Naturally the fear of big business of punishment remains well-hidden from public view.
Senior insiders seldom admit to anxiety yet it is there. Where next, they wonder, will the boot land for breaking rules; miss-selling, or other bad bit of behaviour far down the hierarchy? Quite simply: “how can we avoid a reputation disaster?”
“More than 40% of companies indicated that they do not use employee ethics surveys to measure compliance program effectiveness.” Compliance Trend Survey 2013, Deloitte
The scale of fines landing on some of the largest companies on the planet is proving salutary.For example, regulators around the world are introducing more robust supervision of financial services firms. This runs alongside a raft of new regulatory initiatives to bolster the regulatory framework.
The sheer size of many of the penalties imposed are a wake up call. Many at least mean ethics is now firmly on the top table agenda. But the common response is “let’s spend more money on risk reduction and make sure we comply.”
For example, the average multi-national company spends over $3.5 million a year on this kind of activity. It seems to make sense. After all, the cost for non-compliance can be around three times more than complying, and rising—see chart. This cost does not take into account the damage to brand, reputation and stakeholder disaffection.
Source: The True Cost of Compliance, Ponemon Institute LLC, 2011
A large spend on compliance activity though gives only the illusion of safety. According to a KPMG study on the future of compliance a while back, most companies for example rely on the 3-Lines of Defence’ model, with clear demarcations between each line in the management of risk:
- First line: Business line management
- Second line: Risk and Compliance functions
- Third line: Internal Audit
This may keep leaders happy, knowing they are meeting minimum standards. Yet this seldom offers real security. Much of the money is in fact wasted. This applies across most large UK and US organisations.
As another global consultancy puts it rather dramatically, the money spent on compliance is
…potentially being poured into a black hole and will not deliver value
Despite an army of compliance staff and high-tech detection schemes, some senior leaders are rightly starting to view the results with growing scepticism. The more alert wonder: “What are the benefits?”
They question both the quality and value for money from the spending. First, most spending merely makes sure the company does not fall foul of laws and regulations. For examplSuch efforts though are routine and mechanical— box ticking or going through the motions.
For example, in financial services it’s often about protecting customer’s credit details, meeting data protection laws, following the European Union Privacy Directive, and so on.
These mainly rely on geek stuff– such as secret ways to protect data. None of it though comes cheap. Meanwhile, there are signs of something less reassuring.
Current research finds over half of those in financial services say adhering to ethical standard inhibits their career progression. So despite the money spent on chasing compliance this is not likely to lead to a steady flow of human intelligence about possible ethical breaches.
The second culprit undermining compliance efforts is the low level of employee engagement in so many companies. For example UK, government studies show fewer than one in three employees feel engaged at work.
It’s much the same in the US where Gallup’s 2012 State of the American Workplace report found similar poor employee engagement levels.
Think of it! Two out of every three employees don’t feel involved. Nor are they enthusiastic, about their work.
This has serious implications for compliance. Such employees will seldom, if ever, willingly warn their company about likely disasters, including breaches of codes and regulations.
Such employees will seldom, if ever, willingly step forward and warn their managers about likely ethical disasters.
For example, in the various UK banks, more than just a couple of people knew about the Libor rates swindle. Yet seemingly no one from the ranks stepped forward to warn top management something was amiss. And if they do come forward to warn of ethical dangers, the reality is they can expect mainly negative personal results, including retaliation and even job loss.
What then are the lessons from the dual evidence of reports on failed compliance and the lack of employee engagement now so rife? ?
Lesson 1: Leaders must focus more on essential integrity– encouraging behaviours which reflect espoused values.
Lesson 2: No matter how much is spent on compliance activity it’s no substitute for listening to employee voices and views.
Lesson 3: Those inhabiting the C Suite must learn to value the importance of employee engagement far more and grasp how it’s achieved.
Until these lessons are learned, the money will go on pouring down the compliance drain.
Andrew Leigh is author of Ethical Leadership, published by Kogan Page, 2013, and writes a blog at www.ethical-leadership.co.uk