As compliance and ethics professionals when we are evangelizing about the importance of a strong program and a healthy culture we often try to be aspirational and positive about the organization's goals. We want to focus on the benefits that "doing the right thing" can bring.
But when that doesn't work we can always bring out the big guns. We can talk about those failures out there -- and there are plenty from Enron to Volkswagen. We can talk about the time, money and dollars lost as well as the potential for prison time. The negative case is never far from reach when we need it. That's why I think a headline like the one in the New York Time this morning ("Corporate Bribery Cases and Fines Fell in 2015") can cause even the veteran evangelist to shake her head and sigh. Just when we thought we had some of them convinced.
But I wouldn't worry, and in fact, I think it's a great moment to seize on a couple of potentially problematic narratives and, as good evangelists do, turn them around to the program's benefit.
First, it's a chance to free up some of the oxygen that anti-corruption has been consuming. As compliance officers know, bribery isn't the only risk out there. For many organizations it's not even in the top five risks they face as an enterprise. When a compliance program's resources are not allocated in a risk-based fashion the effectiveness of the program suffers and, in the nightmare scenario, that top five risk that was ignored because of improper focus becomes the issue that consumes the program -- and in some cases -- the organization itself. This may be a good opportunity to have a real discussion about the risks your organization faces and how those risks have been identified, addressed and monitored. And it opens up the opportunity to discuss how (and if) the program has been properly assessed to address those compliance risks.
Second, this story allows a discussion about those other risks that exist. If the narrative in the C-suite or boardroom has been too often dominated by anti-corruption -- or for that matter data security or any other issue -- to the exclusion of all else, here is the opening to talk about the ever-changing nature of compliance risk and the need for a program that address and assesses such risks on an ongoing basis. My new favorite chart in the last year is by Professor Brandon Garrett at UVA ("Corporate Criminal Penalties by Type of Crime"). This chart brings together two great points. One, a real negative case standby, that despite the headline today fines overall all continue to skyrocket. Almost $9 billion dollars in 2015, or over a nine-fold increase in ten years. Two, the types of cases, and the types of risks faced, vary significantly year by year. One could be forgiven if you just attended compliance seminars for the last ten years into thinking that foreign bribery made up a majority of the fines levied against organizations. As this chart so crisply shows, that's never been the case.
The negative case is not going anywhere, but whether you lead a discussion with prison and fines, or culture and performance, moments like this can provide a really valuable opening to get to the real issues your organization uniquely faces.