So long sweet summer. However, for the folks at HP, the past month has been anything but sweet. In early August, HP announced the resignation of Mark Hurd following an internal investigation into sexual harassment allegations made against the now former CEO. As August ends, HP is making headlines again- this time following an investigation into alleged kickbacks paid by the company. HP agreed to a $55 million settlement, as the company was accused of paying kickbacks to the US government in exchange for business contracts. Here’s a look at the past month at HP, as well as some lessons the company should consider applying when rebuilding its corporate ethics:

Investigations, Lawsuits and Settlements…Oh My!

Sexual Harassment Investigation: August 6th- Late on a Friday afternoon, Mark Hurd resigns from his position of CEO at HP. The company received a sexual harassment complaint directed at Hurd and during the investigation, investigators discovered that Hurd had inaccurately completed his expense reports as a way to conceal his relationship with a female contractor occasionally hired by HP. Investigators felt that Hurd hadn’t committed a sexual harassment violation, but instead, claimed he violated the company’s standards of business conduct by falsifying his expenses. I feel like I share a similar opinion with many others when I say that there’s got to be more behind Hurd’s ousting.

In a news release from Reuters, “HP After Hurd: We’re Looking Forward, Not Back,” James Niccolai writes:

“The seemingly minor nature of the offenses has led to speculation that there were other reasons for Hurd’s departure. New York Times columnist Joe Nocera suggested last week that the board was simply looking for an excuse to fire Hurd because he was deeply unpopular.”

Kickback Probe: August 30th- Based on a whistleblower report filed in 2007, HP is one of a few companies that have opted to pay a settlement with the US Department of Justice. The DoJ was investigating allegations that HP was paying kickbacks to gain business from federal agencies in the US. In a post on a Wall Street Journal Law Blog, “H-P Ends August With a Bang, Settling Kickback Probe for $55 M,” Ashby Jones provides an over of the accusations directed at HP:

“The Justice Department alleged that H-P knowingly paid ‘influencer fees’ to systems-integrator companies in return for recommendations that federal agencies purchase H-P products. It also alleged that H-P’s 2002 contract with the General Services Administration for computer equipment and software was defectively priced because the company provided incomplete information to contracting officers during negotiations.”

HP continues to deny any wrongdoing, stating the company didn’t engage in any illegal acts. In a statement made by HP’s interim CEO, the company simply wants to put these events behind them and move forward.

A Light at the End of the Tunnel

Sometimes, companies need to face the facts and own up to the actions of their staff. Siemens, Tyco and Johnson & Johnson are only a few of the many companies that have had to conquer the consequences of ethical lapses and the negative media that comes with it. In each of these three cases, there were actions taken that exhibit best practices in “ethics scandal recovery.” A lesson from each company’s experiences that could be applied at HP include:

1. Siemens: Ethics Training

Employees need to know what’s expected of them. After the bribery investigation was settled at Siemens, the company began working from the bottom up to rebuild ethics into each level of the organization. A state-of-the-art ethics and compliance training program was developed, providing employees with training tailored to their specific roles within the organization. At HP, it’s apparent that certain ethics topics could use some revisiting. HP should reevaluate the different risks faced by employees and use this information to ensure training topics are up-to-date with current ethics and compliance threats. Break information down into smaller sections. This makes it easier for employees to digest information and allows training to take place on a more frequent basis. Constant communication with employees is necessary in order to get them to make the necessary ethical changes.

2. Tyco: Tone at the Top

Tyco’s ethical transformation began in 2002, after former CEO Dennis Kozlowski and former CFO Mark Swartz were given the boot for embezzling hundreds of million of dollars from the company. Tone at the top quickly became one of Tyco’s top weapons in fighting its way back from the dark side. Since HP has yet to find a permanent replacement for Hurd, HP should look for a CEO that demonstrates the ability to be an ethical leader, is passionate about conducting business in an ethical manner and who will hold employees accountable for their actions- regardless of their position in the company. Hurd admitted himself that he didn’t live up to his own standards of integrity and respect, therefore, how could he expect that of his employees? At Tyco, Ed Breen made it his mission to place ethics and integrity at the forefront of business at Tyco, the next CEO at HP should too.

3. Johnson & Johnson: Transparency and Communication

During the 1980s Tylenol recall, transparency and open communication with the public were Johnson & Johnson’s keys to success in responding to the crisis. The cyanide-laced pills were contained to a specific area and were the product of an individual tampering with the package. J&J could have just issued a statement saying they were not responsible for the cyanide entering the packages, but instead, the company launched one of the largest recalls to-date, replaced Tylenol purchased by consumers and developed an extensive media campaign to go along with the recall. The company chairman communicated regularly with the media, and in a press conference, gave a tremendously transparent overview of every detail related to the recall. The lesson to HP- open up to the public, don’t give them room to speculate. Thus far, the company has remained tight-lipped about the reasoning behind Hurd’s departure, and it doesn’t seem to be working in the company’s favour.

H-P Ouster a ‘Teachable Moment’- The Wall Street Journal

There have been countless articles written since August 6^th, when HP ousted their now former CEO, Mark Hurd. In particular, this article from the Wall Street Journal focuses on the importance of proper expense reporting and how the HP example has already served as a lesson in numerous workplaces. The article features comments from ERC President, Patricia Harned, in which she states:

“Companies will often use very public cases as a teachable moment to remind employees why certain policies are so important.”

The article discusses the increased harshness faced by executives who make poor, unethical decisions, as they are supposed to be leaders and set an example for their employees. The article also features a great discussion about the importance of administrative staff in detecting inaccurate or unjust expenses.

Employers must be prepared to follow new legislation that has been enacted to increase protections for whistleblowers. The recent passing of the Dodd-Frank Act continues to follow the trend towards putting an end to whistleblower retaliation- as well as rewarding whistleblowers for bringing forward evidence of unethical or criminal acts taking place within an organization. Whistleblowers can become victims of retaliation whether it comes from managers or fellow employees.

Employers have a responsibility to their employees to protect them from retaliation, which has resulted in a number of companies going above and beyond the law to develop their own programs to protect whistleblowers. In a previous post, “Vicki Sweeney of KPMG Presents Best Practices in Preventing and Monitoring Workplace Retaliation,” I discussed the retaliation monitoring program in place at KPMG, to further assist in protecting whistleblowers at KPMG. This post will focus on the expansion of the whistleblower protections under the Sarbanes-Oxley Act and financial incentives for whistleblowers, which have both been included in the Dodd-Frank financial reform legislation.

Enhanced Protections Under the Dodd-Frank Act

The Dodd-Frank Act includes a major expansion of the whistleblower protections outlined in the Sarbanes-Oxley (SOX) and Consumer Protection Acts. As outlined in Section 922 of the Act, here are some of the protections employers will need to draw attention to include:

• Prohibiting Retaliation: Employers cannot demote, discharge, suspend, threaten, harass or discriminate against whistleblowers in any way for disclosing information protected under SOX and the Securities Exchange Act. If an employee believes they have been retaliated against, they can bring their case to court. Wrongful dismissal claims must be filed within six years of the violation occurring or three years after the date when the claim is known. In any case, action in a wrongful termination suit must be filed within 10 years from the date the violation occurred.
• Bringing  a Complaint Forward: Originally, whistleblowers only had 90 days to bring a claim forward. Now, that time span has been doubled, giving whistleblowers 180 days from the point of initial discovery, to make a claim.
• Expansion of “Covered” Groups: Employees from publicly traded companies are now granted whistleblower protections under the Dodd-Frank Act.
• Establishment of the SEC Whistleblower Office: Under section 924 of the act, the SEC has until April 2011 to launch a whistleblower office. The whistleblower office will administer and enforce the amended provisions of the Securities Exchange Act to comply with the Dodd-Frank Bill. The Bill also states that the SEC whistleblower office must report annually to the “Committee on Banking, Housing, and Urban Affairs of the Senate and the Committee on Financial Services of the House of Representatives on its activities, whistleblower complaints, and the response of the Commission to such complaints.”

Whistleblower Rewards

Being a whistleblower isn’t easy. When an employee makes the decision to come forward with information regarding workplace misconduct, it usually results in retaliation or job loss. For many, their reputation takes the largest hit, making it difficult to stay in their current position within the company, or seek alternative employment. Whistleblowers seem to pay a pretty large price for doing the right thing – which has been taken into consideration with the Dodd-Frank Act.

Included in the Dodd-Frank Act are amendments to the Securities Exchange Act, providing increased financial incentives for whistleblowers. As outlined in Section 922 of the Act, here is an overview of the financial incentives in place for whistleblowers:

• Eligibility to be Granted an Award: Awards can be granted to one or more whistleblowers who volunteer original information to the SEC, which leads to the successful enforcement of the covered action.
• Award Amounts: Whistleblowers can receive anywhere from 10-30% of the total amount collected from the monetary penalties- exceeding $1 million, imposed on the guilty party.
• Determining the Amount of the Award: The amount awarded to the whistleblower(s) will vary on a case-by-case basis and is determined by the SEC. The SEC will take a number of factors into consideration including: significance of the information presented by the whistleblower, the degree of assistance provided by a whistleblower and any legal representative on their behalf and the interest of the SEC in fighting back against securities violations by encouraging whistleblowers to bring information forward.

I’m not too sure how effective financial incentives will be in encouraging employees to blow the whistle on someone in their organization. However, the award amounts mentioned above are a significant increase compared to the sums previously awarded to whistleblowers. According to the CFO Magazine article “Paid to Whistle,”:

“Before, the SEC could reward only whistleblowers involved in insider-trading cases. And the commission has been stingy: during its 20-year existence, the SEC’s whistle-blower program has paid out only $159,537 to five claimants.”‘

On Friday, HP CEO Mark Hurd was asked by the company’s board of directors to submit his resignation. As reported in the TechCrunch Article “HP CEO Mark Hurd Resigns, This Looks Messy,” the outcome of an investigation into sexual harassment allegations against Hurd “concluded that there was no sexual harassment violation, however it did find that Hurd violated HP’s ‘Standards of Business Conduct.‘” When news broke about his departure, Hurd claimed he himself hadn’t lived up to his own standards regarding integrity and respect. Therefore, if he wasn’t able to live up to these standards himself, what message does that send to the rest of the employees at HP?

Numerous reports state that the board’s decision to ask Hurd to resign was based solely on the lack of judgment he had demonstrated in violating the company’s code of conduct. This case is another example of how the unethical acts of a single individual lead to consequences that must be paid for by an entire organization. However, hopefully HP can use this event as an opportunity to rebuild and focus on ethics and compliance throughout the company.

Investigation Findings

An investigation was launched at the end of June as a response to allegations of sexual harassment that had been filed against Hurd. The woman who brought forward the complaint was a marketing consultant hired by HP for certain projects, but was never an employee at HP. During the investigation, investigators came across inaccurately documented expenses that were claimed to have been paid to the marketing consultant for her services. Falsifying the use of company funds violates HP’s Standards of Business Conduct, therefore, resulting in the demand for Hurd’s resignation. I give the board at HP a lot of credit for holding Hurd accountable for his actions and not accepting his offer to simply pay the company back the sum of the expenses he falsely claimed.

Hurd’s resignation raised many questions about the financial future of the company, as Hurd’s time at HP was marked with the success of increasing the company’s performance and value. However, in a press release issued by HP, they focus on the issue of the company’s financial sustainability, assuring investors and the public that the decision to ask Hurd to leave was due to the fact that his actions deemed him unfit to continue as the company’s leader.

The Wall Street Journal published an article, “Text of H-P Memo From Interim CEO,” which features the memo sent to all HP staff by interim CEO and HP CFO Cathie Lesjak, regarding Hurd’s departure:

“This is to advise you that Mark Hurd, Chairman and CEO of HP, has resigned from the company effective immediately. Mark’s resignation was submitted at the request of the company’s Board of Directors as a result of inappropriate behavior in which he engaged that violated HP’s Standards of Business Conduct and undermined his ability to continue to lead the company.”

Consequences

Anytime a company’s CEO falls under investigation, the entire company pays the price. Many begin to question the credibility of a company whose leader demonstrates unethical acts and the inability to make responsible decisions. HP has already started suffering the consequences of their former CEO’s unethical decisions. The New York Times article, “Boss’s Stumble May Also Trip Hewlett-Packard,” stated:

“But turning the page on the scandal will not be easy. While Ms. Lesjak maintained that investors remained confident in the company, H.P.’s share price tumbled 10 percent on Friday as word of Mr. Hurd’s departure rippled through Wall Street.”

As of yesterday, HP stocks have rebounded. However, it’s still too early to determine the full impact of Hurd’s actions on HP.

Opportunities

Unfortunately, it usually takes an event such as this for a company to learn from its mistakes and make positive changes within the workplace. A New York Times article, “Division of Roles Could Help H.P,” suggests that this event has opened up the opportunity for HP to divide the roles of Chairman and CEO. There is no word on whether or not HP plans on splitting up the job, however, it might be a wise decision to make based on some of the situations the company has found itself in recently. The division of these two roles has been gaining in popularity amongst corporate America, and is already common in many other countries.

The division of roles aids in increasing the accountability of those at the top. While some feel the division of roles leads to confusion over who is in charge, I feel that the separation of duties puts a system of checks in place on the CEO, making it difficult to get away with unethical acts, such as falsifying expense reports. For some companies, managing both the board of directors and the company can strain the CEO, creating an imbalance in the attention given to either side. When the CEO and chairman roles are divided between to two different individuals, there is someone present who can question the CEO on their decisions, rather than the CEO simply reporting to themselves.

In the blog post, “The FCPA – Tone at the Top and in the Middle,” by Thomas Fox, Fox raises a very good point about the importance of the tone at the top in relation to the HP case. The tone at the top sets the stage for the overall direction and culture within an organization. HP must carefully select a new CEO who will successfully lead the company with integrity and uphold their ethical commitments in order to avoid future blemishes to the company’s reputation.

Early last week, a USB key containing hundreds of Ontario patient health information files was stolen. According to the CBC, the USB wasn’t encrypted and was stolen from the purse of a University Hospital Network (UHN) employee. The theft of these files has resulted in a call for efforts to increase the security of sensitive information. This is the second instance in under a year where private patient information was compromised in Ontario due to theft. The lesson learned from this story can be applied to any business that maintains client or customer personal information records: make sure sensitive information is encrypted. Controlling access to information can further prevent information security breaches, as the number of people viewing sensitive information is decreased. Regular evaluation of training programs and internal procedures related to information security must be undertaken to ensure each employee is completing the necessary steps to safeguard information.  

Preventing Information Security Breaches

Preventing information security breaches needs to become a main priority for any company when handling both customer and company information. In regards to the above-mentioned incident, a CBC article “Hundreds of Ont. Patient Health Files Stolen,” quotes Ontario’s Information and Privacy Commissioner, Ann Cavoukian, stating:

“The ease with which we transfer information now and we engage in online activities, somehow it’s factoring into this and not making people go through the steps they need to.”

The ease of accessing and sharing information has significantly increased due to the use of e-mail, Internet, intranets, mobile devices and other portable technologies. These developments make communication easier and faster, but can also compromise data security. Here’s a list of steps companies can take to ensure sensitive information remains protected and prevent future information breaches from occurring:

1. Encryption

Data encryption is one of the easiest ways to ensure sensitive information is kept private.  Data encryption helps keep information secure, prevents companies from losses incurred from security breaches and noncompliance fines. To secure information, there are a number of different data encryption software solutions on the market, as well, it might be wise to invest in encrypted USB keys to avoid situations such at the UHN incident above. There are various levels of encryption strength, therefore, choose the level of encryption appropriate for the type of information on the server. Develop a policy for password strength. Longer passwords that contain a variety of numerical, symbol, upper and lowercase letter characters are more difficult to crack.

2. Access Controls

Restrict access to information based on an individual’s role within a company. This helps reduce the spread of information and the risk of information landing in the wrong hands. If certain projects require access to information for a specific period of time, provide employees with access to the information but restrict immediately after the project is completed.

3. Evaluate Training and Procedures

 As with every other program or workplace procedure, train and reinforce data security protocols within the workplace. Effective training includes information on the risks and effects of information security breaches, the importance of following internal procedures to protect the privacy of information, as well as the various ways information security can be compromised. Training programs and procedures must be evaluated and updated on a regular basis to reflect new information related to security threats and laws. As mentioned at the beginning of this post, it’s important to ensure that each employee follows the established procedures and completes all of the steps necessary to ensure private information remains secure. Tailor training programs to different roles within the organization in order to address the different information security challenges throughout the entire organization. Every employee is responsible for ensuring information is kept secure, however, depending on the individual’s role in the company, they may be responsible for a greater number of information security related tasks.

Should an information breach occur, contact the Privacy Commissioner or similar regulatory body depending on the country of operation. In the case of last week’s privacy breach, the  UHN failed to report the incident to the commissioner based on the low numbers of compromised files. In the CBC article “Hundreds of Ont. Patient Health Files Stolen,” UHN president and CEO Dr. Bob Bell stated:

“‘There was a decision made that this wasn’t a significant enough breach to warrant informing the commissioner, and I’ve apologized to the commissioner for that,’ he said. He added that it is the UHN’s policy that medical information on any mobile device needs to be encrypted. ‘The employee had not realized that there was personal health information on that USB key,’ said Bell. The network is looking to make some changes to prevent future breaches, including the automatic encryption of any device that gets used by the network, he said.”

Workplace investigations vary between industry sector and must be tailored to the incident under investigation. In the financial services industry, there is an increased number of risks companies face, especially during tough economic times. Fraud, money laundering and compliance issues are only a few basic examples of financial crimes that require timely, thorough investigations. Financial crimes not only impact the reputation and sustainability of companies, but these crimes also have severe social impacts that change the lives of investors and the public at large. For example, the Madoff ponzi scheme left hundreds of thousands of people without their entire life savings, and for some, bankruptcy.

Today, investigations in the financial services industry are incredibly complex, as schemes cross multiple borders and are global in scope. This post covers some of the challenges investigators encounter during financial investigations, as well as some solutions for implementing flexible reporting systems that make it easier to conduct investigations on a global scale.

Financial Services Investigations

As with any type of investigation, once a tip or information pertaining to the presence of a financial crime has been received, a preliminary investigation must be conducted immediately to determine if the information warrants a full-fledged investigation. If the allegations lead to suspicious activity, the case must be assigned to the appropriate investigator in order to conduct the investigation in a timely manner. Gathering evidence and conducting interviews are challenging in a financial crime investigation. According to the IRS:

“Financial investigations are usually very document-intensive. Specifically, they involve records, such as bank account information, real estate files, motor vehicle records, etc., which point to the movement of money. Any record that pertains to or shows the paper trail of events involving money is important. The major goal in a financial investigation is to identify and document the movement of money. The link between where the money comes from, who gets it, when it is received and where it is stored or deposited, can provide proof of criminal activity.”

Managing the large volumes of evidence associated with financial crimes investigations can be overwhelming and difficult to track. i-Sight simplifies evidence management by allowing evidence to be attached directly to the case file. Electronic evidence- e-mails, documents, images, video and audio clips; can be attached directly to the case file. To manage physical evidence, i-Sight generates printable barcodes that can be attached to the exhibit and records information in the case file.  Exhibits are automatically numbered and categorized (witness statement, interview video, etc.). Investigators can also describe the contents of the exhibit for easy reference within the case file.

Compliance with state and federal laws are mandatory requirements for all financial crime investigations. Compliance standards are built into the workflow rules in i-Sight to ensure compliance with laws such as the Bank Secrecy Act, Sarbanes-Oxley, Basel II and the Patriot Act. As laws and regulations are amended, changes can be easily made to the i-Sight system to reflect the updated laws. 

Manually reporting on financial crime investigations is incredibly time consuming, as there’s a lot of information to sort through. Investigation software drastically reduces reporting time by extracting information and evidence from within the case file and placing in a customized investigation report template at the click of a button. Information gathered during a financial crime investigation usually needs to be shared with members from other agencies and regulatory bodies. State agencies and other regulators can be granted access to specific cases in i-Sight as needed, allowing them to view and print the data required to support criminal proceedings. This feature makes it easier to share information. Privacy is maintained as case access can be granted and restricted as needed.

Lastly, implementing a web-based investigation software system helps investigators overcome geographic barriers during investigations. i-Sight stores cases in a centralized location, making them accessible from any location. Since many financial crimes involve cross border transfers of money, investigative teams overseas can collaborate on investigations with investigators in North America- all that’s required is an Internet connection. Web-based solutions reduce the amount of time spent on investigations, while also reducing investigative costs, as the amount of travel requested of investigators is greatly reduced.

i-Sight Investigation Software for Financial Services

Regulatory drivers including the BSA, Patriot Act, Basel II and Sarbanes-Oxley have created a demanding mandate for financial institutions. i-Sight Compliance Investigation Software provides financial institutions with a workflow driven solution for managing compliance investigations. i-Sight is fully customizable, designed to ensure compliance with the above mentioned regulations and legislation. i-Sight provides investigative units with a system to quickly respond to suspicious claims and other fraud alerts. i-Sight uses a workflow engine to ensure proper assignment of cases and escalation of cases or tasks that are overdue. Investigators are able to record contacts, notes, activities, evidence, and generate emails, template letters and to-do’s.

“The ERC is a nonprofit, nonpartisan research organization, dedicated to independent research that advances high ethical standards and practices in public and private institutions.   With the global recession of the past year, we are also focusing closely on ethics and compliance aspects of the federal government’s response.  The American economy’s dislocation has been so severe, and the government’s strategy so massive and sweeping, that we are witnessing ethics issues never seen before here in the nation’s capital.”

- ERC President Patricia J. Harned

The Ethics Resource Centre

For the past 88 years, the Ethics Resource Centre (ERC) has been a source of information and guidance for ethics and compliance professionals everywhere. The information provided by the ERC serves as a benchmark for companies when gauging the success of their own ethics and compliance programs. The ERC conducts both national and private, single organization surveys, and publishes the results to help businesses and government agencies understand trends, gaps and best practices in ethics and compliance.

The ERC has launched a Student Fellows program targeted at secondary school students, to help instill ethics into their daily decisions. Emphasizing ethics and compliance at a young age helps prepare future business leaders by shaping them to be ethical thinkers. The ERC also provides information on developments and trends in federal legislation, regulations and ethics and compliance related court decisions. On the ERC website, they state, “we take advantage of its Washington, D.C. location to encourage understanding between business and the federal government.”

ERC Resources

The ERC houses countless ethics and compliance resources. The ERC releases a number of publications, survey and articles, as well as providing services to help companies develop, implement and measure their ethics and compliance programs. Here are some of the informative resources the ERC has to offer (all of the information and resources below are available on the ERC website):

Ethics Toolkit: The Ethics Toolkit contains a number of guides that outline tips and techniques for writing codes of conduct.

National Surveys- Data from the ERC is used widely throughout business, government and academia. According to the ERC under the “National Surveys” section of their website:

“As the only longitudinal survey measuring how employees at all levels in more than 3,000 U.S. workplaces view ethics within their own organizations, NBES is a valuable tool for business leaders, policymakers, boards of directors, ethics and compliance officers, consumers and investors  interested in monitoring ethics trends and better understanding ethical practices within organizations.”

Here are the links to the National Business Ethics Survey and some of its supplements:

• 2009 National Business Ethics Survey
• 2009 NBES Supplement: Ethics and Employee Engagement
• 2009 NBES Supplement: The Importance of Ethical Culture: Increasing Trust and Driving Down Risks
• 2009 NBES Supplement: Saving the Company Comes at a Cost: The Relationship Between Belt-Tightening Tactics and Increased Employee Misconduct

Publications: The ERC offers a number of articles and videos to assist companies in promoting ethics and compliance within their workforce. The ERC publishes a monthly newsletter entitled “Ethics Today,” which features ethics and compliance related articles and upcoming events. Every few weeks, the ERC publishes an EthicsStat- statistics that have been pulled from ERC research, surveys and other educational initiatives. The publications section also features a list of ethics and compliance books, staff articles and publications from groups partnered with the ERC.

Webcasts: The ERC provides a list of upcoming webcasts, as well as archiving past webcasts available for viewing free of charge. Webcasts cover issues including ethics and compliance risk, whistleblower rights, ethics and compliance programs, organizational culture and how to measure ethics and compliance programs.

Services: The ERC offers training and support services to help business leaders get the most out of their ethics and compliance programs. The ERC has created the “Benchmark Services Team,” to provide guidance on creating and issuing workplace ethics surveys, identifying ethics and compliance risk and measuring program effectiveness. There’s a lot that must be considered when developing and maintaining an effective ethics and compliance program. Services, such as these offered by the ERC, make it easier for business leaders, HR managers and ethics and compliance professionals to understand the information collected from workplace surveys and identify the next steps to overcome the identified challenges.

As with any human relationship, once the trust is gone, the relationship usually goes with it. Last week, Deloitte released the findings of their annual Ethics & Workplace Survey. The focus of the survey this year was on trust in the workplace. Deloitte began publishing their annual Ethics & Workplace Survey back in 2007.  The points of concern identified in the survey provide business leaders with insight into growing issues that must be addressed in order to retain valuable employees. The ethics and trust gaps identified in the survey bring to light the different views employees and employers have in regards to these two areas. After reviewing the results and methodology of the 2010 Ethics & Workplace Survey, I have put together some advice for rebuilding ethics and trust within the workplace.

Survey Results

Based on the results of the Deloitte survey, it appears that employers may not be fully aware of the impact their decisions have on their employees. In order to build a transparent, trusting workplace, business decisions need to remain consistent with the organization’s culture and policies. Here are some of the results  from the 2010 Ethics & Workplace Survey as presented in the press release for the survey on the Deloitte website:

“According to Deloitte’s fourth annual Ethics & Workplace Survey,

• One-third (34%) of employed Americans plan to look for a new job when the economy gets better.  
• Within this group of respondents, 48% cite loss of trust in their employer.
• 46% say that the lack of transparent communication from their company’s leadership is the primary reason for pursuing new employment at the end of the recession.
• Additionally, a large majority (65%) of Fortune 1000 executives who are concerned employees will be job hunting in the coming months, believe trust will be a factor in a potential increase in voluntary turnover. ” 

On a positive note, a large number of the employees surveyed feel that their employers are responsive to their work/life balance needs. Majority of the employees surveyed felt that technology made it possible for employers to develop flexible arrangements that allow employees to balance work and personal commitments. The results from the work/life balance questions demonstrate that employers are aware of the varying needs amongst their employees. This also shows that employers are willing to make accommodations to retain valuable employees.

The 2010 Ethics & Workplace Survey can be downloaded for free from Deloitte. The methodology used for conducting the survey is outlined at the end of the document.

Message for Business Leaders

When companies, such as Deloitte, publish reports related to ethics and compliance, business leaders must pay attention to the findings. The results of the survey signal the need for business leaders to emphasize ethics in order to regain the trust of their employees. The press release for the survey from Deloitte states:

“Frequently, executives are forced to make decisions that broadly affect their workforces and alter what matters in the workplace. Today’s business environment is no exception; it appears that the recession has diminished two important forms of business currency: trust and ethics.”

When decisions are made that are not necessarily inline with a company’s culture, employee trust is sacrificed, as they no longer know what- or who, to believe. This could lead employees to feel that there has been a change in corporate culture, pushing them to pursue alternative employment with a company that has a culture similar to the employee’s personal attitude. In a previous post, Improving Workplace Communication, we mentioned that many top level executives only increase communication and transparency when a company is undergoing significant changes.

During tough times, such as the recession, many companies resort to cutting budgets and eliminating employees from their organizations to save money. When communication lines are broken, employees may feel they are next to be eliminated. Employees may also be concerned in regards to the future implications of these events on the company. Regular communication from all levels of an organization- regardless of economic climate, is necessary to strengthen corporate culture and ensure all employees are aware of what is expected of them throughout the times of change. Managers and executives must communicate to employees the reasoning behind their decisions and inform them of how it fits into the future plans for the organization. 

The survey results reiterate the need for executives to set the tone at the top. Leaders must focus on improving workplace communication, transparency within the company and with the public and developing an ethical culture. Adopting these practices provides businesses with an advantage when it comes to attracting skilled employees. Ethical cultures that are enforced and practiced by top level management help reduce corporate risk, as employees are able to see for themselves the efforts and importance placed on ethics and compliance within the workplace. Fostering a communicative environment reduces many corporate risks, as employees can ask questions, receive answers and will most likely feel safer bringing information forward when it comes to workplace misconduct or policy violations. Employers and executives can learn a lot and benefit from communication.

Improving Compliance in an Economic Slowdown- Corporate Compliance Insights

This article by John Avellanet provides useful tips business leaders can use to ensure their company remains compliant regardless of the state of the economy. There have been many reports, studies and articles written about the ability for compliance to be maintained throughout the recession. Many companies cut costs during economic slowdowns, with ethics and compliance being one of the first budgets on the chopping block. The author discusses three pieces of advice- prioritizing budget activities, trimming expenses and learning from the past, which offer smarter solutions for business leaders.

Although creating an ethical culture spans much further than workplace policies and procedures, it’s important for employers to set the tone for workplace ethics within these documents. Ethics and compliance programs help to establish a more secure workplace. An organization committed to ethics and compliance can reduce their exposure to risks, such as fraud and bribery, if employees are aware of the enforcement and consequences they will face if they get caught. Typically, if an employee knows they are likely to be caught or the penalty for violating regulations is significant, employees will be less likely to make risky decisions. With an increasing number of sentences and dollar values of fines handed out to both individuals and corporations for violating laws, enforcement agencies have demonstrated the need for ethics to provide security in the workplace.

A Secure Workplace

Many of the new anti-corruption and anti-bribery legislations introduced, such as the UK Bribery Act and the FCPA in the United States, include clauses stating that an employer will not be held liable for offenses committed by an employee so long as the employer can prove that adequate measures have been established for preventing illegal acts. According to an Ethisphere interview, “The Road to a Model Ethics and Compliance Program,” with Sven Erik Holmes, Executive Vice Chair, Legal and Compliance, KPMG LLP states:

“Every organization should put in place an ethics and compliance program that ensures comprehensive reporting, clear accountability and full and effective oversight by the top decision makers. But to make the program truly effective—to maintain compliance, no matter how stressful the economic environment—it’s even more important to develop a culture that’s fully committed to ethics and compliance”

In order to create a more secure workplace, employers have to take appropriate action to put systems in place that support workplace policies and procedures. Companies need to encourage employees to come forward with information to ensure a safe workplace, as awareness of an incident is the only way to correct it. Reporting systems, when used properly, help bring managerial attention to issues early on. Early detection of workplace misconduct can assist in reducing financial losses, protecting employees and maintaining a positive corporate reputation. In previous posts, we have covered various methods for developing a code of ethics, as well as building ethics and compliance into corporate culture. Once policies and procedures have been put in place, it’s important to measure the success of the ethics and compliance program.

A Whistleblower System

According to the board of directors ethics and compliance section on the Deloitte website:

“An effective ethics and compliance program requires senior management involvement, organization wide commitment, an effective communications system, and an ongoing monitoring system. Successful whistle blowing procedures require strong leadership from the board and senior levels of management to develop a culture in which all employees are encouraged to raise their concerns without a fear of retaliation.”

When implementing an effective whistleblower system, consider using a case management system, such as i-Sight, that supports multi-channel case entry. i-Sight can be integrated with existing HR systems and hotlines.  Depending on the type of  incident or complaint being made, the complainant may wish to remain anonymous. Aside from reporting observed misconduct to supervisors, placing intake forms on company websites and intranets, as well as through a third party hotline, provides employees and members of the public with sufficient means for reporting incidents and complaints. When there are multiple channels in place for reporting, those with information pertaining to an incident are more likely to come forward.

Monitoring the Ethics and Compliance Program

Once company policies and procedures have been brought to life through implementation and training, employers must have measures in place to monitor the success of their ethics and compliance programs.  As there are no set standards for monitoring an ethics and compliance program, determining the success of the program can be difficult. Many companies turn to industry leaders in ethics, benchmarking the elements found in leading programs against those established in their own programs. I came across an Ethisphere article, “Expert Corner: Auditing an Ethics and Compliance Program,” by Dan Swanson and Jose Tabeuna that provides a great list of factors to consider when developing a method for monitoring an ethics and compliance program:

“A summary of potential audit and related evaluative approaches are as follows:

• Review compliance program design, structure and processes
  • Identify effectiveness indicators
  • Perform gap analysis- how do your C&E program features compare to established criteria and leading edge practices?
  • Benchmarking- how do your program features compare to your peers?
• Audit the program- assess implementation
  • Validate operational features of the C&E program
  • Gauge awareness and perceptions on the C&E program and assess organizational culture (conduct cultural assessment surveys, focus groups, etc.)
• Audit compliance with standards
  • outcome/impact analysis
  • Test whether transactions and activities meet legal requirements and company policies and standards

Perform other analysis to evaluate whether C&E program activities are reducing the risks of misconduct.”

Monitoring is critical to the success of any ethics and compliance program. Policies and procedures must be consistently evaluated to measure their effectiveness and ability to mitigate risk. Updating ethics and compliance programs is also necessary in order for a company to remain compliant with updated and changing legal requirements.