As compliance programs mature within an organization, one of the ongoing challenges is continuing to sustain the momentum of the program. I found some guidance in an article in the winter 2012 issue of the MIT Sloan Management Review, entitled, “Six Principles of Effective Global Talent Management” co-authored by the following group of researchers, Gunter Stahl, Ingmar Bjorkman, Elaine Farndale, Shad Morris, Jaap Paauwe, Philip Stiles, Jonathan Trevor and Patrick Wright. The article’s focus is how companies can build and sustain a pipeline of talented employees. They found that the key was adhering to six fundamental principles, which I believe are a good set of principles for a company that wants to sustain and grow the viability of its Foreign Corrupt Practices Act (FCPA) compliance program.
1. Alignment with Strategy
This is more than simply ‘Tone at the Top’. This means that you need to tie your compliance program to your overall corporate strategy. This could mean that your company will only engage with businesses and individuals in the sales chain which will avow to do business in an ethical manner. Your company can continue this policy into the supply chain as well. Many companies now recognize the reputational risk, in addition to the financial risk of not only having a FCPA violation, but having a business partner, up the sales chain or down the supply chain, sustain a FCPA violation while working on its behalf.
2. Internal Consistency
This means that your company should be consistent with its compliance message across all disciplines of the company. Training alone will not succeed; there should be incentives for conducting business in a compliant manner, just as there should be sanctions for those employees who do not follow the company’s Code of Conduct or compliance program. Put another way, “the processes and metrics must make sense together.” If your company rewards high sales persons, who cut corners and do not conduct business in an ethical manner, the message you send is that compliance does not matter.
3. Cultural Embeddedness
This focuses on the values of the company. A culture of compliance must become part of your company’s DNA. This begins with hiring persons who share similar values regarding compliance and then continuing to nurture those values through training, assessment, incentives and mentoring. Just as the value of doing work in a safe manner, can be driven into a company’s DNA, the same came occur with embedding a culture of compliance.
4. Management Involvement
For any program to succeed in a company there must be management buy-in of the underlying concepts. This means that the business units of a company need to feel that doing business in a compliant manner is not simply required by the legal or compliance department, but it is good for the company’s business and for the employees personally. Making business unit leaders and members responsible for compliance invests them in the ownership of it. An example is with agents; if a business unit wants to use a new agent or distributor, they need to be able to justify it to their management from the business case so that they will all be invested in having the best group of agents and distributors, who will do business in a compliant manner.
5. A Balance of Global and Local Needs
Clearly the FCPA has requirements that impact the way US companies can do business in an international setting. However, some countries have legal requirements which may bump up against the requirements of the FCPA. One example is that certain countries/regions, i.e. the Middle East, require a local agent or representative. Another example might be a local content requirement which necessitates companies to utilize in-country businesses to supply certain goods or services. Yet another might be a state owned enterprise which has a compelled giving component. All of these speak for the need of companies to have flexibility to deal with both the FCPA and general anti-corruption risks.
6. Branding Differentiation
This principle suggests that a company moves aggressively to demonstrate its commitment to a culture of compliance, within its industry. One clear example is Apple, which annually publishes its Supplier Responsibility Report. In this report Apple reviews its audits of its suppliers on a variety of issues that affect its business relationships with its suppliers, including anti-corruption compliance. By making such a report public Apple demonstrates to itself, and others, its commitment to the compliance process. If your company is an industry leader in compliance, this will drive employee incentives to do business in an ethical manner.
I believe that by incorporating these six principles into your compliance plan going forward, you can continue to sustain the momentum that you achieved with the initial program rollout or subsequent enhancements. My colleague Stephen Martin says that a compliance officer should have a 1, 3 and 5 year compliance plan which can be used as a touchstone for continued growth and assessment. By incorporating these six concepts into your plans going forward, I believe that you will be able to move and grow your program so that compliance and ethics become a part of the way your company does business.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at email@example.com.
© Thomas R. Fox, 2012