How to Build an Effective Compliance Program: The Green Hyena Blueprint

The Green Hyena,

In 2023, key developments in the area of white-collar crime and compliance encompass ESG, intensified US corporate crime enforcement, and the UK’s legislation addressing ‘failure to prevent fraud and bribery offenses.’. These developments all have one thing common: The absolute necessity of an effective compliance program. The days when organisations could earn gold stars for ‘just’ having incorporated a compliance program are over. Organisations are expected – by both internal and external stakeholders, as well as the law and regulators – to exceed the bare minimum. In other words, to not only have a robust and embedded system in place that is embraced by the entire organisation, but to also ensure it is and stays effective.

This new vision goes beyond internal compliance and for example requires organisations to take responsibility for their suppliers’ practices and holding them accountable for misconduct. It also means that organisations can no longer deflect blame or hide behind basic policies, training and screening tools. They must critically evaluate the effectiveness of their compliance systems.

2024 Resolutions: An Effective Compliance Program

But how do you assess the effectiveness of your compliance program as a whole, especially in a global economy where laws and regulations vary across jurisdictions? Although challenging, there are ways to assess your compliance program in an objective manner and improve its effectiveness. An effective compliance program will result in less corporate crime and misconduct. We therefore developed a blueprint for building an effective compliance program. We hope organisations will use this to start 2024 of strong and assess the state of their programs and define a plan to increase its effectiveness. This with the ultimate goal to fight white-collar crime and fraud together.

To meet this objective, we kick off 2024 by making January the ‘Month of Compliance’. We urge you to use this time for a thorough assessment of your compliance program and we will support you in that. Starting today, we will share step by step the different elements of – what we believe – an effective compliance program needs. In total, the framework has 10 elements with 5 principles per element. In every blog, we will share an element, its principles and how you can measure the objective in your own organisation. The framework is practical and with sufficient openness to adapt it to your organisation. Using this framework is an opportunity to strengthen your framework, align with best practices, and ensure that your program is not just in place, but effectively guiding your organisation.

Embrace this month as a key period to fortify your commitment to ethical and regulatory standards, setting a tone of integrity and diligence for the year ahead.

How culture impacts effective compliance

The first and most important element of an effective compliance program is the culture within an organisation. Culture is the foundation for effective compliance, anti-fraud, and risk management, much like the foundation of a building that provides structural support, stability, and integrity to the entire structure. A foundation bears the weight of the building, transferring the load to the ground and preventing settlement or collapse. A solid foundation ensures that the structure can withstand external forces, such as wind, earthquakes, and changes in soil conditions. Without a strong foundation, the building’s structural integrity is compromised, leading to potential structural failures and safety hazards.

The same applies to the culture of an organisation. An ethical culture not only shapes employee behavior, promoting the internalisation of values, but also serves as a deterrent against unethical practices. Without it the organisation’s integrity is compromised, leading to increased risk of misconduct.

At its core, culture is the sum of values, beliefs and norms that guide behaviour within an organisation. A strong, ethical culture not only promotes compliance but also, per definition, reduces the risk of fraud and misconduct. In this regard, there are three things to consider.

First, an ethical organisational culture fosters a commitment to integrity and ethical decision-making among employees. When an organisation’s leadership demonstrates a clear commitment to ethical principles, it sets a tone at the top that goes through all levels of the organisation. This top-down approach is important because employees are more likely to adhere to policies and procedures when they perceive their leaders as ethical and committed to compliance (in this regard, also consider the ‘justification’ as part of the fraud triangle). Research in organisational behaviour and psychology has consistently shown that the tone at the top significantly influences employee behavior and attitudes towards compliance and ethics. Especially, the negative effect of non-ethical behaviour in the top.

Second, a strong ethical culture facilitates the internalisation of policies and procedures by employees. Instead of viewing compliance as an external imposition, employees in organisations with a robust ethical culture tend to internalise these values. This internalisation results in self-regulation, which is far more effective than external enforcement alone. According to research in the field of corporate governance, organisations with a strong culture of integrity experience fewer instances of fraud and other forms of misconduct because employees are more likely to act in the organisation’s best interests. Furthermore, as laws and regulations often follow societal expectations and developments, organisations with strong values and ditto culture can more easily adapt to new legal requirements.

Third, a healthy culture encourages transparency, communication and speaking up. As we know, transparency is key for effective risk management and fraud prevention. Employees should feel comfortable raising concerns and reporting suspicious activities without fear of retaliation. An open communication culture enables early detection of potential compliance issues and fraud, thereby minimising risk. Academic studies in management have highlighted the importance of open communication channels in fostering a speak-up culture, which is essential for early detection and mitigation of risks. This is also the reason why the European Union adopted the Whistleblower Directive and the SEC rewards whistleblowers for speaking up.

Most importantly, a strong culture acts as a natural deterrent against unethical behavior. When ethical conduct is valued and rewarded, and unethical behavior is consistently discouraged and penalised, it creates a clear expectation for behaviour within the organisation. Employees are less likely to engage in fraudulent activities if they know that such behaviors are incompatible with the organisation’s values and will be met with appropriate consequences. Research in behavioral ethics supports this, showing that organisational norms significantly impact individual ethical behaviour.

In addition to these aspects, continuous education and training play an important role in reinforcing the culture of compliance and ethics. Regular training sessions remind employees of their ethical responsibilities and keep them updated on relevant laws and regulations, as well as incident-driven adjustments.

Measuring organisational culture

As culture is key in effective compliance, organisations must continuously monitor, shape and strengthen its culture. Culture therefore should be recognised as a risk as part of the organsiation’s risk assessment. I.e., what happens when culture goes bad? What is needed to prevent a poor ethical culture? How do you detect if ethical culture declines? In other words, the state of culture should be continuously assessed and actively managed. But how do you measure something intangible as your culture? And more importantly, how do you create an ethical culture? We have identified 10 elements that drive an ethical culture. These ten elements could be used to measure organisational culture but can also be used a a guide to build and strengthen it. We have summarised the ten elements below.

  1. Leadership and Management Behaviour – The organisational culture is significantly influenced by the attitudes and actions of leaderschip and management. Leaders who consistently demonstrate commitment to compliance and ethical behavior establish a sustainable foundation, while those lacking such dedication seriously undermine an ethical culture.
  2. Employee Empowerment and Involvement – Employees are a key element in setting and maintaining an ethical culture. Organisations should be aware of employee perceptions and attitudes. This involves continuous dialogue with employees, involving them in decision-making processes and empowering them to do the right thing.
  3. Employee Well-being and Satisfaction: Well-being encompasses the overall health, happiness, and satisfaction of employees and goes beyond physical health. It is about enabling employees to flourish and includes mental and emotional aspects, job satisfaction, capability to do the work, work-life balance, and a supportive workplace environment. To build an ethical culture organisations must manage employee’s experience, acknowledging factors that contribute to their overall quality of life both inside and outside of work.
  4. Diversity, Equity and Inclusion (DEI): DEI are essential components of an ethical organisational culture as they contribute to fairness, build trust and support well-being. An organisation committed to DEI ensures equal opportunities and fair treatment for all, reflecting a dedication to corporate responsibility. Moreover, the inclusion of diverse perspectives enhances decision-making processes, mitigates biases, and fosters a workplace where employees feel valued and respected.
  5. External Stakeholder Engagement – Stakeholder engagement is vital for nurturing an ethical organisational culture by incorporating diverse outside perspectives and fostering shared values. It builds trust, helps to identify and address ethical risks, and contributes to corporate responsibility. Additionally, it enables organisations to spread its values and engage with its investors, clients, suppliers, and others. Moreover, stakeholder engagement enables adaptive decision-making, responsiveness to regulatory and societal changes, as well as the creation of a resilient ethical framework, ultimately enhancing the organisation’s culture.
  6. Communication and Training – Clear and transparent communication articulates the organisation’s values, compliance standards, and ensures that employees at all levels understand what is expected of them. Training programs play a crucial role in educating employees on specific policies, procedures, and the consequences of unethical behavior. This shared knowledge promotes a unified ethical vision, aligning individual actions with the organisation’s core values. Communication and training also empower employees to navigate ethical dilemmas. Promoting reporting mechanisms helps with timely identifying and addressing possible issues. In case their are ethical issues the organisation must be transparent in their response for learning purposes.
  7. Incentive and Rewards System – Serves as a mechanism to reinforce and promote desired ethical behaviors among employees. By aligning incentives with ethical practices, organisations encourage employees to prioritise integrity and compliance. Recognising and rewarding ethical conduct sends a clear message about the organisation’s values and expectations, creating a positive reinforcement loop. Moreover, a well-designed rewards system discourages unethical behavior by making it clear that individuals who adhere to ethical standards will be acknowledged and celebrated.
  8. Comfort with Speaking Up – Creates an environment where employees feel empowered and safe to discuss issues, voice concerns, report misconduct, or raise ethical dilemmas without fear of retaliation. This open communication channel is essential for early detection and prevention of unethical practices, allowing the organization to address issues proactively. When employees are comfortable speaking up, it promotes transparency, accountability, and a shared commitment to ethical behavior. This, in turn, contributes to building trust among team members and leadership. A culture that encourages open dialogue and values the input of all stakeholders helps to identify and rectify ethical lapses promptly, ultimately strengthening the organization’s integrity and reputation.
  9. Response to Ethical Violations – An ethical organisational culture is not just about preventing misconduct but also about detecting and addressing it when it occurs. A swift and resilient response to ethical breaches demonstrates the organisation’s commitment to upholding its values and standards. It reassures employees that unethical behavior will not be tolerated, fostering a sense of accountability and deterrence. Moreover, an resilient response involves thorough investigations, appropriate disciplinary measures and transparency, sending a clear message that ethical lapses have consequences.
  10. Historical Compliance Record – Monitoring the organisation’s past compliance history, including any previous violations, penalties, or legal issues, offers valuable insights into its ethical standing and commitment to compliance. It serves as a learning tool, allowing the organisation to understand and rectify past mistakes, implement corrective measures, and continuously improve its ethical framework. A transparent acknowledgment of historical compliance issues demonstrates accountability and a proactive approach to preventing future ethical lapses. Furthermore, it aids in building trust among stakeholders by showcasing the organisation’s commitment to learning from its past, building a culture of integrity and ethical responsibility.

We have further defined the ten elements by establishing clear objectives per element as well as example tests to measure the organisational culture’s effectiveness. You can download the full overview of the elements and objective below, it also includes the example tests that can help you to measure culture.

We highly recommend that organisations use the framework to initiate meaningful discussions about the state of their culture and gain valuable initial insights into the strengths and areas for improvement. Subsequently, we advise consulting an expert to delve deeper into the findings and observations. An expert can guide you in interpreting the results, developing strategies for enhancement, or conducting a thorough audit of your organisational culture.

Effective-Compliance-Culture-Assessment-TemplateDownload

Curiosity Leads, Amazement Follows – Continue reading the Green Hyena

Effective Compliance

Comment

  1. Pingback: The Green Hyena's 2023 Watch: Key Fraud Trends and Developments - THE GREEN HYENA

Leave a Reply

Your email address will not be published. Required fields are marked *