In a September 26, 2011 article in Forbes magazine, entitled “Social Power and the Coming Corporate Revolution”, author David Kirkpatrick argues that the social media revolution has so empowered employees and customers that these groups will soon be calling the shots in companies and not management. He bases this on the use by these groups of social media to obtain and convey information. In the past, management traditionally controlled information and, in a top down hierarchy, would usually dole it out on a need-to-know basis and those who hoarded the information were more powerful within an organization. However, the power and speed of social media have taken this most powerful leverage out of the hands of management and relocated it. Kirkpatrick believes that business leaders now need to demonstrate “authenticity, fairness, transparency and good faith.” If the leaders do not do so, then employees may well come to distrust them, which can lead to disastrous results.
All of this is true of your compliance program but even more so for your compliance program. There has been much gnashing of teeth over the Whistleblower provisions of Dodd-Frank. Corporate America fought tooth and nail to prevent employees from whistleblowing to the Securities and Exchange Commission (SEC) without first going through the company internal whistleblower or reporting systems. Here companies missed the point entirely. If they have a reporting system which is perceived as fair, employees which have a valid compliant or compliance issue to report will do so through the system. The reason is that employees are not employed to discover and report to the US government compliance violations. They work at companies because they desire to be employees. Put more simply – people do not go to work to report compliance violations under Dodd-Frank and wait years to see if they get any money out of it.
In compliance conferences this year a new round of anecdotal stories are making the rounds regarding just how nefarious the Dodd-Frank whistleblower program has become. It goes something like this: an unnamed foreign employee, when faced with termination is alleged to have threated to go to the SEC to report a compliance violation unless he (or she) is paid off. I say, let them go to the SEC. If you have a real compliance problem, your company had better have a detection system in place which rings some bells somewhere in your company.
The key is to develop trust in your overall compliance program. For a US company with a large overseas workforce, trust does not simply happen by ramming a Foreign Corrupt Practices Act (FCPA) compliance program down the throats of its non-US workforce. Kirkpatrick notes that “Trust is developed by sharing vulnerabilities.” He quotes Don Hagel that trust comes not from “the top executive dictating about what needs to be done and when, it’s about providing individuals with the power to connect.” I would add that it also comes from listening to your employees. If employees think that they have a vested interest in the outcome, they will work much harder to make sure the company has success.”
Part of this idea of trust falls under the concept of the Fair Process Doctrine; that is, if employees think that the process is fair, they will be more willing to accept results which they do not necessarily like. Another part of trust is not treating employees like second class step-children. I can remember when a friend from my home town, who worked for a major oil company, told me that it was like being in the third grade. They wanted you at your desk at 8am in your uniform (i.e. coat and tie for men) and to stay there until the closing bell rang. The same mentality is now true for companies which ban the use of social media tools at work. Kirkpatrick quotes Clara Shih that “at least in America our job is such an important part of our identity that most people want to talk about it.” And they do on Facebook, LinkedIn and Twitter. In other words, employees will talk about your company anyway, whether you tell them they cannot do so at work or not.
All of this means that your compliance program should embrace the underlying thesis of Kirkpatrick’s article. A company needs to develop trust under this new dynamic. By developing this new dynamic, having employees who want the company to succeed, they are more likely not to engage in bribery and corruption but also to detect and report it. I think that McNutly’s maxims would apply here (1) What did you do to prevent it?; (2) What did you do to detect it?; and (3) What did you do to fix it? Just image that power of your compliance program if you had employees driving the answers to these three questions in conjunction with your policies and procedures.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.
© Thomas R. Fox, 2011
FCPA Compliance and Ethics Blog 