SCCE Official Site...Compliance & Ethics Vol. 8 / No. 5 Professional 10-11 / 2011 Top sTories inside...

Compliance & EthicsVol. 8 / No. 5

10-11 / 2011ProfessionalTop sTories inside

8 The seven biggest mistakes companies make that erode ethical culture and destroy reputation

20 Culture and values: Driving innovation in ethics and compliance

24 Understanding the compliance risks of deemed exports

34 The “why” of misbehavior: Recent advances in behavioral business ethics

42 In the Spotlight: Alex Brigham, executive Director of the Ethisphere Institute

Meet Paul FiorelliCo-Director of the Cintas Institute for Business Ethics at Xavier University

Society of Corporate Compliance and Ethics

Course OverviewYou are assigned to conduct an internal investigation. The facts are unclear and you are not sure who is telling the truth — yet you must reach a conclusion. In this hands-on seminar, you will learn practical skills for investigating alleged misconduct and ways to balance the rights of the complainant and the accused while protecting the interests of your organization. Plus, you will learn how to minimize administrative burden while writing effective investigative reports.

In this two-day workshop, you will learn:n How to strategically investigate “he said/she said” allegations where

there are no eyewitnesses

n How to interview witnesses using a specific method that enables you to gather all relevant information

n How the laws have changed regarding investigations (e.g. — is it lawful to use social media in your investigation?)

n Techniques and questioning strategies you can use to determine whether a witness is lying

n The rules for searching an employee’s workspace, computer or personal belongings

n The appropriate standard of proof for imposing discipline

n What to include and not include in the report

n How to properly document credibility determinations and compile exhibits

n Privilege and confidentiality designations and who should see the report

n What documents to retain in the investigative file

Continuing Education CreditApplications have been filed with the Society of Corporate Compliance and Ethics (SCCE) for the in-person sessions*, the 7 Steps Webinar has been approved for 6.9 units and the Report Writing Webinar has been approved for 3.3 continuing education units toward Certified Compliance and Ethics Professional (CCEP) credit. Multiple state bar associations have approved our Investigation and Report Writing Seminar for Continuing Legal Education (CLE) credit.

*Our website will be updated when approval is received

2011 Dates and LocationsMay 4–5 ............................. New York

May 11–12 .................. Washington, DC

June 1–2 .............................. Chicago

June 9–10 .............................. Atlanta

June 15–16 ...................... Hartford, CT

September 21–22 .................. Houston

October 5–6 ......................... Chicago

October 12–13 ......................... Dallas

October 19–20 ..................... New York

November 2–3 ................. Los Angeles

WebinarsFor the webinars, the Investigations and Reporting Writing classes will be offered separately.

May 18–19: 7 Steps to Investigate Alleged Employee Misconduct

May 25: Writing Comprehensive Investigative Reports

October 26–27: 7 Steps to Investigate Alleged Employee Misconduct

November 1: Writing Comprehensive Investigative Reports

December 7–8: 7 Steps to Investigate Alleged Employee Misconduct

December 14: Writing Comprehensive Investigative Reports

2011 Seminar SeriesJoin us for our highly interactive, step-by-step seminar to learn practical skills for how to investigate and document allegations of compliance violations, fraud, harassment, discrimination, theft and other employee misconduct.

For details, visit: www.globalcompliance.com/seminar

7 Steps to Investigate Alleged Employee Misconduct– Now including: Writing Comprehensive

Investigative Reports!

Phone: 800-443-9037 n E-mail: [email protected]

C 100M 15Y 0K 25

C 60M 0Y 100K 5

C 0M 0Y 0K 100

R 16G 120B 176

R 99G 185B 70

R 0G 0B 0

SIZE1 inch wide

FONTAdobe Garamond Pro Small Caps, Bold

Global ComplianceGlobal ComplianceGlobal Compliance

View a detailed course outline, watch a video clip of the seminar, or register at www.globalcompliance.com/seminar

www.corporatecompliance.org 888 277 4977 +1 952 933 4977 Oct/NOv 2011 ComplianCe & ethiCs professional 3

Contents oCtober/november 2011

4 Demonstrating the effectiveness of your compliance and ethics programs By Scot McLeod

Creating and maintaining a dynamic body of evidence of compliance can ensure a continually audit-ready company.

8 The seven biggest mistakes companies make that erode ethical culture and destroy reputation (CEU) By eric FeLdManhow companies can avoid common mistakes, reduce risk, and demonstrate due diligence, before a crisis.

14 Feature Interview: Meet Paul Fiorelli, Co-Director of the Cintas Institute for Business Ethics at Xavier University an interview By adaM turteLtauB

18 Letter from the CEO By roy SneLLfunding the ethics resource Center or concrete toilets, beetle mating habits, and sperm freezers

20 Culture and values: Driving innovation in ethics and compliance By FriSo van der oord

aligning core values and day-to-day operations requires continuous effort, but the strategy is vital to every phase of a business operation.

24 Understanding the compliance risks of deemed exportsBy anthony hardenBurgh

employers who hire foreign nationals must be especially vigilant about protecting sensitive technologies and source code that has military and civilian applications.

28 The human factor in compliance: Strategies for reducing human error (CEU) By Mary-JaMeS (JaMi) younga look at the types of common errors and how proactive management of errors can mitigate risks.

34 The “why” of misbehavior: Recent advances in behavioral business ethics (CEU) By JaMeS MeachaM

how biases, blind spots, and dodgy decision-making add to our compliance challenges.

42 In the Spotlight: Alex Brigham, Executive Director of the Ethisphere InstituteBy adaM turteLtauB

46 new Sec whiStLeBLower ruLeS, eFFective auguSt 12, 2011

By charLeS g. MiLLer

Companies will need to do more to encourage internal reporting of wrongdoing, or whistleblowers may be tempted by bounties to report directly to the seC.

50 Kill all the lawyers: A good first step? By Frank navran

When everyday transactions are governed by attempts to legislate common sense, have the lawyers gone too far?

54 What the US government can do to assist US companies with respect to transnational corruption By kathryn nickerSona wealth of resources are available to help small and medium sized Us companies do business in foreign countries.

65 Newly Certified CCEPs

66 Global Compliance: Egypt By gregory unruh and Fernanda arreoLa

Corruption and terrorism are just two of the factors to consider before doing business at the crossroads of the middle east and africa.

70 New SCCE Members.

Meet Michael Samonas, Esq. continued from page 4

4 ComplianCe & ethiCs professional Oct/NOv 2011 888 277 4977 +1 952 933 4977 www.corporatecompliance.org

With expanded regulations going into effect in many indus-tries, organizations must not only show that they have compliance and ethics programs in place, but be capable of demonstrating that their programs are actually working. The regulatory scrutiny of such programs is shifting from a focus on policies, procedures, and retrospective audits, to proac-tive measures of effectiveness and desired results. Many regulated organizations now seek to imple-ment measurements that will help them demonstrate the effective-ness of their compliance and ethics programs.

With heightened expectations of governance and transparency, financial services and healthcare industries are at the forefront of this regulatory compliance evolu-tion. Regulators are increasingly working to prevent organizations from “going through the motions” of compliance and instead requir-ing them to proactively show the substance behind their programs.

As a result of reform legisla-tion passed in 2010, financial services firms are increasingly

concerned about new whistle-blower provisions and their potential impact. Whistleblower allegations, motivated by “bounty hunter” payments from enforce-ment agencies, are likely to grow significantly as a result of the pend-ing new regulations. For example, when the reform laws are finally enacted, if a whistleblower claims that a bank has violated privacy laws, the investigators will exam-ine the claim and, if they discover that it is valid, the whistleblower will receive a percentage of the fine levied upon the bank. A con-cern in the industry is that due to these financial rewards, rather than calling an internal company hotline to report a suspected issue, whistleblowers will call a regulator instead. The regulator may in turn demand evidence of an effective, established compliance program from the organization.

There are several guidelines and tools available for organi-zations to use as they strive to demonstrate the effectiveness of their compliance programs. The most commonly cited resource is the list of seven elements of

effective compliance and ethics programs that were revised in 2010 by the United States Sen-tencing Commission1 when they modified the Federal Sentencing Guidelines. These provisions set forth the attributes of effective compliance and ethics programs.

There are also tools and check-lists available for self-assessment that often build on these seven elements, adding specific assess-ment questions for each of the elements. One of these is the Com-pliance Program Assessment Tool published by the New York State Office of the Medicaid Inspector General Bureau of Compliance.2 This is one of the first such tools to be made available to healthcare organizations, and other such tools are on the way, including a

Demonstrating the effectiveness of your compliance and ethics programsBy Scot McLeod

Scot McLeod


continued on page 6

pending self-assessment guideline from the Centers for Medicare and Medicaid Services.3

Many of these tools provide a framework for organizations to get their compliance “ducks in a row.” For example, the New York State tool includes a series of questions about the organi-zation’s compliance program, and after each question, asks the responder to answer “yes” or “no” and include information about the evidence of compliance (for a “yes” response) or action required (for a “no” response). By reminding the responder to provide evidence or next steps, the tool reinforces the idea that evidence is a critical step in demonstrating effectiveness.

For any compliance self-assessment, facilitated by the use of one of these tools or some other means, the depth and timeliness of the evidence is critical to suc-cess. For instance, let’s consider a common process, such as man-aging the code of conduct for an organization. In our example, we’ll look at various techniques, progressing from very basic and potentially high-risk, up through highly effective approaches that offer increased protections and the potential for reduced sanc-tions and fines that may result from audits and reviews. 1. At the most basic level, a reg-

ulated organization should publish a code of conduct and revise it periodically. How-ever, if this is the extent of the

organization’s management of the code of conduct, an audit or review is likely to identify significant deficiencies, leav-ing the organization exposed to the possibility of maximum penalties in terms of fines and sanctions.

2. Taking the next step, the orga-nization should distribute the code of conduct directly to all employees and collect attesta-tions indicating that the code has been read and understood. Any compliance gaps identi-fied should be remediated, possibly through enhanced training. Going to this level is certainly an improvement, but may still leave an auditor wanting to know how the orga-nization knows that employees really read and understood the code of conduct.

3. Going a step further, the employee attestations could also include subject matter questions with scored results, allowing compliance officers to make an objective assess-ment of each employee’s understanding of the code of conduct. As sub-par scores are logged, remediation tasks can be initiated, completed, and logged. This approach pro-vides a more compelling body of evidence showing that the organization is proactively focused on assessing the effec-tiveness of the code of conduct using quantified measures.

4. Having the ability to log, investigate, and track any incidents related to the code of conduct, and monitor for recurring issues or trends that might require corrective actions, can also contribute to the body of evidence of a com-mitment to compliance.

5. Additionally, having the ability to make this evidentiary infor-mation available to auditors in a well organized, easily acces-sible manner is also important. Maintaining time-based snap-shots of this information can allow organizations to demon-strate the effectiveness of their compliance programs for any point in time.

Producing the evidence of compliance is typically the great-est challenge for an organization. This requires a determination of what the evidence needs to be, how the organization will monitor it, and how often to update it so the organization has the ability at any point in time to say, “Here’s the evidence that we have in place now, and here’s the evidence of the system that we had in place during the time period in question.”

Some may wonder why orga-nizations would need to maintain this historical information. When a whistleblower submits an alle-gation to the government, due to bureaucracy or work backlogs, it can take regulators months or even

Effective ethics and compliance trainingBy thomas Fox


Demonstrating the effectiveness of your compliance and ethics programs continued from page 5

years to come to the organization with the claim of a compliance or ethics breach. It is critical that the organization have the ability to look back to the time frame in question and say, “Here are the regulations that were in effect at that time, and here is the evi-dence of what we were doing to comply with those regulations.” This information must be pro-vided accurately, consistently, and confidently to the regulators in order for it to be effective—even if the whistleblower’s allegation is upheld.

No compliance program can prevent every potential issue, but if the organization can show that they were doing the right things, with a true intent of preventing issues, it could result in reduced fines and sanctions. An organiza-tion is likely to incur higher fines and sanctions, as well as a higher likelihood of negative publicity, if they were found to be in violation of regulations and they were doing nothing or the bare minimum to prevent issues and ensure the effectiveness of their compliance program. From the perspective of the board of directors for many organizations, the ability to dem-onstrate the effectiveness of their compliance programs is viewed as a critical component in the protec-tion of the organization’s brand.

For most organizations, relying on manual means to dem-onstrate the effectiveness of their compliance programs is virtually

impossible and usually problem-atic. Organizations in regulated industries should consider auto-mating their processes with a “compliance system of record,” allowing them to confidently and consistently demonstrate the effectiveness of their compliance programs. Even if the organiza-tion is following its own checklist or one that is already in existence, the seven elements of effective compliance and ethics programs, stemming from the Federal Sen-tencing Guidelines, should be closely examined: 1. Establish policies, procedures,

and controls 2. Exercise effective compliance

and ethics oversight 3. Exercise due diligence to avoid

delegation of authority to unethical individuals

4. Communicate and educate employees on compliance and ethics programs

5. Monitor and audit compli-ance and ethics programs for effectiveness

6. Ensure consistent enforcement and discipline for violations

7. Respond appropriately to inci-dents and take steps to prevent future incidents

1. Establish policies, procedures, and controls

Organizations must estab-lish standards, procedures, and controls to prevent and detect unethical conduct. According to the guidelines, these standards

of conduct and internal controls should be reasonably capable of reducing the likelihood of mis-conduct. The standards should be incorporated into a written code of conduct that enables audit sys-tems and other procedures to have a reasonable chance of preventing and detecting wrongdoing.

2. Exercise effective compliance and ethics oversight

Organizations must involve multiple layers of management in the compliance and ethics pro-cess, with the goal of ensuring the effectiveness of the programs. Designated individuals in each management level must be appro-priately knowledgeable of the program. The “tone at the top” of the organization is important, but if the “tone in the middle” is broken, the marching orders from the top cannot succeed. Guide-lines should impose specific duties on various levels of management, including the board of directors, senior management, and individ-uals with primary responsibility for the compliance and ethics programs.

3. Exercise due diligence to avoid delegation of authority to unethical individuals

Organizations must use reasonable efforts to avoid delegating substantial authority to individuals who have a history of engaging in illegal activities or other behavior inconsistent


with an effective compliance and ethics program.

Many organizations are increasingly more reliant on third parties to handle a variety of out-sourced operational functions. Outsourcing functions that are beyond an organization’s core strengths makes good business sense; however, organizations must also use proper safeguards to ensure they are dealing with reputable and ethical businesses because they cannot outsource their liability along with the opera-tional functions.

4. Communicate and educate employees on compliance and ethics programs

The organization must take reasonable steps to communicate its standards, procedures, and other aspects of the compliance and ethics programs periodically and in a practical manner through-out all levels of an organization, including senior management and the board of directors.

5. Monitor and audit compli-ance and ethics programs for effectiveness

Organizations must ensure that their employees adhere to their compliance and ethics pro-grams. They must also create mechanisms for auditing and reporting on the effectiveness of the programs.

6. Ensure consistent enforce-ment and discipline of violations The guidelines indicate that organizations should consistently promote the value and impor-tance of compliance and ethics programs. Organizations should reward those actions that dem-onstrate adherence to an ethical culture, and discipline indi-viduals who fail to adhere to the organization’s ethical standards.

7. Respond appropriately to incidents and take steps to prevent future incidents

The guidelines require that organizations take appropriate investigative actions in response to suspected compliance and ethics violations. Organizations should also take appropriate steps to preserve the confidentiality of investigations.

With a “compliance system of record,” policies, assessments, audits, incidents, investigations, and corrective action plans can be linked back to applicable laws and regulations to create a dynamic body of evidence of compliance and ensure a continual audit-ready state for the organization.

As a result of the United States Sentencing Commission’s modifi-cations to the Federal Sentencing Guidelines, organizations should establish compliance and ethics programs rooted in these guidelines and evaluate existing corporate

compliance and ethics programs to ensure that they conform. By establishing effective compliance and ethics programs and satisfying the requirements in the guidelines, organizations are eligible to receive benefits, such as reduced fines, reduced sentences, or deferred pros-ecution. Aside from the benefits of reducing the likelihood and sever-ity of civil enforcement actions, establishing an effective compli-ance and ethics program makes good business sense and can enable organizations to better protect their corporate brands by reducing the likelihood of bad events and mini-mizing the consequences, should they occur. UNotes:

1 U.S. Sentencing Commission Guidelines Manual, Chapter 8. Available at http://www.ussc.gov/guidelines/index.cfm.

2 Assessment tool available at http://www.omig.ny.gov/data/images/stories/compliance_alerts/document3-compliance_alert7.pdf

3 Please check the CMS website at http://www.cms.gov/home/regsguidance.asp for current updates.

Editor’s note: Scot McLeod is a Vice President at Com-pliance 360, a leader in the GRC industry, in Alpharetta, Georgia. He is responsible for marketing and corporate communications, and has more than 20 years experi-ence in the software industry. Scot can be contacted by e-mail at Scot.McLeod@ compliance360.com.

mailto:[email protected]




You can’t pick up a newspa-per or turn on the television news today without hearing yet another disturbing story about corporate fraud in all its forms: bribery, gra-tuities, kickbacks, false claims, violations of the Foreign Corrupt Practices Act (FCPA), and even illegal corporate wiretapping of private citizens. Most of these sto-ries begin with a rogue company employee, manager, or execu-tive who violates the rules of the road, followed by a whistleblower reporting the “crime” to the Secu-rities and Exchange Commission (SEC), the Department of Justice (DOJ) or a federal/state Office of Inspector General. A subsequent federal or state investigation leads to government prosecutions of both the employee and the com-pany, followed by lengthy and costly litigation. The DOJ, SEC, or other agencies then demand settlements or fines in the mil-lions or hundreds of millions of dollars, forcing the company to sign a consent decree admit-ting responsibility and accepting years of monitoring and reporting requirements.

The end result is usually disastrous for companies and the people that run them: financial losses that can cripple a company’s future; the tanking of corporate and product reputation that took years, even decades to build; ero-sion of stock prices; and the loss of jobs in an already weak economy. It is at this point in the process that most companies just begin to take action, usually in the form of damage control and crisis management.

The truth is that, in most cases, the most severe conse-quences of corporate ethical lapses can be mitigated, even avoided, by proactive care and feeding of a company’s ethical culture. Even small companies can afford to invest in several very simple steps to demonstrate to stakeholders and government regulators that their commitment to ethics and integrity is real, pervasive, and unwavering. Unfortunately, with all of the pressure surrounding business performance these days, the elements of an ethics program often take a back seat until a crisis

blows up—when it’s too late to “put the genie back in the bottle.”

The following is a list of the most frequent mistakes companies make by failing to build in the elements of a credible ethics and compliance program into their business process. Avoiding these mistakes, employing time-tested risk reduction strategies, and demonstrating due diligence and a strong ethical culture in advance of the inevitable crisis can make the difference between a bump in the road or quicksand when the government comes knocking at the door.

1. Put the Code on the shelf A corporate code of busi-

ness ethics and conduct, or the “code of conduct,” is not a refer-ence handbook, like a dictionary, which contains the list of “thou shalt nots” that can be stored on the shelf in the unlikely event that someone might need to look at it sometime down the road. Nevertheless, bookshelves of many Fortune 100 companies all over America are cluttered with nice, glossy Code booklets with

The seven biggest mistakes companies make that erode ethical culture and destroy reputationBy eric Feldman


continued on page 10

bindings intact and inches of dust. An effective code of conduct is the living manifestation of a compa-ny’s core values. It identifies the company’s ethical expectations of its employees in a variety of areas, communicates the CEO’s personal priorities and commit-ments to ethics and integrity, outlines the most common rules and regulations that are applica-ble to their unique business areas, and lays out the consequences of employee failure to adhere to these rules. Most importantly, it should provide the framework for good ethical decision making by both new employees and veterans, it can be applied to virtually every situ-ation, and it provides numbers for employees to contact when there are doubts about which path to take.

The code of conduct should also form the basis for company ethics training, and be used and referenced in staff meetings, from the boardroom to the mailroom. It needs to be regularly updated to reflect constantly changing laws, regulations, business practices, and new markets, and be included in annual tests of employees’ ethics knowledge. I know of one company that attempted to use its code of conduct as a defense of its ethical culture when an employee took bribes from a subcontractor and passed the cost of the bribes along to the government as “overhead.” The company said that the employee was a “rogue actor” in

an otherwise stellar ethical culture, as supposedly demonstrated by their glossy code of conduct. When asked by prosecutors about the last revision of the Code, the company sheepishly admitted that it hadn’t been updated in six years. The company was subsequently prosecuted for submitting a false claim.

2. Ignore the culture There is a lot of confusion

these days between the terms “ethics” and “compliance” and many businesses think they are one and the same. They are not. “Compliance” refers to adherence to laws, rules, and regulations. It is the “floor” of behavior, the very minimum the government expects a company to honor as it goes about its business. “Ethics” is the set of guiding principles and core values that guide a company’s (and its employees’) behavior and deci-sion making, and is often a higher standard than what is laid out in the law.

Companies that focus solely on compliance ignore the ethi-cal culture of their organization, often at their own peril. Ethical culture, loosely defined, refers to “how things are really done around here” versus what is in the manual. It is the employees’ perception of what their bosses expect and what they will really do under different circumstances. For example, although the com-pany may talk a good line about

ethics and integrity and officially denounce the giving of gifts or gratuities to “facilitate” contracts, the culture may value production and reaching quarterly financial goals over the prohibition of gifts and payments. According to the Ethics Resource Center, the state of a company’s ethical culture is a key determining factor that drives the amount of employee miscon-duct within a company.1

Ethical culture can be readily assessed through the administra-tion of simple employee cultural surveys at regular intervals (every other year is recommended). Survey areas can include employee perceptions of ethics and integrity at the executive, middle man-agement, and supervisory levels; employee comfort level with reporting observations of code of conduct violations; employee fear of whistleblower retaliation; overall knowledge of the content of the code of conduct and other aspects of the ethics program; and perception of the strength of internal controls. These sur-veys can be benchmarked against other companies to help determine where your company stands, and the results (and trends from year to year) can help form the agenda for constant improvements to the ethics and compliance program.

A sound ethical culture is viewed as a key to avoiding cor-porate scandal, safeguarding a company’s reputation, and



The seven biggest mistakes companies make that erode ethical culture ... continued from page 9

sustaining brand value. This requires the investment of time and attention, not necessarily a heavy investment of resources. A study on ethical culture by the Woodstock Center at George-town University said it best: “An ethical corporate climate is either developing or deteriorating, enriching itself or impoverishing itself. It needs constant care and attention.”2

3. Worship the GPACompanies often pride them-

selves on extensive recruitment programs that focus on hiring only the best and the brightest from the nation’s finest academic institu-tions. Their recruitment focuses on student grade point averages (GPAs), extracurricular activities, past work experience, and how much they impress the recruiter during the on-campus interview.

Unfortunately, recent studies of student cheating in high school, college, and graduate school show a disturbing and fundamental shift in the values of the nation’s emerging workforce. One recent study revealed that 78% of high school students admitted to cheat-ing; another found that the highest percentage of college cheaters was in the field of business, where 75% admitted they had cheated to get into MBA programs. This data represents a 360-degree shift from similar studies done 20 years ago. Students acknowledged a belief that the “ends justify the means”

in both school and the business world—a perspective which they have unfortunately gleaned from Wall Street foibles over the last several years.

Companies that fail to recog-nize this fundamental difference in the worldview of newly hired employees do so at great risk of getting burned. For example, the Gen X and Gen Y view of “infor-mation” is that it is a commodity that ought to be freely shared via the Internet and social media; this often flies in the face of corporate policies that restrict the flow of information deemed to be pro-prietary. The Gen X and Gen Y view of the workplace is also fun-damentally different; the growth of technology has created work-place mobility where employees feel they don’t need to be tied to a desk from 9 to 5 to do their jobs effectively. Nevertheless, compa-nies with government contracts are subjected to strict, timeclock-type cost charging, which I have seen create serious conflicts within their younger workforce. Problems with résumé credibility, although by no means limited to the new generation of workers, have also taken on a new dimension in a highly competitive job market.

All of these generational prob-lems can be effectively addressed through proactive steps designed to ensure that new hires under-stand their company’s ethical and behavioral expectations when they walk through the lobby doors.

These steps include comprehensive new-hire ethics and compliance orientation; annual values-based ethics training; an effective system of rewards and sanctions; and leadership commitment/tone at the top that inspires employees to do the right thing. In the words of Warren Buffet: “In looking for people to hire, you look for three qualities: integrity, intelligence, and energy. And if you don’t have the first, the other two will kill you.”3

4. Let money talkEven the most ethically com-

mitted of companies can make the mistake of developing their systems of rewards, including executive and staff compensation and bonuses, completely indepen-dent of their ethics and integrity objectives. The result: a system of perverted incentives that focuses solely on financial performance to the exclusion of any other corporate value or objective. As a result, employees hear the usu-ally unintended message that they will meet their quarterly financial goals, no matter what they have to do to achieve them. If employees perceive that their jobs may be on the line, or that elusive promotion hangs in the balance, the compa-ny’s ethics and integrity objectives seem a bit more academic and “advisory” in nature.

Companies with world-class ethics and compliance programs have “broken the code” in this



area. Some have developed specific ethics and integrity goals that are given equal weight in employee and manager performance appraisals and bonus decisions. The CEO of one company I vis-ited meets with each business unit vice president (VP) on a monthly basis, reviewing not just finan-cial performance, but requiring each VP to discuss how he/she has executed the ethics program in their organization. At another company, all VP candidates must be vetted through the Ethics and Business Conduct Office; their active support and performance in maintaining corporate ethics and integrity is a factor considered in the promotion decision.

The most effective compa-nies have also created a buzz surrounding their ethics pro-grams, rewarding or recognizing employees for extraordinary com-mitments to ethics. Some will privately reward whistleblowers (they often prefer to avoid public recognition) by a private lunch with the CEO. Others give out an annual integrity award at a special event that recognizes good ethical decisions, even those that may compromise financial goals. Recognition of employee contribu-tions for “doing the right thing” can be an even more powerful motivator than money. The com-pany will ultimately profit as well. According to Ethisphere Insti-tute, companies with highly rated ethics and compliance programs,

which include leaders and com-pensation systems that regularly reward ethical behavior, have financially outperformed virtu-ally every market index over the last ten years.4 Companies that nurture a robust ethics program that is viewed as credible by their workforce are also more success-ful at channeling the tremendous internal and external pressures to perform that employees feel during today’s economic turmoil.

5. Do as I say, not as I doSome companies believe that

the CEO message on the inside cover of the corporate code of conduct is enough to demonstrate leadership commitment to run-ning the business in an ethical manner. Add a videotaped mes-sage at the annual ethics training, and perhaps an article or two in the company newsletter, and the company has received the ethical equivalent of the polio vaccine, right?

Not so fast. Studies have shown that leadership commit-ment and a demonstrable “tone at the top” are essential pieces of cre-ating a strong ethical culture that prevent employees from making bad decisions that can put a com-pany at risk. What leaders say or don’t say, and what they actually do, can either create confidence and trust, or foster mistrust, cyni-cism, or indifference—factors that erode the ethical culture. A few years back, a major Fortune 100

defense contractor settled charges of Procurement Integrity Act vio-lations by paying a large fine and agreeing to a revised code of con-duct and a strengthened ethics and compliance program. Just as they were “selling” this new pro-gram to the large employee base and hoping to shift the ethical culture of the company, it was revealed that their married CEO was having a personal relation-ship with his secretary—a clear violation of the Code. The CEO was removed by the board, but the impact on the workforce’s perception of corporate integrity, and the devastating impact on the company’s ethical culture, is felt to this day.

Leadership commitment to the principles laid out in the code of conduct is watched by employ-ees, day in and day out. In fact, “mood in the middle” may be even more important than “tone at the top”, because most employees view “leadership” as their immediate supervisor. Studies have shown that an employee’s immediate work group of 25 or less impacts their workplace behavior and ethical decision making in a much more fundamental way than what hap-pens in the “C suite.” In fact, 40% of employees who voluntarily leave their companies do so because of their immediate supervisor.

The most effective CEOs take every opportunity to address business matters in the context of



The seven biggest mistakes companies make that erode ethical culture... continued from page 11

the company’s core values, which often include a commitment to ethics and integrity. This includes staff meetings, speeches, employee gatherings, holiday celebrations, etc. CEOs must constantly remind senior managers and employees alike that they are expected not only to follow all laws, rules, and regulations, but to make deci-sions that they would be proud to share with their families, friends, and local newspapers, regardless of whether or not those decisions maximized revenue. CEOs and other senior leaders must also follow through on sanctions for those employees who violate the code of conduct—regardless of rank or position, financial con-tributions to the company, etc. A CEO who allows the mail clerk to be fired for stealing petty cash, while giving the Assistant VP for Marketing a “slap on the wrist” for improper client billings because he’s in the middle of putting together “a really big deal,” has essentially abdicated his credibil-ity and invalidated the company’s commitment to integrity.

6. Ethics in the cornerNothing says “This isn’t really

important” more than creating a company ethics officer posi-tion and placing it down in the bowels of the organization chart. Recent amendments to the Federal Sentencing Guidelines for Organi-zations allow credit only for those corporate ethics and compliance

programs where the chief ethics and compliance officer (CECO) has a direct reporting responsi-bility to the board and the CEO. Establishing a CECO position with responsibility and author-ity commensurate with the other company business units makes Ethics and Compliance a force equivalent to that of Sales, Mar-keting, Finance, or Legal.

I visited one company a few years back to conduct an assessment of their ethics and compliance program. The CEO asked me to brief the senior leader-ship team about my review at their weekly Monday morning meeting. I agreed, and said I was looking forward to meeting the company CECO at the meeting. He look puzzled, and asked if I wanted him to invite the CECO to that meeting. It turns out that the CECO was not a member of the senior leadership team….not even close. The CECO was not present when key business matters were proposed, debated, and decided upon. How, then, was ethics con-sidered as an integral part of the company’s business process? In fact, it was not. The Ethics Office was created as a result of a previ-ous consent decree, and although the company was “in compliance” with the letter of the agreement, it certainly was not changing the ethical culture of the organization.

The most effective compa-nies follow several key principles

when establishing their CECO positions: • Accountability to appropri-

ate authority for fiduciary responsibility;

• Independence to raise matters of concern without fear of reprisal or conflict of interest;

• Authority to have decisions and recommendations taken seriously; and

•Connection to company opera-tions, to build an ethical culture and enforce standards.

7. Shoot (or ignore) the messenger

The 2009 National Business Ethics Survey found that almost 40% of employees who witnessed misconduct in their companies failed to report it to the appropri-ate company authorities. A similar percentage of employees indicated that they feared retaliation, such as being demoted or fired, if they came forward with allegations of misconduct. Others didn’t report because they had little faith that their company would do anything about it.1

So, despite the widespread use of anonymous reporting hotlines, anti-retaliation policies, and robust corporate investigatory capabili-ties, company employees are still remaining silent about fraud and misconduct thriving in their orga-nizations. In essence, corporate ethics and compliance programs often don’t have credibility in the eyes of these employees.



Why does this matter? Most allegations of fraud, in both public and private organizations, result from employee tips. In essence, employee whistleblowers constitute the eyes and ears of the corporation. Without these tips, the company is operating blind, and is likely to be blindsided later as the fraud becomes larger and more widespread. According to the Association of Certified Fraud Examiners (ACFE) 2010 Report to the Nations on Occupational Fraud and Abuse, companies with an effective, credible anonymous hotline suffered 60%t lower median losses due to fraud, and the duration of the fraud schemes were 35% shorter than at companies without an effective hotline program.5

If a hotline is going to be credible, it needs to (1) ensure anonymity (if requested), (2) provide confidentiality, and (3) result in demonstrable company actions in response to the allegations. At one company I recently visited, I asked about whether the company had an anonymous reporting process. I was told that they did indeed have a hotline. I then asked about the activity (how many allegations, how many requests for assistance, etc.). Company officials “proudly” reported that the hotline had received no calls—zero during the previous year. They (erroneously) thought that this metric demonstrated the strength of their ethical culture. I then asked who

answered the phone. Turns out, the hotline was answered by the security director, who was well known by the employees. If this wasn’t bad enough, the phone had caller ID capability that was not disabled. Thus, the mystery of the unused hotline was solved.

A new sense of urgency to the hotline credibility problem has surfaced this year, with imple-mentation of the whistleblower provisions of the Dodd-Frank Wall Street Reform and Consumer Pro-tection Act. This legislation created awards of 10%–30% of monetary sanctions for whistleblowers who report their concerns directly to the SEC with information leading to securities law enforcement actions that recover more than $1 million. In essence, Dodd-Frank places cor-porate ethics programs in direct competition with the SEC for employee loyalty and trust, further increasing the risk of severe com-pany losses to both their reputation and their bottom line.

Credibility is the name of the game for corporate ethics and compliance activities. The hotline is, in many ways, the centerpiece of the ethics program, serving as a bridge between the employee and the company in bringing forth allegations of wrongdoing, ethical concerns, or even questions regarding an ethical dilemma and the various options available. Companies that retaliate against employees for taking the time to bring information to the company,

or that ignore employee concerns, do so at their own peril.

ConclusionAlthough any of these mis-

takes can create enormous risks for a company, the good news is that those risks can be miti-gated, even avoided, by creating a business ethics and compliance program that includes seven basic principles: 1. Demonstrated leadership

commitment and tone at the top;

2. A corporate focus on regularly assessing, and improving, the ethical culture;

3. A CECO who is properly placed in the organization and has the authority and resources to do the job;

4. A comprehensive, dynamic code of conduct that provides the framework for good ethical decision-making by employees on a day-to-day basis;

5. A values-based ethics train-ing program that goes beyond compliance with the law and focuses on both entry-level hires and senior executives;

6. A system of rewards and sanc-tions that equalizes financial and ethics/integrity objectives; and

7. An anonymous hotline that earns the credibility of employees through corporate action. U


Meet Paul Fiorelli

Co-Director of the Cintas institute for business ethics at Xavier University an interview by adam turteltaub

AT: You had an interesting introduction to the hands-on world of compliance—straight into the US Sentencing Commis-sion. How did that come about?

PF: I began teaching legal studies in business in 1983 and starting researching and writing about white-collar crime. I was tenured in 1988, just after the Fed-eral Sentencing Guidelines [FSG] were passed, and I wrote a few law reviews about them. My real inter-est in compliance and ethics took off after the Chapter 8 Guidelines were passed in 1991, and much of my research since then has dealt with these issues. To further my research, I applied to be a Supreme Court Fellow, with the hopes of working at the US Sentencing Commission. I was selected to work at the Commission from 1998-1999. During my Fellowship year, my boss and mentor, Paula Desio, encouraged me to pursue my interest in Chapter 8.

AT: It must have been a fas-cinating introduction. What did you find most surprising about the Commission’s work?

PF: People joke about things being “good enough for gov-ernment work.” I found that this could not be further from the truth. My friends and col-leagues at the Sentencing Com-mission, especially Paula, were hard working and dedicated to Sentencing Reform. I was a little surprised that even though Chapter 8 almost single hand-edly created our current corporate ethics and compliance industry, it seems to be a small part of the Sentencing Commission’s mission. Various Commissioners have been passionate about Chapter 8, but overall the Commission is, right-fully so, focused on Congressional mandates.

AT: You stayed involved with the Commission and became a member of the Ad Hoc Advisory Group, which had a profound impact on the FSG. Looking back at the changes you recommended,

and that were ultimately made, have you been pleased with how compliance programs have evolved as a result?

PF: I’ve been very interested in the evolution of ethics and compli-ance programs. Chapter 8 has had a significant impact on corporate America, and how organizations view ethics and compliance. Before Chapter 8 became law, there were pockets of industries concerned with this question. The defense industry is a great example of a sector that took a leadership role in wrestling with what an effec-tive compliance program should look like. The Defense Industry Initiative provided a framework for Chapter 8. Also organizations like the Ethics Resource Center,

featUre intervieW



the Ethics and Compliance Offi-cer Association, the Health Care Compliance Association, and cer-tainly the Society of Corporate Compliance and Ethics have all played pivotal roles in advancing best practices within our indus-try. I was very pleased to be a part of the Ad Hoc Advisory Group, because we were able to take a very good program (Chapter 8), and make recommendations that could make it better.

AT: Are there any areas of disappointment?

PF: I wish the ethics and compliance communities could get more information from the Department of Justice [DOJ] about how important an effective ethics and compliance program is for Non-Prosecution Agree-ments or Deferred Prosecution Agreements. I won’t get into the specifics, but I once attended a panel discussion in which an Assistant US Attorney told the group that the DOJ recommended that a large organization receive a significant criminal fine reduction. Even though the company made a mistake, it cooperated with the investigation, accepted responsi-bility, and was considered to have an effective compliance program. The Assistant US Attorney even mentioned they had a press release to this effect. I was eager to see this and asked if I could have a copy of the press release, thinking this was exactly the kind of mate-rial the ethics and compliance

communities could use to confirm the importance of their programs. Unfortunately, when I received the press release, instead of focusing on the fine reductions because of the company’s compliance programs, it stated how the DOJ had pun-ished another corporate felon, with a huge criminal fine—another notch in the belt. I thought, what a missed opportunity. Now I understand the DOJ isn’t in the business of being a publicist for corporations that have had prob-lems, but a clear indication that organizations with effective ethics and compliance programs will be treated better than those without these programs would have helped our community immensely.

AT: The last round of changes to the FSG provided new incen-tives for compliance and ethics officers to have a direct reporting relationship to the board. What do you think of the change?

PF: The Ad Hoc Advisory Group looked at the position of the chief ethics and compliance officer [CECO], during our study from 2002 to 2003. We noticed that the CECO occupied different positions within different organi-zations. At some companies, the CECO had “a seat at the table.” She/he was an important part of the decision-making process. At other organizations, we were not sure whether the CECO was being taken seriously. We recommended the Sentencing Commission change the definition of an

effective program to prevent and detect violations to now include a compliance or ethics officer who did have appropriate author-ity, access to senior management and the board, and resources to carry out their mission. The 2010 amendment takes this one step further, but it deals with a different question. With the amendments, companies can still be considered to have an effective ethics and compliance program, even if a senior manager was involved in a violation, if the CECO had direct access to the board. I think this is a logical extension of what the Ad Hoc Advisory Group had hoped for, back in 2004.

AT: One of the consequences of the change and some recent settlements is that we are seeing a push to move Compliance and Ethics out of the General Coun-sel’s office. Many believe that the GC’s obligation to defend the company potentially creates a conflict of interest when manag-ing compliance. What’s your take on this issue?

PF: Overall, I’m not sure I agree with it. Many CECOs I know report directly to the company’s GC, oftentimes with excellent results. When the GC and CECO work as partners, there can be some excellent syner-gies. One tension can arise when it may appear that the GC and the CECO have different ideas about how much information should be



Meet Paul Fiorelli, Co-Director of the Cintas Institute for Business Ethics at Xavier University continued from page 15

transmitted to boards. CECOs may want to err on the side of full disclosure and transparency, while GCs may not believe every poten-tial issue needs to be brought to the board’s attention.

AT: But how do you work around that potential conflict if the GC is the CECO’s boss?

PF: That’s a little tougher, but regardless of where the CECO is housed or to whom she/he reports, there’s always a potential conflict. The question becomes: What does the CECO do when she/he encounters this type of conflict? Let’s assume the CECO was a co-equal to the GC and reported directly to the CEO, along with the Audit Committee. If the CEO disagrees with the CECO, how is this different from the CECO reporting to the GC, having the GC report to the CEO, and then having the CEO disagree? How strongly do you disagree with the CEO’s or the GC’s position? If you are passionate about the issue, you will use your position and political capital to escalate it to the board.

AT: Your interaction with the compliance and ethics com-munity is an unusual one. You’re not a consultant and haven’t been a compliance or ethics officer. Instead you teach and spend a lot of time with the community. Tell us a bit about your work.

PF: I’ve been very fortu-nate to have such a close working relationship with the Ethics and Compliance communities. I like

working with groups like SCCE, HCCA, ERC Fellows Program, ECOA [Ethics and Compliance Officer Association], DII [Defense Industry Initiative], PLI [Practicing Law Institute] and the Conference Board. I also enjoy working with companies and associations, either giving keynote addresses, or helping develop their ethics training. As an academic, these collaborations allow me to test my theories with practi-tioners. I try to bring these “battle tested” theories into the classroom, and hope they make me a better, more applied professor. There’s nothing I enjoy more than hearing a student say that something we discussed in class last week helped them in business this week.

AT: Invariably, discussions about compliance and ethics turn to a discussion about the attitudes of students and what is being taught in schools, particularly in business schools. How has the teaching of ethics and compliance evolved as a whole, and how do you personally address the issue of ethics in your teaching?

PF: I teach required courses, business law and values, in our undergraduate, graduate, and Executive MBA programs at Xavier University. We are a Cath-olic Jesuit university, and I’ve always been very pleased with how receptive students are to discuss-ing ethics. I try to weave ethics into as many lectures as possible. I also teach two graduate business electives dedicated to ethics: (1)

Business Ethics Through Film, and (2) International Ethics in London. In my Business Ethics Through Film course, we watch full-length movies (including Wall Street, Glengarry Glen Ross, Enron: The Smartest Guys in the Room, Inside Job, Syriana, The Informant, and many others) to discuss ques-tions dealing with greed, hubris, loyalty, pride, corruption, and stewardship. In my International Ethics in London course, grad stu-dents come to London over spring break and we have ethics briefings with companies including AIG, BP, British Telecom, Dunnhumby, and non-governmental organiza-tions, such as Privacy International and Transparency International.

AT: You just led a group of undergraduate students to the United Kingdom on a trip. Did they get any insights into the com-plexities of a global compliance and ethics program?

PF: Yes, but not always in the traditional sense. In addition to learning about the FCPA [Foreign Corrupt Practices Act] and employ-ment discrimination laws, we viewed ethics through many lenses. We attended Les Miserable, and I asked students to discuss strict legal compliance versus aspira-tional goals by comparing the two main characters – Inspector Javier and Jean Valjean. Javier represents a formalistic approach, similar to Immanuel Kant. Valjean represents the quality of redemption and the possibility of forgiveness. We also


went to the British Museum and discussed the controversy sur-rounding the Elgin Marbles from the Parthenon, and whether they should be returned to Greece.

AT: I understand you met with the compliance team from BP. That must have been fascinating. What can you share about the meeting?

PF: First off, the Ethics and Compliance community has been very generous with their time when they host my students. This has been repeatedly demonstrated by my colleagues at BP, Tom McCormick and Tim Langton. Both Tom and Tim are senior ethics officials at BP, and have given exceptional ethics briefings to my undergraduate and graduate students pre-, during, and post-Gulf oil spill. Since the spill, my students have come into the meet-ing expecting to dislike BP, but they have walked away with a dif-ferent impression of the company. Both Tim and Tom have been exceptionally candid about BP, mistakes made, and lessons learned. The company is humble, and real-izes the importance of listening to everyone, even “the quietest voice in the room.” I really like that con-cept, because human nature tells us we address the concerns of the “squeaky wheel,” but oftentimes it is these quiet voices that can be the eyes, ears, and sometimes the con-science of an organization.

AT: Do you have any predic-tions about the future of ethics and compliance?

PF: The Federal Sentencing Guidelines for Organizations have had a tremendous impact on the ethics and compliance commu-nities. Most large organizations now understand the importance of having a helpline (including whistleblower protection), a code of ethics, training, good internal controls, monitoring, and process reviews. These are all parts of the seven minimum requirements of an effective ethics and compli-ance program. Organizations need to do more than just check the box. Hotline – check. Code of ethics – check. Internal controls – check. While the seven minimum requirements are important, I don’t think they should be viewed as “the finish line,” but I do think they make an excellent starting point.

I think in addition to these seven minimum requirements, we need to focus on an organiza-tion’s corporate culture. Does an organization publically scold bad behavior, while at the same time incentivizing and rewarding it pri-vately? Do they merely check the boxes about these requirements, or do they live their values? I think companies need to define their cul-ture, then hire and promote those who fit into the culture. Only then will the organization truly realize the “value” of “values.” U

Editor’s note: This inter-view was conducted by Adam Turteltaub, Vice

President of Membership Development for SCCE. Paul Fiorelli can be contacted by e-mail at [email protected] and Adam can be contacted at [email protected].

Be Sure To GeT Your

CCeP CeuS

Complete the Compliance & Ethics Professional quiz related to the articles below:

The seven biggest mistakes companies make that erode ethical culture and destroy reputation—By Eric Feldman, page 8

The human factor in com-pliance: Strategies for reducing human error—By Mary-James (Jami) Young, page 28

The “why” of misbehavior: Recent advances in behavioral business ethics—By James Meacham, page 34

Ceu Credit ProcedureVisit corporatecompliance.org/quiz.Select a quiz, fill in your contact information, and answer the ques-tions. The online quiz is self-scoring and you will see your results almost immediately. Or, you may FAX or MAIL the completed quiz to CCB at SCCE. Questions? Please call CCB at +1 952 933 4977 or 888 277 4977. Please note that credit will be given only for quizzes received before the expiration date indi-cated on the quiz.






Funding the Ethics Resource Center or concrete toilets, beetle mating habits, and sperm freezersBy roy Snell

The Ethics Resource Center (ERC) is a 501(c)3 dedicated to the research and advancement of high ethical standards and practices in public and private institutions. In my 15 years of working in the Compliance and Ethics field, I know of no other non-profit organization more dedicated to, or more effective at, advancing business ethics. The fact that they have been doing this for 89 years is nothing short of astonishing. For the last 10 years, the press, the public, and the politicians have become fed up with workplace ethics. The ERC has had a 70-year jump on all of them and all of us. A lot of funding in this country goes to some very strange causes. I advocate for funding the ERC and, in particular, their National Business Ethics Survey.

The ERC has demonstrated astonishing foresight. Here is the great irony: Our country would rather fund the purchase of concrete toilets, turtle cross-ings, sperm freezers, and study the mating habits of beetles than

support the ERC. It is very strange that millions are spent on things so much less important than the work of the ERC. The ERC is an adequately funded organization; however, given the importance of their work and mission, we as a society could do much more.

A law recently passed allowed a group permission to issue bonds for the construction of an Arizona Diamondbacks training facility. We apparently think it’s more important to support a spring training camp for a baseball team than to support the advancement of ethical practices in business. Instead of supporting the fund-ing of an ethics organization, we support an organization that one might say is ethically challenged.

According to Wikipedia, the baseball commissioner’s office announced that it would suspend a Diamondback player for 50 games for violating baseball’s Joint Drug Prevention and Treatment Program, effective if he chooses to come out of retirement. He retired shortly after the story

broke. The Diamondbacks mascot was fired for a DUI, and ESPN reported that, just four days after the Diamondbacks introduced their new manager, he was fired, following revelations he had been arrested twice and struggled with financial problems. I believe that the ERC would probably suggest background checks prior to the employment of senior executives (and possibly mascots). Salem-news.com reported that police detectives in Salem, Oregon arrested a Diamondback minor league player on charges of rape in the third degree. He allegedly met the 15-year-old female victim following the baseball game at Volcanoes Stadium. The Washington Post reported that an Arizona Diamondback infielder was put on the restricted list without pay, a day after he was arrested for allegedly assaulting his wife. The Los Angeles Times reported a Diamondback player was arrested outside a Pittsburgh nightclub and charged with assaulting two women and

letter from the Ceo


punching a parking attendant. I’m guessing that after the first or second assault charge, the ERC would probably suggest education for all Diamondback employees. That is not all; a number of Diamondbacks have been caught stealing.... second base. Although it is not an ethical issue, it does indicate that they have need of a better decision-making process before they choose to steal. At a minimum, the Diamondbacks appear to struggle with hiring. Maybe they should hire the ERC.

Most of these reports are allegations against wrongdoing. My research of the Diamond-backs indicates that they seem to respond quickly and swiftly to wrongdoing. To their credit, they seem to be strong on discipline; however, they appear to be a little weak on prevention techniques. My guess is that it might be one of the better systems in baseball. Unfortunately, that is not saying much. The ERC promotes ethics in the workplace. The Diamond-backs play baseball and might be considered ethically challenged. This is so frustrating.

If you are in a position to sup-port the work of the ERC, I would suggest contacting them. Their president, Pat Harned, is one of the most dedicated and compe-tent CEOs I have ever met. The ERC is among our greatest unsung heroes. There are a number of ways to engage the ERC. If you are not impressed with the funding I have

mentioned, there is something you can do about it, and you can do it today.

What is more important: turtle crossings, mating habits, sperm freezers, or workplace ethics? I am sorry. I don’t get it. I don’t buy it. I don’t agree with it. If I were in a position of author-ity, I would immediately apologize and correct the problem. I would fund the ERC over any of these other choices. Our organization has worked with the ERC, and we would recommend them to any organization that is actively involved in analyzing and improv-ing workplace ethics. I would repeal the sperm freezer, beetle mating project, and the turtle crossing funding. I would fund the money to the ERC before I would fund most of this nonsense. I would specifically fund their National Business Ethics Survey. If you are interested in helping the ERC, I would contact Pat Harned at [email protected] or phone her at (571) 480-4422.

I will leave you with some other projects our society has decided to fund:• $1.15 million to install a guard-

rail for a persistently dry lake bed in Guymon, Oklahoma

• $9.38 million to renovate a century-old train depot in Lancaster County, Pennsylvania that has not been used for three decades

• $6 million for a snow-making facility in Duluth, Minnesota

• $356,000 for Indiana University to study childhood comprehen-sion of foreign accents compared with native speech

• $3.1 million to transform a canal barge into a f loating museum that will travel the Erie Canal in New York state

• $1.3 million on government arts jobs in Maine, including $30,000 for basket makers, $20,000 for storytelling, and $12,500 for a music festival.

All funding projects discussed in this article were reported by the Washington Examiner. U

If you have any questions that you would like Roy to answer in future columns, please e-mail them to: [email protected].

Compliance & ethics ProfessionalConTACT [email protected]

+1 952 933 4977 or 888 277 4977 (ph)

+1 952 988 0146 (f )

Society of Corporate Compliance and Ethics 6500 Barrie Road, Suite 250 Minneapolis, MN 55435

To learn how to place an advertis-ment in Compliance & Ethics Pro-fessional, contact Liz Hergert: [email protected]



It’s the perennial business school question: What defines a successful company?

The answer from corporate leaders, increasingly, is corporate culture. “In business, culture counts,” renowned investor Warren Buffet wrote in this year’s annual report to Berkshire Hathaway shareholders. “Culture, more than rule books, determines how an organization behaves.”

Ethics and compliance (E&C) leaders agree. The latest annual survey, conducted by LRN of E&C executives from more than 100 large companies, found that rather than viewing ethics and compli-ance through the narrow lens of obeying the law and avoiding damage to reputation, a surpris-ingly large number (69%) reported that their top priority in 2011 was a focus on advancing core values and promoting ethical culture.1

Like Warren Buffet—who earlier this year saw one of his top executives resign amidst insider trading allegations—these lead-ers view culture as a powerful performance driver. Four of five (80%) said they believed that the principal fruits of an ethical cul-ture are ensuring that business is conducted honestly and does not

run afoul of rules and regulations. But, more than two-thirds also are convinced that such a culture contributes to long-term business value and performance; many see it strongly bolstering employee commitment to the company’s mission and values.

Aspirations and realitySo what strategies and innova-

tions should E&C leaders pursue in their role as “culture builders”?

The most important is to have a pragmatic sense of the challenges involved. Our survey detected a real disconnect at many companies between aspirations toward ethical culture and the reality. Although a sizable majority of E&C leaders see themselves as effective champions of ethical culture in their companies, their ability to inspire principled performance may be limited.

For example, about 70% of the E&C leaders surveyed gave themselves high marks for being the “corporate conscience” and overseeing risk management effectiveness, but only 45% con-sider their programs effective in enabling the business.

The challenge is even greater in a difficult economic environment, when arguments for a culture based

on ethics and values can seemingly be outweighed by short-term busi-ness objectives. For example, an overwhelming majority (70%) of the E&C leaders in our survey said spurring business growth is the top current priority for their companies. And some 64% said improving customer service to better engage skeptical and thrifty consumers is a top corporate pri-ority. Sustainability, which was a growing concern in better times, is taking a back seat; only a quarter of respondents indicated it remains on the corporate front burner.

Culture as strategyFortunately, the business case

for encouraging culture, values, and sustainable business goals is a powerful one. Sustainable busi-ness practices don’t detract from the focus on growth; rather they help unleash creativity, strengthen employee commitment to the com-pany purpose, and spur innovation. That’s why E&C leaders will need to reach beyond traditional approaches to E&C management and start focusing on culture as a deliberate business strategy.

Our survey found that although E&C programs have taken deep root across the corporate landscape

Culture and values: Driving innovation in ethics and complianceBy Friso van der oord



in the past decade, often they remain in silos, running education and training programs peripheral to day-to-day business operations, with little coverage of or empha-sis on the importance of culture. Reliance on these narrowly defined programs is no longer adequate to meet the exacting demands thrust upon businesses in today’s mar-ketplace. Incremental increases of compliance budget and staffing levels for these programs are likely to have diminishing returns.

The challenge for companies now is to embed ethics and com-pliance more firmly and deeply into everyday business practices and procedures. Companies need to make compliance and ethics a core management discipline and mindset, akin to the adoption of safety and quality in the 1980s and 1990s as critical to every phase of the business operation.

Fixing the cultural disconnect

LRN’s survey results suggest a number of potential strategies for E&C leaders as they seek to align core corporate values with day-to-day operations.

It’s critical, for example, to evaluate not only the “tone at the top” in a culture, but attitudes across an organization. Fewer than one in four E&C leaders worry about senior management not demonstrating and promot-ing ethical conduct, according to our survey, but almost half are

concerned about the middle man-agement ranks. These findings expose a dangerous disconnect between the tone at the top and “mood in the middle” in many organizations.

More than half of the E&C leaders surveyed (59%) cited orga-nizational complexity (i.e., global operations and siloed functions) as the biggest obstacle to promoting a company-wide ethical culture. The leaders also clearly diagnosed micro-cultures in sales, emerging market operations, and middle management attitudes that deviate from corporate standards as major sources of headaches.

Many organizations are strug-gling, for example, with how to bring their code of conduct to life for the many audiences in a large organization. A code of conduct is the company framework and guide for ethical behavior; a well-crafted code of conduct is a roadmap for employees to follow in upholding corporate values and standards. Yet only 45% of companies trans-late their codes of conduct for international stakeholders; only 17% of companies use localiza-tion tactics to ensure their code of conduct reflects regional customs and cultural differences, according to our survey.

Specific risks also remain con-cerns for E&C leaders, of course. Conflicts of interest, corruption, electronic data protection, and pri-vacy topped this year’s list. These latter two subjects underline the

need to drive home the urgency of safeguarding company and customer information. They also demonstrate the case for culture as a deliberate strategy. Because data protection and privacy involve constantly changing and complex technologies and rules, no one compliance prescription solves the problem. The best mitigation policy is a continuous effort, rein-forced by manager-led campaigns, to raise awareness of these poorly understood risks.

Leaders at all levelsInfusing corporate culture

with a values-driven message also requires new levels of engagement: E&C leaders need to invest in communications and partnership skills while seeking to leverage cor-porate resources and allies beyond their traditional domain.

LRN’s survey found, for example, that 56% of E&C func-tions report to the general counsel, while 29% report directly to the CEO or the board of directors. But to build ethical cultures, E&C leaders need support throughout their organizations. Unfortunately, only 20% or fewer of E&C leaders currently regard strong partnerships with Human Resources, Marketing and Sales, Operations, and Environmental and Social Responsibility offices as vital to E&C’s effectiveness.

Although the traditional link between E&C and Legal will never



DON’T GOHALFWAY.GO GO 360360.

www.compliance360.com

MANAGE CLAIMS AUDITS WITH TOTAL CONFIDENCE. Multiple audits, hundreds

of claims, dozens of team members, zero free time. Miss one date and you forfeit hard-earned revenue. With so

much complexity – and so much at stake – only Compliance 360 offers the confi dence of a 24x7 Virtual Audit

Coordinator that manages every step of every audit in one central system. No gaps, no guesses, no gotchas.

Visit www.compliance360.com/ClaimsAuditor to learn how we’re helping thousands of providers protect their

revenues – and their peace of mind. GET THE 360° VIEW.

C360 HCCA Ad Claims Auditor BW version 06-22-11.indd 1 6/22/11 2:21 PM


Culture and Values: Driving innovation in ethics and compliance continued from page 21

be severed, a less legalistic and more business-oriented approach to ethics and compliance would aim to reach the hearts and minds of employees through emphasis on core values and responsible busi-ness practices. E&C leaders should consider seeking performance feedback from business partners and schooling the E&C team on effective communications.

experiment with educationSimilarly, educating and engag-

ing management and employees is job Number 1 for the E&C profes-sional, according to LRN’s survey. But again, there’s a seeming discon-nect between perception and reality when it comes to achieving goals in this area of practice.

Some 63% of E&C leaders are either satisfied (52%) or strongly satisfied (9%) with their E&C education and communications program, yet only 45% believe that their education and commu-nication activities achieve a high impact on employee behavior and ethical decision-making; 43% believe that their efforts have a moderate impact.

Why is that? One reason may be that 63% of respondents said they only get one to three hours of employee time per year to deliver ethics and compliance education, a small window to impart critical knowledge and reinforce the right behaviors. These limited hours are not augmented by other learning experiences. Only 5% of companies

deliver facilitated workshops, and 12% conduct classroom sessions.

Those findings suggest a clear need to innovate and diversify the educational experience by leveraging multiple education delivery formats (e.g., facilitated discussion and eLearning) and communications vehicles (e.g., e-mails, newsletters, even interactive games and contests) to engage employees on ethical decision-making throughout the year. E&C professionals should also seek to engage managers to help educate employees; they can act as role models and often bring lessons home from the theoretical to the practical.

Crafting a cultureNot surprisingly, in today’s

unpredictable and interconnected business environment, almost 60% of the executives responding to our survey identified adapt-ing to changing business needs as a paramount goal. Indeed, the challenge for E&C leaders is to act as the voice for ethical business behavior and engage management in asking: What is the right thing to do when weighing complex business decisions and strategy?

An ethical culture is not created by happenstance. It is painstakingly crafted under the guidance of E&C leaders who can nurture the culture and hardwire its importance into the processes and practices by which business gets done. It’s critical that leaders at all levels of an organization not

take the company’s ethical culture and values for granted. Treat them as a deliberate strategy to lead the business and reconnect with employees and customers, thereby creating a sustained competitive advantage in the marketplace.

The overall picture that emerges from the data in LRN’s survey is one that Warren Buffet might approve of: E&C professionals from a broad range of industries working on common ground, developing and maintaining best practices that address their many day-to-day chal-lenges while also striving to foster the broader message that ethics and values—the essence of a company’s culture—are key drivers of success in today’s challenging business environment. UNotes:

1 A copy of LRN’s 2010-2011 E&C Leadership Survey can be found at www.lrn.com. Follow @LRNinc on Twitter, or call: 800-529-6366 (North America) +1-310-209-5400 (Global)

Editor’s note: Friso van der Oord is Knowledge and Solu-tions Leader at LRN in New York City. He leads all of LRN’s Alliances, a set of online solutions to help companies inspire principled perfor-mance, specifically focused on leadership, sustainability, and ethics and compliance programs. He can be con-tacted at [email protected].

http://www.lrn.com





Understanding the compliance risks of deemed exportsBy anthony hardenburgh

Every year I attend a number of industry conferences focused on global trade compliance. I speak with a lot of different people at these events, and they hold a range of job responsibilities, with vary-ing degrees of trade compliance expertise. One of the questions I am frequently asked is: What trade regulations should I be concerned about that I may not be aware of today?

Regulations that govern deemed exports immediately come to mind. According to the Export Administration Regula-tions (EAR)1 the release of certain sensitive technology or source code that has both military and civilian applications to a foreign national within the United States is deemed an export to the home country of the foreign national. Specifically, a deemed export occurs when US technology is made available to foreign nationals by verbal com-munication, visual inspection, or in practical use within or outside the United States.2

There are numerous situations when this could occur, making the Deemed Export rule one

of the most difficult to comply with. Because of the close rela-tionship between the government and academia for important and often sensitive research, an aca-demic environment is high risk for deemed export violations. The fact that openness and informa-tion sharing are part of academic culture naturally increases that risk. However, deemed exports can occur in many situations, so it is important to recognize when there is risk and what you can do about it.

recognizing deemed export risk

Within the Department of Commerce, the Bureau of Industry and Security (BIS) maintains the Commerce Control List (CCL), which covers trade items (e.g., commodities, software, technol-ogy) that are subject to the agency’s export control and licensing authority. Most of the technolo-gies at risk for deemed export are on that list, in categories like nuclear materials and equipment, electronics, computers, sensors and lasers, telecommunications,

navigation and avionics, and pro-pulsion systems.

Work that is considered “fun-damental research” is excluded from the Deemed Export rule. Fundamental research is defined as comprising basic and applied research in science and engi-neering, the results of which “ordinarily are published and shared broadly within the scien-tific community,” such as in peer reviewed publications.

Although the fundamental research exclusion is meant to pro-vide some flexibility to academic and research facilities, compliance officers must still be aware that a deemed export can happen just about any time a foreign national and sensitive technology are in close proximity. For example, it is not a deemed export if a foreign graduate student has access to your iPod – the technology in an iPod is commercially available. But, if a foreign graduate student has access to electronics included in

anthony hardenBurgh



the CCL, then a deemed export has occurred.

Activities that seem natural in an academic setting, such as dis-cussing research with a colleague, presenting a paper at a conference, or traveling with a laptop, can be openings for violations of the Deemed Export rule if sensitive technology and foreign nationals are also involved. Similarly, activi-ties that might seem natural in a corporate setting may pose a risk, depending on the nature of the work at that facility. It could be as simple as a visitor tour, confer-ence call, or e-mail to a foreign national.

Taking appropriate actionIf you are a compliance officer

in a high-risk setting for deemed export violations, what can you do? As with most compliance issues, the best approach is pre-vention. Preventive steps involve education, communication, and adherence to a formalized export compliance program. Understand-ing the nature of the work at your institution is important, but it is also unlikely that you will know about (or understand) every-thing happening in every lab in every department. Therefore, it is critically important for you to educate researchers, staff, and stu-dents about their responsibility to recognize and prevent potential violations.

If your commercial organiza-tion has a foreign national working

in proximity to sensitive technol-ogy, you may be required to obtain an export license before infor-mation can be revealed to that employee in the normal course of business. Similarly, a university researcher conducting a project involving a foreign student may be required to obtain an export license before sharing knowl-edge with that student relating to equipment or technology that might also have a military applica-tion (i.e., dual use).

Under both the International Traffic in Arms Regulations (ITAR)3 and EAR, it is the exporter’s responsibility to iden-tify whether a proposed export requires a license or is eligible for a license exception. These deter-minations are made based on the item’s EAR classification or ITAR listing, the export’s destination and, sometimes, the end user. The export regulations are statuto-rily based and apply whether the recipient receives funding via a grant, cooperative agreement, or contract, and whether or not the EAR or ITAR are cited explicitly in the award document.

Securing a license is gener-ally a complex undertaking, and an institution unfamiliar with the export license application process may want to seek legal assistance. If the technology is subject to export controls and requires a license, the next step is to see whether the technology is destined for one of the countries on the US

embargo or restriction of trade list. If this is the case, the policy of the United States is to deny licenses or other approvals for shipment to these countries.

Consequences of deemed export violations

Although it may be tempt-ing to shrug off deemed export controls or downplay their impor-tance in the day-to-day affairs of a university, research institution, or commercial organization, the reality is that compliance is not optional. There are severe admin-istrative and criminal penalties for violations of export control regulations.

Under the 2007 International Emergency Economic Powers Enhancement Act, a penalty amounting to the greater of $250,000 or twice the value of the transaction may be imposed for each violation for administrative cases. Administrative penalties may also include the denial of export privileges, which prohibits an exporter from participating, in any way, in any export transaction subject to EAR. For a university or research facility, this could mean the loss of federal contracts and grants.

More seriously, for criminal cases, violators may be fined up to $1 million and/or be imprisoned for up to 20 years. For example, J. Reece Roth, a Professor Emeri-tus at the University of Tennessee,



This industry-specific conference focuses on bringing more in-depth discussion and education to those working in the utilities and energy industries. In these highly regulated industries, compliance topics can be specific and focused on areas that are not always addressed at the all–industry level. This conference offers attendees the opportunity to discuss these specific content areas in more detail while sharing and exchanging ideas with others facing the same regulations.

Utilities & EnergyCompliance & Ethics ConferenceFebruary 26—29, 2012 | Houston, TexasThe Westin Galleria Houston

utilitiesenergycompliance.org

Early BIrd

rEgIsTraTIon

register by January 13 and

saVE $300

2012UtilEnergy_2pageAd.indd 1 8/31/2011 9:24:47 AM


Understanding the compliance risks of deemed exports continued from page 25

was sentenced to 48 months in prison and two years of supervised release for allowing foreign stu-dents access to export-controlled research. In this case, the Univer-sity of Tennessee was not indicted, primarily because the institution had an export compliance pro-gram in place. Roth’s compliance officer had repeatedly instructed him that he could not expose his foreign students to the materials associated with the project and could not take any project-related items on his laptop during a trip to China.4

Final thoughtsDepending on the type of

technology you develop or the research your organization con-ducts, you may need to pay more attention to the issue of deemed exports. Especially in an aca-demic or business environment where foreign nationals are pres-ent, deemed export is a real and critical consideration for the way daily activities are conducted.

As a compliance officer, you’ll need to educate your colleagues on how to identify and avoid deemed export violations. They’ll also need to understand which technologies may require export licenses and how to safeguard those technologies from entities who are not permitted to see them. A comprehensive export compli-ance program, with emphasis on frequent communication and consultation with researchers and

faculty, is the best way to protect your institution from the pitfalls of the Deemed Export rule. UNotes:

1 The EAR database is no longer supported. The Department of Commerce encourages users to access EAR regulations (Title 15) through the Electronic Code of Federal Regulations (eCFR). Available at http://ecfr.gpoaccess.gov/cgi/t/text/text-idx?sid=36b69ea812722a27c646d1f6fb059888&c=ecfr&tpl=/ecfrbrowse/Title15/15tab_02.tpl

2 The Deemed Export Advisory Committee report: The Deemed Export Rule in the Era of Globalization. December 20, 2007. Available at http://tac.bis.doc.gov/2007/deacreport.pdf

3 US Department of State, Directorate of Defense Trade Controls: Consolidated ITAR. Available at http://www.pmddtc.state.gov/regulations_laws/itar_consolidated.html

4 Jamie Saterfield: “Ex-University of Tennessee Professor Sentenced to Prison.” Knoxville News Sentinel, July 2, 2009. Available at http://www.knoxnews.com/news/2009/jul/02/prison-for-ex-ut-professor/

Editor ’s note: Anthony Hardenburgh is Vice Presi-dent of Global Trade Content for Management Dynam-ics, a provider of global trade management solu-tions, in East Rutherford, New Jersey. He can be reached at Solutions@Management Dynamics.com.

The seven biggest mistakes that companies make... continued from page 13

Notes:

1 Ethics Resource Center: 2009 National Business Ethics Survey. Available at www.ethics.org.

2 Woodstock Theological Center’s Seminar on Business Ethics: Creating and Maintaining an Ethical Corporate Climate. Georgetown University Press, 1990. Available at http://woodstock.georgetown.edu/resources/books/Creating-an-Ethical-Corporate-Climate.html.

3 Mary Buffet and David Clark: The Tao of Warren Buffet: Buffett’s Words of Wisdom: Quotations and Interpretations to Help Guide You to Billionaire Wealth and Enlightened Business Management. Simon and Schuster, 2007.

4 Ethisphere Institute: “2010 World’s Most Ethical Companies” Available at www.ethisphere.com.

5 Association of Certified Fraud Examiners: ACFE 2010 Report to the Nations on Occupational Fraud and Abuse. Available at www.ACFE.com.

Editor’s note: Eric Feldman is the President of Core Integrity Group, LLC in Redondo Beach, California, a consulting practice specializing in the development and assessment of corporate business ethics and compli-ance activities. He retired from the Central Intelligence Agency (CIA) in 2011 with over 32 years’ experience in Inspector Gen-eral oversight and federal auditing, in both the Execu-tive and Legislative branches of government. He has served in executive positions with Offices of Inspector General at the Department of Defense, Defense Intelligence Agency, and CIA, and the National Reconnaissance Office (NRO). He can be contacted at [email protected].

http://ecfr.gpoaccess.gov/cgi/t/text/text-idx?sid=36b69ea812722a27c646d1f6fb059888&c=ecfr&tpl=/ecfrbrowse/Title15/15tab_02.tpl

http://ecfr.gpoaccess.gov/cgi/t/text/text-idx?sid=36b69ea812722a27c646d1f6fb059888&c=ecfr&tpl=/ecfrbrowse/Title15/15tab_02.tpl







Humans are ubiquitous across compliance processes. The development, application, and documentation of compliance requirements are all informed by people: People write the rules in compliance programs, apply the rules, and enforce the rules. People assess whether those efforts have been effective. And, people identify gaps and take the steps necessary to fill those gaps with new requirements, new or dif-ferent interpretations of current requirements, or changes to the substance of current requirements.

At any step along the way, people can influence compliance for better or for worse, becoming the heroes who fill in the gaps or the means for infusion of human errors into the process. This article considers both latent (i.e., unseen, dormant, potential) and patent (i.e., obvious, extant) human errors, the two more prevalent forms of human error in compli-ance settings.

Sidney Dekker writes, “In human factors, you have to assume that nobody comes to work to do a bad job. If people do come to work to do a bad job, then you are in the territory of sabotage, of pathological behavior.”1 This

“human factor” then constitutes an important component in any compliance scheme, one which has gained attention only recently.

Human factor analysis is not new. Investigators have long eval-uated the role of humans, and, specifically, “human error,” in the context of accident investiga-tions—from industrial accidents to transportation accidents.2

Accident analyses and model-ing have provided compliance professionals (including both the regulators who draft and enforce compliance requirements, and the compliance staff who implement the compliance requirements in the organizations) with theories, visualizations, and some ideas for addressing the human factor. One example of an effective visu-alization is James Reason’s model of stacked slices of Swiss cheese, from an accident analysis perspec-tive. “The current model involves a succession of defensive layers separating potential losses from local hazards. The holes arise from unsafe acts and latent con-ditions. Only when the holes line up can an accident trajectory pass through the defenses to cause harm to people, assets and the environment.”3

And, recently, regulators have acknowledged the human factor, citing human error as a relevant focus for analysis of compliance efforts.4 Any compliance pro-fessional who has pondered the intent of an ambiguous regula-tory requirement recognizes that the focus for human factor appli-cations in compliance must be two fold; first, in the creation of the compliance requirement, and second, in the application of the compliance requirement.

The challenge: The human factor in compliance

First of all, regulators and the regulated community must under-stand the human factor, including the kinds of human errors which

The human factor in compliance: Strategies for reducing human errorBy Mary-James (Jami) young

Mary-JaMeS (JaMi) young



can adversely impact compli-ance efforts. Next, regulators and the regulated community must develop the tools to harness the human factor, including the tools to proactively address all kinds of human errors. Lastly, regulators and the regulated community must deploy those skills in their respective settings.

Despite these shared respon-sibilities, regulators and the regulated community can proac-tively address the human factor in different aspects of the compliance process, because regulators and the regulated community work in different parts of the compliance process. For example, regulators must consider the human factor and the tools available to prevent the infusion of latent errors into compliance requirements and patent errors into their assessments of compliance efforts within the regulated community. And, the regulated community must con-sider the human factor and take the proactive steps to reduce latent and patent errors within their applica-tions of compliance requirements across their organizations. Neither activity, on its own, fully addresses the human factor. Both activi-ties, taken together, address the more prominent forms of human error. As with many other aspects of effective leadership, harness-ing the human factor consists of replacing simple “reactions” with proactive or anticipatory actions. And, as with many other aspects

of effective leadership, such proac-tive actions are far easier to discuss in the abstract than to apply in practice.

Identifying the human factorBefore the human factor may

be addressed, it must be identified and understood—what it is, how it applies to compliance require-ments and activities, and why it matters. The human factor in con-cept is larger than human errors. The human factor includes human errors, to be sure, but, the human factor also includes the number-less acts of workers to fill the gaps and make ambiguous rules work within a given setting. Specifi-cally, the human factor includes the concept of humans as heroes, as well as the more commonly acknowledged concept of humans as a source of errors. To overlook either aspect of the human factor is to draw an incomplete picture of the human contribution to compliance.

Human as heroIn compliance, as in the rest

of the workplace, the hero remains largely unsung. Few people stop to consider improvements when processes are working and the core business is humming along. Just below the surface of those apparently functional work pro-cesses, however, lies the province of the human as hero. On occa-sion, processes and requirements may be ambiguous, or they may

fail, and it is the human as hero who recognizes those ambigui-ties and anticipates these failures and takes steps to address them, to fill the gaps, and keep the core business humming along. Much of that work goes unnoticed, unless the human addressing those ambiguities and anticipat-ing those failures somehow fails to address an ambiguity or antici-pate a failure—be it a performance or production requirement or a compliance requirement. At that point, the person becomes a source of error, and the phrase “human error” becomes both a factor and a conclusion.

Human as a source of errorNo inherent change in the

person’s actions necessarily pro-vokes the change from human as hero to human as a source of error. The act of taking steps to address ambiguities or anticipate failures is itself neutral. If the act is success-ful, it and the actor may be praised as proactive or even heroic. If it is unsuccessful, the act and the actor may be condemned. In either case, context is key, and the fact that the person undertook an action is itself neutral. The outcome drives the characterization of the action as either an error or a heroic “save.”

Significantly, people take such actions daily, and those actions, large and small, comprise a signifi-cant part of the work people do each day. The outcome of taking



The human factor in compliance: Strategies for reducing human error continued from page 29

those steps drives the determina-tion of human as hero or human as a source of error. And, because it is outcomes-driven, that determina-tion usually takes place after the fact. Thus, a proactive approach requires that steps be taken well in advance of any attempt to address ambiguities or anticipate failures—identifying and elimi-nating ambiguities and addressing anticipated failures in advance—to reduce latent and patent errors.

Latent errorsLatent errors are like unex-

ploded landmines. They are potential errors which can lay dormant and elude discovery until they create a failure. Examples of such latent errors might include ambiguities in regulatory require-ments or ambiguities in policies, processes, or practices. They pose no immediate threat until such time as an unwitting human or an unanticipated set of circumstances triggers the dormant or poten-tial error into an actual error. At that point, the consequences can be significant and unavoidable. Latent errors span the entirety of work functions—from a failure to fund a particular initiative, to a shift in focus from one initiative to another (either of which can create a latent error in establishing, maintaining, or communicating necessary priorities), to an outright ambiguity in regulatory require-ments or in work expectations, policies, processes, procedures, or

practices. Sometimes, particularly in accident analysis, these latent errors are called “near misses.” And that’s where the human as hero shines—but for the fact that a person recognized the latent error before it became an actual error, and took the steps necessary to prevent it from becoming an actual error, an error would have occurred.

Addressing latent errors proactively

Heroic acts may become com-monplace when the compliance culture in an organization recog-nizes and encourages anticipatory actions to prevent errors from occurring. It is incumbent on regulators to proactively engage with the regulated community to accomplish the common goal of compliance. For that reason, such anticipatory actions must include rigorous and regular reviews of regulatory requirements them-selves by the regulators. The regulators have frontline responsi-bility for providing clear direction and setting clear expectations for the regulated community.

At the same time, the regulated community has its own responsi-bilities for proactive action. Each organization must be vigilant in reviewing its means of applying regulatory requirements, includ-ing rigorous and regular reviews of its own policies, processes, prac-tices, and procedures. And, each organization must be vigilant

in anticipating and preventing failures.

Communication and a common sense of purpose must inform the relationship between the regulator and the regulated community for these two groups to identify and address latent errors proactively. Even absent such collaboration, the regulated community can itself work to reduce latent errors. Although compliance professionals within the regulated community may not be able address latent errors within regulatory requirements, those compliance professionals can lead internal inquiries to find and address latent errors in their entities’ policies, processes, prac-tices, and procedures. This latter approach, albeit imperfect, may be the only approach available in a less-than-collaborative regulatory environment.

Patent errorsIn contrast to latent errors,

patent errors are like exploded landmines. The errors and their consequences are obvious, even when the means of preventing them may be less so. In contrast to the proactive approach to latent errors set out above, a proactive approach to patent errors lies more squarely within the regulated community, and, indeed, within the specific organization itself. A “lessons learned” approach may prevent repetition of the same error in the future, but a proactive



approach and some reverse engi-neering based on the three kinds of patent errors (i.e., slips and lapses, rule-based mistakes, and knowledge-based mistakes,5 dis-cussed below) may provide a more proactive response to such errors, longer-term.

Slips and lapsesFirst and most common, slips

and lapses include inattention, over-attention, preoccupation, and lack of focus. Intuitively, these may appear to be different kinds of errors. Nonetheless, these errors all stem from the same kind of action—a misapplication of atten-tion or, said differently, a failure to apply the right kind of atten-tion at the right time. These kinds of “everyday” errors may include misplacing car keys, forgetting to pick up milk at the grocery, miss-ing a deadline, etc., and humans intuitively and routinely rectify these errors. These kinds of errors occur routinely in all sectors of human life, and people routinely make the necessary corrections to overcome them, often without conscious or deliberate thought.3 These human errors are the most easily corrected, and the most easily avoided. Several error avoid-ance strategies, including a simple “pay more attention” strategy, lessen the risk of these errors. Consequently, elimination of dis-tractions and heightened focus on the task at hand may be among

the best strategies to reduce future slips and lapses.

Rule-based mistakesThe second kind of patent

error is a rule-based mistake. These errors result from a failure to apply a rule in a situation where it should have been applied, or the application of a rule in a situation where it should not have been applied. Fundamentally, both sets of circumstances comprise misap-plications of a rule to a situation, or, put differently, a “strong but wrong”3 response to a situation. These kinds of errors require some level of training or knowledge of the rules and a failure to apply the rule to the situation correctly. These kinds of human errors are frequent, but less common than slips and lapses. They are concen-trated in rule-based settings, such as the workplace. From a compli-ance perspective, these mistakes can result from a lack of training, a failure of training, or a failure to apply the training correctly by a trained employee. These human errors, though not easily prevented, may be anticipated, and for that reason corrected by means of addi-tional training, hands-on practice, and heightened oversight to assist decision makers as they work to identify patterns and apply estab-lished rules. Drill and practice can reduce the risk of rule-based errors, making future errors more likely to be slips and lapses.

Knowledge-based mistakesThe third kind of patent error

is a knowledge-based mistake. Among the kinds of knowledge-based mistakes are failures to anticipate the problem, a higher than warranted level of confidence in the available tools, illusory cor-relations that suggest connections or applications where none exist, seeing only what one wants or expects to see, not factoring every element into a situation, and a failure to focus on the problem because of a fixation on the bigger or smaller picture. These errors result from unanticipated situa-tions that cannot be prepared or trained for—there is no rule to be applied and no tool to be used, because the situation was never expected to occur at all. Of all the kinds of patent errors, this one is the most likely to be averted, if at all possible, by a heroic human.

“Correct performance and error are two sides of the same coin….Each failure is an opportu-nity for learning.” Reason, quoting Ernst Mach: “[K]nowledge and error flow from the same mental sources, only success can tell the one from the other.”3

Any response that averts this kind of mistake is likely to require quick thinking and a fair amount of risk. If the response succeeds, the human was heroic. If the response fails, the human has erred. Arguably, a progression of humans will have erred, from the



The human factor in compliance: Strategies for reducing human error continued from page 31

first human or group of humans who failed to anticipate the prob-lem to the intervening humans who failed to develop the tools and processes to address the unan-ticipated problem, culminating in the human who, without training or tools, attempts to deal with the situation and avert the error. The “unanticipated” nature of this kind of error makes it particularly difficult to address proactively, and this difficulty leaves human heroics as one strategy to avert the error. But, as Reason observes, “the focus, beyond human hero-ics, must be to ensure that their adverse consequences are speedily detected and recovered.”3

These kinds of errors are the least common in a mature com-pliance environment, because a mature compliance environment includes multiple layers of review and oversight, and the multiple perspectives that reduce the risk of “group think” and increase the likelihood that an individual will identify and address the problem before it occurs. However, when a knowledge-based error does occur, the consequences can be dire for the individual person who errs and for the organization that suffers the consequences of the error.

Knowledge-based errors are the most difficult to prevent, but when they occur, they can be cor-rected by the formulation of rules and tools to address them. With the appropriate rules and tools in place, knowledge-based errors

can be avoided or reduced to rule-based errors.

Strategies for reducing human errors

By identifying and correcting latent errors before they become patent errors, and by taking the steps to reduce the risk of each kind of patent error identified above, we can reduce the risk of human errors. With this reduction in human errors, the human factor can be viewed as an ultimate risk-reduction factor. Humans are unique among risk factors, because humans can identify and reduce risks of error.

In addition to reinforcing the simple direction “pay attention” or drilling on pattern identification and rule application, or anticipat-ing the unanticipated, humans have other tools to reduce the risk of errors and enhance the compli-ance process.

ChecklistsPerhaps the most basic of

human error reduction strategies is the checklist. Checklists serve as a cognitive safety net for pro-fessionals across a diverse array of professions.6 Carefully and thoughtfully prepared, a checklist serves as a guide for standard pro-cesses. With this guide, a person applying the checklist focuses, thus reducing the risk of slips and lapses. With the risk of slips and lapses reduced by checklists, the person can focus attention

on aspects of the situation not addressed by the checklist. Thus, the person can focus on prevent-ing inherently riskier forms of patent error—by identifying pat-terns, applying rules, or reacting to unanticipated situations.

Regular reviews of written processes

The value of standardized, written processes for compliance is well-documented. Establish-ing, and then performing, regular rigorous reviews of those written processes provide an opportunity for humans to identify and correct latent errors before those errors become actual errors.

Drills and practice auditsDrills and practice audits

provide an opportunity for humans to identify and address latent and patent errors, spe-cifically rule-based mistakes and knowledge-based mistakes. For example, “...if material is learned in neat chunks and in static ways (books, most computer-based training) but needs to be applied in dynamic situations that call for novel and intricate combinations of those knowledge chunks, then ‘inert’ knowledge is a risk.” Drills tend to reduce that risk by creating opportunities to “practice” appli-cation of knowledge in dynamic situations.1

Practicing applications of established rules in a drill can reduce the risk of rule-based


mistakes. Similarly, the habits learned by responding to drill scenarios can reduce the risk of unanticipated situations, and, thereby reduce the risk of knowl-edge-based errors. “We can train frontline people to be ‘error wise’. That is, to help them to ‘read’ situations so they can identify circumstances having high error potential, and act accordingly….This is what we mean by individ-ual mindfulness.”3 To be effective for these purposes, drills and prac-tice audits must be carefully and thoughtfully prepared. And, the audit results of drills and practice must be thoroughly reviewed to evaluate the current state of an organization’s compliance and to identify weaknesses, gaps, and glaring omissions. Taken together, and taken seriously, these kinds of exercises can enhance compliance and reduce risk.

ConclusionThe human factor in compli-

ance recognizes the risks of human error, and takes the proactive steps necessary to reduce those risks. The human factor, properly applied, transcends error and transforms compliance efforts, and reduces the risks of error through proac-tivity, addressing error heroically when it occurs. The human factor includes the numberless acts of workers who fill compliance gaps and make ambiguous rules work, who step into unanticipated situ-ations and work to reduce the

effects of error. Specifically, the human factor includes the concept of humans as heroes, as well as the more commonly acknowledged concept of humans as a source of errors. To overlook either aspect of the human factor is to draw an incomplete picture of the human contribution to compliance. UNotes:

1 Sidney Dekker: The Field Guide to Understanding Human Error. Ashgate Publishing Company, 2006.

2 James T. Reason: Managing the Risks of Organizational Accidents. Ashgate Publishing Company, 1997.

3 James T. Reason: The Human Contribution. Arena Publishing, 2008.

4 For example, the North American Electric Reliability Corporation (NERC) President’s Top Priority Issues for Bulk Power System Reliability. January 7, 2011. Available at http://www.nerc.com/fileUploads/File/News/NERC%20President%20Top%20Priority%20BPS%20Reliability%20Issues%201-7-11.pdf (See specifically numerical priority 2: Human Errors by Field Personnel).

5 James T. Reason: Human Error. Cambridge University Press, 1990.

6 Atul Gawande: The Checklist Manifesto. Picador Publishing, 2011.

Editor ’s note: Mary-James Young is Senior Compli-ance and Regulatory Counsel for Vectren Corpo-ration in Evansville, Indiana. Her responsibilities include providing legal counsel to Vectren’s three regulated utili-ties, particularly in the areas of state and federal regula-tory compliance. She can be contacted by e-mail at [email protected].

Get the latest on breaking issues and best practices. Hear directly from regulators and practitioners from the convenience of your own office.

• Timely, quality training with no travel required

• With one registration, your whole office can participate

• A convenient way to earn continuing education credits

SCCE wEb ConfErEnCES

CorporatEComplianCE.orG/wEbConfErEnCES

Upcoming Web Conferences:

Converging Ethics, Governance, and CultureOctober 25, 2011





One of the most compel-ling and popular recent trends in business literature is behavioural economics. This synthesis of behav-ioural psychology and economic research is the inspiration behind bestsellers, such as Dan Ariely’s Predictably Irrational, Richard Thaler’s Nudge, and Sway by Ori Brafman. At its root, behavioural economics questions a traditional assumption in economics, the idea that human beings are both ratio-nal and selfish. Taken as an article of faith among many in economics, this belief has been tested experimen-tally by the behavioural economists and found, if not entirely false, then extremely incomplete. Based on the outcomes of these experiments, writers like Ariely and Thaller (and their more purely academic colleagues) have developed new models of how people actually make decisions and explored the consequences for both businesses and the political economy.

Given the popularity and influence of behavioural econom-ics, it was inevitable that the use of experimental psychology would migrate to other disciplines. One

of the first is behavioural ethics, an emerging discipline relevant to compliance and ethics profes-sionals. Although behavioural approaches to ethics are not entirely new, only recently have they become recognised as a new field of study. Ariely, in Predictably Irrational, examined some of the assumptions we make about how ethical decisions are made and how unseen forces influence our behav-iour.1 Since then, behavioural business ethics has developed into a productive area of research in academic journals. For example, the British Journal of Management recently devoted a special issue entirely to behavioural business ethics.2 The academic research has begun to trickle down to the pop-ular press as well, with the recent publication of Blind Spots: Why We Fail to Do What’s Right and What to Do About It,3 by Harvard Busi-ness School’s Max Bazerman and Notre Dame’s Ann Tenbrusel. This article will endeavour to explore recent advances in behavioural ethics and discuss some of the implications for ethics and com-pliance professionals.

How are ethical decisions really made?

Whereas behavioural eco-nomics experimentally examines traditional assumptions about commercial behaviour, behav-ioural business ethics focuses the experimental lens on assumptions about the way people make ethi-cal decisions. The predominant model of ethical decision-making was articulated by James R. Rest in 1986 as a four-step process:1. Moral awareness: The situa-

tion at hand requires a moral decision.

2. Moral judgement: The right and wrong responses are discernable.

3. Moral intention: There is an intention to do the right thing.

4. Moral action: The morally correct action is taken.

Rest’s model is intuitively attractive and most ethics and compliance programs are predi-cated on this model. Behavioural ethicists subject the model to experimental rigour, examining whether Rest’s conceptual frame-work does indeed reflect reality.

The “why” of misbehaviour: Recent advances in behavioural business ethicsBy James Meacham



The newer research suggests that biases, heuristics, and other non-rational cognitive processes that fall outside Rest’s model have sub-stantial, sometimes overwhelming, effects on ethical decisions.

Two of the most important results of experimental findings about decision-making are the concepts of bounded ethicality (i.e., the idea that our ability to make ethical decisions is more limited than previously thought), and ethical fading (i.e., the discovery that the moral dimensions of decisions disappear from our consciousness at the time decisions are made). Combined, these concepts call into question the effectiveness of many of the principles upon which ethics and compliance programs are based and, if correct, suggest the need to develop more effective strategies.

Bounded ethicalityThe notion of an orderly

decision-making process comprising the centre of most ethical decisions is lacking on several counts, these shortcomings illustrating what behavioural ethicists call “bounded ethicality.” People often don’t recognise an issue as an ethical choice when it presents itself. Moral judgements are frequently influenced by factors beneath the level of consciousness that are either irrelevant or detrimental to decision-making. Although we often intend to do the “right thing”, we frequently

don’t, again without knowing we’ve fallen short. Finally, as our decision-making abilities are optimised for a world far less complicated than the one we live in, we frequently exclude relevant information or place artificial bounds on the information we have, degrading the ability to choose ethically. The remainder of this section details these specific cognitive shortcomings that contribute to bounded ethicality.

MisclassificationAs pointed out by Tenbrunsel

in an earlier journal article,4 one of the most frequent decision-making errors is the misclassification of ethi-cal issues. A common explanation given by subjects for poor ethical choices is that the decisions made in a business setting are “just busi-ness,” not ethical issues at all. This error was given an intellectual jus-tification by Milton Friedman’s belief that the only responsibility of business managers is to increase shareholder value. He argued in his 1970 article that it was misguided for a company to take social responsibil-ity into consideration when making a business decision.5 Although his views seem extreme today, less radi-cal versions of it are frequently used to excuse questionable behaviour. It should be obvious that some actions are legal but unethical, so by arguing that firms should do anything that is legal to increase shareholder value, Friedman encouraged firms to take substantial ethical risks. By excluding a business decision from the ethical

domain a priori, decision-makers set themselves up for potentially egregious ethical mistakes.

In-group favoritismAlthough misclassification

allows us to make decisions without having to examine their implica-tions, more potentially damaging are the forces that influence our decisions without our being aware of them. One example, pointed out by Bazerman and Tenbrunsel, is in-group favouritism, or the preference to ascribe good qualities to members of groups of shared membership. Different from simple prejudice in that it doesn’t assign bad qualities to non-group members, its practical and ethical implications are identi-cal: People who are privileged remain privileged and those who are not fight an unfair, uphill battle to gain access to money, power, and prestige.

OverclaimingAnother common subconscious

mistake with ethical repercussions is overclaiming. This happens when one judges his or her contribu-tion to a group process as greater than it actually is. Psychology and negotiating literature abound with examples of overclaiming. Aca-demics, when asked to estimate how much of multi-author articles they were responsible for, typically aggregated to close to 150%. MBA students have been found to over estimate their contributions to group projects, athletes



The “why” of misbehaviour: Recent advances in behavioural business ethics continued from page 35

overestimate their part in team victories, and married couples each think they do far more housework than their spouses. The cognitive process behind overclaiming is simple and, on reflection, obvious: egocentrism. We are each con-strained by our individual points of view. An athlete will see every move, every pass that she makes, but teammates come in and out of her consciousness, so she perceives that she does more than her team-mates do. The ethical implications of overclaiming are profound. Overfishing, which threatens to destroy the oceans’ ecosystems, is a typical case of overclaiming, where each country sees the way in which regulations burden it, but sees only the advantages for other countries.

Misclassification, in-group favouritism, and overclaiming are just a few examples of bounded ethicality. Much of what occupies behavioural ethicists is uncover-ing more ways in which our minds deceive us into doing the wrong thing or not recognising what we do as such. As a rule, however, because most of our ethics and compliance programs assume Rest’s model of ethical decision-making, they are not well positioned to effectively combat these ethical mistakes.

ethical fadingBecause it explains many of

the most puzzling kinds of mis-takes in judgement and answers the key question, “Why do good people sometimes make bad moral

choices?” ethical fading is another important discovery of behavioural ethics. Ethical fading refers to the way that the ethical aspects of a decision recede from consciousness as the time to make the decision approaches. It is a temporal pro-cess in which we overestimate our own morality and devalue ethical problems, thereby causing serious blind spots and ethical mistakes. In a 2004 academic paper, Tenbrunsel and David Messick6 identify several enablers of self-deception and argue that the way most ethics programs are structured ignores their role.

EuphemismsOne of these enablers will be

familiar to anyone who has spent time in modern corporate life: language euphemisms. In a world where “problems” are “issues,” and where layoffs are called “right-sizing,” the use of a justifying vernacular can leave workers unable to distinguish right from wrong; the corporate dialect effectively neuters the ethical component of the situation. Another example, in which the moral implication is clear, is the use of “externalities” as a euphemism for damage to the envi-ronment. Tenbrunsel and Messick argue that although euphemisms are not themselves dangerous, they can frequently be used to disguise troubling ethical issues.

Slippery slopesSo-called “slippery slope”

effects are another way in which

ethical considerations are shifted to the background. Also known as the “frog in a boiling pan” problem, this is the gradual numbing to ethi-cal issues via several small changes, resulting in a very large ethical mistake. An example might be an otherwise upstanding mortgage broker who, in order to push a deal through, initially doesn’t reveal all of the relevant information to the borrowers. After becoming accus-tomed to that minor transgression, he decides it’s not significantly worse if he puts a customer into an inap-propriately large mortgage in the hope of netting additional income through extra fees. Later still, he doesn’t see a substantial difference between that and, say, signing some of the appendixes of loan docu-ments himself. He’s gone, stepwise, from a lie of omission to an actual crime. By numbing himself at each baby step to ethical implications, they have faded out of his con-sciousness and he’s finally making major ethical (and legal) mistakes.

Errors in perceptual causation A third factor in ethical

fading, enumerated by Tenbrunsel and Messick, is errors in percep-tual causation. We work in a complex world where causation is not always of the simple “If A occurs and B occurs, then C will occur” variety. Because we are self-interested beings who tend to focus on our own individual roles in a process, larger systemic issues are frequently overlooked.



The mortgage production chain again provides a good exam-ple of how perceptual errors in causation can work. The system by which mortgages were taken out by buyers, produced by bank-ers and brokers, aggregated by mortgage banks, collateralised by investment bankers, and sold to end investors was one that created some undeniably unethi-cal behaviours. However, if we examine each actor in the process individually, each could be said to have acted ethically and in keeping with his/her incentives. The system encouraged participants at each stage to take risk into the process while not assuming the respon-sibility for that risk. In each case, increasing volume was incentiv-ised rather than balancing risk and return. Risk was therefore invisibly transferred to the investors, with disastrous results. So although each contributor acted in good faith, the ethical problems of the system as a whole went unnoticed.

Biased self-perceptionA last enabler of ethical

misbehaviour, again related to self-deception, is called by researchers the constrained representation of self, and is based on the idea that our perceptions of our selves are naturally biased. In the same way we overclaim rewards and credit because of our structural relation-ship with others we cooperate with, our individual perspective is going to put our particular interests and

ideas in the foreground and those of others in the background. We know our own intentions, but can only infer others’ by their actions. Because most people think their own intentions are an important part of assigning moral valence, this imbalance of perception natu-rally tilts our moral judgement in our own favour.

Why is behavioural business ethics relevant?

Articles in ethics journals have traditionally come in three vari-eties. Academic articles tend to focus on normative ethics, or the “what” of right and wrong. Practi-tioner journals for compliance and ethics professionals generally pub-lish articles on the “what” of legal compliance and the “how” of ethics and compliance programs. Behav-ioural ethics gives us a view into the “why” of misbehaviour and some possible ways of mitigating ethics risks. Just as behavioural econom-ics called into question the widely held belief in homo economicus (i.e., humans are guided by reason and self-interest when making economic decisions), behavioural ethics questions traditional models of ethical decision-making and how people respond to ethical and eco-nomic incentives. It rounds out our knowledge of what people in orga-nizational contexts perceive they should do with what they are likely to do. Armed with this knowledge, we have a much better chance of developing effective interventions.

Most ethics and compliance programs take Rest’s model of ethical decision-making as the standard and, therefore, assume that most ethical reasoning hap-pens at the conscious, rational level. Corporate compliance offi-cers, therefore, focus on codes of ethics, hotlines, and education about specific laws and regula-tions. However, recent research tells us that many subconscious elements have a substantial influ-ence on employee behaviour. Thus, traditional ethics and compliance interventions only address a part of the problem. For more effective programs, we have to educate our-selves and our employees about the psychology of decision-making, in addition to corporate rules and governmental regulations. Finally, behavioural ethics suggests that we need to evaluate the ways our corporate cultures may uninten-tionally encourage people to make ethical mistakes.

ConclusionAlthough behavioural ethics is a

nascent field, it has already exposed quite a bit about how biases, blind spots, and dodgy decision-making add to our compliance challenges. In a relatively short time, it has developed from the innovation of few forward-thinking scholars to a recognised field of study with sub-stantial implications for the way we do business. As the discipline matures, it will unquestionably


The “why” of misbehaviour: Recent advances in behavioural business ethics continued from page 37

become an increasingly influential tool of our profession. UNotes:

1 Dan Ariely: Predictably Irrational,: The Hidden Forces That Shape Our Decisions, revised and expanded edition. New York: Harper, 2008.

2 David De Cremer, Rolf van Dick, Ann Tenbrunsel, Madan Pillutla, and J. Keith Murnighan: “Understanding Ethical Behaviour and Decision Making in Management: A Behavioural Business Ethics Approach.” British Journal of Management, March 22, 2011.

3 Max H. Bazerman and Ann E. Tenbrunsel: Blind Spots: Why We Fail to Do What’s Right and What to Do about It. New York: Princeton University Press, 2011.

4 Ann E. Tenbrunsel and D. M. Messick: “Ethical Fading: The Role of Self Deception in Unethical Behavior.” Social Justice Research, 2004;17:223-36

5 Milton Friedman: “The social responsibility of business is to increase its profits.” Corporate Ethics and Corporate Governance, 2007;173–178. Originally published in the New York Times Magazine, September 13, 1970.

6 Ibid

Editor’s note: James Meacham is Managing Consultant at Magister Consulting in Los Angeles and London, and a doctoral candidate at the University of Southampton’s School of Management. His research explores the ways risk perception influences ethical business decision-making, and he advises clients on behav-ioural and cultural interventions for reducing ethics and compli-ance risk. He can be contacted by e-mail at [email protected].

SCCE’S UpComing REgional

Compliance & Ethics Conferences

SCCE’s regional compliance conferences provide a forum to interact with local compliance professionals, share information about compliance successes and challenges, and create educational opportunities for compliance professionals to strengthen the industry.

Southeast October 14, 2011 • Atlanta, Georgia

Southwest November 4, 2011 • Houston, Texas

www.corporatecompliance.org/regional

SCCE2011_Regionals-remaining_2column_2c.indd 1 7/8/2011 4:41:15 PM


Learn more & register at corporatecompliance.org/academies

SPACE IS LIMITED— REGISTER

EARLY

Basic Compliance & Ethics

January 30–February 2San Francisco, CA

April 16–19Chicago, IL

May 7–10São Paulo, Brazil

May 21–24Brussels, Belgium

June 11–14Scottsdale, AZ

July 9–12Shanghai, China

August 13–16Boston, MA

November 12–15Orlando, FL

2012Academies

Become a Certifi ed Compliance & Ethics Professional® following this four-day intensive training session

2012SCCEAcademies_1pagead_2c.indd 1 9/6/2011 9:36:16 AM




Read some of the latest SCCEnet discussions:

Global Compliance and ethics Community:SubsidiariesWe are a global organization in 28 countries with three main business lines and multiple divisions. The compliance programs we have in place cover all main businesses and divisions. But we have a number of sub-sidiaries that run separately from the ‘Group’ - they are not included in our Outlook profile, nor do they have access to our systems or Intranet. They tend to be located in Asia, and for the most part, sell their products domestically. It is difficult to apply compliance program requirements with such system limitations. I would like to know how other global organizations treat similar subsidiaries within compliance programs. Do you apply the same requirements? Do you ignore the subsidiaries and focus on the main businesses? Do you have modified requirements for separate subsidiaries? www.corporatecompliance.org/9220

Financial Institutions networkWells Fargo Settles Wachovia Case for $590 Million(Bloomberg News – 8/6/11) Wells Fargo & Co., the biggest U.S. home lender, said it reached a $590 million settlement in principle with plaintiffs who claimed in a lawsuit that Wachovia Corp. misled investors. The accord, subject to court approval, is reflected in the bank’s financial statements and “will not have a material adverse effect on Wells Fargo’s consolidated financial position,” according to a regulatory filing Friday by the San Francisco-based company. Wells Fargo acquired Wachovia in 2008. Investors had accused Wachovia of making misleading disclosures relating to the sale of securities between 2006 and 2008, according to the complaint. The statements related to the quality of assets linked to the mortgage portfolio of Golden West Financial, an Oakland home lender it had acquired. www.corporatecompliance.org/9213

Legal Holds and record Management networkBoard participationWhen is it considered a conflict of interest if a board member serves on two boards of the same health care organization? Is it ethical to abstain on votes that involve a conflict of interest? www.corporatecompliance.org/9219

SCCEnet

SCCEnet is the most comprehen-sive social network for compliance professionals. Subscribe to dozens of discussion groups and get your compliance questions answered. Share your experience with your colleagues. Offer your resources and policies in the libraries.

resources•Too Close for Comfort: Can

internal auditors maintain inde-pendence and objectivity when the audit and compliance func-tions are combined? − Posted In: Chief Compliance and Ethics Officers

− www.corporatecompliance.org/auditorindependence

• Social Computing Guidelines − Posted In: Communication, Training, and Curriculum Development

− www.corporatecompliance.org/ComputingGuide

• Final Rule Dodd Frank 922 - Final Dodd Frank whistleblower bounty rules issued by SEC on May 25, 2011, with commentary − Posted In: Chief Compliance and Ethics Officers

− www.corporatecompliance.org/doddfrank922


SCCE Website NewsSCCe Job BoardThere are new jobs added to SCCE’s Job Board all the time. Take a look at all the new opportunities by click-ing on the “Job Board” tab (far right on the top menu bar). www.corporatecompliance.org/jobs

Certification HandbookThe CCEP Certification handbook has been updated. View the updates by clicking on “CCEP Handbook” under the “Certification” tab on SCCE’s website.

Compliance and ethics Professional QuizTake this month’s C&E Professional quiz online! It is available by clicking on the “Compliance and Ethics Professional” link under the “News Room” tab. Miss any issues? Members can view and print older issues online as well. www.corporatecompliance.org/handbook

SurveysDownload one of the many surveys available on our website to view the different industry trends. The sur-veys are located under the “Resources” tab, and then click on “Surveys.” www.corporatecompliance.org/Surveys

Compliance and ethics Institute HandoutsIf you need a copy of the handouts from the Compli-ance and Ethics Institute from this year, or any past year, you can find them at www.complianceethicsin-stitute.org/handouts.

Chief Compliance ethics officer networkCost of ComplianceI am working on a business case and am looking for statistics on the cost of compliance. Is anyone aware of a survey or report showing internal vs. external spending on ethics and compliance; and preferably breaking down the external spend-ing by proactive (consultancy advice) vs. reactive (investigations and representation with regulators)? Thank you. www.corporatecompliance.org/9172

Progressive Discipline PolicyI am revising our progressive discipline policy. I have a pretty solid base to work with, but would appreciate seeing a few other examples to compare to. If any of you have a policy you can share, I would greatly appreciate it.www.corporatecompliance.org/9248

Contact Eric Newman at 952-405-7938, or email Eric at [email protected] with any questions about SCCEnet. Also, ask Eric about the new SCCEnet mobile app for the iPhone, Blackberry and Android devices.




AT: What is the biggest failing regarding corporate America from a compliance and ethics perspec-tive today?

AB: The biggest failing is when companies allow an “ethi-cal when convenient” approach in their leadership culture—particu-larly during a time of difficulty or upheaval. In the normal course of business, it is easy for any business to operate with a fair and ethical mindset. However, when times of crisis or large opportunities pres-ent themselves, companies without a legitimate and strong culture of ethics may take shortcuts. This ultimately will cost the company, and society as a whole, in the long run. That said, we are encouraged by the sheer volume of CEOs who are now actively engaged with Ethisphere. When the boss cares, it matters to the whole orga-nization. Here’s a great example: We are honored that Jeff Immelt of GE has agreed to serve as the guest editor of the Q1 2012 issue of Ethisphere Magazine, themed around Trust. When one has that type of commitment from a very busy person, others take notice.

AT: Are we making progress in the adoption of compliance and ethics programs?

AB: Yes, we are. We see more and more companies taking ethics and compliance programs seri-ously compared to in years past when the same organizations might have been accused simply of “lip service” on the issue. Further, companies and their leadership now view ethical leadership as a strategic differentiator, both in terms of company performance as well as how they recruit talent around the globe. Organizations such as SCCE do a great job of building up the professionalism of the role. At Ethisphere, to the extent we also help by highlight-ing leading practices and leaders within companies, we feel that we are also advancing the profession.

AT: What is the biggest challenge for compliance and ethics professionals from your perspective?

AB: The biggest challenge is to keep senior leadership focused on and committed to maintain-ing an ethical business culture. Leadership has many competing priorities for their time, but if they take their eye off the ball, an ethi-cal culture can atrophy.

AT: What about the need for independence for compliance and ethics professionals? Is this a big issue?

AB: I don’t believe so, as that would suggest that compliance and ethics professionals would com-monly find themselves in conflict with executive leadership. The bottom line is that unless leadership is proactively supportive of the Com-pliance and Ethics function, there is little that compliance and ethics professionals could do to impact the organization, whether indepen-dently reporting or not. Further, as in any corporate function, being a part-ner to the business is essential, and that’s no different for ethics and com-pliance professionals. So, if we are able to highlight the importance of compliance and ethics profes-sionals to the overall business and provide resources and insights to them through research, CLEs [continuing legal education] and more, we’re doing our job. I will

Alex Brigham, Executive Director of The Ethisphere InstituteBy adam turteltaub

in the spotlight

aLex BrighaM



add our most downloaded white-paper and attended event was titled “The Business Case for a Standalone CECO” featuring Bill Lytton (former General Coun-sel of Tyco) and Alan Yuspeh who led the Defense Industry Initiative. Mr. Yuspeh for some time has been the Chief Ethics and Compliance Off icer of HCA [Hospital Corporation of America], reporting directly to the CEO.

AT: Do you see compliance and ethics programs being adopted by other countries?

AB: Yes, but slowly. Corrup-tion is so ingrained in a number of countries that it will take a decade or more in many countries to reach the level and strength of business ethics and compliance programs seen the U.S.

AT: Do you think all indus-tries are implementing compliance and ethics programs in the same way? Are some industries doing it better than others?

AB: Some are better than others. At Ethisphere we have a detailed benchmarking database of over 3,000 global corporations’ compliance and ethics programs and codes of conduct, and we see a wide variety by industry as to how companies invest in and implement compliance and ethics programs.

AT: Corpedia has been a successful e-learning provider for a long time. What led you to branch out and start the Ethisphere Institute?

AB: I have long subscribed to the business adage of “What gets measured, gets done.” I noticed that the field of business ethics was missing such independent measurement frameworks. At Ethisphere, we believed we could contribute to the compliance and ethics professionals’ community, and society at large, by publish-ing frameworks to allow business ethics to be measured. And then such measurement could be used to help companies continually improve their ethical efforts, as well as research whether better eth-ical business practices contributed to superior business outcomes.

AT: And what has your research found? Does better busi-ness ethics lead to better business outcomes?

AB: Yes, we are excited to say that it does. Ethisphere measures each individual corporation’s ethi-cal practices against our publicly available framework and assigns the corporation an Ethics Quo-tient, or EQ score. For the past five years, the companies in each industry with the highest EQ scores are designated by us as being one of that year’s “World’s Most Ethical Companies.” If you were to track an index made up of solely the publicly traded companies that have earned World’s Most Ethical Companies status, you will find that they have outperformed the S&P 500 every year by an average of 7.3%. Good ethics does indeed

lead to superior business perfor-mance over the long term.

AT: There are a lot of questions about what Ethisphere is. Is it a think tank? Is it a consulting firm? Is it a standards body? How would you describe the Institute’s mission and purpose?

AB: The Ethisphere Institute is a researched-based organi-zation focused on identifying and promoting best practices in compliance and ethics. Much of our research production is made freely available to the public at no charge. Between whitepapers, CLE-accredited webcasts, confer-ences, our daily e-newsletter, and our quarterly print publication, we reach more than 150,000 legal and ethics practitioners around the globe. Ethisphere also maintains a detailed benchmarking database that includes detailed data on over 3,000 corporate compliance and ethics programs.

The Ethisphere Institute began by serving a need to help companies measure and improve performance. We will stay close to customers’ needs. More recently, in light of regulatory develop-ments, including the Responsible Officer Doctrine, companies have asked us to help them measure and improve their programs. Accord-ingly, we have begun to classify observed minimum and leading best corporate compliance prac-tices in a manner that companies may compare themselves against



Alex Brigham, Executive Director of The Ethisphere Institute continued from page 43

in order to earn accreditations, such as “Ethics Inside Certified,” “Compliance Leader Verified” and “Anti-Corruption Program Verified.” Qualified third-party organizations may compare cor-porations’ programs against these practices and issue Ethisphere accreditations to companies that surpass them. So far, compa-nies and their leaders seem quite pleased with the insights. I expect Ethisphere will continue to stay close to what our clients are asking us to do to help them.

AT: What’s the relationship between Ethisphere and Corpedia?

AB: Ethisphere and Corpedia are independently incorporated and separately owned entities with different investors. Corpedia is a licensed credentialing part-ner of Ethisphere, which means that Corpedia consultants are authorized to do work using the Ethisphere framework. Ethisphere will continue to work with other organizations to expand the use of the Ethisphere framework, espe-cially around the globe.

AT: When Ethisphere first came on the scene, you did some analysis of corporate compliance programs, giving some pretty con-troversial ratings. How did that process work?

AB: Ethisphere has been known for “telling it like we see it.” When we started, we created the category of measuring and rating companies’ codes of conduct as well as other elements of their programs.

There were instances when the data showed one organization outper-forming another. Interestingly, we are as thoughtful as possible when working with companies, and there have been dozens of instances where a senior CECO has thanked us for, at times, a less-than-stellar rating, because they have been able to use the rating to lobby for increased resources and investment. We are humbled that, perhaps as a result of our work, companies have invested greatly in compli-ance programs and the profession has grown significantly.

AT: How are you rating com-panies now?

AB: We continue to rate com-panies the same way as before. This includes rating against frameworks set by independent panels of experts, and asking companies to voluntarily provide information about their compliance and ethics programs.

The biggest difference is that the proactive, voluntary participation of corporations in our rating activities has soared exponentially. Not only does this dramatically improve Ethisphere’s benchmarking data-bases, but more importantly, these companies participate because they are eager to see how their programs measure up versus their peers’. Companies use the resulting best practices benchmarking reports to determine how to improve their pro-grams further. This is exciting.

AT: You also do ratings of com-pany codes of conduct. What’s the methodology of those?

AB: As with our other ratings, the methodology for rating com-panies’ codes of conduct is located at our website, www.ethisphere.com. We continue to monitor the categories and weightings of our code of conduct ratings, based on ever-improving best practices. The rating criteria and weights are:• Public availability (5%)• Tone from the top (15%)• Readability & Tone (20%)• Non-retaliation reporting (10%)•Values & Commitments (10%)• Risk topics (20%)•Comprehension aids (5%)• Presentation & Style (15%)

AT: You’ve recently branched out into anti-corruption program “verifications.” What does that entail for a company interested in having one? What do you look at?

AB: The risks of international corruption and the importance of not running afoul of the Foreign Corrupt Practices Act and the UK Bribery Act have become top issues for corporate compliance programs this year. We hear from both companies seeking guidance, as well as companies that feel that they have strong anti-corruption controls in place but are seeking outside independent assurance, whether for their customers, board of directors, investors, or partners.

Corporate anti-corruption programs are a subset of the larger compliance program database that we have researched and analyzed, so it was logical for us to assemble

http://www.ethisphere.com

http://www.ethisphere.com


a team of independent experts to classify a framework of minimum best practices. Corporations that have such best practices present may feel reasonably assured that they have an adequately strong anti-corruption program, which we can accredit. To earn this accreditation, a company’s entire international anti-corruption pro-gram is examined in scope for controls and tested for efficacy by an independent party authorized to carry out this work. Ethisphere does not do the analysis itself.

We are very pleased how rapid the market adoption has been for this accreditation. Not only are companies adopting it directly, but other segments of the market are taking this accreditation very seriously. For example, the leading insurance brokerage firm Marsh Inc., which recently introduced an FCPA investigative and defense cost insurance policy, is using the Ethi-sphere methodology and eligibility for anti-corruption program verifi-cation as the linchpin in their FCPA insurance underwriting decisions.

AT: When we talked last, you mentioned that you have a very large database of information on compliance programs. What’s in the database, and how do you use the information?

AB: Through our databases, we collect and score more than 3,000 companies on a number of key GRC [Governance, Risk and Compliance] criteria, including program oversight, enforcement

of ethics programs, governance systems, monitoring and audit-ing of programs, citizenship, and social responsibility aspects of a program. Additionally, we review industry-specific risk areas ranging from export controls to supplier ethics training to strength of anti-corruption programs, as men-tioned earlier.

The information is used to create best practices reports and industry benchmarking reports sorted by risk area. A great exam-ple of how we use the data is with our recently released whitepaper: Best Practices, Leading Trends & Expectations of the World’s Most Ethical Companies.

Another example of how we use the data is through our recently launched Anti-Corruption Policy Review Database, part of our broader Ethisphere Anti-Corruption Resource Center. This Policy Review Database is free to internal compli-ance officers who are responsible for their companies’ anti-corruption programs. They can use the infor-mation in the database to self-assess the strength of their anti-corruption programs and policies as compared to industry peers.

AT: Is this database something that you foresee making publicly available for companies looking to benchmark against others?

AB: Yes, as mentioned, we have begun to make this data publicly available through the Anti-Corruption Policy Review Database. Access to this database

is free and given exclusively to in-house compliance officers. Because we want this database to be a useful tool to companies, and not something that could cause potential embarrassment, we limit access to in-house compliance officers from companies that have submitted information for review. Over time, we do intend to make our databases further available to other relevant parties with a focus on highlighting the best compa-nies’ programs.

Furthermore, in the same spirit of helping companies learn, prepare, compare, and invest, we also just completed adding value to a searchable database of DPAs [Deferred Prosecution Agreements], and NPAs [Non-Prosecution Agreements] in partnership with Haynes & Boone. This is publicly available as well, and we will continually add and enhance this information. We hope to hear from SCCE members what else we may do to help.

AT: Thanks for the opportu-nity to chat. U

This interview was conducted by Adam Turteltaub, Vice President of Membership Development for HCCA/SCCE. Adam may be contacted at [email protected] and Alex can be contacted at [email protected].







On November 10, 2010, the Securities and Exchange Commission (SEC) proposed for comment new whistleblower rules to implement section 21F of the Securities Exchange Act of 1934. The rules were adopted in an obvious effort to stem the criticism focused on the Commission’s handling of whistleblower information given to it concerning the Madoff Ponzi scheme. The rules were promulgated pursuant to the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank), enacted on July 21, 2010, which established a whistleblower program. That set the stage for the SEC to pay an award to eligible whistleblowers who voluntarily provide the Commission with original information about a violation of the federal securities laws that leads to the successful enforcement of a covered judicial or administrative action or a related action.

Prior to Dodd-Frank, the agency’s bounty program was limited to insider trading cases, and the amount of an award was capped at 10% of the penalties col-lected in the action. There is no limitation under the new rules as to the types of violations, other

than violations of the securities laws, nor is there any limitation on the amount of the award, other than the requirement that sanctions in excess of $1 million must be levied. Dodd-Frank also prohibits retaliation by employers against individuals who provide the Commission with informa-tion about potential securities violations. The SEC investigation does not have to be successful in order for the employee to receive this protection; however, frivo-lous submissions may not protect the employee from being fired or retaliated against.

The SEC set a deadline for comments to be submitted by December 17, 2010. The SEC then took almost six months to analyze the more than 240 comment letters received. It approved the final regulations on May 25, 2011, which went into effect on August 12, 2011. A full discussion of the comments received and the final rule can be found at http://www.whist leblowerrecovery.com/terms.html. In addition, on February 18, 2011, the SEC named Sean McKessy, a former SEC lawyer and private practitioner familiar with internal investigations, to oversee the

new Whistleblower Office in the Division of Enforcement.

Summary of the new ruleA whistleblower is an indi-

vidual (not a company) who voluntarily provides original information regarding a possible securities violation that is about to occur, has already occurred, or is ongoing. The information pro-vided needs to be “original” in the sense that it must not be known to the SEC and must be derived from the whistleblower’s indepen-dent knowledge or analysis and not from information in the public records, such as allegations made in a private securities action. The information is considered “volun-tary” if provided before any formal demand, inquiry, or request is made to the whistleblower or his/her attorney, unless such informa-tion has been voluntarily provided previously to another governmen-tal agency. Information provided after a request or demand from a foreign government will still be considered voluntary. Information is not considered voluntarily if the provider is required to report the information to the SEC or another governmental or quasi-govern-mental authority. The courts or

New SEC whistleblower rules, effective August 12, 2011By charles g. Miller

http://www.whistleblowerrecovery.com/terms.html





SEC may have to decide whether information furnished after a whistleblower learns of a govern-mental or company investigation is voluntary or not.

The information must be pro-vided to the SEC, but the SEC may award compensation based on successful proceedings by another governmental or quasi-govern-mental agency that is based on the same information.

Information provided by per-sons such as lawyers (who obtained it through confidential commu-nications or otherwise during the course of representation of a company), auditors, or officers, directors, or employees charged with compliance of companies is generally excluded from the whis-tleblower bounty. However, under certain circumstances, compliance and internal audit personnel, as well as public accountants, can become whistleblowers when: • the whistleblower believes dis-

closure may prevent substantial injury to the financial inter-est or property of the entity or investors;

• the whistleblower believes that the entity is engaging in conduct that will impede an investigation; or

• at least 120 days have elapsed since the whistleblower reported the information to his/her supervisor or the entity’s Audit Committee, chief legal officer, chief compliance officer–or at least 120 days have elapsed

since the whistleblower received the information, if the whis-tleblower received it under circumstances indicating that these people are already aware of the information.

The information provided must lead to imposition of sanc-tions in excess of $1 million, which can be part of separate but related proceedings. Only employ-ees who have a reasonable belief that a securities violation has taken place or will take place are entitled to protection from being fired for providing that information. The “reasonable belief” standard was added to exclude persons who make frivolous claims.

Internal reporting under the new rule

Corporate America was virtu-ally unanimous in opposing the original proposed rules, which did not require that whistleblow-ers be required to first report the violation to the company, and give companies an opportunity to cure the problem before the SEC would get involved. The industry pushed for that requirement, claiming that their internal compliance programs would suffer. It was correctly predicted that the SEC would not agree with the industry for the simple reason that it has a dim view of internal compli-ance programs. In the final rules, the SEC adopted an approach which did not require employees

to comply with internal reporting procedures before going to the SEC or another agency, but added incentives if they did go through internal reporting procedures.

First, if an employee reports pursuant to an internal reporting procedure, it is treated as report-ing to the SEC as of that time, so long as the employee reports to the SEC within 120 days. This can affect the relative priorities of per-sons reporting. Second, the SEC can give a higher award where the employee first reports a violation to the company and a lower award if the employee impedes the inter-nal reporting process. Third, an employee can receive an award if the company reports the violation to the SEC based on information submitted to the company by the employee. The employee will get credit for all of the informa-tion submitted by the company as a result of its investigation, so there is an additional incentive for the employee to report to the company.

other significant issues raised by the rule

The prohibition against retaliatory action for reporting violations applies only to employ-ees of public companies. However, for an employee to be protected, it is not necessary that the reporting employee be successful in his/her attempts to disclose wrongdoing. On the other hand, employers are



From its introduction in 2004, � e Complete Compliance and Ethics Manual has been serving SCCE’s mem-bership and the compliance and ethics industry by providing straightforward and practical advice and resources that support compliance and ethics profes-sionals in the implementation and management of their compliance, ethics and risk management programs.

With contributions and input from leading experts and practitioners, the new and improved edition of � e Complete Compliance and Ethics Manual has evolved in a number of key ways to give you the tools you need to e� ciently and e ectively improve your program:

� is valuable resource includes:

Greater focus and perspective on global applica-tion of ethics, compliance and risk management programs

Comprehensive coverage of emerging trends, new regulatory requirements and associated challenges, and key risk areas, including: – Anti-corruption/anti-bribery – Board engagement and oversight – Records and information management – Con� icts of interest – Risk Assessments – Mergers/acquisitions – Government contracting & FAR – Trade restrictions (export/import) – Antitrust/competition – Corporate social responsibility and sustainability – Ethics & culture – And much more!

Helpful guidance and recommendations on e ec-tive program implementation strategies and best management practices

Information and advice on program e ectiveness with references to important governing laws, stan-dards and guidelines

Sample tools, templates and other resources that will aid in program development and implementation

Periodic updates will be made available through an annual subscription

MEMBERS $359 | NON-MEMBERS $399

PLACE YOUR ORDER NOW ATwww.corporatecompliance.org

The Complete Compliance and Ethics Manual (2ND EDITION)

6500 Barrie Road, Suite 250, Minneapolis, MN 55435, United States+1 952 933 4977 or 888 277 4977 | www.corporatecompliance.org

SCCECompEthicsManual_CT1pagead_2c.indd 1 6/29/2010 8:39:55 AM


New SEC Whistleblower Rules, effective August 12, 2011 continued from page 47

not prohibited from taking appropriate action against employees who have no reasonable basis for making the disclosure (i.e., where the claim of wrongdoing is frivolous or in bad faith). Companies may not use confidentiality agreements to prevent employees from reporting violations. The rule specifically prohibits attempts by companies to impede a whistleblower from communicating with the SEC about a possible violation, including attempts to enforce confidentiality agreements.

A company will still be able to undertake an inter-nal investigation if a whistleblower reports potential violations to the SEC without first going to the com-pany. The SEC has indicated that it will continue its past practice of contacting the company and providing it an opportunity to conduct an internal investigation. In fact, it is likely that unless the complaint is frivolous, the results of any internal investigation will be eventu-ally turned over to the SEC. In light of this, companies will want to carefully choose the persons who will con-duct the investigation. A less-than-thorough internal investigation will likely not sit well with the SEC and cause the company more problems. Further, if the inves-tigation shows that a violation of the securities laws may have occurred, the company should assume that the SEC will also have the same information, putting pressure on the company to report the violation or be in a position of looking bad in the eyes of the SEC by failing to report the violation.

There is no doubt that the new rules will encour-age more complaints to be filed and the company must assume that whatever is reported to it will be reported to the SEC. U

Editor’s note: Charles G. Miller is an Attorney with the San Francisco-based law firm of Bartko, Zankel, Tarrant & Miller, specializing in complex litigation and class actions, including securi-ties-related litigation. He may be contacted by e-mail at [email protected] or by phone at 415-956-1900.

PUBLISHER:

Society of Corporate Compliance and Ethics +1 952 933 4977 or 888 277 4977

EDITOR-IN-CHIEF:

Joseph Murphy, Esq., CCEP, Of counsel, CSLG, Haddonfield, NJ [email protected]

EXECUTIVE EDITOR:

Roy Snell, CCEP, CHC, CEO, [email protected]

ADVISORY BOARD:

Charles Elson, JD, Edgar S. Woolard, Jr. Chair in Corporate Governance, Director of the John L. Weinberg Center for Corporate Governance at University of Delaware.Jay Cohen, Compliance Consultant, Assurant Inc.John Dienhart, PhD, The Frank Shrontz Chair for Business Ethics, Seattle University; Director, Northwest Ethics Network; Director, Albers Business Ethics Initiative; Fellow, Ethics Resource CenterOdell Guyton, JD, CCEP, Senior Corporate Attorney, Director of Compliance, U.S. Legal–Finance & Operations, Microsoft CorporationRebecca Walker, JD, Partner, Kaplan & Walker LLPRick Kulevich, JD, Senior Director, Ethics and Compliance, CDW CorporationSteve LeFar, President, Sg2Stephen A. Morreale, DPA, CHC, CCEP, Principal, Compliance and Risk DynamicsMarcia Narine, JD, Vice President Global Compliance and Business Standards, Deputy General Counsel, Ryder System, Inc.Ann L. Straw, General Counsel US, Votorantim Cimentos North America, Inc. Greg Triguba, JD, CCEP, Principal, Compliance Integrity Solutions, LLC

STORY EDITOR/ADVERTISING:

Liz Hergert, SCCE, +1 952 933 4977 or 888 277 4977 [email protected]

COPY EDITOR:

Patricia Mees, CCEP, CHC, +1 952 933 4977 or 888 277 4977 [email protected]

DESIGN & LAYOUT:

Sarah Anondson, SCCE, +1 952 933 4977 or 888 277 4977 [email protected]

Gary DeVaan, SCCE, +1 952 933 4977 or 888 277 4977 [email protected]

COMPLIANCE & ETHICS PROFESSIONAL (C&EP) (ISSN 1523-8466) is published by the Society of Corporate Compliance and Ethics (SCCE), 6500 Barrie Road, Suite 250, Minneapolis, MN 55435. Subscriptions are free to members. Periodicals postage-paid at Minneapolis, MN 55436. Postmaster: Send address changes to Compliance & Ethics Professional, 6500 Barrie Road, Suite 250, Minneapolis, MN 55435. Copyright © 2011 the Society of Corporate Compliance and Ethics. All rights reserved. Printed in the USA. Except where specifically encouraged, no part of this publication may be reproduced, in any form or by any means without prior written consent of the SCCE. For subscription information and advertising rates, call +1 952 933 4977 or 888 277 4977. Send press releases to SCCE C&EP Press Release, 6500 Barrie Road, Suite 250, Minneapolis, MN 55435. Opinions expressed are those of the writers and not of this publication or SCCE. Mention of products and services does not constitute endorsement. Neither SCCE nor C&EP is engaged in rendering legal or other professional services. If such assistance is needed, readers should consult professional counsel or other professional advisors for specific legal or ethical questions.

Compliance & Ethics Professional

Advisory BoArd




One of the most common Shakespearean misquotes is to credit him with having writ-ten in Henry VI, “The first thing we do, let’s kill all the lawyers.” Although the wording is accu-rate, taken out of context, its intention is reversed. In context, it is suggesting that the first thing any potential tyrant must do to eliminate freedom is to “kill all the lawyers.”1 I suggest that the misquote lives on, in part, because there is widespread disdain in our society for certain aspects of the legal profession.

Absent any hard data, I can only reflect on what I see and hear. A good number of “regular people” (e.g., non-lawyers) have lost any respect they might have had for the legal profession when lawyers are seen as: •Helping to acquit “criminals”

by relying on “technicalities”; •Defending those who have

abused the public trust, be they admitted mass murderers, child abusers, greedy Wall Street manipulators, corrupt politi-cians, or self-serving corporate executives;

•Driving up the costs of goods and services by winning out-landish settlements for “honest

mistakes” or “unforeseeable consequences” encountered by those who manufacture and/or sell those goods or provide those services; and,

•Making it harder to conduct our daily affairs by encourag-ing complex and expensive “defensive strategies” to pre-vent frivolous lawsuits, thus encouraging business to create and impose “stupid” business practices.

The first two points are some-what self-explanatory. We all want our rights and freedoms protected and we hate when someone whom we “know” to be guilty is not con-victed, because of what is seen by many as a legal system riddled with loopholes. The better informed would likely view our system as one that presumes innocence and imposes a strict standard of proof on accusers, be they the state or private citizens. I get that.

The third point is the natural consequence of a litigious society. There appears to be a sentiment of entitlement. If I am “wronged,” there is almost always an attor-ney willing to take my case, on a contingency basis, and “sue the bastards.” Whether that is the

natural consequence of the pub-lic’s greed or a flawed legal system is a chicken-and-egg argument. Suffice it to say an award of mil-lions for me burning myself by spilling hot coffee in my lap while driving might not be wholly the fault of the person who sold me the cup of coffee. But, as is often noted, “common sense is not all that common” and, as the daytime and late-night TV ads incessantly remind us, there is a lawyer out there, somewhere, who will take our case, right the wrong, and make us both rich in the process. It’s the American way!

It is the fourth point that illustrates how some lawyers are blamed for making it harder to conduct our daily affairs. Life is hard enough. I find actions and decision that make life even harder to be both irksome and troubling. To illustrate, allow me to recap a recent purchasing experience. I bought a bicycle. At this point in my life, I have successfully oper-ated a “two-wheeler” for more than 60 years with nothing worse to show for the experience than the occasional scraped knee or elbow, incurred back in the “learning” phase. Yet, as a mature, responsi-ble adult I could not finalize that purchase without first initialing and signing a seven-part buyer’s checklist—a CYA2 form, presum-ably devised by a lawyer, to protect the vendor from a lawsuit should I injure myself while using my new bicycle.

Kill all the lawyers: A good first step?By Frank J. navran



I had to acknowledge per-sonal responsibility and waive all rights to legal action should I be injured, or cause harm or injury to person(s) or property while riding this bicycle. I also had to promise to similarly instruct anyone who might ride that same bicycle of the following preconditions, prior to allowing them to “operate” this particular bike.

Specifically, I or any other rider, before operating this device had to:• Read and understand the own-

er’s manual;• Be familiar with and obey all

applicable laws and regulations; and,

•Make themselves visible with appropriate lights and reflectors in times of reduced visibility (e.g., dawn, dusk, fog, rain, night)

In addition, I had to:• Be “instructed” by the seller on

how to select an appropriate size bike;

• Be “instructed” by the seller on how to use the brakes and shifter;

•Warrant that I would so instruct anyone I allowed to use the bike on those same points;

• Perform regular maintenance on the bike; and,

• Acknowledge that by removing any of the safety equipment on the bike, I might render it less safe.

Duh! Come on. Isn’t that just common sense? OK, so “common sense” might not be all that common in today’s complex world. But, this buyer’s checklist might qualify as a step too far in the direction of trying to legislate common sense. And it illustrates the lengths to which individuals and organizations must go to pro-tect themselves. My bicycle dealer (on advice of his corporate lawyers) decided it was necessary to impinge upon the everyday aspects how of he conducts his business and how his customers live their lives.

That frustration is not limited to corporate counsel trying to miti-gate their clients’ exposure. I think the general public might have even less “love” for some personal injury lawyers. I can probably extend that sentiment to divorce lawyers. My legal resources observe that in most divorces litigated to con-clusion there are two losers (the litigants) and two winners (their respective attorneys). An excep-tion, at least in Florida, is when divorces are settled with the assis-tance of two concerned family law attorneys (via mediation, collabor-ative law, or some other method of alternate dispute resolution) yield-ing two winners—in the sense that by being part of the dispute resolution process, both parties have “bought into” the solution (agreement), and are more likely to abide by its terms. In addition, Florida lawyers who litigate must “zealously” represent their clients

“within the bounds of the law” and “consistent with the Code of Professional Responsibility con-tained in the Rules Regulating the Florida Bar.” Excesses are dis-ciplined by the Florida Bar—quite regularly.3

So what has this to do with ethics officers? Well, I have yet to hear anyone say, “…first kill all the ethics officers.” The exception might be when an ethics officer is seen to be acting solely as a com-pliance officer, in other words, as a lawyer. Then, to many, they are “just another lawyer.”

I am not lobbying to have law-yers excluded from the ethics officer role, quite the contrary. Ethics and law overlap in the business world to such a degree that employing ethics officers with legal training and/or experience makes perfect sense. So too, does having a qualified “non-lawyer” ethics officer who can work effectively with internal or external legal counsel when circumstances warrant.

It is when law trumps ethics that I push back. In my expe-rience, there is a meaningful difference between how an ethics officer and a compliance officer ought to behave. I do not know how well that is understood out-side the legal profession (where I suspect it is well recognized). The terms ought not be thought of as interchangeable.

I suggest that the differences between an ethics officer and a



To learn more and register, visitwww.internalinvestigations.org

A TWO-DAY WORKSHOP

NOVEMBER 10–11, 2011 | SAN FRANCISCO, CALIFORNIA

How Investigations Fit into the Context of Compliance Programs

Latour ‘LT’ Lafferty, CCEP, CHC, Practice Leader, Fowler White Boggs P.A.

Setting Policies and Guidelines for Conducting Internal Investigations

Al Gagne, CCEP, Director, Ethics & Compliance, Textron Systems Corporation

How to Plan an InvestigationMeric Bloch, Vice President-Compliance and Corporate Investigations, Adecco

Conducting Effective Interviews

Michael Johnson, Esq., Co-President, Global Compliance, Brightline Learning Division


Gathering Documentary Evidence

Meric Bloch, Vice President-Compliance and Corporate Investigations, Adecco

Forensics and Electronic Documents

Andy Teichholz, Daylight Forensic & Advisory LLC

Investigation Pitfalls and How to Avoid Them


Preparing the ReportAl Gagne, CCEP, Director, Ethics & Compliance, Textron Systems Corporation


Discipline, Follow Up and Closing the Loop


Investigations RoundtableAl Gagne, CCEP, Director, Ethics & Compliance, Textron Systems Corporation

Michael Johnson, Esq., Co-President, Global Compliance, Brightline Learning Division



EffectiveInternal Investigations

for Compliance Professionals

2011InternInvest_1page_2c.indd 1 3/3/2011 12:14:06 PM


Kill all the lawyers: A good first step? continued from page 51

compliance officer are not simply about how the function or individ-ual is described on an organization chart. It is about the basis, and ulti-mately the quality and utility, of the decisions and actions emanat-ing from that office. It is about the perceptions of that officer and/or function within the organization that concern me. The differences, as I see them, are straightforward: • A compliance officer evaluates

the appropriateness of an action or decision by asking: “Was this action/decision in keeping with all applicable laws, regulations, rules, policies, and procedures?” If it was, then there is no viola-tion, thus no action is called for. If not, the decision-maker was non-compliant and is subject to appropriate sanctions.

• An ethics officer evaluates the appropriateness of an action or decision by asking: “Was this action/decision in keeping with all applicable laws, regulations, rules, policies, and procedures and was this action or decision also in keeping with the under-lying values and/or principles of this organization, regarding how it and its agents are to behave? Based on all of the above, was this the right thing to do?”

Those “underlying values and/or principles” are the combination of those formally espoused by the organization and privately held by the individual(s) when judging the ethics of an action. It is how

the parties involved define what is right, fair, good, and just.

At least in theory, there is no one better suited to be an ethics officer than a lawyer. Legal edu-cation encompasses both what the law requires and what ethics demands. The practice of law is also designed to encompass both law and ethics. But, somewhere along the way, the legal profession has earned a reputation, at least in the U.S., for having subordinated ethics to compliance. Some would argue that “subordinated” is too weak a descriptor. There are those who would prefer “substituted” compliance for ethics.

Some critics of my position argue that lawyers have an obliga-tion to deliberately discard ethics in search of victory to the extent the law allows. They support that position by citing the lawyers’ sworn duty to vigorously pursue their clients’ goals. In the minds of that segment of legal professionals, any strategy in the pursuit of vic-tory that is not explicitly “illegal” is more than fair game. It is actually obligatory. They remind me that it is a lawyer’s obligation to use any and all legitimate means to pursue the interests of one’s clients.

That may be true, but is it con-sistent with the role of an ethics officer? If so, then who is the ethics officer’s client? Is it the corpora-tion, the CEO, the board, the shareholders, the consumers, the general public…?

Or, is the “client” really a set of values such as honesty, integ-rity, fairness, respect, compassion, courage, and accountability, or whatever set of shared ethical prin-ciples is binding to both employer and employee?

Could it be that simple? Is a set of agreed-upon values or principles the key to resolving the inherent conflict facing the ethics officer regarding whom or what they are obliged to serve?

I suggest it might just be. UNotes:

1 Howard L, Nations: “The First Thing We Do Is Kill All The Lawyers” - Shakespeare’s Tribute to Trial Lawyers. Available at http://www.howardnations.com/shakespeare.html

2 CYA – politely translated as “Cover Your Anatomy”

3 Courtesy Marks & West, PA.

Editor’s Note: Frank J. Navran is the Founder and Principal Consultant of Navran Associ-ates. Frank has worked with clients in more than twenty countries, reducing their risk of ethics and/or compliance failures and contributing to their success in developing and sustaining strong ethical cultures. Frank has authored five books and more than two hundred articles and book chapters. He may be con-tacted by e-mail at [email protected], or for more infor-mation, www.navran.com.



Recently the SCCE met with officials of the Commerce Department to learn more about their efforts to help US businesses navigate the compliance challenges of operating globally. Com-merce has shared with us the following article, which explains how the Department can assist companies facing the challenge of corruption. This speech was submitted as part of the 2011 Export Law 101 class at the North Caro-lina Bar Center in Cary, North Carolina, held on June 9, 2011, a Continuing Legal Education program of the North Carolina Bar Association Foundation.1

I am very pleased to be here today to talk about the assistance that can be provided by the U.S. government when companies, especially small and medium-sized enterprises, or SMEs, are faced with problems related to international commercial bribery. Although I’m going to focus on what we do at the U.S. Depart-ment of Commerce, because that’s

where I work, I’ll also be mention-ing some very important activities performed by the Justice and State Departments as well as the staff of the Securities and Exchange Com-mission (SEC).

I’m going to cover subjects that fall within four main categories: • SMEs and the Foreign Corrupt

Practices Act (FCPA); •How companies can get advice

or counseling about the FCPA if they have questions, and what compliance resources are available;

•How companies can get assis-tance in performing due diligence so as to better avoid potential problems under the FCPA; and

• Finally, what companies can do if they believe a foreign com-petitor is seeking to obtain or has obtained a contract through bribery.

Small and medium sized businesses and the FCPA

The United States has been a leader in combating transnational bribery since it enacted the Foreign Corrupt Practices Act

in 1977. Although most large mul-tinational companies are aware of the FCPA’s prohibitions, SMEs often face particular challenges in getting the information they need to comply with the FCPA. Perhaps due to their limited size and resources (small businesses are overwhelmingly privately-owned and generally have fewer than 500 employees), many are unaware of the FCPA, let alone have any kind of compliance program. I often get calls from the public, usually SMEs or outside counsel representing SMEs, and my own experience with these companies has confirmed to me that many such companies are unaware of the basic requirements of the statute and the importance of such com-pliance programs. Typical FCPA issues raised in such conversations include:• Penalties, including alternative

fines • Liability for agents and joint

venture partners•Vetting agents and business

partners• Affirmative defenses• Facilitating payments

What the U.S. government can do to assist U.S. companies with respect to transnational corruptionBy kathryn nickerson



• Statute of limitations•Corporate compliance pro-

grams, including why they are necessary and model programs

• Antibribery agreements, FCPA compliance clauses in business contracts

From the above list of exam-ples, you can see that SMEs generally have the same ques-tions that other firms have when it comes to the FCPA, but it’s surprising that on the 34th anni-versary of the statute, these sorts of basic questions are still being asked, and some companies are unaware of its existence.

So why might SMEs in particular face problems complying with the FCPA?

Definitions for SMEs vary, but according to the Small Busi-ness Act, a small business is “one that is independently owned and operated and which is not domi-nant in its field of operations.” (http://www.sba.gov/sites/default/files/files/Small%20Business%20Act.pdf) The law also states that in determining what constitutes a small business, the definition will vary from industry to industry to reflect industry differences. The SBA website provides that small businesses generally have fewer than 500 employees. In some industries, some businesses have fewer than 100 employees, and some have up to 1,500 employees and still fall within the statutory

definition of small business. (http://sba.gov/size)

The SBA reports that according to the Census Bureau’s Statistics of U.S. Businesses, more than half of working Americans either own or are employed by a small business. Also, over about the last decade, small businesses created nearly 65% of net new private sector jobs. (http://web.sba.gov/faqs/faqIndexAll.cfm?areaid=24) Despite their size, SMEs make up a significant portion of the U.S. exporting community. According to a 2010 U.S. International Trade Commission (USITC) report, in 2007 direct exports of goods and services by U.S. SMEs totaled $382 billion, or approximately 28% of total U.S. exports. Small and medium sized businesses account for approximately 40% of all export-supported jobs in the United States. (See http://www.ustr.gov/about-us/press-office/press-releases/2010/november/smaller-exporters-play-large-role-trade)

However, SMEs that are active abroad typically face greater chal-lenges than larger companies with respect to trade barriers. Burdensome or discriminatory government regulations in foreign markets disproportionately affect SMEs. SMEs may lack the staff, expertise, or financial resources to meet foreign regulatory require-ments. For example, U.S. small businesses typically sell niche products that are more susceptible

to higher tariffs and oppressive tariff regimes. Likewise, customs policies and delays of foreign coun-tries may pose greater burdens on SMEs and serve as prohibitive bar-riers to trade, and fixed costs of licensing requirements are more costly on a per-unit basis to small businesses.

Unlike larger firms, which may have pre-established busi-ness contacts in other countries (for example, wholly owned sub-sidiaries to handle importation, licensing, and distribution), SMEs are usually dependent upon inde-pendent intermediaries, such as agents or joint-venture partners, to get their goods or services to foreign consumers. Using such intermediaries without an appro-priate compliance program, including procedures for vetting the intermediaries, can lead to FCPA problems. Even if SMEs are aware of FCPA rules, SMEs are less likely to have the time and money to perform the neces-sary due diligence to investigate the agent’s reputation and track record.

Of course, the anti-bribery provisions of the FCPA apply to all companies, irrespective of size. In fact, a recent FCPA prosecu-tion involving a sting operation concerned mostly mid-sized and smaller firms, which may raise awareness about the statute among SMEs, and highlights the impor-tance of all companies having

http://www.sba.gov/sites/default/files/files/Small%20Business%20Act.pdf



http://sba.gov/size

http://web.sba.gov/faqs/faqIndexAll.cfm?areaid=24

http://web.sba.gov/faqs/faqIndexAll.cfm?areaid=24

http://www.ustr.gov/about-us/press-office/press-releases/2010/november/smaller-exporters-play-large-role-trade








effective compliance programs or measures in place. (See http://www.justice.gov/opa/pr/2010/January/10-crm-048.html) Crimi-nal penalties may impact a small business in far more devastating ways than a large business because the fines that may be imposed are likely to make up a much larger proportion of the business’ earn-ings. FCPA fines imposed on individuals may not be paid by their employer or principal. In addition, a person or firm found in violation of the FCPA may be barred from doing business with the federal government, or state and local governments, and ruled ineligible to receive export licenses. Indictment alone can lead to sus-pension of the right to do business with the federal government.

The U.S. government rec-ognizes the limitations faced by some SMEs, and therefore the Department of Justice takes into consideration the facts and circum-stances of each company, including its size and resources, during FCPA investigation and enforce-ment recommendation stages. (See Principles of Federal Prosecu-tion of Business Organizations at http://www.justice.gov/opa/docu-ments/corp-charging-guidelines.pdf; see also OECD Phase 3 Report of the United State, para. 101, available at http://www.oecd.org/dataoecd/10/49/46213841.pdf?contentId=46213842)

The bottom line is that the adoption of compliance programs

or measures by all companies is a key factor in reducing inter-national corruption, and makes sense from a business perspective as well. Although many of the larger U.S. companies routinely educate and train their employees about the importance of good cor-porate behavior and stewardship through such compliance pro-grams, due to a lack of knowledge, experience, and limited resources, many SMEs do not know about, are unable, or have chosen not to implement robust anti-corruption compliance programs or measures. However, for companies engaged in foreign markets, the benefits of implementing a strong FCPA compliance program certainly outweigh its cost. For example, while the existence of a compli-ance program will not necessarily absolve a company from criminal liability, federal prosecutors will evaluate a company’s compliance program in determining what charges, if any, to bring against a company for potential FCPA vio-lations. (See Principles of Federal Prosecution of Business Organiza-tions (Section 9-28.800) at http://www.justice.gov/opa/documents/corp-charging-guidelines.pdf ) Furthermore, a robust compliance program can potentially reduce a company’s criminal fine under the Federal Sentencing Guidelines. (See 2010 Federal Sentencing Guidelines Manual, §8C2.5(f ) and §8B2.1 at http://www.ussc.gov/Guidelines/2010_guidelines/

Manual_HTML/Chapter_8.htm) As discussed below, the Sentencing Guidelines also set forth the requirements for what constitutes an effective compli-ance program. (See §8B2.1. and commentary, at http://www.ussc.gov/Guidelines/2010_guidelines/Manual_HTML/Chapter_8.htm)

While recognizing that no one program is adequate for all com-panies, and that there is no “one size fits” all model, even small exporters should at least have a policy on the subject of not giving bribes or otherwise violating U.S. and foreign law while engaging in international business, appro-priately tailored to the company’s needs. As discussed in more detail below, the U.S. government is taking steps to ensure that more SMEs are aware of such compli-ance programs and the importance of adopting them.

resources, information, and assistance for u.S. companiesInformation and guidance for U.S. companies on the FCPA, Compliance, and international anticorruption initiatives

The rest of my remarks will focus on what the U.S. gov-ernment is doing to assist U.S. businesses in complying with the FCPA and international initia-tives, and doesn’t apply to just SMEs, although SMEs may use such resources (if they know about

What the U.S. government can do to assist U.S. companies with respect to transnational corruption continued from page 55

http://www.justice.gov/opa/pr/2010/January/10-crm-048.html



http://www.justice.gov/opa/documents/corp-charging-guidelines.pdf



http://www.oecd.org/dataoecd/10/49/46213841.pdf?contentId=46213842






http://www.ussc.gov/Guidelines/2010_guidelines/Manual_HTML/Chapter_8.htm









them) more often than larger companies.

1. Basic information and guid-ance from the Departments of Commerce and State

At the Commerce Depart-ment, our first and foremost role is as the promoter of U.S. domestic and foreign commerce, includ-ing promoting U.S. exports, and that is the primary reason for our involvement with the FCPA and related anti-corruption instru-ments, such as the Organization for Economic Cooperation and Development Convention on Combating Bribery of Foreign Public Officials in International Business Transactions (OECD Antibribery Convention) and the United Nations Convention Against Corruption (UNCAC). The United States has also included anticorruption provisions in all of its recent Free Trade Agreements (FTAs).

Corruption can be a signifi-cant barrier to international trade. In 2009, it is estimated that com-panies lost more than $25 billion in deals to companies that were willing to pay bribes to secure the deal. However, FCPA compliance certainly should not be a hindrance or barrier to U.S. exports. In fact, when all governments and com-panies work together to enforce and abide by high anticorruption standards, FCPA compliance can facilitate trade and enhance com-petitiveness. Companies known

for their integrity and quality busi-ness practices are more likely to be highly valued by capital markets. Governments seeking sustainable growth prefer doing business with reputable companies that deliver high-quality products and ser-vices without undermining good governance.

Therefore, we want to make sure that exporters and their counsel have the best possible information available to them when they deal with an FCPA question, an anticorruption issue under foreign laws, or a problem concerning corruption by a foreign competitor.

Neither the Commerce Department nor the State Depart-ment are law enforcement agencies, and when we are addressing a par-ticular fact situation we make it clear that there are limits to what we can do. We cannot bind the federal government concerning any interpretation or enforcement action with respect to the FCPA. Although we have no enforcement role, we are part of the federal gov-ernment, and that means that if we or any other U.S. government employee has information about a possible FCPA violation, we arrange for the information to be transmitted to the Justice Depart-ment or the SEC, as appropriate. We cannot guarantee that infor-mation that is given to us about a past, ongoing, or proposed viola-tion of law will not be shared with enforcement authorities.

On the other hand, although we can’t provide fact-specific advice like law firms do, we can provide general information and guidance that firms often find useful concerning the basic provi-sions of the FCPA, other countries’ antibribery laws, and international anti-corruption instruments such as the OECD Antibribery Con-vention, the Inter-American Convention Against Corruption (or OAS Convention), and the UNCAC. We also provide infor-mation to companies through a number of U.S. and international publications designed to assist firms in complying with anti-cor-ruption laws, described in more detail below.

2. U.S. government resources on the FCPA and Compliance, Basic information on the FCPA

The U.S. Department of Jus-tice has a comprehensive website on the FCPA, which includes a useful one-page description of the statute. (See http://www.jus-tice.gov/criminal/fraud/fcpa) The Departments of Justice and Com-merce have also published a joint brochure called the Lay-Person’s Guide to the FCPA, summariz-ing the antibribery provisions of the FCPA in more detail, avail-able at: http://www.justice.gov/criminal/fraud/fcpa/docs/lay-per-sons-guide.pdf. The joint FCPA brochure was updated after the 1998 amendments to the FCPA

http://www.justice.gov/criminal/fraud/fcpa/


http://www.justice.gov/criminal/fraud/fcpa/docs/lay-persons-guide.pdf






implementing the OECD Anti-bribery Convention. It has been useful to many companies, espe-cially small firms and those that are new to exporting.

Another excellent resource for U.S. companies seeking informa-tion and guidance on the FCPA and related issues is the OECD United States Phase 3 Report on the Application of the Convention on Combating Bribery of Foreign Public Officials in International Business Transactions and the 2009 Revised Recommendation on Combating Bribery in Inter-national Business Transactions (OECD U.S. Phase 3 Report) and other reports analyzing the imple-mentation and enforcement of anticorruption laws of the United States, related U.S. responses to OECD and other international organizations’ questionnaires, and relevant appendices, all found at http://www.justice.gov/criminal/fraud/fcpa/intlagree/. An impor-tant part of compliance is ensuring that employees, agents, and other relevant business partners under-stand the laws to which a company is subject. That is why both our website and the Department of Justice’s provide links to unoffi-cial translations of the FCPA in Spanish, French, Arabic, Chinese, Portuguese, Russian, and sev-eral other languages (at: http://w w w.commerce.gov/os/ogc/transparency-and-anti-bribery-initiatives and http://www.justice.gov/criminal/fraud/fcpa/statutes/

regulations.html). The goal of pro-viding these unofficial translations is to increase the general awareness and understanding of the FCPA by U.S. exporters and their foreign partners.

Resources for information on compliance programs

The Department of Justice has required companies to implement rigorous compliance programs as part of plea agreements and consent judgments in FCPA mat-ters, which also serve as excellent guidance for other companies in developing and maintaining their compliance programs. For some recent examples which include many of the elements described below from the OECD Good Practice Guidance, and more, see the Deferred Prosecution Agreement between the Depart-ment of Justice and Panalpina World Transport (Holding) Ltd., (Attachment C) at: http://www.justice.gov/opa/documents/panal-pina-world-transport-dpa.pdf; and the Deferred Prosecution Agree-ment between the Department of Justice and Johnson & Johnson, its subsidiaries, and its operating companies (Attachments C and D) at: http://www.justice.gov/criminal/fraud/fcpa/cases/depuy-inc/04-08-11depuy-dpa.pdf.

As mentioned above, U.S. companies should also consult the Federal Sentencing Guidelines for what constitutes an effec-tive compliance program. (See

Chapter 8, Part B. §8B2.1 and commentary at: http://www.ussc.gov/Guidelines/2010_guidelines/Manual_HTML/Chapter_8.htm)

To further assist SMEs with their compliance efforts, the Department of Commerce produced a practical guide for businesses involved in interna-tional trade, entitled Business Ethics: A Manual for Managing a Responsible Business Enterprise in Emerging Market Economies, available on-line at www.ita.doc.gov/goodgovernance. This manual is intended to aid enterprises in designing and implementing a business ethics program that meets emerging global standards of responsible business conduct. This manual provides a wealth of information on the subject of ethics and corporate compliance for all enterprises, and is particu-larly helpful to SMEs and others that are new to international trade. Included among the subjects in the manual is practical information on the FCPA, other international corruption instruments as well as the value of corporate compliance programs.

The State Department also published a brochure in conjunc-tion with the Department of Commerce on “Fighting Global Corruption: Business Risk Man-agement” (State Department brochure). Written specifically for businesses, the brochure contains helpful information on the FCPA, corporate compliance programs,


http://www.justice.gov/criminal/fraud/fcpa/intlagree/

http://www.justice.gov/criminal/fraud/fcpa/intlagree/

http://www.commerce.gov/os/ogc/transparency-and-anti-bribery-initiatives




http://www.justice.gov/criminal/fraud/fcpa/statutes/regulations.html



http://www.justice.gov/opa/documents/panalpina-world-transport-dpa.pdf



http://www.justice.gov/criminal/fraud/fcpa/cases/depuy-inc/04-08-11depuy-dpa.pdf






http://www.ita.doc.gov/goodgovernance

http://www.ita.doc.gov/goodgovernance



and international initiatives to fight corruption. (The brochure can be found on the State Depart-ment’s website at: http://www.state.gov/, and at http://www.ogc.doc.gov/pdfs/Fighting_Global_Corruption.pdf).

Finally, the Departments of Commerce and Justice and staff from the Securities and Exchange Commission also participate in numerous seminars and confer-ences on the FCPA and related corporate compliance issues spon-sored by professional associations and industry groups, many of which are attended by outside and in-house counsel represent-ing SMEs.

For links to the compliance guidance and initiatives described above and more, see our website, at: http://www.commerce.gov/os/ogc/transparency-and-anti-brib-ery-initiatives.

3. International guidance and compliance initiatives

The United States has been a leader working in international organizations to promote the development of guidance for the private sector on combating inter-national bribery and corruption. Particularly helpful for SMEs is the recently issued OECD Good Practice Guidance on Internal Controls, Ethics, and Compli-ance, developed and agreed upon by the United States and 37 other countries which are parties to the OECD Antibribery Convention.

The OECD Good Practice Guid-ance sets forth non-legally binding good practices for companies to consider (among others) for ensur-ing effective internal controls, ethics and compliance programs or measures for preventing and detecting foreign bribery, which, briefly summarized, include:• Effective internal controls,

ethics, and compliance pro-grams or measures based on a risk assessment, that should be regularly monitored, reassessed, and adapted to ensure contin-ued effectiveness;

• Strong, explicit and visible sup-port of senior management;

• A clearly articulated and visible corporate policy prohibiting bribery;

• A duty of compliance with the policy or measures by individu-als at all levels of the company;

•Oversight by an empowered organizational compliance struc-ture at senior levels (depending on the size of the company, this could range from one person to a team of compliance or ethics officers), and the structure should have adequate resources and authority and an appro-priate level of autonomy from management;

• Ethics and compliance pro-grams or measures designed to prevent and detect foreign brib-ery at all levels of the company, applicable to entities over which a company has effective con-trol, and where appropriate and

subject to contractual arrange-ments, to third parties such as agents and other intermediaries and business partners;

• Properly documented due diligence reviews, including self-monitoring and vetting of new hires, agents and other business partners;

• Appropriate education and reg-ular oversight of, and reciprocal commitments from, business partners about the company’s commitment to abiding by anti-bribery laws and its compliance program or measures;

• A system of financial and accounting procedures, includ-ing internal controls;

•Measures designed to ensure periodic communication, and documented training and education at every level of the company, as well as, where appropriate, for subsidiaries;

• Appropriate measures to encour-age and provide positive support (incentives) for the observance of ethics and compliance pro-grams or measures at all levels of the company;

•Discipline for violations of anticorruption laws, and the ethics and compliance program or measures, at all levels of the company;

•Compliance mechanisms (guid-ance and reporting mechanisms, “help-lines,” internal and—where possible—confidential reporting, protections for those

http://www.state.gov/

http://www.state.gov/

http://www.ogc.doc.gov/pdfs/Fighting_Global_Corruption.pdf









who report, and appropriate follow up);

• Periodic reviews of the ethics and compliance programs or measures.

The OECD Good Practice Guidance also provides that ethics and compliance programs or mea-sures should cover, among other things: gifts; hospitality, enter-tainment and expenses; customer travel; political contributions; charitable donations and sponsor-ships; facilitation payments; and solicitation and extortion. Note that the introduction to the OECD Good Practice Guidance explains that it is flexible and intended to be adapted by companies, partic-ularly SMEs, “according to their individual circumstances, includ-ing their size, type, legal structure and geographical and industrial sector of operation, as well as the jurisdictional and other basic legal principles under which they oper-ate.” For the complete OECD Good Practice Guidance text, see: http://www.oecd.org/datao-ecd/5/51/44884389.pdf.

This OECD Good Practice Guidance reflects the require-ments of an effective compliance program as set forth in the Federal Sentencing Guidelines mentioned above, and also builds upon similar guidance issued by Transparency International (http://www.trans-parency.org/global_priorities/private_sector/business_princi-ples), the International Chamber

of Commerce (http://www.iccwbo.org/policy/anticorrup-tion/), the World Economic Forum Partnering Against Cor-ruption Initiative (PACI, http://www.weforum.org/paci), and the Asia-Pacific Economic Coopera-tion Forum (APEC, described in more detail below), among others. All of these are good resources for companies to consult in develop-ing their compliance programs or measures.

In 2007, APEC leaders, includ-ing the United States, endorsed a Code of Conduct for Business as well as complementary Anti-Cor-ruption Principles for the Public and Private Sectors. The APEC Code of Conduct for Business provides descriptions of various forms of bribery, clear guidance on how to identify corrupt prac-tices, and practical steps businesses should take to counter corruption. See: http://www.apec.org/Groups/SOM-Steering-Committee-on-Economic-and-Technical-Coop-eration/Task-Groups/~/media/Files/Groups/ACT/07_act_code-brochure.ashx It was a result of collaboration between APEC gov-ernments and APEC businesses. The APEC Experts Task Force on Anti-Corruption and Transpar-ency has been helping small and medium enterprises implement the Code of Conduct by holding capacity-building seminars and workshops for such enterprises as well as chambers of commerce.

The United Nations Global Compact initiative has also issued several publications helpful to the business community in combat-ing international corruption. See http://www.unglobalcompact.org/AboutTheGC/tools_resources/anti_corruption.html

The United States is also work-ing with G20 partners to conduct outreach to the business commu-nity to partner with G20 country companies to encourage the devel-opment of public-private efforts to fight corruption, and we expect to see more guidance stemming from these efforts soon.

Department of Justice Opinion Procedure

The Department of Justice will provide FCPA advice to U.S. com-panies and their attorneys only in the context of the Foreign Corrupt Practices Act Opinion Procedure. The Department of Justice is pro-hibited from rendering any advice with respect to criminal statutes other than as authorized by law or regulation.

U.S. companies concerned about whether certain prospective conduct might violate the FCPA may request a written opinion from the Justice Department under the procedure. The opinion procedure is set forth at 28 C.F.R. Part 80. Information about the DOJ opinion procedure is also available on DOJ’s FCPA Fraud Section website at: http://www.justice.gov/criminal/fraud/fcpa/


http://www.oecd.org/dataoecd/5/51/44884389.pdf

http://www.oecd.org/dataoecd/5/51/44884389.pdf

http://www.transparency.org/global_priorities/private_sector/business_principles




http://www.iccwbo.org/policy/anticorruption/



http://www.weforum.org/paci

http://www.weforum.org/paci

http://www.apec.org/Groups/SOM-Steering-Committee-on-Economic-and-Technical-Cooperation/Task-Groups/~/media/Files/Groups/ACT/07_act_codebrochure.ashx






http://www.unglobalcompact.org/AboutTheGC/tools_resources/anti_corruption.html







There are a number of posi-tive aspects of the Justice Opinion Procedure. For example, activities for which the Department of Jus-tice has issued an opinion stating that the conduct conforms with its current enforcement policy will be entitled to a presumption of compliance in any subsequent enforcement action under the FCPA. Further, the discussions that often occur between Justice and counsel for the company concerning the application can give counsel an indication of the legal and factual issues that the company needs to be concerned about. I understand that the give-and-take in these discussions often serves to assist the requestor in identifying potential risk areas and find solutions to them, so that the proposed action can be undertaken.

It is important to note that an FCPA opinion issued by Jus-tice has no application (i.e., no presumption will apply) to any party which does not join in the request for the opinion nor to any facts not described in the request. Only a well-informed private practitioner can decide whether the procedure will be helpful to an individual client with a par-ticular set of facts and issues. For more information on the Justice FCPA opinion procedure, as well as published opinions already issued, I recommend that you visit the Department of Justice Fraud

Section’s very comprehensive web-site at http://www.justice.gov/criminal/fraud/fcpa/.

At various conferences I’ve spoken at over the years, I’ve often asked businesses whether or not they use the Justice Opinion Procedure. Some have informed me that they are aware of the pro-cedure and they either have used it or might use it. But, some have said that the Opinion Procedure takes time (under the regulations, within 30 days of receiving the request, and longer if additional information needed) and often business decisions need to be made more quickly than the procedure can afford. Although the Opinion Procedure is being utilized with increasing frequency over recent years, in my view, it’s regrettable that the procedure hasn’t been more widely used, as the pub-lished opinions provide another great resource from the U.S. government for guidance on the statute. Where business decisions need to be made more quickly, the Department of Justice has worked closely with companies to expedite the procedure to get the needed advice in time. Unfortu-nately, if companies do not use the procedure, there will be no new published opinions to guide companies. (Another reason there may be fewer published opinions is because if Justice notifies the requester of its intention to issue a negative response, the requester may [and typically does] withdraw

the request before the formal answer).

Note that the Opinion Procedure is only for prospec-tive conduct. In addition, the prospective conduct must be con-crete—the Department of Justice cannot opine on hypothetical situations. If a company believes that it has already violated the FCPA, voluntary disclosures are encouraged by U.S. government policy guidelines, such as the Department of Justice Principles of Federal Prosecution of Business Organizations, and the U.S. Sen-tencing Guidelines, which require the government to consider a company’s voluntary disclosure or failure to disclose in charging, settling, and sentencing decisions. See Principles of Federal Prosecu-tion of Business Organizations (Section 9-28.700) at http://www.justice.gov/opa/documents/corp-charging-guidelines.pdf; see also U.S. Sentencing Guidelines at http://www.ussc.gov/Guide-lines/2010_guidelines/index.cfm.

Assisting with due diligence information on international partners

U.S. companies can be held responsible under the FCPA for acts in furtherance of bribes to for-eign public officials by their joint venture partners or agents. The FCPA prohibits corrupt payments made through agents of domestic concerns and issuers. It is unlawful






http://www.ussc.gov/Guidelines/2010_guidelines/index.cfm

http://www.ussc.gov/Guidelines/2010_guidelines/index.cfm




to make a corrupt payment to a third party while knowing that all or a portion of the payment will go directly or indirectly to a foreign official. The term “know-ing” includes conscious disregard and deliberate ignorance. As men-tioned above, SMEs may be more likely than larger companies to use intermediaries because of their small size and lack of experience and resources. So how should U.S. companies and business persons, especially SMEs, go about locating partners or agents who will play by the rules? Options available to U.S. exporters to complement their own procedures include U.S. Department of Commerce Com-mercial Service programs.

U.S. Department of Commerce Commercial Service programs

The Department of Com-merce’s International Trade Administration’s United States and Foreign Commercial Ser-vice (US&FCS) has a network of export and industry special-ists located in more than 100 U.S. cities and over 80 countries worldwide. These trade profes-sionals provide counseling and a variety of products and services to assist small and medium-sized U.S. businesses in exporting their products and services, includ-ing in finding business partners, and conducting due diligence when choosing business partners or agents overseas. For example, the International Partner Search

Program can assist U.S. companies in finding the most suitable stra-tegic partners abroad. See http://www.export.gov/salesandmarket-ing/eg_main_018204.asp. As part of the program, you provide your marketing materials and back-ground on your company, and the US&FCS will use its strong network of foreign contacts to interview potential partners and provide you with a report that includes up to five pre-qualified partners.

But suppose you or your client have already found a poten-tial partner, either on your own or through the US&FCS. You may not want to approach such a foreign company before first acquiring some basic background in case this information would change your mind about starting a relationship in the first place. The US&FCS provides information on each potential partner in a report called an International Company Profile (ICP), which includes a listing of the potential partner’s key officers and senior manage-ment, banking relationships, and other financial information about the company; and market infor-mation, including sales and profit figures and potential liabilities. ICPs also provide an opinion as to the viability and reliability of the potential partner, as well as an opinion on the relative strength of that company’s industry sector. Reports on SMEs cost $500 (and $900 for large companies). They

are delivered within 10 days and many banks and government export financing organizations require them in certain situations. They are not, however, intended to substitute for a company’s own due diligence and the Commer-cial Service does not offer ICP in countries where Dun & Bradstreet or other private sector vendors are already performing this service. (See, http://www.export.gov/sale-sandmarketing/eg_main_018198.asp)

It’s also always a good idea to consider having a detailed face-to-face conversation with a US&FCS Officer stationed in the U.S. over-seas post in the country where you are thinking of doing business. These services are a good start. Again, by themselves they will not fully protect an exporter, but they can complement your compliance and due diligence programs.

For more information on these and other related programs, you can contact the US&FCS directly through its offices in many major U.S. and foreign cities or through its website at: http://www.export.gov/eac/. In addition to the programs dis-cussed above, U.S. Department of Commerce US&FCS Officers and State Department Foreign Service Officers receive training on the FCPA and other interna-tional anticorruption instruments, and provide general information to U.S. exporters on international corruption issues.


http://www.export.gov/salesandmarketing/eg_main_018204.asp






http://www.export.gov/eac/



u.S. DoC anti-corruption programs for advocacy and trade missions

As a provider of services to the exporting community, the U.S. government has adopted its own anti-corruption programs. These supplement the FCPA and in certain ways go beyond the requirements of the FCPA.

1. Advocacy supportThe U.S. Departments of

Commerce and State provide worldwide support for qualified U.S. companies bidding for for-eign government contracts. This advocacy can give a U.S. company the edge on its foreign competition and can help when unanticipated problems, such as bribery or cor-ruption by a foreign competitor, arise. Support can range from meetings attended by our com-mercial officers and ambassadors to letters and calls, and can extend to advocacy from high-level offi-cials including at the Cabinet level, and even, on some occasions, at the Presidential level.

In October 1996, the Com-merce and State Departments revised their advocacy guidelines to require an anti-corruption agreement from companies seek-ing U.S. advocacy. The advocacy guidelines assist USG personnel in determining whether and to what extent USG support is appropriate in connection with a transaction involving U.S. interests.

A firm seeking USG advocacy support must agree in writing:1. that it and its affiliates have

not and will not engage in the bribery of foreign officials in connection with the matter for which advocacy assistance is being sought; and

2. that it and its affiliates main-tain and enforce a policy that prohibits the bribery of foreign officials.

The firm must further acknowledge that failure to comply with the terms of this agree-ment may result in the denial of advocacy assistance.

In some respects this policy reaches conduct that is not pro-hibited by the FCPA. For example, the advocacy guidelines require a firm seeking support to certify not only as to its conduct, but also as to the conduct of its affiliates. We specifically intend the term “affili-ate” in the Advocacy Guidelines to include foreign parent firms. The conduct of the foreign parent cov-ered by the certification includes conduct that in many cases falls outside of the jurisdiction of the FCPA—such as bribery of a for-eign official where there is no link to the United States. Foreign firms are generally only subject to FCPA provisions when they fall under the definition of an “issuer” or per-form acts in furtherance of bribery in U.S. territory.

Why did we do this? Some U.S. companies had expressed the

view over the years that foreign-owned U.S. companies were able to avail themselves of U.S. gov-ernment advocacy support while their foreign parent company or its other subsidiaries were able to continue engaging in the bribery of foreign officials, even in con-nection with the same transaction.

The Advocacy Center is cur-rently engaged in advocacy efforts on behalf of more than 300 com-panies, all of which have signed the antibribery agreement in con-nection with their applications for advocacy assistance.

If you would like U.S. govern-ment advocacy support for a bid on a foreign government procure-ment, the Advocacy Center can be reached through the Department of Commerce International Trade Administration in Washington DC (202-482-3896), or its main website at http://www.export.gov/advocacy/index.asp.

2. Trade missionsWe have a similar policy with

respect to Commerce-led trade missions. In a statement issued in 1998, the Secretary of Commerce made an anti-corruption agree-ment a condition precedent for companies wishing to participate in our trade missions. Just as with advocacy assistance, a company wishing to participate in a trade mission must now certify that it and its affiliates:

%20http://www.export.gov/advocacy/index.asp.

%20http://www.export.gov/advocacy/index.asp.




1. have not and will not engage in the bribery of foreign offi-cials in connection with the company’s participation in the mission; and

2. maintain and enforce a policy that prohibits the bribery of foreign officials.

Since this requirement was established, hundreds of firms have signed the antibribery agreement in connection with an application to participate in a Commerce-led trade mission. In calendar year 2010 alone, 401 companies partici-pated in 35 trade missions, and all of those companies signed the anti-bribery certification listed above.

As with applications for advocacy assistance, this agree-ment reaches conduct that may go beyond the coverage of the Foreign Corrupt Practices Act.

options when foreign competitors bribe

What can be done about the ongoing bribery of foreign public officials by competing foreign firms? We know it is going on, although bribery and corruption are hard to uncover and even harder to prove, as my colleagues from the Justice Department will tell you. There are corruption problems in customs clearances and duties as well as investment licenses and permits, and I am in no way minimizing the crippling effect these forms of corruption have on economies and trade.

However, most large transborder bribery allegations are connected to foreign government contracts in sectors including military procurement, energy, telecom-munications, construction, and transportation. In fact, from 2005 through 2009, the U.S. Govern-ment estimates that competition for over 305 contracts valued at approximately $230 billion may have been affected by the brib-ery of foreign officials. Bribery in these types of business trans-actions is particularly dissuasive to SMEs who can least afford to expend the extensive resources often required to make bids, espe-cially if they must take the chance that the outcome of their efforts will not be determined entirely by commercial considerations.

So what are a U.S. company’s options when it learns that a for-eign competitor has bribed? The Departments of Commerce, State and Justice are available to assist U.S. companies when these prob-lems arise. For example, the U.S. Department of Commerce now has a “bribery hotline” (acces-sible from the Commerce website, found at http://tcc.export.gov/Report_a_Barrier/index.asp), through which U.S. companies can report bribes by their foreign competitors in international busi-ness transactions. The Department of Justice also has an e-mail hotline specifically for FCPA complaints, at [email protected]. And of course, all of the old-fashioned

methods of communication are still acceptable as well: call us, write us, or fax us. The bottom line is: We’d like to hear from you when you have problems in this area. We worked hard to negotiate the OECD and other interna-tional anticorruption conventions, and we’d like to know whether our trading partners are following through on enforcement.

In some situations, if the pro-curement or bribe payment has not actually been completed, it may be appropriate to inform a foreign government that we are aware of the potential corruption of the transaction, in order to try to obtain a “clean” procurement process for any U.S. company involved in the bidding. If a con-tract has been awarded and the bribe already paid, we may still complain to the procuring foreign government since there might be a chance of re-opening the bidding. Such communications may be made through diplomatic channels by U.S. Embassy officers abroad or through communications from Washington. In other cases, where we may learn of the bribe after the fact and it is too late to re-open the bidding, the U.S. Government may still alert foreign governments and press for enforcement action.

At a minimum, we want to put countries on notice that we are watching and expect action. So if you think you are about to lose or have already lost business to a foreign competitor because of

http://tcc.export.gov/Report_a_Barrier/index.asp

http://tcc.export.gov/Report_a_Barrier/index.asp



a bribe to a foreign public official, don’t assume that your govern-ment can’t do anything about it. We firmly believe that inform-ing other governments of bribery by persons falling within their jurisdiction is an effective way to ensure that cases will be brought against this pernicious practice that we have outlawed since 1977. U

The opinions expressed in this paper are those of the author and not neces-sarily those of any U.S. government agency. This paper is a “United States Government Work” as described in the U.S. Copyright Act, and therefore is not subject to protection in the United States. The author would like to thank Attorney-Advisor Brett Gerson for his assistance. Notes:

1 This speech is also available at http://www.commerce.gov/sites/default/files/documents/2011/august/fcpa_sme_paper_june_2011_0.pdf

Editor’s note: Kathryn Nickerson is a Senior Counsel in the Office of the Chief Counsel for Inter-national Commerce at the U.S. Department of Commerce. Her principal area of prac-tice is international trade law, and she is the lead attorney in the Department on interna-tional anticorruption issues, including the U.S. Foreign Corrupt Practices Act (FCPA). She may be contacted at [email protected].

Hani A. Abo SamraCynthia A. Adams

Rich W. AgnelloWenata M. Babkowski

Lucinda L. BailyJoseph A. Baker

John L. BallentineWilliam D. BarronRonald W. BazilPeter D. Bennett

Karl BoonenDonna J. Brasky

Anthony G. BrennanDale W. Bridge

Michael B. BryanJohn A. Burnett

Jeff CableJacki Cheslow

Laurence G. ChristopherDiego CiccarelliRandall J. Cole

Patrick J. CunninghamLeah M. DavisGuy De WitteAllan K. DiehrJodie L. EarleAdelle A. Elia

Patricia A. EndicottWilliam D. Erlenbush

Noeleen B. FarrellEugene A. Fay

Christopher T. FletchallSharon Frank

Rogeria B. GieremekIra M. Gilberg

Gregory N. GrayLaura Harth

Amina HaswellJohnel A. HayDarina Heger

Mark A. HolmanPaula G. HoppingDavid Lee Hudson

Susan Marie JacksonHeather A. Janssen

David A. JenkinsRasmus J. Joergensen

Deborah M. JostesPatrick Kempenaer

Laurie L. KlannMinna K. Kuusio

Fabricio Bastos Pereira LinsRichelieu E. Lomax

Alison C. LontzMaria Aldana Lopez

Javier LozadaAshlyn D. MalcolmHeather G. MarkinJanelle MartensGloria Martinez

Tammie L. McBainHeloisa C. Mello

Silva V. MinerRyan MorganJim Morrison

Cheryl J. MullallySawai Nobuhiro

Vincent NysAnne E. O’Connor

Samantha L. O’DonoghueFernando M. Caleiro Palma

Maria E. PerezErin M. PinegarSergio A. PintoAmy R. PopelarGregory J. Ray

Edina S. RobinsonVladimir Roman Rosario

Daniel James RossHector A. Sanchez

Maristela De Freitas Rodrigues Dos Santos

Matthew A. SchroettnigAlexandre Da Cunha SerpaPatricia Jane ShaughnessJennifer J. Simpson-James

Joan R. SmithMarisol D. Solis

Shawna L. StanleySheryl E. Starkey

Roxane J. StedefordSandra B. Stevenson

Kelly M. TalleyKatarzyna Tarnowska

Joanne TemmelPoh Khim TeohJoshua B. Toas

Donna L. ToledanoDenise A. Torcivia

Celso F. VianaKarine F. Wegrzynowicz

Deanna WestheadTrace M. WilgusJoya F. Williams

Achieving certification has required a diligent effort by these individuals. CCEP certification denotes a professional with sufficient knowledge of relevant regulations and expertise in compliance processes to assist corporate industries in understanding and addressing legal obligations. CCEPs promote organizational integrity through the development and operation of effective compliance programs.

Questions? Please contact:Joan Braun at +1 952 933 4977, 888 277 4977 or [email protected]

The Compliance Certification Board offers you the opportunity to take the Certified Compliance and Ethics Professional (CCEP) certification exam.

CongratUlations to neW CCep designees!

http://www.commerce.gov/sites/default/files/documents/2011/august/fcpa_sme_paper_june_2011_0.pdf







Global Compliance: EgyptBy gregory unruh and Fernanda arreola

The Arab Republic of Egypt is thought of by many executives as an exotic business destination. It is a country built on literally thousands of years of recorded history, with the most famed period belonging to the Pharaonic Dynasties of the Nile River valley that produced the monumental Pyramid of Giza. Egypt’s culture has felt the imprint of great civiliza-tions including Greco-Roman and Islamic traditions. The beginning of Modern Egypt is conventionally associated with British influence in the early 20th century. Since the assassination of Anwar Sadat in 1981, the country has been headed by Hosni Mubarak who, for nearly 30 years, provided stable, though autocratic, leadership. However, Mubarak formally resigned in 2011. Today, Egypt’s 80 million inhabitants are leveraging their pragmatic occidental vision with a reserved cultural tradition to take advantage of the country’s unique opportunities at the busi-ness crossroads of the Middle East and Africa.

The ethical climate for commerce

Egypt is geographically connected to Israel, the Gaza Strip, Libya, Rwanda, Tanzania, Uganda, Sudan and Ethiopia.

Although Egypt is a secular state, the fact that 90% of its popula-tion is Sunni Muslim means that public decisions tend to reflect reli-gious precepts. Business people are attracted by the fact that Egypt’s economy is the most diverse in the Middle East with important tourism, agriculture and indus-trial sectors. The country has a large diversity of trading partners, including the U.S., India, Italy, Spain and Saudi Arabia. The Suez Canal provides Egypt with command over one of the most important trading channels in the world. In addition to the Canal’s business attractiveness, the cities of Cairo, Gisa and Alexandria, as well as the resort areas around Al- Shaik, offer interesting entre-preneurial prospects. Despite its rapidly growing economy, Egypt

still suffers from challenges of underdevelopment and poverty. The lack of employment opportu-nities is exacerbated by corruption (Egypt places 111 out of 180 on Transparency International’s 2009 ranking). While the country has some anti-corruption gover-nance regulations, enforcement is lackluster. These realities make compliance an important con-sideration for companies seeking opportunities in Egypt.

Additional facts: On January 25, 2011, Egypt

experienced a number of public protests throughout the country but primarily in Cairo and Alexan-dria, the country’s first and second most populous cities, respectively. The protests, which were primar-ily revolved around the idea of



ousting Egyptian President Hosni Mubarak, increased in intensity until mid-February. On February 11, President Mubarak agreed to resign from office as a result of the protests. His resignation ended a span of just less than 30 years in which Mubarak was the leader of Egypt (beginning in 1981)

Five compliance and ethics issues to consider

Bribery Within both the public and

private sectors, bribery allegations and investigations are current topics in both political and busi-ness circles. Discussions include claims of corruption in the sales of government-owned land and allegations of bribery among large corporations including Siemens, Ferrostaal, Daimler AG, and the Egyptian Petroleum Corpora-tion. A recent study conducted by Al-Ahram Centre for Political and Strategic Studies also found that 47% of small businesses are subject to bribery demands during bureaucratic processes like licensing.

Deal with it Although the number of

scandals in recent years may be alarming, analysts claim this situation indicates Egyptians are no longer willing to ignore corruption. Watchdogs such as “Egyptians Against Corruption¨ and “Egyptians Transparency

Network” have been active in edu-cating the population about the risks. In response, the courts have begun challenging government agencies and public purchasing decisions in an effort to expose corrupt officials and agents. Busi-ness leaders in Egypt can alleviate some of the root causes of cor-ruption in the private sector by offering competitive salaries to employees and building an effec-tive compliance and training program. For addressing corrup-tion in government relations it is advisable to avoid direct encoun-ters between senior managers and government decision makers. Join-ing in collective action efforts to control corruption and using care when choosing business partners can help companies advance their own anti-corruption efforts as well as the efforts of society.

Terrorism Despite programs to reduce

the number of radical groups in the country, terrorism still impacts Egypt. The recent explosion of several devices in the resort town of Sharm el-Sheikh that killed at least 88 people is a reminder of the country’s exposure. An emergency decree currently allows authori-ties to conduct arrests and hold prisoners under the provisions of martial law. Use of this decree has become a concern to human rights organizations like Human Right’s Watch which claim that up to

General Country Facts

Capital: CairoPopulation: 80,471,869Life Expectancy: 72.4 yearsLanguages: ArabicLiteracy Rate: 93%GDP (PPP): $500.9 billionGDP (Real Growth): 5.3%Inflation: 12.8%

Major Industries:Textiles, food processing, tourism, chemicals, pharmaceuticals, hydro-carbons, construction, cement, metals, and light manufacturers

Top Import Partners

Top export Partners

(Source: CIA World Factbook)



Global Compliance: Egypt continued from page 67

10,000 people may be currently held without charge. Although business is not seen as a driver of terrorist activity, private com-panies have served as enablers of terrorist cells in the past, so care is required.

Deal with it Dealing with terrorism is

obviously a complex task that requires expert advice. However, understanding the basic elements of terror-ists’ operations is a useful starting point. For instance, terror groups are often funded through illicit activ-ities like money laundering and drug trafficking. When operating in Egypt, due diligence with busi-ness partners and service providers is critical. Care must also be taken to stay within legal procedures and accounting limitations to avoid government action associated with the emergency decree. Again, expert advice should be sought out early on.

Employment According to the 2006 Inter-

national Labor conference report, the average Egyptians worker receives around 4 cents an hour and may work up to 48 hours a week. With a minimum wage unchanged since 1984, many com-panies fail to pay a living wage even when following the law. Under these circumstances, protests are becoming more commonplace.

For example, workers from the state-owned Petroleum Trading Service Company recently held a strike that lasted for more than two weeks. Rising prices and the modernization of the country are forcing people to join the labor market sooner, exacerbating the problems of illiteracy, child labor, and a lack of technical skills.

Deal with it When it comes to salary, the

official minimum monthly wage (around $6 USD per month) provides little guidance for an international company. When hiring locals, managers should consider their company’s fair salary practices and the organiza-tion’s traditional benefits such as training and health services.

Red Tape Foreign business people find

some legal procedures in Egypt frustratingly complex. For instance, simple tasks such as renewing a driv-er’s license may include presenting medical certificates. The number of procedures involved with many permits is so arduous that the Daily News Egypt reported that up to 90% of all building projects may be operating without the appropriate

licenses. The World Bank considers construction permits, paying taxes, and enforcing contracts to be the most challenging procedures.

Deal with it The Egyptian government

has begun to recognize the prob-lems of its bureaucracy and has taken some steps. These improve-

ments are reflected in Egypt’s rising five spots in the World Bank’s “Doing Business” Report to place 94 out of 183 countries. When it comes to red tape, companies should avoid hesitance in following an established bureaucratic

process. Most companies will need to use the services of accounting, licensing, construction, and law firms, so due diligence is required to find providers that meet the company’s standards.

Women in Society Although Egypt is in general

an open and modern country, women are still subject to prac-tices that would be considered unfair in most global companies. Harassment is an ongoing con-cern, for example. A study led the Egyptian Center for Women’s Rights concluded that more than 98% of foreign women and 83% of local women experience some form of sexual harassment in the workplace. In general, work oppor-tunities for women are open, but accessing higher ranks is difficult

analysts claim the number of recent scandals indicates egyptians are no longer willing to ignore corruption.



and frustrated by non-spoken rules like not challenging men in public.

Deal with it Since the 1990s, Egyptian

leaders have given more focus to encouraging greater access to work opportunities and education for women. However, the interna-tionalization and westernization of Egypt has led some con-servative groups to become stricter about traditional views on women’s roles. While international man-agers should respect local beliefs and traditions, it is important to protect female employees in the workplace and demonstrate support for their well-being. Whistle- blowing mechanisms should be made available.

Additional facts: The Egyptian pyramids, 138

in total and some of the most wellknown structures in the world, were built around 2,600 BC.

Five etiquette tips you should know before you go

Greetings Business in Egypt is usually

developed in a friendly manner where status, titles and personal relationships play important roles. The first time you meet your busi-ness counterparts you should refer to them by title until asked other-wise. Shaking hands is the most

common way to greet people, although you may also witness warmer greetings amongst famil-iar colleagues. As a rule of thumb, only shake a woman’s hand if she offers it first, otherwise just nod and smile.

Egyptians will appreciate you being familiar with some common introductions in their own lan-

guage. You may be welcomed to Egypt with “nawwart maSr,” which literally means “You have lit up Egypt” to which you can reply “maSr menawwara bik”, meaning “Egypt is lit up by you.” You may also hear the more standard Arabic salutation “Asalamu alaikum.”

Business Meetings When doing business in

Egypt you should set up appoint-ments in advance and confirm them a couple of days before they are scheduled. Foreigners will be expected to arrive on time, so be aware that business hours usu-ally run from 9 a.m. to 5 p.m. Sunday to Thursday. However, if you are doing business during the summer, you may be surprised by

the amount of activity that takes place after sunset, when tempera-tures drop. Formal business attire is expected and required to make a good first impression. Women should pay special attention to wearing conservative clothes with both knees and elbows covered. When negotiating you should bring your own translator to avoid

misunderstandings. Usu-ally, business discussions begin with polite inqui-ries about personal lives or one’s family. During nego-tiations people are likely to raise their voices, which you should interpret as an enthusiastic way of discuss-ing issues. Patience and clarity about expectations

will ensure that progress is made. Remember that trust, relationships and the idea of mutual benefit are considered the keys to a successful outcome.

Business Cards In Egypt, business cards are

exchanged without any specific ritual, but it is polite to spend sometime reviewing the informa-tion before tucking the card away. It is also appropriate to have your business cards translated into Egyptian Arabic.

Gift Giving Gift exchanging in Egypt is

not expected and you are likely to give a better impression if you

Despite its rapidly growing economy, egypt still suffers from challenges of underdevelopment and poverty. the problems are exacerbated by corruption.



ArGenTInA

• Maria Aldana Lopez, Mercedes-Benz

BerMuDA

• Shuri Munt, PartnerRe Ltd

ALBerTA, CAnADA• Mandy Lau, Direct Energy

Marketing Ltd• Jim Morison, Capital Power Corp• Tara S. Schiewe, Direct Energy

Marketing Ltd

onTArIo, CAnADA• Laura K. McLaughlin, Manulife

Financial• Frances McManus, Manulife

Financial

• Hena Singh, Rubin Thomlinson LLP

SASkATCHeWAn, CAnADA

• Quinton Osatchuk, PotashCorp

JAPAn

• Tomohiko Kamiya, Microsoft Corp

MexICo• Fernando Perez, Affinia Servicios

Administrativos Sa De Cv

nIGerIA• Ola Olukoyede, LRCDP Consulting

PuerTo rICo• Lisamaris Hernandez Oliveras,

Universidad Interamericana De

Puerto Rico, Inc

SInGAPore

• Thiru Sethuraman, Cummins

unITeD ArAB eMIrATeS• Raymond W. Alderton, Deloitte

Corporate Finance Ltd

unITeD kInGDoM• Cheryl Winter, Cobham PLC

ALABAMA• Chip Grizzle, Brasfield & Gorrie LLC• Beverly Krannich, Brasfield &

Gorrie LLC• John E. Lossing, Brasfield & Gorrie

• Brian Murray, Brasfield & Gorrie

ALASkA• Theresita N. De Mesa, Univ of

Alaska Statewide Corp Programs• Tina Suellentrop, Alyeska Pipeline

Service Co

• Diedre Williams, ACS

ArIzonA• Charlotte Rieck, Navajo Housing

Authority• Karen Wilson, Assoc of Universities

for Research in Astronomy/NOAO

ArkAnSAS• Patsy Ellis, Murphy Oil Corp• Diane Burger, Walmart• Sean M. Hennelly, Walmart• Kathy E. Redmond, Walmart

• Jennifer M. Webster, Walmart

CALIFornIA• John M. Carfora, Loyola

Marymount University• Natalia Lara Neary • Rebecca Speer, Speer Associates• Randy Watanabe, Toyota Motor Sales• Jeff Cable, The Metropolitan Water

District of Southern California• Joyce M. Cartun, Lam Research Corp• Lorena Frey, Falken Tire Corp• Michael Green, Granite Construction

• Judi Humble, Hospice of Santa Cruz County

• David Karas, Hitachi Data System• Jennifer McAleer, Unity Care Group • Phillip Porter, Calpine Corp• Jessica Staheli, Scherzer International• Doris Suh, Silicon Image Inc• Marcia Wada, Geromic Health Inc• Lacey A. Weiszbrod, Visa Inc • Stefan Wochinz, Siemens

CoLorADo• Neil J. Eckstein, Level 3 Communi-

cations Inc• Rebecca Pomerleau, Woodward, Inc• Chris Wells, OppenheimerFunds, Inc

FLorIDA• Lucretia Cooney, University of

Central Florida• Lin Huff-Corzine, University of

Central Florida• Beth Gillis, Baptist Health South

Florida

GeorGIA• Anika Adams, Siemens• William A. Burgess, UPS• Anisa Dhalla, UCB Inc• Mark Graves, UCB Inc• Vanessa Hawkins, UPS• Eric M. Hood, TSYS• Pamela Y. Johnson, Georgia-Pacific • Denise Jones, UCB Inc• Anne Marie Logarta, UPS• Chris Morris, Southern Company• Doris Profit, UPS• Christopher D. Robbins, UPS• Kristi Sanford, UCB Inc• Laura C. Snider, UPS• Ruth Ward, UPS

Welcome to SCCEthe society of Corporate Compliance and ethics welcomes the following new members and organizations. all member contact information is available on the sCCe website, www.corporatecompliance.org, in the members-only section.

sCCe’s neW members



HAWAII• Soo Dias, Hawaii Medical Service

Assoc

ILLInoIS• Rikkisha Candler• Carla Davis, Chicago State Univ• Linda Koppe, Illinois Tool Works Inc• David Rosenzweig, Kaplan Higher

Education• David A. Wortsman, Tribune

InDIAnA• Gwendolyn Yeager, Zimmer Inc• Joseph M. Gruttaduro, Eli Lilly & Co• Roxanne Loomis, Eli Lilly & Co• Tamala Reid, Advantage Health

Solutions• Domenico Sneider, Eli Lilly & Co

IoWA• Elizabeth Happe, Principal Financial

Group

kAnSAS• Desiree Boxberger, Deluxe Corp

kenTuCkY• Kristina Bell, Toyota• Wayne Harris, The National

Institute for Hometown Security• John Jager, Toyota Tsusho America• Christi Perri, Toyota• Karen Shaffer, Toyota

LouISIAnA• Judith Perry Martinez, Northrop

Grumman Corp• Donna T. Smith, BCBS of Louisiana

MArYLAnD• Ellen Brandt, Northrop Grumman

Corp• Beth Ann Johnson, Northrop

Grumman Corp• Richelieu Lomax, World Bank Group• Joel Schwarz, National

CounterTerrorism Center

MICHIGAn• Sheila Kasenow, DTE Energy• Michael Sharlow, BCBS of Michigan

MInneSoTA• Gregory N. Gray, Minnesota Dept

of Human Services• Nancy Rystrom, Target

MISSourI• Larry Christopher, Charter

Communications

MonTAnA• Deb M. Thompson, BCBS of

Montana

nevADA• Terri Gagliardo, Creative Media

Productions

• Shannon A. Nadeau, Wynn Las Vegas

neW JerSeY• Leith Kaplan, PHH Corporation• Ruth London, Robins’ Nest Inc• Jeffrey Sallot• Taara Young, American Water• Tony Brennan, Johnson & Johnson• Kerri Thompson Tillett, The College

of New Jersey

neW York• S. Michael Sharp, AngioDynamics• John Turey, ITT Corp• Randall Cole, Axentis• Christine Esposito, Avon Products• Michael Sachs, LIM College• Joshua Toas, Research Foundation

of SUNY

norTH CAroLInA• Joshua Howard, Research Triangle

Institute• Alba-Justina Secrist, Parker Poe

Adams & Bernstein LLP• Royal Johnson Link, Carolinas

Medical Center• Bryan T. Mayhew, Ally Financial• Steven Millsap, Polymer Group, Inc• Debbie Whitmore

oHIo• Deborah Valentine, NSG Group

oreGon• Bob Conlin, EthicsPoint, Inc• Tanya Klecker, EthicsPoint, Inc• Tom McNamara, EthicsPoint, Inc.• Mark Reed, EthicsPoint, Inc• Mark Thompson, Bonneville Power

Administration

PennSYLvAnIA• Lucas Hartman• Christine Sanz, Performance Review

Institute• Timothy Steitz, Sauer Holdings, Inc• Regina Wheat, Nationwide

Insurance

SouTH CAroLInA• Charles Autry, Denny’s

TenneSSee• Debora H. Carroll, First Acceptance

Corp

TexAS• Steve Hall, Hall Law Firm PC• Paul Malak, Mitsubishi Caterpillar

Forklift• Todd Warren, Fannie Mae• Akcel Coss, Toyota Motor

Engineering & Mfg North America• Randee L. Dunaway, Oil States

International Inc• Teiana Jones, The University of

Texas at Austin• Kim King, Exxon Mobil Corp• Aiyana J. Longoria, San Antonio

Housing Authority• James E.D. Marcil, Texas A&M

University• Krista Mathews, Calpine Corp• Elton Webster, Fannie Mae• Nandilyn Williams

uTAH• Ryan L. Richards, The Church of

Jesus Christ of Latter-Day Saints

vIrGInIA• Kendra Cook, Integrity Applications

Inc



New Members continued from page 71

•vIrGInIA (ConTInueD)• Richard Kusserow, Strategic

Management• Denise Lester, Northrop Grumman

Corp• Heather Markin, Northrop Grumman

Corp• Tationna S. Tucker, SAIC• Charlotte D. Young, The Nature

Conservancy

WASHInGTon• Cathie Furman, Virginia Mason

Medical Center• James G. McDougall, Avista Corp

WISConSIn• ViAnn Cabezal, ATK Security and

Sporting• John Fons, Modine Manufacturing

Company• Christy Kaufman, Mercer• Leslie Staver, American

Transmission Company

DISTrICT oF CoLuMBIA• Olufemi Dekalu-Thomas, Crowell &

Moring LLP• Susanne Farmer, American Red Cross• Rahul Reddy, The George Washington

University

Global Compliance: Egypt continued from page 69

instead host lunch or dinner. Always bear in mind that alcohol is forbidden in Islam traditions and therefore should be kept outside of initial business engagements. If invited to an Egyptian’s home, it is appreciated if you bring pas-tries or sweets. Men giving a gift to a woman should say it is from a female relative. As always, business people need to be careful with gifts to avoid the perception of bribery.

Dinner and Social Events Business in Egypt revolves

around relationships and there-fore social events and dinners are a vehicle for getting to know each other better. If invited to a colleague’s home, you should accept the invitation as turning it down will be seen as rude. In general, meals are large, and to show consideration for your host it is customary to leave some food

on your plate to signal you have eaten well. In conversation, it is best to avoid topics of religion and politics. During the Muslim holy month of Ramadan, avoid invit-ing anyone for lunch or eating and drinking in front of others.

Additional fact: The Egyptian flag features

three bold, horizontal stripes (from the top down: red, white and black) and Egypt’s national emblem in the center. Since Egypt’s independence from Britain in 1922, the country has had five flags, all of which fea-tured the same three red, white and black horizontal stripes except for the first, which featured a white crescent and three white stars in the center of a solid green back-ground. The most recent version as described above was formally intro-duced on October 4th, 1984. U

Seeking Articles on Benefits of Certification

Certification is a great means for revealing an individual’s story of professional

growth! The Compliance & Ethics Professional wants to hear from anyone with the

CCEP® or CCEP-Fellow certification willing to contribute an article on the benefits and

professional growth he or she has derived from certification. The articles submitted

should detail what certification has meant to the individual and his or her organization.

To learn how to submit a story for Compliance & Ethics Professional, contact Liz Hergert: [email protected] or call +1 952 933 4977 or 888 277 4977


CORPEDIA’S COMPLIANCE & ETHICS PROGRAM BASELINE DIAGNOSTICHaving a truly “effective compliance and ethics program” as set forth by the FSG will not only prevent misconduct, but will also aid in defending an organization in the unfortunate event of a compliance breakdown. Corpedia’s Compliance & Ethics Program Baseline Diagnostic addresses how a compliance program is stacks up against important government criteria, as well as reasonable and best practices of analogous companies. Contact Craig Kastelic at [email protected] or 877.629.8724 to schedule a complimentary diagnostic today!

Corpedia-scce-print-ad-08292011.indd 1 8/29/2011 1:15:10 PM


2012 SCCE Events

Dates and locations are subject to change.

The Society of Corporate Compliance and Ethics is a premier provider of compliance and ethics education. Faculty includes industry experts from around the world and professionals from the corporate environment, academia, government, and the law. Attracting over 2,000 compliance and ethics professionals a year, SCCE events provide unparalleled networking opportunities, all with special discounts for members. Programs are offered in the following formats to meet the diverse needs of this evolving profession.

Basic Compliance & Ethics AcademiesThese four-day intensive training programs help those new to the profession quickly get up to speed and learn directly from experienced ethics and compliance professionals. The Certified Compliance & Ethics Professional (CCEP)® examination is offered on the afternoon of the fourth day.

January 30–February 2 • San Francisco, CA

April 16–19 • Chicago, IL

May 7–10 • São Paulo, Brazil

May 21–24 • Brussels, Belgium

June 11–14 • Scottsdale, AZ

July 9–12 • Shanghai, China

August 13–16 • Boston, MA

November 12–15 • Orlando, FL

Regional ConferencesSCCE’s regional compliance conferences provide a forum to interact with local compliance professionals, share information about compliance successes and challenges, and gain the latest insights. Midwest • April 27 • Chicago, ILUpper Northeast • May 18 • New York, NYAlaska • June 15 • Anchorage, AKWest Coast • June 22 • San Francisco, CASoutheast • October 12 • Atlanta, GASouthwest • November 2 • Houston, TX

Utilities & Energy Compliance & Ethics Conference February 26–29 • Houston, TXTake advantage of the opportunity for in-depth discussion and education with your colleagues in the utilities and energy industries.

Higher Education Compliance Conference June 3–6 • Austin, TXCompliance professionals in higher education gather with peers to discuss emerging issues, share best practices, and build valuable relationships.

11th Annual Compliance & Ethics Institute September 9–12 • Chicago, ILSCCE’s annual Institute is the primary education and networking event for professionals around the world in compliance and ethics. Get insights you can use from expert presenters who share their latest methods and strategies for developing and improving compliance programs in this rapidly evolving profession.

SCCE Web Conferences SCCE Web Conferences explore current hot topics for compliance professionals, providing instant and up-to-date education from the convenience of your own office. New conferences are announced regularly, and prior sessions are available for purchase on CD-ROM. Visit corporatecompliance.org for the latest updates.

SCCE’s 2012 Event CalendarLearn more about SCCE’s educational opportunities at corporatecompliance.org

2012SCCEConferences_1pagead_4c.indd 1 8/31/2011 9:27:20 AM

SCCE Official Site...Compliance & Ethics Vol. 8 / No. 5 Professional 10-11 / 2011 Top sTories inside...

Documents

Transcript of SCCE Official Site...Compliance & Ethics Vol. 8 / No. 5 Professional 10-11 / 2011 Top sTories inside...