Belatedly, the second in my series explaining the elements in the DOJ’s famed “Schedule C,” comes point #2, the tone at the top element. As always (but since this is my second entry in the Schedule C Series, “always” should more accurately be “again”), I will start out with the actual language of the Schedule C point. As I did before, I’m using the Alcatel settlement documents for my examplar.
Alcatel-Lucent will ensure that its senior management provide strong, explicit, and visible support and commitment to its corporate policy against violations of the anti-corruption laws and its compliance code.
Such a short requirement to occupy so much time and attention from consultants, compliance people, outside counsel, the press, and the commentariat.
Here’s a secret—probably the secret—of tone at the top: the more effort you expend on tone at the top, the more likely you’re doing it wrong. Tone at the top should be effortless. It should be part of the everyday fabric of how senior management interacts with their employees. If senior management would worry less about whether there’s a video on the intranet and worry more about metrics and getting employees engaged with the brand, we’d all be better off.
But that’s more of an “ought to” than an “is.”
Let’s start from the beginning. What is “tone at the top” exactly? Forget everything you’ve heard or read. It’s all wrong. Think about it instead as your response to a question from the DOJ: “What did your top executives do to make this workplace one where bribery wouldn’t take place?” Really, is your answer to that going to be “we videotaped him saying that bribery was bad and we put that video on our intranet?” Or that we included it in the Code of Conduct introduction?
The DOJ always talks about the difference between a program that is operationalized and one which is paper only. Tone needs to be analyzed in the same way. How have you integrated executive buy-in to anti-corruption compliance into the fabric of the company’s relationship with its employees? You need two or three really good answers to that question. Think in terms of bullet points. When you’re presenting your program to the DOJ, what are some bullet points that will really impress them?
I’ll give you several. You can pick and choose from this list: I would suggest at least three for your presentation to the DOJ.
1. Ask the Question. Make it the company culture for managers—from the CEO down to first-level people leaders—to ask one simple question. Of anything you do, asking this one question will have more of a long-term impact on the culture of the company than any other single thing you can do.
The question is “what does Compliance think about that?” Such a simple question. But if the CEO, when hearing about ideas for a new market or a new product asks that question every time, his or her subordinates will quickly learn that they need to have an answer to that question before they go in to see the CEO. Which means that their direct reports will have to answer the question. All of a sudden, Compliance is seen as necessary in a business process. Maybe a necessary evil, but necessary. And if you hire the right people, Compliance will be seen as a creative solutions vendor to the business and not the “business prevention department.” But let’s keep that last bit for point number 4. I always say that 80% of compliance is being “in the room.” Having your senior execs ask that question gets you in the room.
2. Openness about the good and the bad: More important than the CEO video, or any other messaging, is a culture of openness emanating from the top. This isn’t just a compliance mandate, it has business consequences too. In the Harvard Business Review this month, Keith Ferrazzi talked about this issue in his article “Candor, Criticism, Teamwork“.
We found that the teams that scored lowest on candor saw the poorest financial returns…. In contrast, groups that communicated candidly about risky securities, lending practices, and other potential problems were able to preserve shareholder value. Indeed, in our research…we identified “observable candor” as the behavior that best predicts high-performing teams.
This good business practice extends its benefits into the Compliance space. When senior management is open about bribery risks and candid about their successes and their failures, it creates an atmosphere of openness that blunts potential miscommunications. Employees who have never discussed bribery with their bosses would feel more comfortable doing so if the team is open about risks generally. Senior management giving rewards for good compliance performance is more important than the on-the-intranet video. Senior management talking about a miss is also hugely influential. And what a great point to make with the DOJ! ”We spent 20 minutes last week on an all-employee call talking about a decision we wish we could undo.” And since you document, you can provide the Department with a tape, or at least the senior leader’s talking point.
3. Metrics: This is where I get adamant. All the bromides in the world from senior managements about the importance of ethics don’t mean anything if the only thing anyone is measured on is results. I always say that the profession of Compliance is self-selecting for cynics. I’m a cynic by nature, training, and experience. So forgive my cynicism when I say that given a choice between just about anything—short of unjustifiable law-breaking—and their paycheck, people will choose their paycheck. By “unjustifiable” I mean crimes that a person has a harder time rationalizing: violence, open theft, crimes with an identifiable victim, and others.
Short of those, however, if you don’t metric compliance, and your only marker of success is the sale itself, people will “bend the law” to get the sale. And when it’s acceptable to bend the law, it’s inevitable—believe me, inevitable—that someone will break it.
I completely believe this axiom: what gets measured gets done. If you want to show real tone at the top, have senior management visibly care about something other than the sale. Have them show through metrics that they care about ethics. A key value add of your compliance people is to create hard metrics for compliance. Senior management should (1) demand that of their compliance officers and (2) implement those metrics.
Imagine again the story for the DOJ: we have compliance metrics that affect the compensation of the sales team. A leader cannot get a bonus if it’s credibly determined that any of his or her reports obtained favorable treatment through a bribe. That’s commitment from the top.
4. HR: Get Human Resources involved. You need good anti-corruption compliance people. You have to tie a lot of your employee-related objectives to HR-related consequences. HR must be a partner to the anti-corruption compliance program. Does your head of HR serve on a risk committee? Is there a consequence management structure in place for (1) violations of the FCPA, (2) violations of policy, (3) failure to take training, or (4) repeated quarters where anti-corruption requirements are late? You need process around all four of those things, and you’re living in an HR world for all of them. How would you show that senior management has recognized the important role HR plays in anti-corruption compliance? [ed. note: this applies to all of compliance, not just anti-corruption].
5. Budget & Resources: Put your money where your mouth is. I’ve heard that one question the DOJ sometimes asks is “how much do you spend on Compliance? OK, now how much do you spend on office supplies?” You’d be amazed at how many companies come out on the wrong side of that question. I’m reminded of that age-old axiom, actions speak louder than words. Don’t get me wrong, I’m not saying that you have to spend oodles on Compliance.
I would suggest that just as important as absolute spend—if not more important—is year-over-year spend. YOY spend is an indicator of priority. Even today, two years after the worst of the financial crisis, a lot of companies are cutting back or staying even with last year’s spend. The Department is not deaf to such arguments nor blind to the reality of the new normal.
It’s therefore a powerful statement to say that, despite cutbacks, Compliance had YOY spend up 2%. In my old company, one thing the business leader did to show his commitment was during the budget discussions: anything compliance proposed was automatically approved. No trade-offs, no arguments. It made me careful to only propose that which I thought necessary (and wary of lots of others who suddenly needed their projects approved because of “compliance,” but that’s another story). But how much would you love to have a bullet point in your presentation to the DOJ: “Compliance spend doesn’t go through the normal approval process, it’s automatically approved.”
Resources is a special form of budget, and I almost listed it separately. Welcome to the world of in-house practice: more people equals more importance. Don’t blame me, I didn’t invent the rules. And the fact is, the more people you have, the more you can get done. In fact, one of the key functions of a Compliance Officer is to identify for the business what activities can be done with what incremental additional resources.
What’s probably more important than everything is to have a budget and resources plan that’s already in existence (meaning, before you have to justify everything to the DOJ). If you get into trouble, you need to be able to trot out a document showing that you’ve recognized the issues, and that senior management has (1) seen it, (2) approved it, and (3) care about it. This last can be shown by senior management demanding periodic updates—say, once a month—on how the program is coming along, and addressing any roadblocks to the plan’s success.
6. Air Cover: Similar to the metrics discussion, senior management needs to put their actions where their mouth is. When a salesperson misses a target and credibly claims that their problem was a refusal to bribe, that should be taken into account. Visibly taken into account, and by senior management.
And if you can’t do that on an individual basis, you should include in market goals an adjustment for bribery. That way, you can show the DOJ that senior management recognizes how hard it is to avoid bribery in certain markets, and a willingness to support the sales efforts in those markets in a way that makes bribery less to avoid bribery.
The worry—and I don’t discount the worry—is that salespeople will use bribery as an excuse for why they missed their targets. Really, though, I’m not suggesting that someone get a commission for a sale that’s not made, but there needs to be an adjustment, and the business community has ignored this point for so long, a little pendulum swing too much the other way probably isn’t a bad thing. Even if the adjustment isn’t that large. The bullet point comes in, really, as soon as you make any adjustment.
The imperative is the same outside of sales. When your Real Estate people miss a target date because they wouldn’t bribe the zoning board, one of two things needs to be true: you either adjust the date or you can show you took the bribery issue into account when you set up the original date. This falls into what my This Week in FCPA co-host Tom Fox always says: document, document, document. If you can show that, when setting up the target date for action, you took the risk of bribery into account, that’s tone from the top.
7. Optics: When I say “optics” in conversation, I’m reminded of something that used to happen when I was a kid: I would say something, and my mother would say “don’t take that tone with me.” I never knew that I had used a tone. When I say optics, I can hear the tone I take (no pun intended). Usually, frankly, I use “optics” as a pejorative. But let’s not discount the importance of optical controls. You need the CEO video, not because it’s effective to deter bribery, but because it would be conspicuous in its absence. You need company-wide Code of Conduct training annually, even if by video.
Tone at the top is not a one-and-done affair. That said, it also should seem effortless. If senior management is truly committed to the success of their anti-corruption compliance program, this element will take care of itself.