- Integrity, Not Just Ethics Programs
- May 23, 2013 | Authors: W. Brinkley Dickerson; David W. Ghegan; David I. Meyers
- Law Firms: Troutman Sanders LLP - Atlanta Office ; Troutman Sanders LLP - Richmond Office
- Clients routinely ask us to help them develop or improve compliance programs. The impetus can be varied - common reasons include a comment from a director, recognition that a program is a bit stale, or recent adverse publicity regarding a high-profile FCPA case that may have alarmed management. Seldom, however, are we asked to review a compliance program because someone at the client simply believes that the client should operate its business with greater integrity. We are called upon to help with preventive maintenance, not philosophical proactivity.
Well-executed compliance efforts are becoming increasingly expensive, and it is very hard to staff the function effectively. There is no traditional educational or career track for compliance officers, and the breadth of the compliance requirements in an increasingly regulated and international business environment is extremely broad. Long gone are the days when compliance equated to robust anti-discrimination policies and good environmental practices. It is not unusual for the compliance function to actively address issues in fifteen or so different substantive areas. And the programs themselves are hard to design and cumbersome. In addition, the consistent flow of FCPA and other problems that we see from clients (and help them address) - clients that have, by all standards, well-considered traditional compliance programs - highlights that even the best programs are not as effective as hoped-for or needed.
When we consider these factors, we reach an easy conclusion: Fundamentally, the approach to compliance needs to be different. Traditional rules-based or process-based programs should not be abandoned, but they need to be predicated on an integrity-based institutional tone. Senior management and the board need to start by asking themselves the question, “How can we operate our business with greater integrity?” Then they need to ask that question of their senior managers, and if the answer is “I am not sure,” they need to remind everyone involved that it is core to their position that they not only know the answer to that question, but also that they implement it.
But let's consider the other likely answer to that question when it is first asked: “What do you mean? Of course we operate our business with integrity.” We are confident that is exactly how most first-rate companies viewed their businesses right up until they agreed to pay a multi-million dollar fine to the DOJ, SEC or some other agency for problems that ultimately were generated by a lack of integrity - or, at a minimum, a lack of alignment of personal goals with institutional goals - on the part of individuals in their organizations. And to some extent, the answer is correct, so it sounds right when provided: Senior management at virtually every company we know is genuinely committed to act with integrity. But that commitment does not flow downstream as perfectly as hoped, and compliance programs are more like fishing nets than water-proof fabric. Companies have to recognize that it takes more than just a well-considered program.
So what should companies do besides ask questions? We favor basic, free-market principles. Performance goals that include personal objectives should include an objective tied to promotion of greater institutional integrity. Financial performance metrics should be subject to an express override that is triggered by a failure of institutional integrity. Personnel reviews should expressly include a component tied to the promotion of institutional integrity. Objective indicia of fulfillment should be required. The implementation should start at the top and go down to the lowest levels practicable within the company. There should be no excuses, such as “no one else does this,” “it is hard,” and “it is not going to make us any money.”
We believe a good return on investment from these efforts does exist - compliance costs will decrease, investigations and other problem-solving efforts will be less frequent, less expensive and less of a distraction for senior management, and reputational risk will be lowered. All are positive results and worth the awkwardness of taking a more progressive approach than the current norm.
Representing clients in investigations is good work, and we believe that we do a good job at it. But we would much rather represent those same clients in their next acquisition or public offering.