Troubling Friends, Family, & Relationships
With the recent frauds and bad acts in the news I can’t help wondering who was recruited or jumped on the wagon to help perpetuate the misbehavior. Here are some thoughts for the board, audit committee, general counsel, compliance, and internal audit to consider.
Fraudsters seek out those who share the same social background are gullible and easily manipulated. Trouble tends to attract trouble!
As Warren Buffett has observed, “There’s seldom just one cockroach in the kitchen.” Trouble tends to attract trouble. For assistance with committing crime, fraudsters often look for people who share the same social background or ambitions or are gullible and easily manipulated. Scott Green in his 2005 book “Sarbanes-Oxley and the Board of Directors: Techniques and Best Practices for Corporate Governance” noted, “Those who are willing to commit fraud recruit from the corporate employee pool weak or needy personalities and go to lengths to reward and protect them.”
Remember that most fraudsters don’t think in terms of right or wrong and are unlikely to be impressed by moral constructs, so an ethical corporate culture is unlikely to deter them. A company’s culture, however, can help determine if co-workers are inclined to blow the whistle on wrongdoers, or if the misbehavior is likely to go unreported.
Don’t be fooled! Good tone and conduct from the top does not mean there is an ethical culture!
A resolute tone from the top along with transparent conduct can help to create an ethical culture, which is the foundation of good corporate governance.
Based on my experiences, culture is often shaped, solidified, and destroyed by the worst behavior the board and senior management is willing to tolerate or overlook!
Regular interactions by the board with senior leadership and senior leadership with employees can help determine whether the culture of the organization is bedrock or sand.
I have developed a tool for and have been assessing cultural risk for over 25 years. It’s not perfect, but it generally provides some interesting data and in some instances has been a “silent whistleblower” and helps flesh out blind spots.
The tool could also serve as part of a defense if a regulator questions your compliance program, because one of the questions asked within the tool is “…are you aware of or have any indirect knowledge of any ethical violations or fraud, or are you being pressured to do anything you believe is unethical?” If the person replies “no”, they are instructed to write in a response, then they are required to certify there responses are complete and accurate.
Your code of conduct should require reporting of know instances of misconduct.
Do you know what policies are included as part of your organization’s anti-fraud, compliance, and ethics program, if any?
Should the company later learn of an issue and that person knew or should have known, or was was involved, the company can produce the results of the tool as part of their defense. In addition, that person more likely than not breached the code, which probably will result in disciplinary action for their undesired behavior.
Culture is a key factor in a company’s risk management efforts. The word “culture” is mentioned 124 times in the 2017 COSO Enterprise Risk Management framework because a weak culture that allows undesired behavior to continue can lead to a variety of tangible or intangible risks.
I welcome your thoughts, comments, and suggestions.