Bill Pollard, a Deloitte Financial Advisory Services partner in Chicago, says companies often make the mistake of putting responsibility for various compliance matters into various separate “silos.” Compliance should be “woven throughout the fabric of the organization,” including the board. Pollard adds that executives responsible for compliance should have “unfettered access to the board.”
At DuPont, employees in 90 countries receive ethics and compliance training, often from the senior-most executive in each country. As a result, the culture is shaped “not just by someone saying this is important, but by demonstrating it,” says Donna Grier, general auditor and chief ethics and compliance officer at DuPont headquarters in Wilmington, Delaware.
DuPont’s message and values are constantly reiterated, she adds. During Chinese New Year, for example, the company highlights employees in China who refuse to accept customers’ traditional offers of cash gifts.
4) Educate Front-Line Managers
While senior executives must set the tone, it is critical that front-line employees feel comfortable in the role of watchdog. When these employees raise potential issues, midlevel bosses and front-line supervisors should know how to respond. Otherwise, employees who know about illegal activities may not tell anyone, out of a fear of being retaliated against or fired. A raft of research has shown that an employee’s behavior is far more influenced by his or her direct supervisor or operating-unit head, versus a C-level executive.
Many companies offer anonymous hotlines as a sort of workaround to that reality, yet only 5% of reports of misconduct come through such hotlines, says Patricia Harned, president of the Ethics Resource Center, a research nonprofit. “If supervisors aren’t supportive” of compliance, she says, “it’s likely employees will keep quiet when problems come up — or leave.”
Consultant Pat Gnazzo has experience with turning a corporate culture around from the inside. He was recruited as chief compliance officer at CA after a $2 billion accounting scandal at the software company in 2004. He says employees who know they are welcome to come forward can prevent systemic failures or scandals. “You may [still] have one person who does something bad in a vacuum. But you will never, ever have [systemic] organizational fraud,” he says.
5) Simulate a Crisis
When a crisis occurs, consultants say that it can be extremely difficult for C-suite executives to subsume their type-A personalities and develop a consensus-driven plan that can minimize further damage. For top managers who want to learn how politics and personalities can lead to a cover-up that worsens a crisis, consultants recommend they walk through who would be in charge if a crisis occurred.
Deloitte’s Pollard sometimes puts executives in a room and asks them to put on a fraudster’s hat: Could someone manipulate company records or processes to perpetrate a fraud, and if so, how? Who in the room has the knowledge and ability to commit fraud?
After one such series of brainstorming sessions, Deloitte catalogued more than 150 initial fraud risks for one public company. “When the CEO and the CFO saw that,” Pollard says, “it opened their eyes to things they had never considered.”
Kimberly Blanton is a freelance writer and a blogger on financial literacy.