Creating a Culture of Compliance

"Tone at the top" is an overused phrase, but if companies want to mitigate fraud senior leaders need to speak up forcefully.

Cell-phone markets in Central America and Southeast Asia were booming early in the decade, and Alcatel SA paid dearly to get in on the action, in more ways than one.

The Paris telecommunications giant doled out $8 million in bribes to “consultants” (including a well-connected perfume distributor in Honduras) to gain access to key government officials awarding lucrative contracts in four countries. When its actions came to light, subsequent prosecution under the Foreign Corrupt Practices Act (FCPA) led to fines estimated to exceed $130 million.

In December, the federal government cited a “lax corporate control environment” at Alcatel, which extended right up to the CEO and CFO, as a primary cause of the scandal. It was a finding that more companies should take to heart.

Nearly a decade after the passage of the Sarbanes-Oxley Act, and amid heightened FCPA enforcement, the responsibility for shaping what is often called a “culture of compliance” inside U.S. corporations falls heavily on the C-suite — and, more than ever, on the CFO.

A culture in which employees feel they can report illegal activities or abuses can prevent problems from becoming disasters. This pertains not only to financial controls under the CFO’s purview but also to a broad range of operational risks, which can result in costly disasters like last year’s oil-rig explosion in the Gulf of Mexico and the implosion of Enron. In both cases, employees accused top management of ignoring their concerns about dangerous internal practices.

Who to warn, and how, remain open questions at most firms, but “if a CFO says, ‘That’s not my department,’ he or she should be fired,” says David Gebler, president of corporate-ethics consultancy Skout Group.

Last December, on the very day that Alcatel-Lucent (the companies merged in 2006, after the events in question were said to have taken place) settled the criminal case, CEO Ben Verwaayen, who joined the company after the violations had occurred, broadcast a message reemphasizing the importance of the company’s zero-tolerance policy for bribery. In an e-mail sent to 78,000 employees deployed in 130 countries, he said that Alcatel-Lucent’s hardware and software sales are “based entirely on the value they bring to our customers. We cannot afford or tolerate any compliance violations, both financially and in terms of our reputation.”

Clear communication from the CEO is a critical first step, but it’s hardly the only step needed. Changing a company’s culture is extremely difficult, and often requires senior executives to untangle delicate in-house politics, agitate profitable operations overseas, and relentlessly police the entire organization’s compliance program. No single e-mail or ethics training course will achieve that.

CFO interviewed more than a dozen experts and examined several notable legal cases and compliance failures to determine the five most effective things finance executives can do to prevent risky or illegal activities.

1) Acknowledge that You Are Responsible

While the actions of a salesperson on the other side of the globe may seem well outside a CFO’s purview, Sarbox says otherwise. When CFOs sign off on financial statements, as they must do under the act, they are also verifying the accuracy of all corporate records, says Marie Hollein, president and CEO of Financial Executives International.


Your email address will not be published. Required fields are marked *