Every Company Has the Exact Compliance Program It Wants

In the movie The Wedding Date, a high-class male escort is quoted by a journalist as saying “Every woman has the exact love life she wants.”  He later explains that whatever the state of any woman’s romantic life, it is the result of choices that she made for it to be that way.

It’s the same with companies and their compliance programs.

Whether a company has a strong, robust program that “works” to find, fix and prevent problems, or it’s nothing more than “window dressing,” that program is the result of a series of leadership and management choices that made it that way.  In other words, every company has the exact compliance program it wants.

That’s why I have little sympathy for the companies that always seem to rely on the Rogue Employee playbook when faced with the corporate scandal du jour:

Step 1: Publicly identify and condemn Rogue employee
Step 2: Fire Rogue Employee
Step 3: Announce that Rogue Employee has left the building (nothing to see here).

As I have said here and here, the actual Rogue Employee is rare, and almost never the root cause of the problem.  In 99.97 percent of the cases, the real reason for misconduct is the series of choices that leadership and management have made that allowed or encouraged the “rogue” actor to commit the bad act, undetected, in the first place.  The Rogue Employee myth is also dangerous, because it allows management to avoid the more difficult questions about compliance and culture they should be asking and answering.  Boards, are you paying attention?

Choices have consequences, whether in love or compliance.

From the start, leadership makes choices about how to structure and resource its compliance program.  Should the company have a strong independent chief compliance officer that will bring bad news to management that it needs to hear, or should the CCO be buried in the legal department and filtered?

There are also choices to be made about compensation, incentives, promotions and disciplinary action. When a high-performing senior manager is caught cheating on his expense report or retaliating against a subordinate, should he be disciplined, fired or “coached” and promoted?

And there are choices about proactive management action versus “willful blindness.” When information reaches the C-Suite about potential bribery in a remote location, do executives commission a robust investigation with the commitment to follow the facts wherever they may go so they can act decisively on them, or do they “hush it up” instead?

All of these choices eventually produce results.  Workplace culture is nothing more than the reflection of a series of decisions by management which drives employee behavior.

Employees are savvy and observant.  They follow the decisions of management – especially their own team leaders – with laser-sharp precision and incorporate the messages those decisions send into their behavior, regardless of what public statements are made to the contrary.  They instinctively know the difference between walk and talk.

A CEO in damage control who comes out swinging at the rogue employee for the cameras should better take a swing at the series of choices made by leadership that caused or enabled the bad act to happen in the first place.  But that’s messier and usually not in the playbook.

As in romantic comedies and love, every company has the exact compliance program it wants. Or that its leadership deserves.