First in a three-part series by David Fitzsimons
DMAIC is a 6-Sigma-derived methodology that, if deployed properly, drives prudent, necessary change through the heart of an organization. The acronym stands for: Define, Measure, Analyze, Improve and Control. Here it is considered within the context of multi-national, organizational anti-corruption activity. This is more than a “how to.” It is a combination “how to” with commentary and some opinions to help the reader put these ideas into a reasonable perspective.
So let’s get started — the key criteria for chartering a DMAIC project include:
- an existing process needs improvement to meet business and customer specifications
- the root causes of performance problems are not known and have not been confirmed with data
- the solution for decreasing defects and improving performance needs to be determined
- data on process performance is already available or can be obtained
- the process is tied directly to key business results and metrics
- resolving the problem and improving performance has been deemed a high priority by business leaders
- the customers of the process output can be identified and consulted.
You noticed that the word “process” is used above repeatedly. You may be wondering: ‘What do processes have to do with an organization’s ethics and compliance function’? Actually, a great deal since virtually every ethics and compliance activity represents either its own process, or a subpart of another process. If an activity or a group of activities can’t be described as a process, or, at the very least, a collection of sub-processes, then we are using the wrong methodology altogether. In the absence of any processes, we should be using another 6-Sigma methodology called DMADV (Define, Measure, Analyze, Design, Verify), but we’ll set that aside for now and go forward with the assumption that we have, in fact, a corporate ethics and compliance department that is able to describe the process or processes or it has in place in order to function. Let’s assume that such processes can be mapped and that all of the other criteria called for above are met by your organization.
There are many other 6-Sigma tools that could be used instead of DMAIC, but for the purposes of our coalescence of anti-corruption and 6-Sigma/change management theory, we’ll start with this and see how it might work in this setting. The DMAIC methodology has been chosen because it has had a great deal of success basically dissecting and fine-tuning various corporate manufacturing and service processes and, along the way, making some dramatic improvements. The methodology has been applied longer in the manufacturing arena than it has in service businesses, so most of the more advanced statistical applications and breakthroughs toward zero defect production have been on the manufacturing side. The methodology, to my knowledge, has not been applied with as much precision to the service sector, largely because the same investment in quality has lagged, and a lot of service sector work is more difficult to measure against set standards. (Something reasonably tangible has to be measured and re-measured in order for this to work.) But this is changing fast. Intense global competition for customers and new business is forcing service companies to figure out ways to measure, fix and upgrade their customer service to stay at least even with the competition, let alone prosper. Due to a great deal of positive press, the “zero defect” business paradigm central to 6-Sigma is being incorporated wherever possible. Customers are the lifeblood of businesses in the service industry so if keeping customers happy means subjecting themselves to employees and consultants integrating 6-Sigma techniques to improve their service processes and quality, then there isn’t reason enough to resist.
Scope – what exactly is our purview? What processes are there currently in place within our company’s ethics and compliance function? How do those processes overlap with the processes of other company departments, like Finance and HR? Who exactly is responsible for what? Have these questions been asked? If so, what are the answers and how does this drive us in terms of budgeting, staffing, office space set up for people and documents, etc?
Objective (overall) – what is the purpose of our ethics and compliance function or functions? Is it reactive or proactive? Reactive: Is it just to keep records, facilitate audits, support outside counsel, conduct investigations and provide field updates in international trading laws? Proactive: Is there a specific three- to five-year plan with a clear set of objectives toward change? If there are objectives, what kind of customer input did we gather to build them? Have we established a credible way to verify attainment of objectives moving forward? Have we considered every channel for communication (preferably two-way) to make sure all stakeholders are onboard with the changes?
Sponsors – who is paying for ethics and compliance? If it’s part of a corporate expense center, what kind of information do we provide to senior management as far as key performance indicators and ROI? But senior management is only one stakeholder group. Investors in your company stock who see their stock value decline because of a publicized corrupt practice directly or indirectly involving your company also need information about the current state, the future state and progress updates to keep them onboard. The same can be said for yet another stakeholder group — spokespeople/brokers in the investment marketplace. Assuming some changes need to be made, beyond funding, what kind of leadership will sponsors’ demonstrate? When work teams start to flag and see what they are doing as fruitless, or the members aren’t freed up enough from their normal day-to-day job activity to work on teams, will the CEO or a Board member make him- or herself available to reconnect the contributors to the overall mission? Will the necessary management commitment be there to change a few job descriptions so that team members have the time to roll up their sleeves and make some dramatic changes? Will commitments hold? Will there be accountability for results?
Stakeholders – this aspect of ethics and compliance activity, which is actually the key to its success, appears woefully underserved. A good DMAIC rollout would include a change management plan providing a list of all the stakeholders, what kind of information needs to be delivered to them, and when it should be delivered. Many ethics and compliance functions have one set of Powerpoints for all stakeholders – employees, investors, senior managers, board members, with little or no accommodations made for differences in their factual and emotional needs. It is not uncommon for third parties, such as distributors and agents, who have been instrumental in a number of FCPA violations, to receive little or no communication from corporate ethics and compliance functions. These mistakes can be avoided by putting together a change management plan that includes all the key stakeholders. The plan would include ways to create and sustain stakeholder buy-in and support through active give and take communication forums.
Project team(s) – the idea of putting together a project team(s) depends on whether you look at the tasks before you as a large project, or just ad hoc requests on top of your regular job responsibilities. If it’s all ad hoc, with no corporate support for charter-creation, objective-setting, stakeholder assessment, change management/communication strategy, then the idea of forming a project team would be a waste of time. The team would be relegated to clerical functions with no consistency in the flow of work or work outputs. The idea of a project team, whether it’s a Process Improvement Team or some other kind of team based on positive change, depends on corporate support for the idea of coming up with an intelligent strategy for change, and then putting the resources in place to achieve the desired change. When constructed, trained and deployed properly, project teams can achieve remarkable results. This is because, under the 6-Sigma model (at least in theory), the teams are not constrained by functional silos, which, unfortunately, don’t necessarily see enterprise-wide interests as a top priority.
Here is a sample org chart for a major change effort involving anti-corruption:
As you can see in the above org chart, there are a lot of arrows with double heads. That means the correct way to proceed with a change effort is to send and receive information from all concerned parties – those working directly and indirectly on the project and all stakeholders – on a regular basis. In addition, the information in the boxes lays out the project structure – who needs to provide support and guidance, who should be working on it, who needs to be kept informed, and the complexity of keeping everyone on the same page. Obviously, this is just a sample org chart for a change effort involving anti-corruption. For example, the stakeholder box could be populated with different entries depending on the circumstances unique to each setting. In addition, the project teams could divvy up work in a number of different ways. One group could, for instance, work on organizational composition studies (i.e., behaviors, perceptions, motivations, attitudes in the current workplace) while the other group focuses on improving the overall process for improved transparency, information flow, privacy protection, audit requests (e.g., elimination of duplicate filings and entries) and legal discovery facilitation. The list of possibilities is endless.
Baseline Buy-In Level – you can start out by assuming that no one outside of the ethics and compliance department gives much thought to ethics. And there are admittedly many people in organizations whose ethics are never tested due to the nature of their jobs. Unfortunately, their apathy can have a contaminating affect on those in ethically vulnerable positions. Compounding this is a basic human flaw – seeking comfort, people intellectually and emotionally remove themselves from the fray because ‘it will never happen to me.’ Like the person who consistently drives too fast and ends up sliding off the road and into a ditch because the roads are a little icy on that day. These kinds of events can occur because people feel invulnerable or safely insulated due to success with prior, similar experiences. ‘I drive down that highway every day at 65 mph and nothing bad ever happened before. How could this have happened to me?’ Why? Because conditions can change. Speeding along at 65 mph might be OK on dry pavement, but icy pavement is slippery and maintaining the same speed on an icy surface means losing control and having a bad experience. The same kind of risk-taking/insular dynamics find their way into domestic and international business dealings. For instance, speeding along a business deal inChinaby taking care of the right people means you could very well end up in the FCPA ditch, and this is no cheap towing job. And, as if this isn’t challenging enough, you have a small percentage of your employee population, in corollary with the general population, that is predisposed to cheating as a way of “getting ahead.” “It’s tied in with self-esteem,” saysUniversityofMassachusettspsychologist Robert Feldman in an article entitled: “Understanding the 10 Most Destructive Human Behaviors. He adds: “We find that as soon as people feel that their self-esteem is threatened, they immediately begin to lie at higher levels.” Feldman has conducted studies in which people lie frequently with 60% lying at least once during a 10-minute conversation. And lying is not easy. One study concluded that lying takes 30% longer than telling the truth. (Interestingly, recent studies have found that people lie in workplace email more than they did with old-fashioned writing.)
When people with these traits are in ethically vulnerable positions as far as money- or deal-handling, the potential for disaster is enormous. This isn’t to suggest that a process redesign or some kind of cultural transformation will eradicate every possible reason why people in companies bring their self-esteem issues into the workplace and do corrupt things. But even if complete eradication is not a reachable goal, working toward it lowers the odds of getting caught up in a government enforcement action. There are currently 89 companies under investigation for alleged violation of FCPA; this is troubling – first, because it suggests a certain overzealousness as far as enforcement action, and second, because it largely penalizes US companies and US individuals (there are other countries’ companies on the list, but it’s about 95% US) for conducting business in foreign countries in accordance with local customs. Overseas enforcement has been spotty so it has bred kind of a loose and fast business environment. For example,Chinais stepping up enforcement of its anti-bribery laws throughoutChina. In the meantime, huge sums of money are getting spent on lawyers by US taxpayers to prosecute violators, and those being investigated, both corporations and individuals, are spending millions in legal fees to defend themselves. So besides being an absolute boon for the legal profession, companies and individuals are getting financially battered because lawyers insist on getting paid. For most of the companies on the list of FCPA violations, it all could have been avoided. For example, for some companies on the FCPA list, it could have been as simple as having an exhaustive due diligence process that would have insisted on more detailed financials to prevent acquisition of a company that was loaded with red flags. For others, it could have meant abandoning the idea of doing business in a country where there is virtually no separation between government officials and commercial contacts. And then for others, it could have meant clamping down on aggressive sales organizations that were entertaining and gifting to the hilt. These things are very complex and there is no one-size-fits-all solution. Given the financial stakes, however, it deserves attention. Your baseline buy-in level is truly about awareness, perspective and information-sharing. It’s about preparing yourself for the task at hand, and lining up the resources to do it.
Cultural aspects of anti-corruption – every language used today has subtle nuances. Certain key English-speaking ethics and compliance terms, like truth, trust, bribe, whistle-blow, etc. don’t necessarily translate accurately into other foreign languages, like Russian, Cantonese and Mandarin. Therefore, material has to be developed in the native languages of international hotspots, likeRussia, formerUSSRsatellite countries,Korea,China, andAngola. It’s not as simple as drafting a code of conduct in English and then sending it off to the foreign translators. There has to be quite a bit of give and take between the organization preparing the material, and the translators hired to put it into foreign languages. Every language used reflects the cultural aspects of the groups speaking it. If bribery is considered a standard business practice in certain countries, then the word “bribery” when translated directly may or may not have the same connotations and stigmas as the underlying translated word, which is tied to the cultural thinking and beliefs of the culture (English-speaking western countries) that created it. For the purposes of anti-corruption, what you are really doing is superimposing a cultural norm onto a completely different culture in kind of a segmented (i.e., you are asking them to rethink one small slice of their overall culture), foreign way. This is no small task and relies on using a combination of substitute native language words that somehow link the Western application and understanding of the word “bribery” with native words that have the same connotations and moral weight.