How to Write and Enforce Your Ethics and Compliance Policy

Even the strongest policy won’t influence corporate culture unless you hold employees accountable

Posted by Dawn Lomer in on January 21st, 2013

As bribery and fraud cases populate the front pages of the news more and more, the terms “compliance and ethics” seem to have gone out the window. Is corruption really as rampant as the media would have us believe?

Apparently so, at least in our neck of the woods. The 2015 Corruption Perceptions Index ranks Canada in 9th place, the UK in 10th and the US in 16th place out of the 167 countries included.

Combat the Grey With a Policy

There are many complicated theories on why businesses slide into ethical grey areas, but very simple theories on how to avoid them. And experts agree that the simplest, most basic tool businesses can use to combat corruption is a strong ethics and compliance policy that is embedded in a company’s culture.

To understand the elements of a strong ethics and compliance policy, it’s important to understand that each company’s ethics and compliance programs will be different. Policies are built around a company’s processes and influenced by the industry in which it operates.

However, there are some common elements that should be included in every company’s ethics and compliance policy. If you get these right, you’ll have the basis for a stellar policy that, if implemented correctly, influences your company culture forever.

Start With the Risks

FREE Investigation Report Template

Prepare thorough, consistent investigation reports with our free report template.

Download Template

The best way to determine what to include in your company’s ethics and compliance policy is to identify the ethical risks your company encounters most often and think of how to best guide employees faced with those situations. Provide concrete examples of situations an employee might face and clear direction on how he or she should respond.

Once the policy is created, it must be reinforced through training, repetition and enforcement of consequences for violating it.
Be specific, clear and direct about where the company draws the line between what is and what is not acceptable in each situation. Don’t leave room for interpretation.

7 Elements of a Good Policy

The seven key elements of a strong ethics and compliance policy are:

  1. Compliance with the law – These are the most basic forms of compliance, but companies should challenge themselves to go beyond complying with the minimum standards.
  2. Definition of unethical behavior – What does your company mean by “unethical behavior”? Define terms, such as harassment, discrimination, bribery, theft, fraud and retaliation. Provide examples and consequences for violating the policy.
  3. Integrity statement- Some companies include their mission, vision and goals for employee conduct in this section of the ethics and compliance policy.
  4. Anti-Bribery, gifts and entertainment- Let employees know where your company stands on the issue of gifts and entertainment. Some companies allow gifts to be sent or received if the gift is under a given value. Eliminate grey areas by creating a clear rule.
  5. Reporting mechanisms - Employees are likely to uncover unethical practices in the workplace before senior executives do. Tell employees how to report misconduct. Stress the company’s open-door policy and encourage employees to use it. Include hotline phone numbers, ombudsman information and website addresses for anonymous reporting.
  6. Confidentiality- In some cases, ultimate confidentiality cannot be maintained due to the discovery of a criminal act or a court case. Make a statement that confidentiality will be upheld to the highest possible degree for those making complaints or involved in internal investigations.
  7. Accurate accounting- Corporate accounting is highly regulated, but often violated. Include a statement directing that all transaction be accurately reflected in company books and records.

Tone From the Top

Even the strongest ethics and compliance policy won’t be worth the paper it’s printed on (or the server it resides on) if it isn’t enforced. Once the policy is created, it must be reinforced through training, repetition and enforcement of consequences for violating it.

Most importantly, company executives need to set the tone from the top, demonstrating ethical business practices and attitudes and a zero-tolerance policy for violations.

 


Dawn Lomer
Dawn Lomer

Managing Editor

Dawn Lomer is the managing editor at i-Sight Software and a Certified Fraud Examiner (CFE). She writes about topics related to workplace investigations, ethics and compliance, data security and e-discovery, and hosts i-Sight webinars.