Silver Blaze and Leadership-Find It, Fix It and Prevent It

Today, we continue our Sherlock Holmes week by drawing inspiration for lessons for the compliance practitioner from the story of Silver Blaze. In this story, a star racehorse disappears, Holmes pulls out his usual deductions to determine where the horse can be found but turns to the lack of an action to deduce why the horse was stolen. The lack of a dog bark in the horse’s stable tells Holmes that the thief was known to both the dog and to Silver Blaze.

I thought about the story of Silver Blaze when reading this week’s Corner Office column in the New York Times (NYT), entitled “Want to Succeed? Be Accountable”, by Adam Bryant, where he interviewed Noreen Beaman, the Chief Executive Officer (CEO) of Brinker Capital. Beaman was the oldest of four sisters and this gave her an interesting perspective growing up. She said, “Part of it was having a feedback loop of younger sisters. We were close in age, so they were some of my best informants in high school. They would say: “Really? That wasn’t a great idea. Maybe if you stopped and listened, you would’ve heard what someone was saying.” Clearly she received feedback but it was from a source that she listened to when it provided to her.

After a flush of early success in her career as a company Chief Financial Officer (CFO) she moved into sales. She made a major mistake on a transaction that went sideways. As Beaman put it “I was in the penalty box.” But through hard work and determination, she overcame this error and learned from it. She said that the entire experience made her both more accessible and “it made me have more humility”.

One of the most interesting things that Beaman said was that one of her company’s mantras is “Find it, fix it and prevent it.” That seems to me to be a pretty good way for a compliance practitioner to look at things, particularly if you consider the FCPA Guidance formula of “prevention, detection and remediation” for a best practices anti-corruption compliance program. To facilitate this culture, Beaman said that one of the skills valued at Brinker Capital is accountability. She said, “We make sure everyone’s in a position to be successful. Then, when you’re not successful, we have to have a conversation. You need to hold up your end of the bargain. Sometimes you’re not a good culture fit because you don’t want to be held accountable, and sometimes you’re a great culture fit and we just didn’t give you the right training, so we’ll do that. Sometimes you’ll make a mistake. Life happens. But let’s not do it again.”

For the compliance practitioner, I think that Beaman’s example demonstrates the need for a Chief Compliance Officer (CCO) to take the initiative in showing how the role they play inside the organization is far more than just a legal minimum or people-based risk management. A CCO, and indeed the entire compliance function, should be seen as a partner to the business folks. This will help to create the deeper relationships that will not only make it easier for the group to do its job, but also help it to be seen as a vital part of the organization’s long-term strategy. It will also help when there is something askance in the compliance function. As noted by Mike Volkov, in his blog post entitled “Chief Compliance Officers: Under a Microscope”, CCOs have to educate the Board and the C-Suite on what exactly is reasonable to expect and how the compliance program is designed to achieve these results.  Along the way, CCOs have to make sure they can show that compliance is a valuable contributor to the company’s bottom line.

Beaman also said one thing that I have heard numerous CEOs say over the years, which is that one of the most important skills they have learned is listening. Beaman related “You have to be a little more indulgent with people sharing ideas around the table, even if 25 percent of them are distractions. C.E.O.’s are usually Type A’s to begin with, and I’m a little chatty. And now I’m in this room full of smart, dynamic people who all want to be heard. So what I had to learn is to be quiet, to listen, to keep everyone committed and at the table.”

As a hard charger, she does want to make decisions and move on. So she has to consciously slow herself down, “to really slow down and be present in the moment.” Part of this turns on setting “realistic expectations and goals, and be sensitive to the tempo around you. It’s about meeting people where they are as opposed to expecting people to meet you where you are. Everyone comes from a different point of view. I have a big personality and I know that I can come on a little strong, so a lot of times I’ll slow it down.”

Beaman also had some interesting thoughts on interviewing. She is clearly engaged by potential hires that are intellectually curious. One of the things that she considers is whether the interviewee has any questions for her. She said that “One, it tells me if you’ve prepped. Two, it tells me how interested you are.” A second thing that she inquires about what books they read. If they are not a book reader, she asks about magazines and newspapers. She related that “I’m interested to know how intellectually curious you are. In our world today, if you’re not actively learning every day, you really are not competitive. There’s too much going on. I can never know everything going on around me, so I need to know that there are people around me who are learning other things, so we create a more cohesive view.”

For the compliance professional out there interviewing, I found these last couple of points quite instructive. Many times it seems that there is so much information in the compliance field that it is difficult to keep up in our profession. But here, the CEO of a major corporation wants to see intellectual curiosity in candidates because she believes this will make a better employee.

Beaman’s journey certainly has been wide-ranging. I believe that her experience can assist the compliance practitioner with ways to think about his or her position within a company and how it can be executed. And just like in Silver Blaze, sometimes when nothing is said, it speaks louder than mere words…

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

A Lot of Pain in KC and Leadership in Compliance

This past weekend saw some great football. However, if you are a Kansas City Chiefs fan, you are probably not feeling too positive about the game on Saturday as the Chiefs blew the second largest lead in a National Football League (NFL) playoff game, 28 points, in losing to the Indianapolis Colts. The Chiefs long suffering fans have not seen a playoff win in 20 years. However, I did see the Chiefs last playoff win, in 1994, when they upset the now defunct Houston Oilers in Houston. That devastating loss was only exceeded by the loss the previous year in Buffalo, where the Oilers set the record for losing the largest lead in a playoff game, that being 35 points. For you Chief fans out there, while the pain never goes away at least you have the possibility of winning a playoff game at some point in the future.

While sports fans can relive the triumphs and tragedies of their team’s ad naseum corporate leaders cannot not afford to do so. One key resource I have found, for not only the ideas of what a leader needs to do but the practical aspect of how leadership works in an organization, is through the New York Times (NYT) Sunday column Corner Office by Adam Bryant. In this week’s paper, Bryant wrote about his new book, scheduled to be released on Tuesday, entitled “Quick and Nimble: Lessons From Leading C.E.O.’s on How to Create a Culture of Innovation”. In the article Bryant highlighted “six key drivers that every organization needs to foster an effective culture that will encourage everyone to do their best work”. I think these six concepts are excellent areas for a compliance practitioner to consider in moving forward a compliance regime.

A Simple Plan

Bryant wrote about Tracy Streckenbach, the Chief Executive Officer (CEO) of Hillview Consulting LLC. She believes that you should have defined and measurable goals. From there, “you make sure each and every department knows them, and how their work will support the overall goals.” Streckenbach called them ‘Key Result Areas (KRAs)” and advocated that they be used up and down, “from senior managers to file clerks”, within the organization with complete transparency. By doing so, employees understand how they are helping the company to move forward.

Rules of the Road

Mark Templeton, CEO of Citrix Systems Inc, believes that “guidelines for behavior can help employees concentrate on the work at hand, rather than on navigating the stressful politics that arise when all sorts of bad behaviors are tolerated.” The company has a culture based on three core values, “respect, integrity and humility.” Templeton believes that people want, as employees, to be a part of an organization that believes in something positive. He said that Citrix has “clarity around where we’re going, and then they get to fill in how we’re going to get there — with the right kind of management, of course, and leadership, and the right kind of processes and metrics.”

A Little Respect

Here Bryant looked to Richard R. Buery Jr., CEO of The Children’s Aid Society, who sustained such a bad experience with a former supervisor that the experience provided extra motivation to be in a leadership position so that he could influence culture. That value is respect. Another CEO, John Duffy of 3Cinteractive, said that by making respect a core value of the company, “it frees up colleagues to challenge one another.” This allows employees to talk to and challenge one another more easily so that you can have “the ability to arrive at the right decision so much quicker and so much easier.”

It’s About the Team

Bryant notes that respect should be only one part of the equation, as he sees it. There must also be performance and accountability. He wrote, “Call it trustworthiness, or dependability. What it means is that you recognize your role on the team. When everyone does that, the team can focus on executing the strategy, instead of worrying whether colleagues will do what they’re supposed to do. (And such concerns, multiplied across an entire organization, can add up to a lot of wasted energy and lost momentum.)” This can be particularly true in a small organization, which, due its size, can be more nimble but, as quoted by Steve Stoute, CEO of Translation LLC, “the threat is that when one person catches a cold, everybody catches a cold.”

Adult Conversations

One of the problems in any organization is that subordinates are afraid to bring less than sterling news to superiors and so the frank discussions about resolving problems which needs to occur, does not occur. Bryant termed these “adult conversations”. He quoted Seth Besmertnik, CEO of Conductor Inc., who related that “A lot of my growth as a manager has been around conquering my own insecurity and gaining confidence.” Besmertnik went on to state that “When you’re confident, you can give people feedback. You can be candid. You feel secure enough to say what’s really on your mind, to bring someone in the room and say: ‘You did this. It really made me feel XYZ.’ Having good conversations is really 80 percent of being an effective manager.”

The Hazards of Email

Bryant believes that “Email is a hot-button issue, and clearly a source of endless frustration”; the reason being that they can be so easily misinterpreted “with often-disastrous consequences for the culture of an organization, because they can damage whatever connective tissue exists between colleagues.” Bryant believes that what people really need to do is talk. Bryant wrote about the experiences of Nancy Aossey, CEO of International Medical Corps, who said that “People change when they talk in person about a problem, not because they chicken out, but because they have the benefit of seeing the person, seeing their reaction, and getting a sense of the person. But arguing over email is about having the last word. It plays into something very dangerous in human behavior. You want to have the last word, and nothing brings that out more than email because you can sit there and hit ‘send,’ and then it just kind of ratchets up and you don’t have the benefit of knowing the tone.”

This problem of interpretation of email only compounds in an international organization where there are multiple business unit across many different geographic and cultural areas. What may be seen as acceptable in the United States may be far from acceptable in Europe, Asia or anywhere else. So by talking in person or over the phone, you can not only not only avoid dangerous misunderstandings, but you can also develop relationships and a sense of trust with colleagues. These are essential ingredients in fostering the kind of high-performing culture that drives compliance.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2014

Sammy Baugh in 1943: Do It the Right Way

2013 is the 70^th anniversary of one of the greatest individual seasons in pro football. In 1943, Sammy Baugh, playing for the Washington professional football team, had what Sports Illustrated said one of the greatest season’s a player has ever sustained. Playing at time when football players played both ways and usually the entire game, Sports Illustrated detailed the following of Baugh’s accomplishments:

• He completed 55.6 percent of his passes, best in the NFL that year.
• He threw 23 touchdowns passes, second in the NFL—and third-highest all-time to that point.
• As a defensive back, he had 11 interceptions, which broke another league record.
• He averaged an NFL-leading 45.9 yards a punt, often flipping the field with a well-timed quick kick.
• Five of his boots were longer than 70 yards.
• He had arguably the greatest single-game performance in history: In a 42-20 win over the Detroit Lions on Nov. 14, Baugh fired four touchdown passes, intercepted four passes and got off an 81-yard punt, the longest of the year in the NFL.

Baugh won and he won doing things the right way. I thought about his accomplishments when I read a recent article, entitled “Decisiveness Is a Double-Edged Sword”, in the Corner Office section of the New York Times (NYT) by Adam Bryant in his interview of David Cote, the Chairman and Chief Executive Officer (CEO) of Honeywell International Inc. In the article Cote explained that “Your job as a leader is to be right at the end of the meeting, not at the beginning.” Cote explained that he had a “reputation for being decisive. Most people would say that being decisive is what you want in a business leader. But it’s possible for decisiveness to be a bad thing. Because if you’re decisive, you want to make decisions — give me what you’ve got, and I’ll make a decision. I’d say that the lower you are in an organization, you can get away with a lot of that and you’ll be applauded for it.”

I found Cote’s approach a good way to explain the role of top corporate leadership in a Foreign Corrupt Practices Act (FCPA) compliance program. When I meet with a new client I explain to the President or CEO what his or her role is in a compliance regime. It is to be a leader and not simply to set the right tone for doing business ethically and in compliance but also ‘walking the walk’ of compliance. In other words, continually reminding the troops to do business the right way.

Further, you have to turn your pride and emotions aside at times because “it’s important to be smart and to think about what’s important.” Cote said that one of the most important behaviors at Honeywell is that you have to get results “and you have to get them the right way.” I thought about the way that Cote phrased it, “and you have to get them the right way.” Cote wants his team to make their quarterly numbers but he wants it done the right way “with the right kind of processes” and those right kinds of processes are financial and compliance controls to help the company to do business the right way going forward.

I once worked for a company where a regional manager was alleged to have said the following: If I violate the Code of Conduct, I may or may not get caught. If I violate the Code of Conduct and get caught, I may or may not be disciplined. If I miss my numbers for two quarters, I will be fired. And guess what – that regional manager never missed his quarterly numbers. Further, he was promoted for his “great” work.

What type of message do you think that this un-named regional manager’s aphorism, his quarterly numbers and, most importantly, the company’s treatment of him going forward sent throughout the region? It was pretty clear that making your numbers is all that top management wanted communicated down through the organization. Conversely, I have heard a compliance professional from another company in the same sector say that it is the business unit’s leader’s responsibility to make the numbers within the structure of the company’s compliance regime. It is not up to the compliance function to figure out how the operations manager should do business but the other way around.

But, equally significant, is the difference in focus between Cote and this un-named regional manager. Cote’s has a long term perspective in place and is thinking long term. He is considering something beyond, weeks, months, the next quarter or even the next two quarters. What Cote said in the NYT piece is that one of the reasons he desires to have the right financial and compliance controls in place is so that “we can make the quarter three years from now and five years from now.” Our un-named regional manager has no such focus; he is only looking at the next sale in front of him because if he does not make his numbers he will be fired. I do not think there can be a stronger message from management than to make your numbers “the right way”.

Just as Slinging Sammy Baugh had a season for the ages some 70 years ago, your compliance program can achieve the goals of doing business the right way if you have a CEO like David Cote. He believes that it is important to get your decisions right and to do business the right way. That is a message that can be translated from senior management down to the middle and the bottom of a company. That is what a compliance practitioner can ask of his or her leaders.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

Dan Snyder, the CCO and Doing Business Ethically

We continue the football theme as an entrée into compliance by looking at Washington Redskins owner Daniel Snyder. I am a life-long Dallas Cowboys fan so having someone like Snyder as the owner of your main rival at the professional level is almost too much fun for words. Clearly presaging the Jim Crane “I-made-a-$100MM-in-business-so-I-must-know-what-I-am-doing” school of sports ownership, Snyder has made about every bonehead mistake possible during his tenure as owner of the Washington professional football club. However, now Snyder has moved from simply making idiotic football decisions to one of ethical and perhaps even moral dimensions.

In the Sports of the Times column in this past Sunday New York Times (NYT), entitled “Redskins’ Owner Stubbornly Clings to Wrong Side of History”, columnist William Rhoden wrote the ongoing controversy of the continued use of the word ‘Redskins’ in the name of the Washington professional football team. Rhoden did not mince words when he wrote that Snyder is “making an equally strident stand against civility that will define his legacy as an owner and as a citizen.” He based that statement, in part, on Snyder’s quote delivered to the USA Today last May, “We’ll never change the name. It’s that simple. NEVER-you can caps.” Rhoden makes an ethical and moral argument for a change away from the use of the name ‘Redskins’ but opines that those making such arguments are “barking up the wrong tree” because Snyder’s fight is about money and “licensing, marketing and branding.”

Yesterday I wrote that one of the functions of a Chief Compliance Officer (CCO) is to provide advice to help companies do business ethically and in compliance with laws such as the Foreign Corrupt Practices Act (FCPA) and UK Bribery Act. So what might a CCO of the Washington professional football team tell his boss about now? It might go something like the following:

CCO: You know Mr. Snyder (I doubt anyone calls the smartest guy in the room Dan); there is a way to make money here and do the ethical thing. Washington fans are some of the most rabid and loyal fans in the country. If we changed the name they would all need knew gear. A rebranding could be a financial windfall for us.

Snyder: But what about all our current merchandise, you can’t expect me to donate it to Goodwill.

CCO: All that back stock would become collector’s items and we could increase the price to sell it on a close-out basis. Just think of the money you would make.

Snyder: I was going to think of that next.

In other words there is almost always a way to do business profitably and ethically, even if you work for one of the world’s smartest men.

While Snyder’s leadership has been an absolute joy for Cowboy fans everywhere (and don’t forget the Cowboys have the even more egotistical Jerry Jones as their owner); there was another article in a prior edition of the Sunday NYT which provided some more concrete steps that a CCO might utilize. In the Corner Office column, reporter Adam Bryant wrote about Michael Gould, the Chief Executive Officer (CEO) of Bloomingdale’s, in a piece entitled “Be Passionate Yes, but Always Have Compassion”. Gould’s father was a college professor and he told the following story about a leadership lesson he learned from his father. “I was in grade school, and the phone rings during dinner. There were no answering machines in those days, of course. My father starts getting up and my mother says: “Bernie, sit. Let it ring.” And my father says: “Sophie, it could be a student. And if a student has the courage to call his professor, the professor should always be there.””

“What it said to me was that we’re in the people business. I believe the business I’m in is giving people an opportunity to grow. At the end of the day, no one remembers anyone’s numbers, no matter how good they were at any moment in time. All anyone’s going to remember is, did they give me an opportunity to be more than I thought I could be? What people want is a sense of recognition. They want a sense of belonging. People want to sense that what they’re doing makes a difference.”

Gould went on to explain that he does not expect his employees to have the answer, just to “know where to go for the answers.” This is one of the things that I try to emphasize in compliance training, “Just raise your hand.” Ask for help before you do something that you are not sure about. But to put this requirement on employees brings a corresponding obligation on compliance professionals, for example you have to answer the phone when it rings and answer the question. I have worked in corporate legal departments where answering the phone seemed to be optional and making a decision was not high on the list of priorities.

Nothing frustrates a business unit person more than someone in a support function, such as legal or compliance, sitting up in an ivory tower and not responding to requests for assistance. This means that you have to answer the phone, interact with people and provide an answer where necessary. This speaks to another key point that Gould discussed; the issue of trust. Gould said, “To me, the fundamental basis of leadership is trust. If you don’t have trust, you have no leadership. I’ve also always believed that you have to be passionate about what you do, and have compassion for people. I don’t think you can teach passion. You know it when you see it. You can just look in somebody’s eyes.”

The FCPA Guidance speaks to another issue brought up by Gould’s admonition; that of resources for the compliance function. The FCPA Guidance states, “Moreover, the amount of resources devoted to compliance will depend on the company’s size, complexity, industry, geographical reach, and risks associated with the business. In assessing whether a company has reasonable internal controls, DOJ and SEC typically consider whether the company devoted adequate staffing and resources to the compliance program given the size, structure, and risk profile of the business.” Gould spoke about resources when he talked about termination of an employee. One of the things that you need to consider in a termination is what resources did you provide to him/her to do the job? And how did the staff respond to the termination? In other words, you need to consider the resources available to the compliance practitioner to fulfill his or her function.

Gould’s messages on leadership really do tie into Snyder’s self-imposed conundrum and for CCOs. We are all in the people business. If you do business ethically, it can not only be good for business but you will be respected. And it has the added advantage that you will not be criticized by the Commissioner of the National Football League and the President of the US or even William Rhoden in the NYT.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

Continuous Compliance to Solve the Problem

On this day, 53 years ago the CBS television network premiered one of my favorite TV shows of all time – Route 66. The program had a simple premise, it followed two young men, Buz Murdock and Tod Stiles, as they drove across the country in an inherited Corvette (Chevrolet was one of the show’s sponsors), doing odd jobs and looking for adventure. According to the show’s creator and writer, Stirling Silliphant, Buz and Tod were really on a journey in search of themselves. “Call “Route 66” “Pilgrim’s Progress”” once Silliphant told a reporter. “The motive power driving our two characters is not a Corvette: it is the desire for knowledge–and for sentience; it is a quest through the perennially fascinating cosmos of personal identity.”

I thought about the message of Route 66 as a continuous quest, when I wrote about the use of financial controls as a key part of your anti-corruption program under such laws that the Foreign Corrupt Practices Act (FCPA) or UK Bribery Act. In listening to the talk by Stephen Arbogast, Executive Professor at the University of Houston, Bauer College of Business, Department of Finance, I saw, once again, that compliance is more than a set of steps but is truly a continuous process that, once implemented, takes each step in the process and builds upon another until it becomes an ongoing practice.

I have read that former Department of Justice (DOJ) official Lanny Breuer said that a FCPA compliance program should be a continuous process; further that your compliance regime should be a living, breathing practice going forward. By doing so, your business will be able to adapt to meet changing markets, circumstances and outside forces so that you can do business not only in compliance with the FCPA but also in a smarter, better and more efficient manner. I thought about these ideas when I read this week’s Corner Office column in the New York Times (NYT) by Adam Bryant, who this week interviewed Lars Albright, co-founder and Chief Executive Officer (CEO) of SessionM a mobile advertising platform.

Albright discussed a couple of concepts which I thought resonated strongly with this concept of a continuous compliance cycle. The first was that although a company culture may start at the top, it certainly does not end there. Indeed, Albright took it a step further by stating, “A big thing I talk about at SessionM is that I don’t let the company off the hook when it comes to creating culture. Because at a small company — we have 55 people now — it’s not about a C.E.O. telling you what the culture is. It has to be about the company creating the culture and living the culture and embodying it. So I actually say at all company meetings, “Look, this is a rare opportunity in your career to create a company culture and be a core part of it, because I’m not going to sit up here and just tell you what it is.” So I’ve really tasked our company to help create the culture very overtly.”

To facilitate this concept, SessionM has a concept called “SessionM PACT” which Albright said “is less about our values and more about the way we want people to work. When you join this company, you agree to this PACT, which stands for purpose, accountability, commitment and teamwork. There’s not a meeting that goes by when I don’t mention the PACT. And we have a quarterly award that we give to an employee who truly embodies that way of working.”

The second concept that Albright discussed is what he termed the “I need syndrome”. He defined this as the situation where employees will say “I need this or I need that” but these employees are not thinking about the need to employ. Albright’s key in such a situation is to “push the conversation through to what’s going to solve the problem.”

All of the above reinforced to me that many times a compliance program is viewed as a set of burdensome rules and procedures and is designed to constrain how a person does business; the reality is that an effective compliance program is essential to the long-term success of any organization. Just as Albright believes that a CEO should not tell employees what their company culture is, an effective compliance program can help to promote a culture of honesty, so that employees do not cheat in doing business and do not steal from the company. An effective compliance program can help to provide information and data integrity so that reporting up the chain provides accurate information about what is really happening, not what people want the higher-ups to believe. This allows a company to respond to new or different compliance risks more efficiently. Finally, an effective compliance program assists not only with effective risk management but also helps to identify risks and develop procedures to manage those risks.

Carol Switzer and the Open Compliance and Ethics Group (OCEG) have put out a series diagramming the cycles of various issues in the compliance context. If you think about your compliance program is more of a continuous process you may come to realize that the journey of self-exploration engaged in by Buz and Tod in Route 66 can point towards a way for you to consider your compliance program as continuous compliance.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

The Red Baron and Leading in Compliance

For anyone who grew up in the 60s or 70s; the comic strip adventures of Snoopy vs. the Red Baron were legendary. ‘Curse You Red Baron’ was a routine line from Snoopy as he was foiled time and time again by the Red Baron. Anyone who has seen “Charlie Brown and The Great Pumpkin” will remember the scene were Snoopy was shot down behind enemy lines, but survived his crash landing and escaping back to his own lines. Today is the 98^th anniversary of the first time the real-life Red Baron, Manfred von Richthofen, shot down his first plane on the Western Front in World War I (WWI). One of the things that the Red Baron always did was lead from the front.

I thought about those fanciful flights of Snoopy vs. The Red Baron when I considered the compliance implications found in this past weekend’s Corner Office Section of the New York Times (NYT), where Adam Bryant interviewed Bob Moritz, chairman and senior partner of PricewaterhouseCoopers LLP (PwC), in an article entitled “Want to Learn about Diversity? Become a Foreigner”. In this article Bryant detailed several leadership lessons that Moritz had experienced over the years which I thought had quite a bit of application to the compliance practitioner.

Lead from the Front

The first was that leaders are more respected if they lead from the front. Moritz talked about one of his initial role models who was in his first job in a clothing store. Moritz said, “He was in charge of the stockroom, and I admired him because he knew it all. He had a sense of what had to be done, and how you get it done. He had a great balance — he didn’t seem to go through tremendous highs or tremendous lows. He was dependable, and he was the go-to guy.” This means to me, you will have more appreciation for your role if you lead from the front. Moreover, if you demonstrate a commitment to the discipline, suit up, show up and understand the legal and process requirements of your profession, I think you will become model a role that others in the company respect.

Learning (and Living) Diversity

One of the seminal events in Moritz’s professional career came when he accepted a transfer to Japan. He did this even though it took him far out of his comfort zone. Moritz said that there were three key lessons he learned from his time in Japan. The first was diversity. He said, “I was the minority. I was the guy outside of the circle. I couldn’t speak the language. I was the guy who was discriminated against. So it gave me a different perspective of diversity, and it influenced the diversity agenda we have now.”

The second thing it taught Moritz was the “diversity of thought and cultural diversity.” The Japanese respect job titles and age to a greater degree than in the west. As it appears unseemly to directly challenge authority, Moritz had to learn how to ask challenging questions “to get the right answers without making people feel threatened.” This has led to a greater understanding of engaging in a global business practice in a way that makes employees feel appreciated and not threatened.

The final piece of this diversity puzzle was bonding. For Moritz the question was “how do you bond with people personally enough so that they trust you, but in a way that you can work with them professionally?” Moritz described a martial arts class where clearly he was used as the tackling dummy. But he took the punishment and garnered the respect of his peers for it. It was not simply that he took his beating like a man; it was more that he made himself vulnerable. Moritz said, “What was good, though, was that the people I was working with saw me taking a chance, and they opened themselves up a bit more, and that allowed for that trust to be built.”

For the compliance practitioner, I think that the first message is that you have to get out of the office. Nothing engenders respect more than face-to-face meetings. But, more importantly, you can obtain a greater understanding of what is going on in parts of the world other than the US. For example, China is currently on the forefront of everyone’s mind in the compliance world now. But Moritz’s comments about asking questions without challenging authority should make US and Western Europe compliance practitioners understand the pragmatic differences in the way that internal hotlines are viewed by different cultures.

Consensus

Moritz said the biggest ‘leadership’ lesson he has been taught after taking up leadership roles in the firm is around the concept of consensus. He admitted that he is a self-styled ‘consensus-builder’. But that brings up a set of challenges; the primary one being how much consensus is enough? He phrased it as “how much time do you want to spend building consensus versus “let’s just move on”?”  The building of consensus led him to another leadership lesson, where he would use the building of consensus as a way to test his leadership team to see who would be willing to step up. He said that “I’m willing to let things go for a period and see how they play out.”

For the compliance practitioner I think this point ties all of Moritz’s concepts together fairly well. Or, to quote my colleague Michael Volkov, do not be Dr. No from the Land of No. Compliance works with the business units of a company to make sure there are not violations of anti-corruption and anti-bribery laws. That does not mean saying no all the time. It means determining the risk and then managing the level of risk. If you are going to now ask something along the lines of “What about doing a deal in ‘X’ high risk country, with a government official or known fraudster”, my response is simply how do you look in an orange jumpsuit? (See picture of Frederick Bourke). The point is that you can build consensus with the business team on how to do a deal, construct a transaction or join a business partner which meets the requirements of the Foreign Corrupt Practices Act (FCPA) or UK Bribery Act. But you have to work at it and have your network set up beforehand so that you can build the requisite consensus.

Compliance Brand

Moritz had some interesting advice for students. He said that “you’ve got to think about your personal brand differently. You have to take some risks.” To take risks, you have to be willing to go outside your comfort zone, such as Moritz did when he transferred to Japan. You also need to be willing to ask for advice and take coaching. Use the feedback that you receive and be willing to do something about it. He ended with the following, “And make sure you’ve got your elevator speech because you never know who you might see. How are you going to make the best first impression?”

For the compliance practitioner in a corporation, I think that many of us not only do not think of our personal brand, but also the compliance brand. So, personally and for your discipline, you should build up your network within an organization. Lastly, you should consider the effect of what you say and what you put out to the organization in the context of a compliance officer. If you travel, consider the effect of what you say outside the US in the context of you being a compliance officer. People will be listening to not only what you say but how you say it. If it’s the first time you meet someone, what will that person’s impression be not only of you but of compliance in your organization?

The leadership lessons that Bryant wrote about regarding Bob Moritz are some excellent ideas for the compliance practitioner to put into place. While you are contemplating the above, check out this YouTube clip of the Royal Guardsmen’s song Snoopy vs. The Red Baron.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

Four Keys to Compliance Leadership

One of the most divisive moments in American history occurred on this date in 1868. On this day the US Senate voted against impeaching President Andrew Johnson thereby acquitting him of having committed “high crimes and misdemeanors” as required under the US Constitution. After all the arguments had been presented for and against him, Johnson waited for his fate, which hung on one swing vote, as there is a Constitutional requirement that requires a vote of 2/3rds of the Senate for impeachment. The vote was one short, at 35-19. Johnson was acquitted and finished out his term. If Johnson had been impeached, it surely would have led to a very different political development in the US, where not liking the sitting President could have become a constitutional basis for impeachment.

The Radical Republicans who ran the Congress immediately after the conclusion of the Civil War certainly did not think much of President Johnson’s leadership style. So what about you as a compliance officer? Certainly part of your leadership is implementing and enhancing policies and procedures? In many ways it is the human element, which President Johnson sorely lacked, that you may well need to devote most of your time focusing on. I recently read an excellent article it the Corner Office section of the New York Times (NYT), entitled “We’re Family Yes, but We’re Still Accountable”, in which Adam Bryant reported on his interview with Brooke Denihan Barrett, the co-Chief Executive Officer (co-CEO) of the Denihan Hospitality Group (Denihan), a 50-year old family business which focuses on the hospitality business.

Training

One of the things that Barrett has learned is how to train people. She explained that “I thought the way you got things done was by telling people what to do. That’s where I learned what not to do. I spent a good portion of my time telling people what they did wrong instead of really encouraging them about what they did right.” She came to realize that was perhaps not the best way to manage people and “learned to cut people some slack.” She said that she found “that you get a lot more with the carrot routine than the stick routine. I also realized that you really needed to explain the “why” of things. You need to give people a little bit of space to come around, and say, “Yeah, that makes sense,” before you really engage them in what needed to be done.”

I found that her final point may be critical for compliance training. By explaining the why of compliance, employees can better understand what the company is trying to accomplish. So if your goal is to do business in an ethical manner, then explain this and how the company’s compliance program will help to accomplish this goal through its policies and procedures.

Accountability

One of the things that Barrett emphasized was the erroneous perception that because her company was a family business there was no accountability. She made clear that “You have to set certain standards that you want people to live up to. And if people need help, then we want to help them along the way.” However, accountability is a two-way street. Just as the employee must be held accountable, so must the company in terms of providing support to allow employees who want to do the right thing and to do their job well. Barrett said, “Sometimes organizations can fall down if they don’t also ask: How do you give people the tools they need to be successful? How do you get that person to understand what change needs to happen, and how do you help them along the way? Because people can’t always figure it out on their own, and nor should you expect them to.”

Listening

Many of the CEOs that Bryant interviews for his Corner Office section speak about the need for listening skills. Barrett was no exception. But as CEO she found that employees were sometimes reluctant to speak openly and candidly with her. So she began to meet with employees in small groups of 10 to 12 people. At Denihan they call them ‘Roundtables’. Barrett said that she will say to them ““Tell me something I don’t know.” And I’ll get comments like: “Oh, but you know everything. You’re the C.E.O.” It’s just a reminder of the perceptions that people have of the head of the company. But every time I ask that question, I learn something new.” Imagine as a compliance officer if you were to ask that question in a roundtable, what do you think you might hear back from your company’s employees?

Barrett also spoke about how to have a ‘difficult conversation’. She said that if there is a mistake made she views it as an opportunity for learning and professional growth. At Denihan, they call them ‘lessons learned conversations’ and they may occur with a group where a problem has arisen. Barrett related, “we might bring people together in a room who were involved in a project and ask: What were the things that worked? What were the things that didn’t? What could we have done differently? And we’ve had some very spirited and cathartic conversations. You have to be able to let people put something on the table without actually pointing the finger. It allows things to come out in more of a non-accusatory manner.”

Hiring and Promotion

These are two key areas in compliance that are finally beginning to receive the attention that they deserve. Barrett’s thoughts on how she views these in the context of her interviewing are instructive. She acknowledged that by the “time somebody meets me, you can assume that the skills are there. So what I interview for is fit. And I’m always very curious to know, what is it about our company that appeals to that person?” She asks specifically about culture, requesting the candidate define it and how do you think that culture is special. She also asks candidates to talk about a failure and what lessons that they learned from the experience and how they dealt with the experience. I would suggest that both of those lines of inquiries should be used when evaluating a candidate for hire or promotion.

Barrett’s interview provided some interesting insights on leadership. Moreover, her experience in professional growth has shown there are different styles and techniques that you can successfully use in your company’s compliance program. Train people on the reasons why your company is doing compliance so that they will understand how to do it. Make them accountable but also provide them with the compliance tools and support to do business the right way. If there is a problem or issue, use it as a lesson learned so that employees can profit from the experience. Lastly, make a discussion of culture a cornerstone in your hiring interview or promotion interview process.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

Compliance: Having Everyone Join In – From the Board Room to the Shop Floor

Today in history should be known as “End of Military Leaders Day” as not only is this the 199^th anniversary of Napoleon’s exile to Elba (although he did make somewhat of a comeback) it is also the 62^nd anniversary of Truman’s sacking of Douglas MacArthur (although MacArthur did get to address Congress). Whatever you think of these two men as human beings, you cannot under-rate them as great leaders of armies. They both were able to get men to achieve far beyond what they believed were their capabilities. I thought about great generals and other leaders when reading a recent article in the New York Times (NYT), Corner Office section where reporter Adam Bryant interviewed Dr. David Rock, in an article entitled “A Boss’s Challenge: Have Everyone Join the ‘In’ Group”. In this piece, Bryant highlighted some of the mechanisms which Rock, who is the director of the NeuroLeadership Institute (NLI), believes that it is important for managers to make employees feel like they are on the same team.

Generally speaking Rock believes that the brain categorizes everything into one of two categories: threat or reward. He thinks people are driven unconsciously to stay away from threat and are driven unconsciously to go toward reward. This decision about threat or reward happens five times every second. But this can all be very subtle as employees are making this decision about everything good or bad all the time. He has based this theory on research in the last 10 years or so which he believes demonstrates that things that create the strongest threats and rewards are social. Social threats and rewards activate what’s called the brain’s primary threat-and-reward center, which is actually the pain-and-pleasure center. This was a big surprise, to see that someone feeling left out of an activity, for example, would activate the same regions as if they had put their hand on a hot plate.

He breaks these concepts down with the acronym SCARF; which stands for status, certainty, autonomy, relatedness and fairness. I found that these concepts had some useful analogies for the compliance practitioner in not only how to engage employees, but also to have them buy into and become a part of a company’s compliance regime.

Status

Rock believes that status is your perception of where you are in the pecking order around you, and it’s a feeling of being better or worse than others. People feel uncomfortable until we work out our status with people. We are more comfortable and we’re more effective when there is a clear status arrangement between people. When we feel a higher status, we get a slight reward. When we feel lower status, we get a strong threat. The challenge is that if somebody continuously fights for high status, all the other people around them might be getting a strong threat response.

For the compliance practitioner, I think that the key here is to get out of the office and into the field. The more employees see you, the more they will move away from seeing compliance in an ivory tower and more towards compliance being part of the overall business process. This can also mean embedding compliance department members in high risk projects or high risk geographic areas. The more compliance is seen, the more comfortable employees will feel in bringing matters to you.

Certainty

Certainty is critical. Rock believes that the feeling of uncertainty feels like pain, when you can’t predict when the lights will come back on and you’re holding multiple possible futures in your head. That turns out to be cognitively exhausting. And the more we can predict the future, the more rewarded we feel. The less we can predict the future, the more threatened we feel. As soon as any ambiguity arises in even a very simple activity, we get a threat response. So we are driven to create certainty.

For the compliance practitioner, I think this is where the ‘we all wear the same color shirt’ concept is important. When compliance looks into something or looks at how processes are being followed in business units, it should not be perceived as a threat to employees but how to work better and more efficiently in the context of compliance.

Autonomy

For Rock, autonomy is a sense of control. While it is similar to certainty he believes that there are differences. Certainty is prediction. Autonomy is control. And it’s a very important thing for us to feel a sense of control, so much so that a small stress where you have no control generally is in fact a very big stress. When autonomy goes down, it’s a strong threat. So when the boss walks in the room, they’ve got the final say, so suddenly your autonomy goes down.

For the compliance practitioner, I think that setting clear expectations can help employees in this area. The more that they understand what is required of them the more that they understand their obligations. This includes any compliance component of evaluations or bonuses. The more you can explain, teach and educate, the more employees will recognize what is required of them.

Relatedness

Rock next spoke about ‘relatedness’ which he believes is the decision about each person we interact with, for example other employees, which impacts basic processing. This decision boils down to “Are you in my ‘in’ group or in my ‘out’ group?” If an employee decides that they are part of your “in” group, they will process what you say using the same brain networks as thinking your own thoughts. Conversely, if they decide they are in your “out” group, you use a totally different brain network. So the very level of unconscious perception has a huge impact based on the decision of: “Is this person similar to me? Are they on my team? Do we have shared goals, or are they in my out group?” This is also the same of teamwork and collaboration. It feels good to be with “in” group members. But we basically treat everyone as foe until proven otherwise, with the exception of really attractive people or if you’ve had a moderate amount to drink.

The important question for the compliance practitioner becomes, “How do we create an ‘in’ group for compliance?” If you can create shared compliance goals among people, you can create quite a strong “in” group fairly quickly. When you can find a shared goal, you turn an “out” group” into an “in” group. But this requires a company leader to create shared goals across an organization; otherwise an organization will be a series of silos.

For the compliance practitioner I think the domain where leaders can have the biggest impact is relatedness. Many people have had a boss they really wanted to work hard for because they respected them. It doesn’t have to be love, but it does have to be a sense of respect. And I think that those bosses have worked hard to have a sense of relatedness with people, which comes from having shared goals and making sure there’s a feeling of being on the same team, not a sense of “us” and “them.”

Fairness

The final one is fairness, Rock says that it is “very fundamental.” A fair exchange of anything is intrinsically rewarding. An unfair exchange of anything is intrinsically threatening – and not just threatening, but very intensely threatening. Fairness is about several things. First and foremost the compliance practitioner must treat everyone fairly, from the ‘board room to the shop floor’ so that if someone violates the compliance program they are promptly investigated and disciplined, if warranted. But it also means transparency so that employees understand what their obligations are and what rewards they will receive if they meet those obligations.

Bryant’s article has some interesting insights for not only compliance leadership but also for compliance engagement. While you may not get the blind devotion that Napoleon and MacArthur were able to engender, you may be able to obtain better buy-in and strength for your compliance program.

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013

How To You Move Ethical Values Down Through Your Company?

What do employees want most in their company’s values? That is a question that has plagued companies for many, many years. I would argue that one of the concepts which should be in the conversation is respect for a company’s ethical values. One of the tasks in any company is to get senior and middle management to respect the stated ethics and values of a company, because if they do so, this will be communicated down through the organization. This topic was explored in a recent article, entitled “If the Supervisors Respect Values, So Will Everyone Else”, in the Corner Office section of the New York Times (NYT), when reporter Adam Bryant interviewed Victoria Ransom, the Chief Executive Officer (CEO) of Wildfire, a company which provides social media marketing software.

Company Values

Ransom spoke about the role of senior management in communicating ethical values when she said “Another lesson I’ve learned as the company grows is that you’re only as good as the leaders you have underneath you. And that was sometimes a painful lesson. You might think that because you’re projecting our values, then the rest of the company is experiencing the values.” These senior managers communicate what the company’s ethics and values are to middle management. So while tone at the top is certainly important in setting a standard, she came to appreciate that it must move downward through the entire organization. Ransom came to realize “that the direct supervisors become the most important influence on people in the company. Therefore, a big part of leading becomes your ability to pick and guide the right people.”

Ransom said that when the company was young and small they tried to codify their company values but they did not get far in the process “because it felt forced.” As the company grew she realized that their values needed to be formalized and stated for a couple of reasons. The first was because they wanted to make it clear what was expected of everyone and “particularly because you want the new people who are also hiring to really know the values.” Another important reason was that they had to terminate “a few people because they didn’t live up to the values. If we’re going to be doing that, it’s really important to be clear about what the values are. I think that some of the biggest ways we showed that we lived up to our values were when we made tough decisions about people, especially when it was a high performer who somehow really violated our values, and we took action.” These actions to terminate had a very large effect on the workforce. Ransom said that “it made employees feel like, “Yeah, this company actually puts its money where its mouth is.””

Ransom wanted to make clear to everyone what senior management considered when determining whether employees “are living up to the company culture.” The process started when she and her co-founder spent a weekend writing down what they believed the company’s values were. Then they sat down with the employees in small groups to elicit feedback. Her approach was to look for what they wanted in their employees. They came up with five.

• Passion: Do you really have a thirst and appetite for your work?
• Humility and Integrity: Treat your co-workers with respect and dignity.
• Courage: Speak up – if you have a great idea, tell us, and if you disagree with people in the room, speak up.
• Curiosity: They wanted folks who would constantly question and learn, not only about the company but about the industry.
• Impact: Are you having an impact at the company?
• Be outward-looking: Do good and do right by each other.

Leadership

Ransom came to realize that as her company’s leader, more was expected from her. Her employees listened to what she said. This is one of the best descriptions of ‘tone at the top’ that I’ve seen. Ransom “started to realize how what you say can have such an influence. You can’t just say things off the cuff anymore, because people take it so much more seriously than you ever meant it. And that can be good and bad. The bad is that you might say something sort of flippant, or you’re trying to be really transparent and honest with the team about the challenges we may have. But that can get passed on down the line and repeated until there’s a panic.”

But equally important was what she does not say. This is because she learned “how comforting what I say can be to the team, even if I’m not giving the answers. I thought at first that I always needed to be able to give them the solution, but I realized that actually that wasn’t needed at all. All that was needed was acknowledging the challenges, and showing that we’re on top of it and we get it.”

Ransom had an equally valuable insight when she talked about senior management and ethical values. She believes that “the best way to undermine a company’s values is to put people in leadership positions who are not adhering to the values. Then it completely starts to fall flat until you take action and move those people out, and then everyone gets faith in the values again. It can be restored so quickly. You just see that people are happier.”

I found the Ransom interview to be quite useful to the compliance practitioner. She makes clear that ‘tone at the top’ is only one key to instituting ethical values throughout your organization. It also means ‘tone in the middle’ and ‘tone at the bottom’. But she points out not only how to establish that tone but more importantly how to walk the walk of ethics and compliance. Her interview also showed the importance of establishing the values that you want in your company. By doing more than simply writing and then announcing them, through her work with small employee groups she was able to get buy-in from everyone. This was more than communication, this was collaboration. If you make your employees feel that they are a part of the process you will have greater success in your mission to bring ethical values to your organization.

============================================================================================

Please join Patrick Taylor, CEO of Oversight Systems and myself tomorrow afternoon for a webinar on Anti Corruption and On-going Transaction Monitoring. The webinar will be at 2 PM EST and is free. For registration and information click here.

============================================================================================

This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at tfox@tfoxlaw.com.

© Thomas R. Fox, 2013