No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

It’s Your Culture, Stupid: It’s Impossible to Control Your Way to Compliance

A Guide to Avoiding Compliance “Bear Traps,” Part 6

by Jim Nortz
June 11, 2020
in Compliance, Featured
It’s Your Culture, Stupid: It’s Impossible to Control Your Way to Compliance

Without a strong culture of ethics, even the best compliance and ethics program is just window dressing. Jim Nortz explains why controls only take you so far and why ethical leadership is so critical.

A True Tale of Transformation and the “Control” Myth

We were a global, multibillion-dollar specialty chemical company. We had some of the most experienced, highly credentialed and dedicated health, safety and environmental (HSE) professionals in the industry. We had a wall-shelf full of policies, procedures and manuals on every HSE law and best practice under the sun. We performed extensive HSE training, and we ensured that all manufacturing personnel maintained government-mandated certifications. Every year, we spent hundreds of thousands of dollars on HSE audits of our chemical plants around the world and invested millions more in HSE improvements. We were also one of the most dangerous chemical companies in the world to work for with an uncomfortably high percentage of employees injured or killed on the job every year.

This changed when Gary Cook took over as CEO.

Within two years after Gary took the helm, our company’s safety performance ranking went from the bottom to the top of the chemical industry. Here’s the thing, though: We didn’t change one policy, procedure or guidance document. Instead, we changed our culture.

Parts 2, 3, 4 and 5 of this series focused on key compliance and ethics program attributes that “enable” compliance. They are essential, but insufficient by themselves to avoid the bear traps[1]. If they were sufficient, the health care industry would not have paid over $40 billion in fines over the last 20 years for corrupt business practices.

Had you toured the corporate offices of Pfizer, Siemens, Merck, Johnson & Johnson, Novartis and dozens of other marquee companies before they were being caught by the bear traps, I’m confident you would have been impressed by the volume of policies, procedures and codes of conduct on their shelves. You would have been awestruck by the quality of their compliance training programs and the vast number of highly credentialed, dedicated compliance and ethics professionals. But, as each of these firms and thousands more have discovered the hard way, you cannot “control” your way to compliance.

For compliance and ethics professionals like me, this is a hard pill to swallow. Like many of you, I’ve toiled for decades to build world-class compliance and ethics programs only to observe that it’s all just window dressing absent a strong ethical culture.

Fundamental Behavioral Drivers

To build and sustain a strong ethical culture, you must first understand and harness the forces that drive behavior in organizations. These are illustrated in the organizational behavior distribution curve diagram below.

In this graph, the Y axis represents the number of people behaving in a particular way. The X axis demarcates various behavioral boundaries:

  • Ideal, defined by full compliance with applicable company, legal and ethical standards and behavior that promote harmony, teamwork and engagement.
  • Organizational, defined by company policies and procedures.
  • Industry, defined by industry ethics standards.
  • Legal, defined by the law.
  • Catastrophic, defined by corrupt business practices that put both the individuals involved and the enterprise at material risk of a significant enforcement action.

The curve drawn on the graph is the kind of plot you might see in an organization with a fairly strong ethical culture where the vast majority of employees are in the “acceptable behavior zone” and where there are no employees in the “catastrophic behavior zone.” However, such an organizational behavior profile does not happen spontaneously. It takes work to achieve it, because there is a constant pressure to cheat, or strain placed on employees to perform. This powerful, unrelenting force always pushes toward the “unacceptable” and “catastrophic” behavior zones, not because people are wicked, but because it is always easier, faster and cheaper to achieve performance goals by violating rather than following the rules.

It’s always easier to sell a drug by promoting it off label for multiple uses than it is to market it for a narrow, approved indication. It’s always easier to sell a medical device by paying a kickback to a health care professional than it is to compete for the business on quality and price. Company structures and systems like the ones described in Parts 2 through 5 of this series are designed to oppose this pressure to cheat. But, as experience has shown, they do not drive behavior – hence the dotted line in the diagram.

Instead, the primary behavioral drivers that have the potential of opposing the constant pressure to cheat are individual attributes and social dynamics.

Individual Attributes and Social Dynamics

I believe we all have a free will. Regardless of the magnitude of the strain placed on us to perform, we can each choose to do our jobs in the “acceptable behavior zone.” Whether we have the capacity to do this depends on the degree to which we:

  • know the rules,
  • have a desire to follow the rules,
  • choose to follow the rules even when it is hard and
  • make a habit of always following the rules.

However, decades of scientific research has shown that more often than not, individual attributes are overwhelmed by two powerful social dynamics: response to authority and conformity to social norms. I’ll spare you a description of the groundbreaking experiments revealing this aspect of human behavior and merely refer you to the work of Solomon Asch and Stanley Milgram, who showed that the vast majority of us will do what the boss says and go along to get along, even if we think doing so is wrong.

However, the power of social dynamics can be also be harnessed to promote ethical behavior. The single most important factor that determines whether this happens is the character of an organization’s leaders. If, like Gary Cook, corporate executives exploit their authority for good, a strong, sustained ethical culture will emerge in which employees self-police and act in accordance with the rules. But if corporate executives and directors get this wrong by putting too much strain on the organization to perform and they fail to exploit the power of social dynamics to induce individuals to follow the rules, the outcome is as predictable as it is catastrophic: 100 percent of the time, such leaders will find themselves at the helm of a criminal organization with a behavioral distribution curve looking like the one below.

This is the phenomenon that has been repeating itself for decades in the health care industry, delivering thousands of firms and business professionals into the bear traps. The next time you read about a health care company paying a hefty fine or signing a corporate integrity agreement, don’t look to their compliance department for accountability; look to the company’s C-suite and its board of directors.

These observations present both a challenge and an opportunity for us compliance professionals. In addition to building and operationalizing effective internal controls, to succeed in our mission of promoting ethical business practices, we must find a way to reach our leaders. We must help them understand that if they have a genuine desire to avoid the bear traps, they need to exploit the vast power of social dynamics for good.

Specifically, we must persuade our leaders to strive for financial performance without inducing criminal conduct. We must help them understand that they cannot outsource compliance to others in the organization. Instead, our leaders must exhibit a passionate, relentless, uncompromising commitment to operating in accordance with the law and applicable industry standards. This is what Gary Cook did to drive safety performance at a dangerous chemical company many years ago. And, as Gary demonstrated, it is the most reliable and potent means to drive behavior in any organization. People follow the leader, not the policy.

I must confess that for over 20 years, I’ve had only limited success in my attempts to coach and train corporate executives to be strong ethical leaders. In addition to being ambitious and highly intelligent, most CEOs and other corporate executives I’ve worked with were also exceedingly arrogant and unwilling to heed the advice of compliance professionals, let alone examine and improve their ethical leadership skills. In virtually every case, their primary focus was on their own survival and short-term financial metrics. Very few devoted the energy necessary to become strong ethical leaders capable of building and sustaining a strong ethical culture.

The difficulty of coaching executives to be strong ethical leaders does not diminish the importance of trying. Regardless of how daunting this task might be, we compliance professionals must find a way to persuade our leaders to get in the game and to play it well to ensure all our work to create a sound compliance and ethics program is not in vain.


[1] As mentioned in part 1, the term “bear traps” as used herein refers to the anti-kickback statute (AKS), the False Claims Act (FCA), the Physician Self-Referral Law (aka the Stark Law), the Civil Monetary Penalties Law (CMP) or the Eliminating Kickbacks in Recovery Act (EKRA). Enforcement actions pursuant to these laws against thousands of individuals and companies in the health care sector have resulted in incarcerations and tens of billions of dollars in fines.


Tags: Corporate CultureCulture of EthicsHealth Care
Previous Post

Smarsh Introduces Capture and Archiving Support for WhatsApp and WeChat

Next Post

NAVEX Global Launches Risk Management Solution Packages to Address Third Party, Business Continuity and Privacy Risk Management Needs

Jim Nortz

Jim Nortz

Jim NortzJim Nortz is Founder & President of Axiom Compliance & Ethics Solutions LLC, a firm dedicated to driving ethical excellence by helping organizations implement effective compliance and ethics programs. Jim is a nationally recognized expert and thought leader in the field of business ethics and compliance with over a decade of experience serving multinational petrochemical, staffing, business process outsourcing, pharmaceutical and medical device corporations. Jim spent the first 17 years of his career as a criminal and civil litigator and Senior Corporate Counsel before becoming Crompton Corporation’s first Vice President, Business Ethics and Compliance in 2003. Since then, Jim has served as a compliance officer at Crompton and for five other multinational corporations, the most recent of which was as Chief Compliance Officer at Carestream Health. Jim has extensive experience in implementing world-class compliance and ethics programs sufficiently robust to withstand U.S. Department of Justice scrutiny. Jim is a frequent guest lecturer at the University of Rochester’s Simon School of Business, RIT’s Saunders School of Business, St. John Fisher College, Nazareth College and other law schools, universities and organizations around the country. Jim writes the monthly business ethics columns for the Association of Corporate Counsel Docket magazine and the Rochester Business Journal. Jim is a National Association of Corporate Directors Fellow, a member of the International Association of Independent Corporate Monitors and serves on the Board of Directors of the Rochester Chapter of Conscious Capitalism as the Board’s Secretary and Chair of the Governance and Nomination Committee. Previously, Jim served on the Board of Directors for the Ethics and Compliance Officers Association and the Board of the Rochester Area Business Ethics Foundation.

Related Posts

pharma

Hard Pill to Swallow: Sorting Out Conflicting Guidance for Pharma Speaker Programs

by Randy Luskey
June 7, 2023

False Claims Act litigation surrounding drugmakers’ speaker programs, often used to educate healthcare professionals about a company’s products, has many...

curiosity which door

Culture: Are You Curious Enough?

by Jim DeLoach
May 17, 2023

As a keystone provides integrity to an arch structure, culture infuses the shared values and attitudes that frame how an...

3 questions culture

Pinpointing Culture of Compliance Is a Challenge. Start With These 3 Questions.

by FTI Consulting
April 5, 2023

FTI Consulting’s Angie Gorman, Janet Hale and David Stickney offer their guidance to help companies set about measuring the effectiveness...

Fox_McDonalds Delaware Chancery Court Case_f

McDonald’s Delaware Court Decision Will Change CCO World Forever

by Corporate Compliance Insights
February 9, 2023

Podcaster and compliance expert Tom Fox digs into the details of a recent Delaware Chancery Court decision and how it...

Next Post
virtual screen with interlocking gears

NAVEX Global Launches Risk Management Solution Packages to Address Third Party, Business Continuity and Privacy Risk Management Needs

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment Sanctions SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT