Outsourcing  |  Bi-Monthly   |  Issue: Mar-Apr 2008
Archives
Readership Profile    |    AD Rates   |    Feedback
 
 
 
Current Issue
 
  CASE STUDY
 
   
 
Corporate Governance
Responsibility-A Case Study

The Corporate governance program helps companies improve their processes, inspire public confidence, and ensure that they comply with regulations. Since 1993, Corporate Governance program has helped corporations develop strong core principals by improving their governance processes through a variety of programs including director training and global ethics education.

Corporate responsibility for governance is towards its stakeholders on one side and external partners to whom they provide services or take services. To execute their responsibility, organizations have to establish multiple layers of security-
Inner Layer: To develop within the organization, an effective ethics and compliance culture. The strength of this culture will serve as a preventive control and discourage incidents from taking effect. Having a strong value system and leading by example is the best way to promote strong motivation and loyalty and conviction in the organization's principles and values.

If an ethics or compliance incident happens, the damage to the company is far less if the company has an effective ethics and compliance culture. The ability to establish that the incident is attributable to a rogue employee operating outside of a solid program is huge. Awareness of the program, comprehension of what to do as a result and willingness to act because the process is trusted are the defining standards of an effective program.

Middle Layer: Internally detect potential incidents through a trusted "neighborhood watch" approach. This would be a detective control and would curb the incident right from the bud. Monitoring and internal controls play a pivotal role in the prevention and detection of security incidents within the enterprise.

Outer Layer: Adopting an effective corporate governance program to reduce exposure, providing the best defense against criminal investigations and civil claims. Generally the cost of control is much less than the exposure on incidents corroding the resources of the organization. Avoiding a single incident more than covers the incremental cost of governance.

Let us consider a well known case on this topic. An industry-leading company recently commissioned two outside firms to perform an objective assessment of its corporate ethics program. Each assessment was extensive, involving interviews with anyone who wanted to talk, and people selected by the teams, ranging from middle management to the CEO. Collectively, the two assessments had interviews or focus groups with over 1000 people at every major location. This probably represents the most comprehensive assessment of ethics program effectiveness factors completed in 2003.

The findings included:
• The company had a Vice President for Ethics and Business Conduct, an Ethics and Business Conduct committee, an Ethics Process Council and designated ethics personnel in each of the business units.
• Ninety-eight percent of employees interviewed recalled receiving ethics training during the past year.
• An ethics hot line had been established, and 98% were also aware of its existence.
• Ethics posters were prominently and widely displayed in the workplace.

It turned out that hidden beneath these comforting findings were some very fundamental issues. The company is Boeing, which has had three major programs worth billions of dollars suspended and its CEO resigned as the result of an unrelated ethics lapse. The core issues in this case are unfair business practices related to competitors and federal government procurement guidelines, and not Sarbanes-Oxley sanctions.

The primary issues uncovered by the outside assessments included:
• Employees felt that line management must own ethics and compliance in order for it to be effective. Many line managers just didn't get “it,” particularly when “it” meant responding to bad news.
• The extensive ethics organization was primarily accountable to the line managers and tied too closely to the achievement of business objectives, losing critical independence and perhaps objectivity.
• Senior management was insufficiently involved in the development and implementation of ethics and compliance policies and processes.
• Almost half of the rank and file population did not believe that the ethics hot line could be called anonymously. It did not appear to have 24/7 coverage, limiting when and how employees could report problems in confidence. Many employees expressed fear of retaliation, and frustration with the time it took to conduct an investigation.
• Internal training, monitoring and oversight of procurement integrity and handling of third-party information was not as strong as written procedures, policies and guidelines.

The above observations prove that companies in active acquisition mode are exposed. They are integrating different cultures and assuming unknown risks. Ethics programs of the parent company and the acquired companies have to be constantly reviewed and updated to have “effective programs” in all parts of the new organization.

Overall, the assessments concluded that a contributing factor was that, the Ethics Officer was not truly a member of the Corporate Governance power structure. The ability to understand issues and influence priorities was therefore limited. This example is one that should be taken seriously by other companies because it illustrates that having an ethics program that is trusted, widely embraced and actively used is the real benchmark.

Companies have a natural impatience to check “done” regarding ethics programs and return to traditional strategic initiatives, and many such companies feel that the significant resources required by Sarbanes-Oxley Section 404 are all they need, or can afford right now. A number of companies feel; “We've got ethics covered.” Boeing thought it had it covered too, until it found out the hard way that its program did not prevent damaging incidents.

The word “effective” is important here, for two reasons. The existence of an “effective program” is a mitigating factor if a company is convicted or pleads guilty to ethical violations. The Guidelines have gotten considerably tougher, making it important to differentiate between an incident caused by a single rogue employee and a systemic corporate governance shortfall. The other reason is that customers also judge whether a company has an “effective program.” Boeing was hit more by loss of faith from customers than it had from Federal Sentencing guidelines. The public confidence diminished and lost contracts resulted.

I expect that qualification as having an “effective program” will become a very important measuring point for CEOs and company boards. Boeing actually thought that it was meeting the criteria, yet discovered the hard way that having a program that is “clearly enunciated, broadly communicated and widely understood” did not make the program operational or effective. The qualifying criteria are emerging every day, from assessments like these and from litigation.

Besides it may do good to understand here that Sarbanes-Oxley is only a piece of the measurement of an “effective program,” and limiting focus to its provisions will leave major exposures like those experienced by Boeing.

It seems that this example provides some very important insight. Companies need to re-examine whether they are sure they really “have it covered” and can pass the “effective program” measurement. As Boeing discovered, the stakes are too high to rely on hope and the desire to claim the task is finished. The frankness and insight that can be gained from an objective outside assessment may be the only way to know for sure what is still missing, or ineffective.

Boeing, The Coca-Cola Company and Bank of America are among the many blue chip companies that have been heavily damaged by compliance and ethics incidents. In each case extensive compliance programs existed, but were not effective. The ultimate measure of effectiveness is that the vast majority of honest employees watch out, like a "neighborhood watch", for the company. They understand what is right and wrong, and don't hesitate to report anything in the gray area to make sure it gets checked out.

Effective corporate governance is a manifesto for building highly-effective Boards and corporations by balancing power, performance and profits with integrity, transparency, accountability and reform in private and public sectors. Today, corporate governance is one of, if not the most, topical, contentious, yet relevant issues of concern to Governments and corporations, the world over. So it is worth working on and making it workable and more acceptable!

(The author; Partner with a leading Accounting firm, he can be contacted at-khushroo.panthaky@wcgt.in)