Home   |   CRO Summits   |   CROA Membership

Search the site
March 13, 2010
print this article   email this article

Culture of Compliance

Submitted by Anonymous on Fri, 2006-10-13 18:19.

CROs address the challenge of creating a unified approach to corporate responsibility.

In November 2000, I attended the annual Business for Social Responsibility Conference, where I was eager to explore whether the CSR movement could influence internal ethics and compliance programs. I looked forward to a workshop led by the Chief Ethics Officer at Merck and the head of Social Responsibility for Enron. The credentials of the companies were top notch. In 2000, Enron received six environmental awards. It had progressive policies on climate change, human rights, and anti-corruption. Merck had an industry-leading ethics program. It had a well-written and user-friendly code of conduct and its extensive ethics program was the envy of the industry.

 

However, by the end of the session, as well as by the end of the conference, all I had learned was that ethics and CSR were not on the same page. CSR had its agenda and ethics had another, and there was very little room for coordination and very little talk of integration. Years later I wonder, was it only a coincidence that Enron was brought down by its internal ethics and Merck has been hit hard by the impact of Vioxx?

 

Opportunity for the CRO

Fast forward six years. While ethics and compliance, as well as the concept of “corporate responsibility,” couldn’t be more top of mind, it still isn’t clear to many organizations how to implement and deploy a coordinated approach. Most organizations are doing all they can to just meet new regulatory requirements and have not been able to develop much of a strategy around these issues.

 

One of the greatest opportunities for the emerging CRO professional is in addressing the greatest weakness in today’s ethics, compliance, and corporate social responsibility programs: the lack of coordination and integration of purpose and methods.

The concept of corporate responsibility applies to multiple roles within an organization. (See the diagram on page 36 for examples.) Each of these functions is critical in shaping an overall integrity program. And yet these roles often don’t relate to each other.

Sometimes, they even contradict each other:

  • A well known company famous for its external social responsibility program has no internal ethics program that guides how managers treat employees.
  • Another company that touts its world-class governance program has no means to impose consistent standards across its global operations.
  • A company that has successfully deployed its internal controls to meet Sarbanes-Oxley requirements has no means to determine where managers are most likely to override those controls.
  • A company with an award-winning ethics and compliance training program has performance evaluation and compensation structures that reward behavior contrary to its own code of conduct.

As a manager of overall corporate responsibility, the CRO has a critical responsibility: to integrate these disparate roles into a unified approach. How?

Building the Integrity Team

The role of the CRO is that of an enabler. The CRO must bring the owners of these various functions together and build consensus around a unifying theme, such as linking “accountability” and “responsibility” to business continuity and success. Once the overall goals are defined, the organization must develop a coherent strategy around these integrity goals. Each function under the CRO umbrella needs to articulate how acting with heightened responsibility and accountability will help them better serve the broader goals of the organization.

 

Next, each group needs to articulate where it is vulnerable in terms of lapses in accountability and responsibility, or weaknesses in protecting employees from acting irresponsibly.

 

For example, Training & Development can focus on key competencies that should be integrated into manager training. To create accountability and a sense of responsibility, everyone must feel that his or her voice is being heard. This requires managers to admit that they do not have all the answers and invite employee participation. For many, this is a new role requiring new skills.

 

That is why it is important to develop the emotional intelligence of managers. They must be able to facilitate high performance in large groups of people who are looking for equality and responsible freedom. They want to be held accountable—not micro-managed and supervised every moment of every day.

 

Similarly, those responsible for establishing controls and processes, both from an audit perspective as well as from the operational side, must think about how to encourage a sense of innovation and self-direction. Creating a culture of accountability and responsibility means ensuring that all employees think and act independently. More accountability is given to everyone and structures become less hierarchical. Teamwork is encouraged and more attention is given to personal development and relationship skills.

As organizations scramble to define their “culture of compliance” and the risks that need to be assessed, the CRO can play a vital role in pulling all the pieces together and ensuring that everyone is moving in the same direction.

 

I look forward to an upcoming conference where heads of CSR, ethics and audit can share tactics that can move industry to higher levels of responsibility.

David Gebler, JD is President of Working Values, Ltd., a business ethics training and consulting firm. He can be reached at dgebler@workingvalues.com. Published in CRO Magazine, Fall 2006.
Copyright © 2006-2009 CRO Corp, LLC. All rights reserved.