Just to be clear, this won’t be a complete guide. We could, as many have, write books on the subject, but we’d like to keep your interest on the importance of corporate culture; so, we have tried to distill it down to less than 1000 words, for this first edition anyway.
We’d also like you to keep an open mind and ditch the corporate jargon for a few moments. Certainly, one concept to drop is the claim that your corporation has a “world-class” compliance program.
It’s an overused term that is rather nebulous and difficult to measure. Moreover, for many, being world-class is an aspirational goal that assumes that one is on a journey to being world-class. You never actually achieve the world-class status, at least on a sustained basis.
That’s the purpose for the second part of the article title: “We Suck Less”. A senior manager in a database company realized that “vapid phrases”, like world-class, inspire nothing and may actually promote “internal contempt”. So, he and his colleagues came up with a corporate mission statement of “We Suck Less”, which appealed to employees and customers. Everyone could relate to the honesty of the statement.
So, honesty is important, and developing a mission statement and culture that stakeholders can relate to is equally so.
Before looking at the ingredients that one might consider when establishing the right corporate culture and tone from the top, let’s review some background material.
As reported in a recent Forbes article, the “tone from the top” is established by the Board and Executive Team, which has overall responsibility for understanding the risks facing the corporation and how those risks are managed. The Board, with guidance provided by senior management and other stakeholders, is responsible for establishing and promoting the culture.
Ethical breaches, such as bribery and corruption, continue to be a problem for some companies. A Board needs to determine what causes these continued ethical problems. Is it a “business as usual” issue, a check-the-box attitude, or is it the result of the “vapid phrases” included in the cultural messaging?
I’m sure it doesn’t require repeating, but there is a difference between ethics and compliance. As the quote by Potter Stewart on the home page says, “Ethics is knowing the difference between what you have a right to do and what is right to do.”
Also, falling into the trap of developing more procedures, in the hopes of demonstrating an effective compliance program, is a strategy that will cause more confusion and non-compliance. As Winston Churchill said, “If you make 10,000 regulations you destroy all respect for the law”.
Recent surveys by Edelman show that there is a vast percentage of the global population who don’t trust corporations. In fact, approximately 40% of citizens in 28 countries distrust business. Also, the same survey shows that “more than half of respondents globally believe that capitalism in its current form is now doing more harm than good in the world”.
The Edelman report also includes a discussion on competence and ethics where it states that “Trust is undeniably linked to doing what is right” and that “ethical drivers such as integrity, dependability and purpose drive 76 percent of the trust capital of business”.
Some Ingredients to Consider
Keep it simple. Focus on what the corporate strategy and culture is, or should be. Understand what risks face the corporation, in light of the strategy and culture, and ensure that the organization is developing effective controls for those risks.
The compliance, ethics and risk teams should be able to summarize what controls are in place and where potential duplication exists. Each procedure or control should have an owner and that owner should be able to communicate how success is measured. If the effectiveness of a control can’t be measured, logically, then jettison the control or restructure it so its effectiveness can be measured.
For example, the number of due diligence reports completed in a year does nothing to inform the Board as to the effectiveness of the process. Likewise, reporting on the number of whistle blower reports received, broken down by category, does nothing to inform the recipient about the effectiveness of the program.
While some of that information is relevant, Board members are likely to be interested in what percentage of the whistle blower reports changed the way risks are managed. Meaning, did the organization learn anything from the reports and were changes made as a result.
On the subject of learning, Boards and the Executive team need to be very critical of how past lapses have been managed. So, when the corporate legal team says that it will fight all claims vigorously, one has to ask, what vigorous attempts were made to prevent the claims in the first place? Was the incident preventable and who will be held accountable?
Self-assessments should be carried out by the corporation on an annual basis and they should be completed prior to the normal budgeting cycle, so that modifications can be included in the upcoming annual budget. The Board should have exposure to that budget and understand how the annual financial requirements link to the identified risks.
The Board and the Executive Team should look for opportunities to meet with stakeholders, other than shareholders, with the goal of seeking input from those stakeholders as to the corporation’s cultural and ethical standards. This should be a meaningful engagement, with the corporate representatives doing more listening than talking.
Meetings with stakeholders is part of the Board’s overall mission to do the necessary homework. Likewise, understanding the results of community and employee surveys is also part of that homework.