance program. Organizations must still conduct rigorous ethical testing, monitor AI performance, and engage with regulators to ensure ongoing compliance. Blockchain should be viewed as an enabler of trust, not a cure-all.

Final Thoughts: The Future of Compliance in AI Governance

As AI becomes more embedded in business operations, compliance professionals must evolve their oversight strategies to keep pace. Blockchain offers a compelling approach to ensuring AI accountability, but it requires careful implementation, clear governance standards, and buy-in from business leaders.

FICO’s success demonstrates that trust follows when AI governance is built on transparency, auditability, and enforceability. Compliance professionals who embrace blockchain’s potential can help bridge the trust gap in AI, ensuring that these powerful technologies are used responsibly, ethically, and in full compliance with regulatory expectations.

For compliance teams, the question is no longer whether AI governance needs to evolve but how quickly organizations can implement solutions that keep AI accountable. Blockchain is one step in the right direction.

Categories
Blog

The Compliance Sabbatical

The world of corporate compliance is demanding. It requires constant vigilance, deep ethical reasoning, and navigating ever-evolving regulatory landscapes. Compliance professionals are often the last defense against misconduct, ensuring companies adhere to laws and ethical standards. But with great responsibility comes great stress, and burnout is an all-too-common reality in our field. I was intrigued when I came across a recent article in the Havard Business Review by DJ DiDonna, entitled The Case for Sabbaticals — and How to Take a Successful One.

A sabbatical, defined by DiDonna as an intentionally extended leave from your job-related work, may seem out of reach for many workers. But if you can swing it, the potential payoff is enormous. Taking one could be transformational for your life and career. Research and interviews with more than 250 sabbatical-takers reveal the key attributes that define these breaks, the three distinct sabbatical types, and the hurdles one must overcome to persuade bosses, colleagues, and yourself that it is a good idea. DiDonna makes a compelling argument that stepping away from work for a meaningful period is not simply beneficial; it can be transformative. A sabbatical can be essential for maintaining long-term effectiveness and well-being for compliance professionals who operate under high-pressure conditions.

The Compliance Burnout

Compliance officers work in an environment of constant scrutiny. The stakes are high, and the margin for error is razor-thin. Between managing regulatory risks, conducting investigations, and ensuring ethical corporate behavior, the stress can take a cumulative toll. Research shows that burnout leads to reduced effectiveness, poor decision-making, and even ethical lapses, precisely what compliance professionals are hired to prevent. A sabbatical offers a structured way to step back before burnout reaches critical levels. It allows professionals to reset mentally and physically, returning to work with renewed energy and sharper focus.

Benefits of a Sabbatical

1. Reconnecting with Purpose

One of the most significant benefits of a sabbatical is reassessing professional and personal priorities. Many compliance professionals enter the field driven by a strong ethical compass and a desire to make a difference. However, the daily grind, dealing with corporate bureaucracy, managing regulatory challenges, and sometimes confronting internal resistance can wear down that initial sense of purpose.

A sabbatical provides space to reflect on career goals and reconnect with the motivations that drew one to compliance in the first place. DiDonna’s research highlights that many sabbatical-takers return with a clearer sense of direction, often making strategic career shifts or doubling down on their professional mission.

2. Enhancing Strategic Thinking

Regulatory compliance is a dynamic field. Laws change, enforcement priorities shift, and new risks emerge. Staying ahead requires strategic thinking and adaptability. Yet, when professionals are caught up in the day-to-day pressures of compliance, it can be not easy to see the bigger picture.

A sabbatical can foster deep thinking and learning that compliance professionals rarely have time for. Whether through travel, study, or personal projects, time away from routine responsibilities can lead to fresh insights that improve compliance strategy and risk management upon return.

3. Cultivating Resilience and Creativity

Innovation isn’t a word often associated with compliance, but the best compliance programs thrive on creative problem solving. How do you foster a speak-up culture? How do you implement effective training that resonates with employees? How do you navigate gray areas where the law is ambiguous?

Time away from work stimulates creativity, especially when spent in new environments or pursuing new experiences. Compliance officers who take sabbaticals often return with novel approaches to training, policy implementation, and risk assessment.

Practical Steps to Make a Sabbatical Work

Despite the benefits, many compliance professionals hesitate to take a sabbatical. They worry about job security, financial implications, and how their absence might impact their organization. However, with careful planning, a sabbatical is more feasible than most professionals realize.

  1. Plan Ahead: A sabbatical does not have to mean quitting your job. Many organizations offer formal sabbatical programs, even those that do not may accommodate unpaid leave for valued employees. The key is to plan early and present a business case for how your time away will ultimately benefit the organization.
  2. Set Clear Boundaries: A true sabbatical means fully disconnecting from work. That means no checking emails or staying involved in projects remotely. The point is to create distance, both physically and mentally.
  3. Structure Your Time: A sabbatical should be intentional, whether traveling, volunteering, studying, or simply spending time with family. The goal is not simply to take time off but to recharge through engaging in experiences that provide renewal and perspective.

A Strategic Investment in Longevity

Corporate compliance isn’t a sprint; it’s a marathon. To be effective over the long haul, professionals need to pace themselves. Taking a sabbatical is not a luxury; instead, it is an investment in the longevity of individuals and the organizations they serve. Companies benefit when their compliance teams are engaged, refreshed, and thinking strategically.

If compliance professionals want to avoid burnout, enhance their strategic thinking, and return to work with renewed purpose, they should seriously consider taking a sabbatical. The research is clear: stepping away can make all the difference, even temporarily.

Categories
Blog

AI, Process Management, and Compliance

Integrating artificial intelligence (AI) and advanced analytics with robust process management principles can unlock new levels of efficiency and innovation. Mars Wrigley, the global confectionery leader, offers an instructive case study. In an article in the Harvard Business Review entitled, How to Marry Process Management and AI Thomas H. Davenport and Thomas C. Redman wrote that through its strategic deployment of AI to digitize its supply chain and manage operations, Mars Wrigley demonstrates how a systematic approach to process management can achieve significant improvements in operational performance, customer satisfaction, and sustainability.

Mars Wrigley’s success story holds valuable lessons for compliance professionals about aligning technology, data, and governance to enhance compliance frameworks and drive value across organizations.

Digitization and AI: The New Frontier for Process Management

Mars Wrigley began its journey by building a digital twin of its production line and feeding real-time operational data into machine-learning models. The results were striking. The company received predictive insights that reduced overfilling, minimized waste, and optimized supply chain processes. They partnered with vendors like Aera Technology for data visualization and preventive maintenance and with Kinaxis to balance supply and demand, automate invoices, and increase truck utilization by 15%.

This underscores a critical point from a compliance standpoint: Technology can only enhance compliance when processes are well-defined, integrated, and aligned with organizational goals. Compliance officers must recognize the potential of AI to streamline compliance monitoring, enhance risk detection, and reduce manual inefficiencies.

For example, consider AI tools that monitor high-risk transactions or flag anomalies in employee expense reports. When implemented in a robust compliance framework, these tools improve detection rates and allow compliance teams to focus on strategic initiatives rather than routine checks.

The Role of Process Management in Compliance

Process management is about understanding how tasks fit together to create a specific outcome and then optimizing those sequences. Put another way, it is about operationalizing compliance. Whether addressing department-level activities or end-to-end processes, process management principles can yield transformative results when applied to compliance. What are some of the ways process management can do so?

In areas as basic as error reduction, well-managed processes minimize compliance failures by reducing error rates and increasing consistency. A traditional compliance department area is cross-functional coordination with other corporate departments. Effective compliance requires breaking down silos, whether between legal, finance, HR, or operations, and aligning departments toward common objectives.

This approach can also positively impact corporate culture by increasing stakeholder buy-in and employee engagement. Process management often conflicts with hierarchical management structures. In compliance, this tension may manifest when reconciling DOJ mandates with operational priorities in your organization. Persuading stakeholders to prioritize compliance demands strong leadership and effective change management.

AI and Process Management: A Compliance Blueprint

AI supports specific subprocesses within larger workflows, but true transformation occurs when organizations integrate these capabilities across end-to-end processes. For compliance professionals, this is a roadmap for embedding AI into compliance programs.

Step 1: Establish Ownership

Every effective compliance initiative begins with clear accountability. A defined ownership structure underpinned Mars Wrigley’s digital twin success. Compliance programs require similar clarity. Appointing a “compliance process owner” ensures cross-functional alignment, while department-level compliance champions can coordinate implementation.

Step 2: Map and Redesign Processes

Mapping current compliance processes is essential for identifying inefficiencies. Process mining tools, which analyze enterprise system logs to identify bottlenecks, can uncover hidden risks. For instance, tracking the due diligence lifecycle in third-party onboarding can reveal inefficiencies, such as delays in background checks or missed follow-ups.

Redesign efforts should prioritize risk-prone areas, leveraging AI tools to streamline activities like transaction monitoring, policy distribution, and whistleblower case tracking.

Step 3: Define Metrics and Set Targets

Compliance performance must be measurable. Metrics such as incident resolution times, training completion rates, and risk assessment quality should guide process improvements. AI enables real-time metrics monitoring, providing insights that compliance officers can act on immediately. Mars Wrigley’s use of analytics to improve truck utilization offers a parallel for compliance: by tracking resource allocation, compliance teams can reduce unnecessary costs while ensuring optimal coverage of risk areas.

Step 4: Leverage Technology and Data

AI tools such as robotic process automation (RPA) and natural language processing (NLP) are increasingly used in compliance programs to automate routine tasks. RPA can streamline repetitive activities like generating regulatory reports. NLP can analyze large volumes of text, such as contracts or policies, to identify risks or inconsistencies.

Compliance professionals must also advocate for standardized data practices. As Mars Wrigley’s case illustrates, data silos impede process efficiency. In compliance, inconsistent data can obscure risks, making standardized data governance a cornerstone of effective compliance.

Step 5: Foster a Culture of Continuous Improvement

AI and process management are not “set it-and-forget it” solutions. As Mars Wrigley demonstrated, continuous monitoring and iterative improvements are critical for sustaining gains. This means regularly reviewing and updating AI tools for compliance professionals to address emerging risks and regulatory changes.

Lessons for Compliance Professionals

Mars Wrigley’s journey highlights several key takeaways for compliance leaders:

  1. Invest in AI Thoughtfully. Technology is not a silver bullet. Its effectiveness depends on how well it integrates with and supports compliance processes.
  2. Adopt a Holistic View of Compliance. Compliance risks rarely confine themselves to one department. Breaking down silos through cross-functional process management improves visibility and reduces risk.
  3. Prioritize Data Governance. High-quality, standardized data is essential for both AI and compliance. Without it, even the best tools cannot deliver meaningful insights.
  4. Embrace Change Management. As with Mars Wrigley’s digital transformation, compliance process improvements require buy-in from leadership and employees.

The Compliance Call to Action

Compliance has been reactive for too long, focusing on addressing failures rather than preventing them. Integrating AI into process management offers an opportunity to shift that paradigm. By combining the best of technology and process management, compliance programs can reduce risk and enhance business value.

Mars Wrigley’s success story reminds us that the tools and strategies to transform compliance are available—but the onus is on compliance professionals to lead the charge. Whether through smarter risk management, better stakeholder engagement, or innovative technology adoption, the path forward is clear: process management and AI are not just operational tools; they are the future of compliance.

Now is the time to act. By adopting process management principles and leveraging AI, compliance leaders can build programs that are not only effective but also resilient, sustainable, and aligned with organizational goals. The question is no longer whether compliance should embrace these tools but how quickly they can integrate them into their processes.

By learning from companies like Mars Wrigley, compliance professionals can reimagine their programs, aligning them with the business’s needs while staying ahead of regulatory requirements.

Categories
Blog

Overcoming AI Resistance for Corporate Compliance Professionals

Artificial intelligence (AI) presents a paradox for corporate leaders. On one hand, its potential is undeniable: in a 2023 Gartner survey, 79% of corporate strategists deemed AI, automation, and analytics critical to their success. Yet, only 20% actively use AI in their daily activities. The gap between intention and action speaks volumes, especially in compliance, where AI offers unprecedented opportunities to manage risk, enhance efficiency, and ensure adherence to regulations. In a recent Harvard Business Review Article entitled Why People Resist Embracing AI, Julian De Freitas reviewed this issue and provided some ways to think through how to respond.

Despite its promise, AI adoption is hindered by human skepticism. Concerns range from fears of job loss to distrust in AI’s capacity for ethical decision-making. For compliance professionals, understanding and addressing these barriers is vital for leveraging AI to strengthen compliance programs and drive corporate integrity. In this blog post, I want to explore these challenges and how compliance leaders can overcome them. I have adapted Freitas’ article for the compliance professional.

The Five Barriers to AI Adoption in Compliance

  • AI’s Opacity: The “Black Box” Problem

Many employees resist AI because it operates as an inscrutable “black box,” offering conclusions without clear explanations. This lack of transparency can be a deal-breaker for compliance teams, as accountability is paramount in regulatory environments. How can an algorithm flag a suspicious transaction or identify potential bribery risks without explaining its rationale?

Compliance leaders should prioritize AI tools that offer clear, comparative explanations to overcome this barrier. For instance, instead of stating that a third-party transaction was flagged as high risk, the system should explain why, perhaps because of discrepancies in invoice patterns or connections to sanctioned entities. Such insights enhance trust and empower teams to make informed decisions.

Start small. Introducing simpler AI models before scaling to more complex ones can build confidence. Much like Miroglio Fashion’s approach to demand forecasting, a pilot program allows teams to familiarize themselves with AI and see its benefits before adopting more advanced systems.

  • AI Is Perceived as Emotionless

Compliance often involves navigating complex, human-centric issues, such as whistleblower reports, triage, Institutional Justice/Fairness, or ethical dilemmas. Many employees doubt AI’s ability to handle such subjective tasks, viewing it as emotionless and rigid. While AI can process vast amounts of data, can it understand the nuances of a whistleblower’s complaint or the subtleties of cultural differences in compliance?

Here, framing matters. Compliance leaders should emphasize AI’s ability to provide objective insights while leaving subjective decision-making to human professionals. For instance, AI can flag patterns in expense reports suggesting potential fraud, but the decision to investigate remains with compliance officers.

Anthropomorphizing AI tools can also make them more relatable. Tools like Amazon Alexa, with humanlike names and voices, have shown that users are more willing to interact with AI when it feels approachable. However, tread carefully in sensitive contexts, such as investigations, where a less personalized AI may feel less intrusive. Always remember the Human-in-the-Loop.

  • AI’s Perceived Rigidity

A common misconception about AI is that it cannot adapt or evolve. For compliance professionals, this rigidity could mean AI systems are seen as inflexible, unable to account for unique organizational contexts or evolving regulatory landscapes.

To address this, emphasize AI’s learning capabilities. Tools that improve over time, such as those that adapt to new fraud schemes or regulatory updates, mainly through large language models, can demonstrate AI’s ability to evolve alongside the business. Netflix’s content recommendations, for example, continuously improve based on user behavior. Compliance systems should follow suit, showcasing how AI refines its processes to meet organizational needs better.

At the same time, compliance leaders must balance flexibility with predictability. Highly adaptable AI systems can introduce risks if they deviate too far from expected outcomes. Regular monitoring and safeguards are critical to ensure the system operates within defined ethical and regulatory boundaries.

  • Fear of Loss of Control

AI’s autonomy often feels threatening, particularly in compliance, where human judgment is paramount. Employees may worry that AI will override their expertise or act independently in ways that could jeopardize compliance efforts. For example, an AI tool autonomously approving transactions without human review might lead to unchecked risks.

The solution? Implement human-in-the-loop systems, where AI supports decision-making rather than replaces it. Nest’s smart thermostat, which allows users to switch between manual control and automation, is an excellent analogy. In compliance, this could mean using AI to flag risks while leaving final decisions to compliance officers. Such hybrid models restore employees’ sense of agency while ensuring AI enhances rather than undermines human oversight.

  • Preference for Human Interaction

Compliance is inherently relational. Building trust, navigating cultural differences, and addressing employee concerns require human empathy—qualities many believe AI lacks. Resistance to AI often stems from the belief that humans are better equipped to handle nuanced interpersonal issues.

While AI cannot replicate human empathy, it can support human efforts. For example, generative AI can analyze patterns in hotline reports to identify systemic issues, allowing compliance officers to focus on building relationships and fostering a speak-up culture. Framing AI as a tool that amplifies human capabilities rather than replacing them can help reduce resistance.

Strategies for Driving AI Adoption in Compliance

  1. Start with Transparency. Be upfront about what AI can and cannot do. Educate employees on how AI systems work, their limitations, and the safeguards to prevent misuse. Transparency builds trust and encourages collaboration.
  2. Focus on Small Wins. Demonstrating tangible benefits through pilot programs can win over skeptics. For instance, AI can automate low-risk tasks like policy distribution or routine transaction monitoring. Success in these areas can pave the way for broader adoption.
  3. Prioritize Training and Support. AI adoption requires investment in employee training. Equip teams with the skills to use AI tools effectively and provide ongoing support to address questions or concerns. Mercedes-Benz’s Turn2Learn initiative offers extensive AI training and is a model worth emulating.
  4. Align AI with Ethical Standards. Compliance professionals must ensure AI systems align with the organization’s values and ethical standards. Regular audits, bias checks, and transparent reporting can reassure stakeholders that AI is being used responsibly.
  5. Measure and Iterate. Establish clear metrics to evaluate AI’s impact on compliance processes. Use these insights to refine the system, addressing pain points and enhancing effectiveness.

AI in Compliance: A Strategic Imperative 

AI’s potential to revolutionize compliance is immense. From automating routine tasks to identifying emerging risks, it can make programs more efficient, proactive, and resilient. However, realizing this potential requires more than technology; it demands a cultural shift.

Compliance leaders must champion AI adoption by addressing psychological barriers and demonstrating its value. Organizations can harness AI to strengthen compliance and drive business success by prioritizing transparency, fostering trust, and empowering employees. As the Gartner survey reminds us, AI is not just a tool for the future—it’s a strategic imperative for today. The question isn’t whether to adopt AI but how to do so in a way that aligns with organizational goals and values. For compliance professionals, the path forward is clear: embrace AI, empower your teams, and lead the charge toward a more efficient, ethical, and innovative compliance landscape.

Categories
Blog

Reimagining Compliance as a Product

In the modern corporate environment, compliance must transcend its traditional role as a set of rules and regulations. Instead, it should be reimagined as a product—something employees actively choose to engage with daily. Inspired by product design principles, this approach positions compliance as a value-driven offering that meets employee needs while supporting organizational integrity.

In an HBR article entitled Reimaging Work as a Product, authors Eric Anicich and Dart Lindsley ask if there is a better way to approach the employee experience. The authors challenge traditional paradigms by proposing that work be viewed as a product employers offer employees. They advocate that reimagining work as a product addresses the disengagement and dissatisfaction rampant in the workforce and aligns employees’ needs with organizational goals. I have adapted their piece for a compliance audience.

This concept is about something other than making compliance easier. Instead, it is about making it indispensable and aligned with employee motivations. By redesigning compliance as a product employees “purchase” with their engagement, compliance professionals can enhance participation, foster a culture of ethics, and drive long-term success.

It all begins with why compliance must be seen as a product to be delivered inside an organization. Compliance often needs help to capture employee attention. Mandated training modules and periodic policy updates can feel disconnected from day-to-day work. Employees may view compliance as a checkbox task rather than a meaningful element of their roles. Yet, disengaged employees pose significant risks, from regulatory violations to ethical breaches.

Reimagining compliance as a product addresses these challenges. Like any successful product, compliance should do such things as (1) solve employee pain points, (2) offer clear and personalized value, and (3) foster ongoing loyalty and engagement. How can compliance move to this approach or at least be seen?

The Product Design Approach to Compliance

  • Understanding Why Employees “Hire” Compliance.

Drawing on Clayton Christensen’s Jobs to be Done theory, employees engage with compliance to fulfill specific personal, professional, or organizational needs. Some examples of compliance jobs are reducing risk for a corporation and its employees, as everyone wants protection from liability or disciplinary action. Compliance enables growth and profitability, as more effective compliance = more efficient business process = greater profitability. Finally, compliance aligns with the values of almost all employees, as they want a workplace that mirrors their ethics.

This approach has another benefit for the compliance function. It requires an assessment of your organization from a cultural perspective. In the 2024 ECCP, the DOJ made clear that companies must use data to help manage their corporate culture. The information gleaned will also help the corporate compliance professional understand what the employees want and need from a compliance solution. You can use these insights to craft messaging that positions compliance as a solution to their unique challenges.

  • Segmenting Compliance Customers

Not all employees interact with compliance in the same way. Tailoring the compliance product to different groups ensures it resonates broadly. Just as the DOJ mandates tailored training and communications, you can tailor the delivery of compliance solutions for your employees. This can include using the Customer Segments in your organization, such as new employees, who will need a greater foundational understanding of policies and reporting channels. For managers, it could require advanced training on fostering ethical cultures, monitoring compliance, and learning how to the first intake in a speak-up culture. Finally, there will be employees in your organization who, because of their specialized roles, will require targeted knowledge, such as export controls for logistics teams or anti-bribery rules for sales.

The compliance professional can work to create tiered compliance offerings. For instance, beginner courses for new hires, role-specific modules for specialists, and leadership workshops for managers. This is also true for the targeted communications you use on a more regular basis for employees. For instance, more communications on facility payments could be a useful service for employees who travel internationally.

  • Balancing Employee Needs with Compliance Requirements

While compliance professionals must meet regulatory demands, they can still design programs that respect employee time and preferences. There are some easy ways for a compliance professional to not only think about this step but also act on it. You can consider the modular design of your compliance training by breaking it into smaller, digestible segments that employees can complete at their convenience. Interaction can also drive engagement, so consider using interactive formats such as gamification, simulations, or role-playing to make compliance training engaging and memorable.

Your first step should be to use analytics to identify bottlenecks in compliance processes. If employees find certain tasks burdensome, redesign them with user-friendly tools or workflows. From there, take the information and craft a solution that meets the users’ needs, not just those from the compliance department. As Carsten Tams continually reminds us, it’s all about the UX.

Measuring the “Success” of Compliance as a Product

Successful products are evaluated by customer satisfaction and retention. Similarly, compliance success should be measured by how effectively it engages employees and fosters a culture of ethics. As Megan Daugherty also reminds us, it is about the numbers. So, what are your metrics for compliance engagement? What are your adoption rates? How many employees complete optional compliance training or use reporting tools? Equally important are your retention rates. You must determine if your company’s employees consistently follow compliance protocols. Finally, go outside the box with something like the Net Promoter Score (NPS), which helps you determine how likely employees are to recommend their company’s compliance program to peers.

There are multiple tools you can use for feedback. You can use a Pulse Survey, which gauges employee perceptions of compliance processes. You can use Focus Groups to explore pain points and opportunities for improvement in depth. You can use behavioral data garnered through monitoring adherence to compliance requirements through key performance indicators (KPIs). Finally, tools such as the Culture Audit can provide both a benchmark and framework to help compliance professionals understand the state of their culture and how to assess and improve it.

Addressing Challenges in Compliance Product Design

There will be challenges in taking this approach. Some key (and early) challenges will include overcoming resistance, particularly from employees who view compliance simply as an obligatory burden. Yet framing compliance as a resource, not a restriction, highlights how it protects employees, supports their career goals, and aligns with organizational values. Another employee concern could be balancing personalization with fairness, as some employees might view personalized compliance experiences as creating perceptions of favoritism. The solution should be to set clear criteria for personalization, such as role-specific training requirements, and communicate them transparently to avoid misunderstandings.

Finally, the biggest challenge will be to change the Tone at the Top by shifting your senior leadership’s mindsets. Typically, senior management prioritizes short-term goals over longer-term compliance initiatives. Here, you can quantify the value of compliance. For example, demonstrate how ethical lapses affect revenue, reputation, and employee retention to gain leadership buy-in.

Practical Steps for Redesigning Compliance as a Product

You should begin mapping the compliance journey by identifying key touchpoints, such as onboarding, annual training, and reporting. From there, look for pain points where employees disengage and redesign those interactions. Feedback loops can be useful to share survey results with employees to show that their input shapes compliance initiatives. Compliance Champions can work to empower managers and ethical leaders to advocate for compliance within their teams. Always remember to celebrate employees who model ethical behavior as brand ambassadors for compliance. Finally, in 2024, leverage technology by implementing AI-driven dashboards to monitor real-time compliance risks and engagement. Another key tool is chatbots, which provide instant answers to employee compliance queries.

Building a Compliance Product Employees Choose Daily

Reimagining compliance as a product transforms it from a mandate into a partnership. Compliance can become a trusted ally in the workplace by delivering value, fostering engagement, and respecting employee needs. This approach not only enhances compliance outcomes but also strengthens the ethical fabric of the organization. So, as Carsten Tams says, It’s all about the UX: are you treating compliance as a product employees want to engage with? The time has come to innovate compliance for the modern workplace, making it a cornerstone of trust, integrity, and success. Work to build a compliance program employees want to subscribe to every day.

Categories
Blog

Assessing and Aligning Your Corporate Values

One of concepts enshrined in the Monaco Memo is that the Department of Justice (DOJ) will assess corporate culture for any company that may find itself under investigation for Foreign Corrupt Practices Act (FCPA) violations. This enshrinement is not exactly new as Deputy Attorney General (DAG) Lisa Monaco announced this new DOJ focus in October 2021 in her speech to the ABA White Collar Bar Conference. The parameters of how the DOJ will assess culture are still being worked out but Chief Compliance Officers (CCOs) and compliance professionals need to be considering this issue in the context of their own compliance programs and corporate culture in case the DOJ ever comes knocking. Over the next several blog posts, I will be exploring how a corporate compliance function can assess, monitor and improve your corporate culture.

We begin with assessing your corporate values and then aligning them within your organization. In a recent Harvard Business Review (HBR) article, entitled What Does Your Company Really Stand For?, authors Paul Ingram and Yoonjin Choi explored these and other issues. I have adapted their work for the compliance professional. The authors believe that corporate values are more critical then ever.

New technologies, the lingering effects of the Covid-19 pandemic and the continued fallout from the Russian invasion of Ukraine have forced companies to “reassess what they value in their relationships with their employees, their customers, and even their societies… Across industries and sectors, companies have been forced to ask themselves, “What do we stand for?” and “What binds us to one another and to the community?” Through their research, the authors discovered, “They discovered that when a company’s official values match those of its employees—a situation they call values alignment—the benefits include higher job satisfaction, less turnover, better teamwork, more-effective communication, bigger contributions to the organization, and more-productive negotiations, not to mention more diversity, equity, and inclusion.”

The authors developed a five-step approach for values alignment. The first step is to identify the values within your employee base and create what they call a “values structure” which represents “the eight values that are most significant for each individual and the interdependencies that person perceives among them. For example, someone might believe that pursuing excellence will help satisfy the value of achievement.” Step two is to identify key priorities from strategy to determine “What is the most important thing the organization can do to achieve its strategy?” This determination will allow you align your official values with your organization’s mission.

The next step is to wed values that serve both the organization and its employees. Here you can use a group or groups of employees to make these connections to create value statements based upon the outputs from steps one and two. You may create many value statements, but these can be refined down. The authors note, “values alignment does not require exact matches; someone who identifies achievement as an individual value is likely to feel aligned with a similar organizational value—say, accomplishment. So you have some flexibility in creating your potential value statements.”

Next, in step four, you should begin the assessment process. Here try to be as wide and inclusive as possible. The authors state, “any member of the organization whose input is significant to its ultimate success should be invited to weigh in.” The benefits are clear as the more employees and other stakeholders involved, the wider the engagement will be going forward. This will lead to greater buy-in at the end of the day as well. The fifth and final step is to generate a final list of organizational values. In this process, senior management may become more involved.

The authors concluded their article by noting, “when properly aligned, values are powerful. They serve your strategy and provide your employees with authentic connections, and in so doing they create a foundation for better group performance and higher personal satisfaction. But values are not magic. They don’t become real or effective just because you announce them to your organization in a town hall meeting or etch them into marble at HQ. If you want to enjoy their benefits, you need to work with everybody in your organization to identify and align them. That requires the kind of careful attention and hard work that we’ve described in this article. We can assure you that it’s worth it.”

From the compliance perspective, the protocol the authors have set out can be quite useful. Recognizing that values are but one part of an overall corporate culture, this gives you a mechanism to think through how to begin an overall assessment of your organization. Values do make a portion of an overall culture. Through the engagement advocated herein, you can not only get a good reading on such key values as trust and respect, but, more importantly, learn how to incorporate them as overall assets into your corporate culture.

Categories
Blog

Principals of Effective Organizations: Part 2 – Olivia Newton-John and Operationalizing Compliance

We also lost someone Monday who was a cultural phenomenon for many decades, Olivia Newton-John, the beautiful Australian singer who burst on the US scene in 1974. She is probably best known as the heartthrob Sandy in the movie version of Grease where she put the singer’s chaste image behind her. According to her New York Times (NYT) obituary, “her character, Sandy, transformed from a pigtailed square smitten with John Travolta’s bad-boy Danny to a gum-smacking bad girl. “Grease” became one of the highest grossing movie musicals ever, besting even “The Sound of Music.” Its soundtrack was the second best-selling album of the year, beaten only by the soundtrack for “Saturday Night Fever,” which also starred Mr. Travolta.” If you can watch Grease without singing along, you are probably dead.

For my personal tribute I will quote a Facebook post from my friend Bill Dyer who I have known since 1976 when he was my RA at the University of Texas. Dyer penned the following, “In the summer of 1974, before my senior year at Lamesa High School, I was a full-time DJ at KPET-AM. Olivia Newton-John’s “If You Love Me, Let Me Know” album had come out in May, and we had a promotional copy at the station…The single I was *supposed* to play from this album was the country & western(ish) title song, “If You Love Me, Let Me Know” — consistent with our station’s C&W format. But the track that I personally preferred from the album was this song, I Honestly Love You. The programming director gave me grief about it, and I did indeed also play “If You Love Me, Let Me Know.” But this was THE heart-throb song of the summer. And yeah: It still gets me. Requiescat in pace, Olivia Newton-John. You were jaw-droppingly talented and lovely, and your music will continue to summon forth some of my most vivid memories of my young adulthood.”

We are currently exploring 10 Principles of Effective Organizations, by Michael O’Malley. The author identified 10 research-backed principles from the field of organization development to guide companies and I have adapted them for the compliance professional. Yesterday in Part 1, we took up his first five, focusing on the Chief Compliance Officer (CCO), and today we conclude with his final five, focusing on operationalizing your compliance program.

Diversify your workforce — and create an inclusive environment

 Every CCO should be modeling diversity, but the author makes clear the benefits of diversity, noting “Complex tasks require a diverse mix of viewpoints and abilities to satisfactorily complete.”  For compliance this need will only grow with the need for a diversity of subject matter expertise (SME) in a corporate compliance function, including compliance, legal, behavioral psychology and behavioral organization, data scientist and a host of others.

Compliance functions in 2025 and beyond will “require large numbers of different agents to enhance system reliability and resilience.” In addition to the diverse workforce and discipline need for any compliance program, you should consider diversity of citizenship so that not all your compliance talent is from the domicile from your home country. You should also consider bringing other corporate disciplines into your compliance function on a rotating basis such as sales leaders, senior executives and Human Resource (HR) functionaries as well.

Promote personal growth

Almost stating table stakes in the 2022 corporate world, the author states, “An effective talent management program is one in which a company has a large pool of able, external job candidates, sufficient competent coverage of existing positions, succession plans throughout the organization, and a panoply of support programs: career counseling and development, career planning workshops and vocational assessments, mentoring and coaching programs, and in-house training and educational assistance to augment employees’ career objectives.”

Now take this base line and overlay what the Department of Justice (DOJ) has told us over the years. In theFCPA Corporate Enforcement Policy it states, “The quality and experience of the personnel involved in compliance, such that they can understand and identify the transactions and activities that pose a potential risk;”. This means not simply hiring competent compliance department personnel but also that they continue to grow within the compliance profession by going to conferences and growing professionally in other ways (such as reading blogs and listening to podcasts).

 Empower people

 While many CEO-types believe “the practice of empowerment in organizations is often like a parent handing the keys of a high-performance vehicle to their teenager and hoping, day after day, that the car will return intact.” CCOs and other compliance professionals recognize that empowering not simply your compliance team but indeed your employee base to ‘do compliance’ is a key manner to operationalize your compliance program to make it effective.

Always remember that as a CCO or compliance professional, your customers are your employees, and this can extend to other stakeholders such as key third-party partners. Empower these groups to do compliance and they can become not simply your good friends but also will allow you to move from a detect mode to a prevent mode. This also ties into having a true speak up culture in an organization.

Reward high performers

Here the author focuses on based pay for performance plans for employees. He believes that rewarding high performers can “increase job satisfaction and motivate action and, when appropriately structured, are instrumental in producing environments in which the best help the rest. Indeed, it is common in teams that the top members will lift the performances of good, but less capable, members.”

Yet when you consider rewarding your employee base for doing business ethically and in compliance you should consider the same benefits as a part of your compliance program. The DOJ has long recognized this as far back as the original edition of the FCPA Resource Guide which continues to state in the 2nd edition, “DOJ and SEC recognize that positive incentives can also drive compliant behavior. The incentives can take many forms such as personnel evaluations and promotions, rewards for improving and developing a company’s compliance program, and rewards for ethics and compliance leadership.” So, reward your high performers for doing business ethically within your company’s values in addition to your compliance function personnel who do great work.

Foster a Leadership Culture

Even in 2022, ethics and compliance all starts at the top. The author correctly notes, “Everyone who has worked in an organization knows the affective power of leadership and its effects on culture, both good and bad.” Appropriate tone at the top and a compliance program and function to back up “supportive, inclusive management practices that provide assurances of safety allow people to take reasonable risks, make mistakes, speak up and challenge the status quo, and ask for help and request resources to make improvements” will help your organization going forward.

Senior management who create safe environments encourage “employees to more openly and beneficially interact, learn and grow, display greater creativity, and think of themselves as potent and efficacious actors will reap those benefits. Despite the known value of leadership, organizations frequently show little genuine interest in the quality of leadership by foregoing meaningful assessments and by being far too accommodating of managerial miscreants who may be productive but are toxic to the organization’s culture.”

The author concludes, “Fulfilling these 10 principles is a tall order.” Nonetheless, any CCO who puts these into practice will have a compliance function that should be resilient and able to respond to market or regulatory changes when needed and does business ethically and in compliance through a fully operationalized compliance regime.

Tom’s Top 5 Olivia Newton-John Playlist (all from YouTube)

I Honestly Love You

You’re the One I Want

Summer Nights

Xanadu

Let Me Be There

Categories
Blog

Fostering Ethical Conduct Through Psychological Safety: Part 3 – Fixing an Unsafe Workplace

Bill J. Allen died last week. Not familiar with the name? Then check out his New York Times (NYT) obituary. Perhaps outside of Illinois or Ohio, he ran one of the most brazen state legislature corruption schemes around, in the state of Alaska. His power and influence were so great that he was the cooperating witness who brought down a sitting Senator, Ted Stevens, although the Indictment was withdrawn after conviction but before sentencing due to prosecutorial misconduct.
Allen held court at a suite at the Westmark Baranof, a luxury Art Deco hotel four blocks from the State Capitol in Juneau, where he and his cronies “dished out money and told their visitors what they wanted in return. Mr. Allen and his circle seemed to revel in their shamelessness. He and Mr. Smith always booked Suite 604, and Mr. Allen always sat in the same chair. He bragged that he kept $100 bills in his front pocket, the easier to dole them out to friendly politicians. The girlfriend of one politician even had hats embroidered with the letters CBC, for “Corrupt Bastards Club.””
Allen and his brazen corruption schemes seem like a good way to introduce the concluding Part 3 of my series on fostering an ethical culture through psychological safety. This series is based on a recent article in the MIT Sloan Management Review, Summer edition, entitled “Fostering Ethical Conduct Through Psychological Safety” by Antoine Ferrère, Chris Rider, Baiba Renerte, and Amy Edmondson. In Part 1 we introduced the concept of psychological safety and why it is so important to creating an ethical culture in a business. In Part 2, we considered how to determine the state of psychological safety in your organization. Today in Part 3 we consider what happens in an organization where psychological safety is lacking and steps an organization can take to remedy this deficiency.
The authors believe that “when psychological safety is lacking, it may be a consequence of the employee having witnessed unethical behavior.” Moreover, the inversion of psychological safety “correlated to the quantity of unethical behavior noticed. Put simply, the more unethical behavior a person saw, the more likely they were to feel psychologically unsafe. This suggests that the experience of seeing more unethical behavior may diminish the psychological safety experienced by an employee.” Simply put if your bosses engage not only in corrupt behavior but simply unethical behavior, it will send a message throughout the organization that reporting unethical behavior will not be favored. One only need think of Jes Staley, former Chief Executive Officer (CEO) of Barclay’s who engaged in illegal behavior in attempting to unmask an internal whistleblower. In November 2021, Staley resigned amid a regulatory probe into whether he mischaracterized his relationship with the financier and sex offender Jeffrey Epstein. In many ways Barclays has never recovered.
The authors basically state the obvious when they write, “it makes intuitive sense that being in a work environment where unethical behavior is prevalent might diminish psychological safety.” Put another way “people are most reluctant to speak up in ethically troubled environments, where we most need them to do so.” This is an important issue for every Chief Compliance Officer (CCO) and business leader. To overcome such a deficiency, they found that “several other factors correlated with strong speak-up behavior, keeping everything else constant: moral engagement, moral attentiveness, and organizational justice combined with clarity of expectations.”
Moral engagement. As a CCO you should endeavor to create an atmosphere where ethical conduct matters, “so that when employees recognize a potentially unethical situation, they will be motivated to do what’s right.” At Novartis International AG, the authors noted the company “created a decision-making framework called the Decision Explorer to support associates in making ethical decisions. Rooted in the company’s code of ethics, the tool helps employees work through a situation to surface ethical considerations.”
Moral attentiveness. You can educate employees to recognize the ethical dimensions of situations. They point to the example at Novartis who “runs practical ethics training sessions that immerse employees in hypothetical scenarios where they must practice ethical decision-making. Another approach is to have managers highlight examples of ethical and unethical behavior with their teams and encourage dialogue on workplace ethics. Such grassroots employee contributions build trust and commitment by giving employees a role in strengthening the code of behavior by which they are expected to live.”
Organizational justice. Obviously talk is cheap and it is actions, not deeds, that matter. The Department of Justice (DOJ) has made clear in the Update to the Evaluation of Corporate Compliance Programs that the keeper and responsibility of institutional justice sits with the CCO and the authors find that this same concept “is vital to building a reputation of organizational justice.”
Clarity of expectations. CCOs must communicate a clear message to employees so that employees will have “an understanding of organizational standards and are clear about expectations.” Second, CCOs must act decisively in response to employee reports of misconduct to show that there are consequences for unethical behavior. To foster greater psychological safety, coach and empower line managers to create safe spaces for discussing ethical concerns, and help them react appropriately when such issues are raised.
The siloed nature of this issue must also be addressed. As previously noted, this issue touches multiple corporate disciplines including HR, ethics and integrity, risk management, legal and compliance. There must be a cross-functional approach in building a culture of ethics and performance. For example, Novartis created a cross-functional working group focused on the notion of ethical leadership.
The authors concluded, “Building a psychologically safe environment to facilitate speaking up about ethical conduct is relevant to both company reputation and long-term business performance. Unethical conduct can remain hidden for a time but is likely to be discovered eventually, causing far more harm than if it were caught and corrected early. Psychological safety thus can help organizations respond and improve quickly instead of allowing misconduct and unethical behavior to fester and further degrade workplace psychological safety, thus triggering a vicious cycle.” Every compliance professional should use the research from the authors study to craft a program to create or improve the psychological safety at your organization. The authors frankly state that organizations which have relied on speak-up channels or ombudspersons as mechanisms for reporting unethical behavior is no longer sufficient. “They need to be complemented by efforts to actively shape and promote an ethical climate in which managers are equipped to support employees’ ability to say what they think and react appropriately to what they hear.”

Categories
Blog

Ethical Conduct Through Psychological Safety: Part 2 – Safety in the Middle

According to Juan Toribio, writing in MLB.com, Blake Grice waited patiently with his right hand raised for about two minutes to hear his name called inside the Dodgers’ interview room. When he was finally noticed, LA Dodgers star pitcher Clayton Kershaw asked “Whatcha got?” The 10-year-old related that his dying grandfather, Graham, had created a bucket list of things he still wanted to do, one of which was to meet Kershaw. Blake was credentialed by MLB to attend the Post-Game Press Conference and when he did, he dedicated the moment to his now deceased  grandfather.
As reported by Toribio, Blake told Kershaw ““My grandpa loved you. He watched the 1988 [World] Series and he wanted to meet you and Vin Scully one day. So this moment is important to me because I’m meeting you for him.” Before he finished telling Kershaw the story, Blake began to cry” and Kershaw responded by going over to Blake and consoling him with a hug. Kershaw the said to him, “Come here, dude, great to meet you. Thanks for telling me. That took a lot of courage to tell me that. Great to meet you. Your granddad sounded like an awesome guy. Thanks for coming up.””
With a nod of the (St. Louis Cardinals) hat to Tim Erblich for sending me this story, I thought it was a very good way to introduce Part 2 of my series on advancing ethical culture through psychological safety. This series is based on a recent article in the MIT Sloan Management Review, Summer edition, entitled “Fostering Ethical Conduct Through Psychological Safety” by Antoine Ferrère, Chris Rider, Baiba Renerte, and Amy Edmondson. The authors believe “there are a number of things organizations can do to make it more likely that people will speak up when they observe unethical behaviors.” But one key is psychological safety, defined by co-author Edmondson as “a shared belief held by members of a team that the team is safe for interpersonal risk-taking” — or, put another way, that “we can say what we think” or “be ourselves around here.” Today, we look at how to determine the state of psychological safety in your organization.
The authors’ research concluded that while many employees “said that they spoke up after witnessing perceived unethical behavior, a substantial minority said that they did not speak up.” The authors found that “those who felt less psychologically safe were significantly less likely to report those behaviors via channels where organizational leaders might act on them.” Conversely, employees “who felt the most psychologically safe were most likely to have reported the misconduct they observed. This held true even after taking into account a range of other psychological factors that could influence incident reporting, such as perceived levels of organizational justice, fairness, and trust. Psychological safety is therefore important for more than just team effectiveness and well-being; it may also be critical for forming strong ethical cultures where employees feel comfortable speaking up.”
Interestingly, the authors realize the non-siloed nature of psychologically safety at the workplace. They note that ethics, risk management, legal and compliance functions, plus Human Resources (HR) all share an interest in fostering such an environment. This mandates a cross-functional approach as an essential requirement of molding an organization’s culture to include psychological safety. The authors believe, “Managers throughout a company must become aware of the blind spots created by a psychologically unsafe environment, along with the associated risk of underreported misconduct.” They also caution that a formal program such as a reporting hotline “may capture only a fraction of the problematic behaviors that occur.” This leads the authors to posit that gauging psychological safety “may help companies determine whether misconduct is being reported and, in turn, enhance the effectiveness of their formal speak-up programs.”
After 15 years of the Department of Justice (DOJ) and other regulators talking about “tone at the top”; the authors credit that most organizations appear to have senior leadership that talks about ethics positively. They believe “CEOs emphasize that integrity is a core value of their organizations, and that point is reiterated in calls with shareholders and during employee town hall meetings.” Unfortunately, while this messaging is important, the research indicated “it is not sufficient to prevent the derailers of ethical conduct that occur deep within an organization.”
The authors recognize what compliance professionals have known for some time, that it is middle managers, and “not just official speak-up channels are often on the front lines when it comes to hearing about unethical behavior.” They found that 80% of employees who did report internally, went to their direct managers, who are almost always in middle management. This is because middle managers are the company leaders play who play the critical role in ensuring that an employee speaking up feels supported and heard. The authors noted, “Our data shows that how line managers act has a disproportionate impact on the way potentially unethical behavior is addressed within organizations.”
Unfortunately, simply because a middle manager may feel psychologically safe you must not assume that their direct reports feel the same way. Confirming the findings from the ECI Report of its 2021 Global Business Ethics Survey, “managers and senior leaders tend to feel more psychologically safe than their employees and have a more positive perception of their organization’s ethical climate than the rest of the workforce. When you put these two findings together it makes clear that the higher up in the organization you go, there may well be “an ethical blind spot. That makes the role of team managers even more important when it comes to fostering an environment conducive to both engaging in ethical behavior and talking about ethics in an open, constructive way.”
The authors also confirmed a greater problem which is that “in a global context, psychological safety is not uniform across nations.” Survey respondents from “the Americas and Europe tended to score higher on psychological safety than respondents from Asia.” This suggests to the authors that “the potential effectiveness of tailoring interventions that promote speaking up in order to address the specific circumstances of different groups of employees.” Moreover, “global organizations that seek to build psychological safety must assess its various region-specific drivers and derailers to adjust their activities to specific seniorities and cultures.”
Join us tomorrow in Part 3 where we consider why a company that does not have psychological safety throughout it can not only be so toxic but in serious danger as well.

Categories
Blog

Driving the Digital Transformation of Compliance

The digital transformation of compliance will probably be the biggest change in our profession since the move to operationalizing compliance in the past decade. Legal professionals are generally ill-suited to lead this effort due to the legal focused training we all received, not quantitative training that most business students received. This means that many Chief Compliance Officers (CCOs), compliance professionals and corporate compliance functions struggle to reap the benefits of investments in digital transformation. I was therefore intrigued by a recent Harvard Business Review (HBR) article, by Marco Iansiti and Satya Nadella, Microsoft Chief Executive Officer (CEO), on a five-step approach to digital transformation. The article, Democratizing Transformation, sets out how innovation can be pushed out throughout a company’s workforce. I have adapted it for the compliance professional.
For a true digital transformation, technologists and data scientists alone cannot bring about the kind of wholesale innovation both a compliance function and a business unit need. This means that your organization should pair “data scientists with business [and compliance] employees who had insight into where improvements in efficiency and performance were needed.” Another strategy, which is near and dear to the heart of Carsten Tams, Ethical Business Architect and founder and CEO of Emagence LLC, is to use Design Thinking concepts in designing and implementing a digital innovation of compliance. The authors note, “A growing number of teams adopted agile methods to address all kinds of opportunities. The intensity and impact of transformation thus accelerated rapidly, driving a range of innovation initiatives.” This same strategy can work in sales as well as compliance.
It is this step which “democratize access to data and technology” outside of compliance and can lead to true and permanent innovation. The potential for employee-driven digital innovation cannot be accomplished by small groups of technologists and data scientists walled off in organizational silos. It will require much larger and more-diverse groups of employees – executives, managers, and frontline workers – coming together to rethink how every aspect of the business should operate. Once again this is what Tams has talked about with his articulation of Design Thinking, the engagement of business unit employees can well be a significant driver of compliance.
To achieve the type of engagement which will drive real digital transformation, a CCO must create synergy in three key areas: Capabilities, Technology and Architecture. The authors state, “Digital transformation requires that executives, managers, and frontline employees work together to rethink how every aspect of the business should operate.”

  1. Capabilities. It is axiomatic that successful transformation and innovation efforts in compliance requires “that companies develop digital and data skills in employees outside traditional technology functions. These capabilities alone, however, are not sufficient to deliver the full benefits of transformation; organizations must also invest in developing process agility and, more broadly, a culture that encourages widespread, frequent experimentation.” It is all a long-winded way of saying “Call Carsten Tams” and use his framework for Design Thinking as a starting point for your digital transformation.
  2. Technology. As always, “investment in the right technologies is important, especially in the elements of an AI stack: data platform technology, data engineering, machine-learning algorithms, and algorithm-deployment technology. Companies must ensure that the technology deployed is easy to use and accessible to the many nontechnical employees participating in innovation efforts.” Fortunately, there are more compliance product providers you can provide the right tech to you. See the Rise of ComTech.
  3. . One of the things that many compliance professionals do not often consider is that of architecture. The authors believe the “investment in organizational and technical architecture is necessary to ensure that human capabilities and technology can work in synergy to drive innovation. That requires an architecture—for both technology and the organization—that supports the sharing, integration, and normalization of data (for example, making data definitions and characteristics consistent) across traditionally isolated silos. This is the only real, scalable way to assemble the necessary technological and data assets so that they are available to a distributed workforce.” This is similar to what the Department of Justice (DOJ) intoned in the 2020 Update to the Evaluation of Corporate Compliance Program where they mandated for the first time that both the CCO and corporate compliance function should have access to all corporate data, literally cutting across all siloes.

The authors concluded, “mandate for digital transformation creates a leadership imperative: Embrace transformation, and work to sustain it.” I would add that these words apply even more so to the CCO who is leading the digital transformation of a compliance program. You should put together a clear strategy and sell it to the Board and senior management as well as communicating it “relentlessly” throughout your organization. Work to inaugurate a compliance “architecture to evolve into as you make the myriad daily decisions that define your technology strategy. Deploy a real governance process to track the many technology projects underway, and coordinate and integrate them whenever possible. Champion agility in all business initiatives you touch and influence. And finally, break free of tradition. Train and coach your employees to understand the potential of technology and data, and release the innovators within your workforce.”
Momentum is growing for the digital transformation of compliance; from the regulators to business units to investors. Indeed, it will be the driving strategy for compliance in 2025 and beyond. But we must always remember that it is the human element that will be the critical component to drive the transformation and more importantly use those tools to drive compliance up to the next level of effectiveness and engagement.