September 30, 2019
The role of the ethics & compliance professional – Educator
The role of the ethics & compliance professsional is complex and changeable. You must be an educator, counselor, and enforcer. A bit like being a parent, but with a LOT more kids, and no ability to reply, “Because I say so!” Like being a parent balancing the demands of each role is a challenge. The role of the enforcer is especially tough to balance with that of educator and counselor.
Which of these roles do you find yourself fulfilling most frequently? Is that by design or necessity? What is required in each role and how should success be measured?
In this blog, we’ll start with the role of the ethics & compliance educator, before covering that of the counselor and enforcer in subsequent posts.
Most forms of education normally rely on a teacher imparting knowledge and the pupil applying that knowledge and then being tested. Your challenge as an ethics & compliance educator is the pass-mark is very high. “Only corrupting a bit,” is not an indicator of success.
Some of the most useful tools for the E&C educator are case studies, exercises, simulated crises, and ethical dilemmas. Dealing with challenges in a classroom setting is better than gonzo compliance out in the market. In one simulated exercise we facilitated – where different teams responded to local community unrest – one group briefed the general counsel, saying, “Well, there was only a little bit of violence.” The GC replied, “Oh, that’s okay then, the stock market will understand it was only a little bit of violence.” Dark humor can lighten a heavy topic.
Measuring the success of the ethics & compliance educator is challenging, but there are some ways. For example, online training completion and testing statistics; feedback forms from workshops; and the number, and type of allegations made on reporting lines.
A good educator empowers students to apply the learning rather than just answering questions. It can help to break down the areas of E&C where individual ownership is easier, and those where it’s riskier.
|Anti-bribery and corruption||Influencing people (using inducements) to do things they are not supposed to do is wrong.||‘Appropriate’ gifts, entertainment and facilitation payments can confuse.|
|Fraud prevention||Don’t take things that are not yours or misrepresent facts.||Understanding conflicts of interest can cause confusion in some cultures and contexts.|
|Anti-discrimination and harassment||Don’t be mean, watch what you say, think before you speak, consider those around you, and don’t abuse your position.||Local legal requirements (e.g. local content, representation, union requirements, etc.).|
|Anti-money laundering||If it’s unclear how someone obtained the money they wish to transact with you, escalate.||Determining political exposure, spotting indicators of placement or layering, identifying connections to Specially Designated Nationals.|
|Anti-competitive practices||Don’t disclose private information, don’t ask others to, and don’t collude.||Knowing what information should and should not be shared in certain situations (e.g. a one-off joint-venture).|
|Human rights and modern slavery||Don’t treat people (local community, workers, stakeholders) badly, ensure fair employment practices, know where your supply chain is potentially exposed (check sites like this).||Assessing how far to go down your supply chain, where to find that information, and understanding the impact of your decisions.|
|Trade sanctions||Read the news, ask before entering deals or markets where there is ongoing conflict and/or publicized sanctions.||Knowing exactly where your products end-up once sold to a customer, especially if multiple third-parties are used.|
|Data privacy||Consider why you need certain types of personal information and store it carefully.||Individual rights, recording requirements, data transfer, and retention restrictions.|
|Information security||Don’t leave devices on and lying around, lock screens when away from your desk, don’t leave sensitive documents unattended, etc.||Deciding on the appropriate security posture (cyber and physical), and analyzing social engineering emerging threats.|
Understand the level of compliance maturity in your organization. This need not be complex, and we’ve developed a simple tool to help. Once you understand how the different parts of your organization (geographic and functional) handle the various areas of E&C you can prioritize your educational efforts on those needing the most support.
Next, you can empower those who demonstrate consistently good E&C hygiene to take ownership of the less complex areas. You can then spend time supporting the less mature. Make sure you constantly seek feedback, so no one feels neglected.
Finally, you can spend your time on those areas of E&C requiring precision (complex regulatory requirements), technical expertise, and coordinated oversight at a centralized level. This should reduce the time you spend on tasks that the organization should really own, freeing you up to deal with the ever-changing regulatory demands.