Play by the Rules?

For the past few years I’ve used every forum at my disposal to discuss the inequity of a rule-based environment. You can never have all the rules, and even if you try to have all the rules you ultimately end up with an exhaustive list of requirements that no one can understand or hope to follow.

Instead, I’m a huge believer in principle-based performance: Educate to values and integrity, establish clear guardrails and the “rules” for the most part will take care of themselves. The reality, however, is there are people who will choose to break a rule, push a line or tread on thin ice regardless of how much you instruct them otherwise.

One example of an organization that maintains too many rules is the NCAA. For the record, to the disdain of most of my children (Go Ducks!), I bleed crimson and gold. My youngest daughter graduated from the University of Spoiled Children (or USC) and during her four years in Los Angeles I found myself completely rooted within the Trojan family. So, like every other loyal Trojan, I’ve been avidly following the NCAA’s attempt to discredit the University of Southern California.

Bear in mind there is no allegation whatsoever that USC did not play by the NCAA’s rules. However, the NCAA claims that the family of former USC running back Reggie Bush sought and obtained virtually free housing in the Los Angeles area from an individual that had no direct affiliation with the university. In fact, there isn't even an allegation that any university officials or boosters were involved or even aware of the Bush family arrangement.

Just like many other universities, USC took all the necessary steps to educate players and their families on NCAA rules regarding improper behavior. This is essentially what is referred to as compliance training in the corporate world. The issue is that a player and his family, along with an agent, chose to break the rules – not the university. However, the university is somehow held accountable.

For those who’ve been reading my blog, you know I have been focused on the extension of compliance concepts to vendors, suppliers and agents because when they screw up it is the corporation who is found guilty – either in the courts or in the court of public opinion.

USC has been serving time in both of these “courts” lately. USC will likely be found guilty of a violation of something – because the NCAA unfortunately has enough major and minor rules to make this happen.

However, USC didn’t help its cause when it hired Lane Kiffin from the University of Tennessee as its new coach following the departure of Pete Carroll to the Seattle Sea-Chickens. Kiffin is no stranger to questionable behavior and he would not have been among my candidates for the job. According to the New York Times, in less than 14 months at Tennessee, Lane Kiffin committed six secondary violations and is under investigation for the use of student “hostesses” in recruiting. Three of Kiffin’s recruits were also dismissed from the team after they were arrested for armed robbery.

Despite promising that his number one priority at USC was to run a clean program, Kiffin has already committed a minor violation by picking up a USC recruit at the airport in a limo. I fly into LAX quite often and while limos may be an odd sight in Ann Arbor, they are pretty common in Los Angeles. I’m not saying what he did was right, I’m just trying to focus on the situational norms – not a bunch of rules. If Kiffin was trying to impress some kid by showing him the ‘So-Cal’ lifestyle, then Kiffin was in the wrong. If he just didn’t want to fight the traffic on I405 and wanted to talk to the kid along the route, what was the harm? Plenty. Kiffin knew what he was doing was wrong. The principle is “inappropriate influence” and he chose to ignore it.

I am not suggesting that if the NCAA gets rid of all of its rules that universities will automatically clean up their athletic programs. I am simply suggesting that all the silly little rules get in the way. Minor rules must be made for breaking otherwise they wouldn’t be classified as minor?! If the NCAA created and verbalized a clear set of guidelines to every stakeholder (coaches, players, athletic directors, boosters, agents and family members) and enforced them swiftly and fairly, then I think everyone would get the message.

I've been preparing this week for a talk I will give in a couple of months on gaming fraud – specifically focused on Native American casinos. What I have learned is that Native American gaming establishments are not unique and the fraud and abuses that are prevalent in Las Vegas are just as prevalent in Tulsa, Oklahoma. What I have also learned is that the sophistication and pride within Native American tribes makes a huge amount of difference in the volume of fraud-based activity. The tone from the Principal Chief and the value set by which the tribe members hold themselves accountable is the real measure by which you should begin to rank or rate the fraud potential.

It should be the same for college athletics. Coaches should set the tone and lead by example, and the alumni must remember that the true sense of winning in college athletics isn’t always measured by trophies or scoreboards.

College sports are dominated by the “what have you done for me lately" or "we need to win now" attitude. This can be likened to the sentiment in the corporate world which saw the downfall of Enron and the like, too much focus on short-term profits and not enough focus on long-term growth. Universities need to realize the eventual damage this attitude may inflict down the road if they don’t build a program based on integrity and principle-based performance.

Principle-Based Leadership: Setting the Tone

As a member of numerous web 2.0 forums, I oftentimes listen to esoteric rants and the splitting of hairs in the Governance, Risk and Compliance world. Every so often, however, I get the opportunity to read something that is refreshingly lucid.

All of us in the compliance world struggle with moving the needle and improving the “ethical quotient” of our organizations. For the last few years, I have come to believe it isn’t the “transformation” of people that is important, it is the tone from the top and the people you hire. Setting the tone and expectation of principled integrity for your organization and interjecting the right DNA into an organization can have a greater impact than any training program. When people are faced with an ethical dilemma they often turn to the example set by leadership or their co-workers. Having well-grounded individuals in your organization that embrace the organization’s goals and know the difference between right and wrong will prove invaluable.

Recent comments by Daniel Roberts of RAAS consulting made me take notice. Dan discussed the obituary of one of the translators at the Nuremberg War Crimes Tribunal and recounted this person's recollection of the interrogation of Rudolf Höss, the former head of Auschwitz. The translator asked Höss if he had ever sought to enrich himself off the Jews he was killing. Apparently Höss replied, "What kind of man do you think I am?"

This is the verbatim quote from Dan that sparked this post: “Ethics are defined by what we believe to be right and wrong. Höss was not living in an ethical vacuum, just in a place/time in which the ethics were so distorted from our understanding of the word as to earn him a place in history as one of the most loathsome humans ever. Yet he considered himself ethical.

Start by looking at the ethical norms or leadership and you will discover the ethical norms of the organization. An ethics program by itself is noise. It is the actual behaviors of leadership that matter. If they cover up inappropriate or even criminal behavior (seen it done), or simply refuse to truly investigate it (seen it done), punish those reporting the potential abuse (seen that done too), then all the ethics handbooks and programs are meaningless.”

Thanks Dan for reminding us that inspiring principled based performance and a sense of “presence,” not the issuance of rules and requirements, is how we will change our organizations.

Government Transparency: An Oxymoron

For almost a decade, EthicsPoint has provided software and services that help organizations gather, review and resolve issues and events that impact their operations. Most of these issues and events are risk factors that can dramatically affect confidence and share value or result in a serious monetary loss. At EthicsPoint, we provide services to a multitude of organizations from a variety of industries. But if you peel back the onion, you will notice that we service only a handful of municipalities and no government agencies, I’ve often wondered why that is.

I used to believe it was because EthicsPoint delivers its services in the “cloud” as a software-as-a-service provider and doesn’t provide a premise offering that can be put behind an organization’s firewall. But lately I have come to the conclusion that transparency and government -any government - simply doesn’t exist. For all practical intents, the US government became a venture capital company in 2009 and EthicsPoint does service several financial institutions. Therefore, I don’t believe it’s the function of the organization that dictates a lack of transparency, but rather something inherent in the way our government is run. As a tax payer this is frustrating to me.

I was a history major in college and looking back I don’t know if real transparency has ever existed in our government. The reasons for this lack of transparency may be varied, but the result has been the same. For instance, in the earliest days it was a literacy void and the general public’s inability to read helped support our representative form of government. Next, it was a genuine communication failure in reaching the populous due to distance and an unreliable “yellow” journalistic press. Then it was a protectionist view – because we couldn’t let the commies know what we were doing. Today it is just the “way things are done.”

It is somewhat akin to the situation of a plumber not showing up to your house and when you express your discontent to a co-worker she immediately understands and says, “Yeah, that’s just the way those guys are.” We’ve become so accustomed to bad government that we roll our eyes and say, “Yeah, that’s just the way those guys are.”

Several months ago I blogged about “hating the word Ethics” and repeatedly expressed that I personally had difficulty drawing a definitive ethical line when dealing with certain issues or events in the compliance world. Earlier this week, Mark Meaney, the number two man at the city of Chicago’s Office of Compliance, resigned amid allegations he mishandled an intern’s 2008 sexual harassment complaint against a top official at Chicago’s 911 emergency center. I had the opportunity to work with Mark and I personally find this hard to believe. He and his boss Tony Boswell had the very unenviable and daunting task of developing and running the compliance department for the city of Chicago.

The city of Chicago has been monitoring city hiring since the 2005 scandal that found a member of Mayor Daley’s staff guilty of rigging city hiring and promotions to benefit pro-Daley political workers. However, the city’s hiring monitor and other consultants have proven inefficient and, according to the Chicago Sun-Times, have cost Chicago taxpayers $6.2 million. It has also been reported the city’s hiring monitor has been accused of falsifying allegations of misconduct by Boswell and Meaney in order to discredit them and gain total control of the city’s hiring process. This is where that ethical line starts to blur.


The situation gets better or worse depending on your perspective. If you know anything about whistleblowing, it is the responsibility of the compliance officer to protect the organization from any “retribution” resulting from an individual coming forward. The ethical line blurs even further once you know the 911 center official in question is a high-ranking deputy who was stripped of his responsibilities in 2008 after blowing the whistle on alleged contract irregularities involving Motorola that cost taxpayers $2.25 million.

Mark’s quote in the Sun Times says it all. “It was a privilege to have been part of something that had never been tried before; corporate-style compliance in municipal government…Mayor Daley should be applauded in his efforts at true reform. Unfortunately, fear and blame seem to be winning over culture change. I return to the private sector with no regrets for having spent the last two years working with some of the best public servants anywhere.”

What a twisted web. You have heard me say many times the role of a compliance officer is not black and white. The role requires discernment and often a balancing act of issues that would make Solomon shudder. This is no different in government or the private sector. Let’s consider for a moment that the evidence in this case is inconclusive (let me be clear that I have no inside information on this matter). Yes, there is an accusation but it is difficult to fully substantiate. There are multiple variables in play and the subject of the investigation is a person who “blew the whistle.” Appropriately, you might have some trepidation that the accusations could be retaliatory. So I ask you – what would you do?

I like Mike and Tony, which makes this difficult for me. It upsets me that in the public sector what some members of government say in front of a microphone, even for their own benefit or gain, often shapes the court of public opinion, and good guys pay the price.

Global Sourcing: The Next Level of Risk

As I mentioned in my last posting, the Justice Department is becoming more serious about Foreign Corrupt Practices Act (FCPA) enforcement and the recent sting operation in Las Vegas certainly reflects the hard-line, somewhat insidious, strategy of their new playbook. While the indictments involved individuals in the defense/arms industry, I expect enforcement to increase across many industries.

Aside from the recent events foreboding stricter enforcement, some of my peers are also predicting a surge in activity. For example, a former US Attorney assured me this sting was only the beginning and that two more will emerge in the coming months. Dan Karson, an executive managing director for Kroll, said the recent sting operation has “sent chills” down the spine of small and mid-sized businesses who may have falsely hoped the Justice Department’s interest in FCPA was reserved for global Fortune 500 companies.

This increasing level of FCPA enforcement has major implications for companies and how they choose supply chain partners. In the past, a partner’s misconduct may have impacted the organization but didn’t necessarily come with the immediate publicity and massive fines experienced today. This is why companies who never considered making the investment are now starting to consider extending their internal compliance expectations and training throughout their supply chain. Cultural and language barriers aside, this remains a daunting task.

Global sourcing relationships have always been about trust and service – but this is new territory that stretches the boundaries of these relationships. The two most important factors in mitigating an FCPA violation in this instance are selecting the right vendor, supplier or agent from the start and developing a process that ensures transparency. I will be writing much more on this topic as the year moves forward. Let me know what you think – can you expect a vendor, supplier or agent to act in accordance with a company’s compliance policies, procedures and guidelines?

Back in the Saddle

This past year was a difficult one for most companies. I am happy to say that EthicsPoint not only survived but thrived during one of the worst economic periods in recent memory. But the work load to succeed took its toll and my conversation with you suffered.

To all of you who took the time to link into my blog last year, I want to reiterate how much I enjoy sharing my thoughts in a blog format and that I am dedicating the time and discipline this year to be attentive to this dialog.

My blog will soon take on some new dynamics. I also have one of our analysts working with me to ensure I remain current and vocal around the important topics in GRC. A new section of my blog site will be dedicated to monitoring important legislation or regulations. There are many new areas of fraud and risk evolving and the compliance emphasis on FCPA, supply chain management and green initiatives is growing exponentially. I hope to keep current on each of these and share my thinking both here and thru Twitter.

This past week the FBI showed that it was serious about FCPA enforcement. Their sting efforts were very effective. Dan Karson of our partner Kroll Worldwide said in a recent article,“This [sting] has sent a chill down the back of a lot of companies…Mainstream companies, not just from the defense industry, are now wondering, 'Am I at risk?'” I have been suggesting for months that small and midsized companies need to better understand their supply chain and extend their compliance programs to these stakeholders. With these new "rules of engagement" the risk level within supply chains just moved to a new DEFCON level.

More comments to follow and please comment and tell me what you think.

Can Web 2.0 rekindle America’s love affair with the automobile?

As many of you know I made the decision to go back to school this year and have been attending an extended learning program at MIT Sloan School of Business. I have my quarterly meeting in Cambridge coming up and was reading through my assigned case studies this weekend. One of the readings concerned a supply chain situation at Ford that was taken from events earlier this decade. I don’t know if the professor was looking to evoke this line of thinking, but I started wondering if the automobile world could transform itself and convert to the Dell distribution model. So while this is outside the realm of my normal blog topics I am hoping to leverage this forum to get some quick feedback for this zany idea.

The Dell Direct Model has been very successful from a supply chain and margin contribution perspective. Dell Direct is a business model that eliminates the traditional distribution channel and goes directly to the consumer. Traditionally, as is in the case of Ford and others, there is a supply chain that supports the manufacturer (the “brand”); the finished goods are shipped to a variety of distribution outlets and the consumer selects a branded product from one or more of these outlets.

Dell broke this model by using a Web 2.0 enabled business model that removed the traditional hardware distributors and opened a line of communication directly with their customers. They also ensured/marketed that the computers they sold would be customized for each client and delivered to their home. They built a website with a well defined on-line configurator and allowed the consumer to craft the PC of their choice.

Stick with me – I know this may sound crazy, but with the automobile industry in chaos-wouldn’t this model work for cars just as it has for computers?

One of the many problems with the auto industry is over supply. In 2008 manufacturers had the capacity to make 17 million cars annually to support a 10 million domestic car demand. The current cost-to-market structure and low margin of profit per vehicle has collectively rendered auto company business plans not successful at the 10 million vehicles sold rate. Regrettably, the industry has continued to blindly build significantly more than 10 million cars, go deeper in debt and is now financially and credibility bankrupt.

By changing their go-to-market strategy Dell proved they could derive stronger margins, control their inventory costs and nurture a very satisfied consumer base. So what would this mean for the car buying consumer? First the buying experience would change dramatically. Showrooms would be totally reconfigured with more interactive displays and computer simulations but the overall footprint would be reduced dramatically. Sure the auto dealers would need to have a few, very few, new models in stock for the person who just wanted a good, better or best model and wanted a new car today. There would still be used cars, but for a new car the majority of us would configure our new car, do the paperwork and have it arrive 3-4 weeks later. Or, we might never visit a showroom and simply configure and buy the car on-line.

If you let your mind wander a bit and if you have ever configured a Dell system you can begin to think about how this buying experience might work. Packages and promotions would be similar. Like a free upgrade to a XM/Sirius radio instead of an upgrade to a DVD Burner from a standard CD drive. How about custom wheels in lieu of an extended battery? Door to door shipping is a premium option, but a cost-efficient pick up area near a rail distribution hub could provide the lowest shipping cost option.

The advantages of this system could be remarkable. The cost to build and maintain (just think of the property tax savings in some states) a dealership would be significantly reduced. Even rural communities would be better supported with this model. While the assembly-line process would need to evolve to ensure overall vehicle costs do not rise dramatically, the advantage of knowing your exact demand would eliminate excess inventory and floor-plan costs would be dramatically reduced. Because manufacturers are primarily shipping product on demand it is likely transportation costs would improve – the carbon footprint would also be reduced.

I can imagine unique designer packages for interiors that are truly unique. Resale values might hurt downstream with some poor choices, but why not a Martha Stewart, NASCAR, or NCAA interior of your choice? All would add license opportunities and potential additional revenue. Buying online also provides click through revenue from alternative financing sources or custom items from tailpipe extensions to HD-DVD systems made for the vehicle, but not available from the manufacturer.

More importantly, just like Dell, the auto manufacturer would begin to know what motivates the consumer and cars would evolve just as PCs have to meet the usage demands of the consumer. Lower R&D costs, fewer miscalculations (can anyone say Pontiac) and an overall improved track record for consumer loyalty. Can you imagine blogs and twittering by designers, engineers and quality assurance folk who were sincerely interested in market feedback?

There are a number of specific business planning details I will need to construct before going to MIT next week, but help me out with a little informal survey…would you buy a car using a system like this? If not, why not?

THIS JUST IN -- Chrysler files for Chapter 11 (http://tinyurl.com/d3f5kf) -- are they better off dead or alive??

Say on Pay

My wife, who I consider a good lawyer and I totally disagree on the way the public outcry has been unleashed against some executives at AIG and other organizations. She holds to the belief that this “bonus money” is her tax dollars and these people don’t deserve to be paid with her money. I get the frustration, but my point is why does this “say on pay” deserve to be different than an individual shareholder’s opportunity to control the way corporations incentivize and pay their executives? In my view it doesn’t.

I have never been in favor of say on pay by shareholders or God forbid the Government. Shareholders have the right to make their feelings heard but most are not qualified to make decisions for the organization. Shareholder say on pay should remain a vote with their feet or their proxy statements. In my last installment I said that boards have to step up, dig in and bring some collective sensibility to this process. I think it is also time for shareholders to step up, dig in and remove some board members. Some of these directors also need to be thanked for their meritorious service and sent to permanent retirement not just shuffled to the next board.

I believe that the world has to hold Board of Directors to an increased level of accountability. Boards (not shareholders) have the obligation to understand what it takes to hire and incentivize key executives. Boards (not shareholders) are empowered to set reasonable and appropriate incentive targets – regardless of the number of trailing zeros. We have a governance system that has worked for more than 100 years, but greed and lack of accountability has diluted its value. And what is this silly tax idea??? Simply stated, boards must return to accountability for executive compensation so that is ensures that all the organization’s stakeholders get rewarded.

So what do you think government’s or a shareholder's role should be on “say on pay”?