Lessons Learned from the Trenches
The #MeToo and #TimesUpNow social media campaigns sparked a movement to expose intimidating behavior and sexual assault in the workplace. Because of the resulting paradigm shift, harassed employees are empowered to speak up about wrongdoings. Corporate investigators Amy Conway-Hatcher and Bridget Moore discuss the need for corporations to re-evaluate their whistleblower reporting programs, assess current conduct policies and determine whether they are sufficiently prepared to deal with allegations.
with co-author Bridget Moore
If you follow whistleblower developments, most of 2017 looked a lot like years past with its fair share of whistleblower reports, settlements and litigated cases, adding to the momentum whistleblower advocates have built over the last decade. The real story, however, is what began to unfold in the wake of the #MeToo and #TimesUpNow movements that spread virally through social media, exposing the prevalence of sexual harassment and, in some cases, sexual assault, in the workplace. Raw and powerful, a widespread culture shift has taken place, empowering whistleblowers to “speak up” and expose – unilaterally or with the help of others – injustice, unfairness, bad behavior and illegal conduct. The shockwaves are widespread and will continue to be felt at the board level and in the C-suite across many industries and organizations.
In the past, whistleblowers operated from a position of weakness, often in the dark, alone, afraid of losing employment opportunities and unaware of their rights. That is no longer true. While exposing bad behavior is still intimidating and risky, the balance of power is shifting. Whistleblowers have support from nonprofit organizations, anti-retaliation laws, sophisticated legal counsel, investigative reporters and the power of the internet and social media. From this support, people feel more empowered to “speak up” about wrongdoing. The impact is being felt by institutions at the highest levels, from Wynn Resorts, Michigan State, Lululemon, Red Cross, Uber and recently, Ford. Some of these institutions seem to be weathering the storm and others have struggled, facing accusations of complicity or looking the other way and allowing toxic cultures to flourish.
Now more than ever, business leaders and directors need to take a hard look at their culture and the behaviors that can lead to widespread misconduct. They must be willing to peel back the onion and address inappropriate conduct that may exist in their organizations. They need to re-evaluate whistleblower and other reporting programs to assess whether their culture in fact encourages or discourages people to “speak up” when they experience or observe misconduct. Leaders must have the courage to look at themselves to assess the tone they have set. They also need to ask, if that day comes, whether they are sufficiently prepared to deal with potential allegations that touch the highest levels of the organization.
Related reading: Empowering Employees to Speak Up Against Unethical Behavior
Four Steps: How Organizations, Directors and Leaders Must Adapt to Whistleblowing in the Future
1. Accept the new reality of whistleblowing. Commit to talk about culture and compliance weaknesses now. We’ve been approached by many people who don’t know how to start the conversation in the boardroom or the C-suite. In some instances, there is a concern whether people are willing to have a conversation that may “suggest” or expose problems among their peers – or give the perception that may question another’s ethics and integrity. In other cases, the barriers exist because the topic is awkward and difficult to discuss. How do you ask management whether we have a sexual harassment problem? And how do we broach the issue of testing the answer? Our answer: Yes, it is hard, but if you can’t talk about it, that’s the first problem you need to get past. Directors and C-suite executives have a duty to the organization and its shareholders to protect the reputation, brand, integrity and financial value of the company; they must talk about issues that could negatively and materially impact them – regardless of the topic.
A 2017 survey released by theBoardlist and Qualtrics found that “the vast majority of boards (77 percent) had not discussed accusations of sexually inappropriate behavior and/or sexism in the workplace. Nearly all (88 percent) had not implemented a plan of action as a result of recent revelations in the media or re-evaluated the company’s risks regarding sexual harassment or sexist behavior at the workplace (83 percent). Only a handful had discussed risks/rewards of company culture that encourages drinking or partying at work (19 percent).” In the wake of #MeToo, investors are demanding more. Some boards and business leaders are realizing the hard way that ignoring these issues exposes them and their companies to significant legal, business and reputational risk. The reality is that no one is immune from these types of problems; this alone should get everyone’s attention.
2. Find better ways to test assumptions, culture and the effectiveness of internal reporting mechanisms. Companies often tout their values, culture, ethics and integrity, but testing them is another matter. And, when they test them, there is a hesitancy to do more than scratch the surface. The next question we get asked is how do you test culture and what “red flags” do you look for? First, ask leaders and others in positions of influence the ultimate question: under the spotlight, what do they think people would say about their organization, culture, leadership and commitment to ethics? Next, test their assumptions. How to test will be different for different companies, but here are some initial considerations:
- Analyze existing reports and understand trends at a macro level. Are there indicators of serial complaints or silence that could indicate potential weak culture issues? Many companies prepare ethics and compliance reports that track internal reporting and other metrics but miss the opportunity to study the bigger picture. What reports do you generate? What does the nature of the reporting tell you at a macro level? Does HR coordinate with compliance? What does your hotline reporting tell you? Are you analyzing information to see trends or areas of weakness? Are there types of conduct that don’t appear in regular reporting that you would expect to see? Are there departments or categories of employees who are silent and report nothing? In reports about Uber and NPR, for example, employees described an environment that was accepting of inappropriate conduct and reporting didn’t happen. Pay attention to serial complaints, but also look for pockets of silence to evaluate the bigger picture. Culture can be difficult to “pin down,” but this is a first step that can help assess potential “red flags” that management and directors should act on.
- Take note of serial departures from certain departments. In many investigations, we ask about the culture of the departments at issue including, for example, the rate of departures, exit interviews and how the department is run. Why? It helps us understand how mistakes may have been made and how the environment may have contributed to wrongdoing. This data also can identify problematic behaviors and people. Not surprisingly, in many instances, we find “red flags” existed for some time.
- Understand significant power differentials and VIPs in your organization, as well as their impact on culture. Most companies are hierarchical in nature. But, where power differentials or VIPs exist, there is always risk for abuse. How are you evaluating those relationships and offering support and training to those at senior and junior levels? What does the annual review process tell you? Do junior employees have the opportunity to review (anonymously) those they report to? Recent articles expose rampant sexual harassment within the medical field targeting young residents and interns who fear speaking up will impede their careers. Are there similar “at-risk groups” in your organization?
- Evaluate the effectiveness of training and the willingness of people to “speak up.” How many training sessions have you sat through where no one raises a hand or asks a question? How many times have you asked how the troops are doing and been met with blank stares or awkward smiles? Don’t assume that writing about a “speak up” culture means you have one. It takes a lot of work to engender trust and confidence that people will be treated fairly and concerns will be addressed. Silence is golden in the movies; it is not in evaluating culture. What steps can you take to reassess training and the opportunities it may provide to better understand culture challenges?
- Evaluate whether and how changes in business may affect culture and the potential for problems. Many companies encounter problems through changes in the business (e.g., acquisition of new companies, expansion into new markets, management changes, significant turnover in a group, downsizing/employee reductions in force and increases or changes in performance metrics). These types of developments should be monitored closely for “red flags” or other trends that may introduce new or exacerbate existing cultural or compliance weaknesses.
- Assess leadership accountability and training. When we encounter instances of misconduct at senior levels, there often are many “red flags” around the behavior. Hold all employees accountable for good and bad behaviors, including current and future leaders. Don’t treat people differently. Pay attention to employee feedback and embrace opportunities for growth. Consider what you can do to more effectively assess leadership and manager effectiveness and, if there are significant weaknesses, address them.
3. Establish an independent review process for any report of senior-level misconduct. Directors and C-suite executives should discuss contingency plans for conducting independent investigations, if necessary. While these types of investigations are less common, they are high-stakes, fast-paced and may be subject to news media and social media scrutiny; additionally, mistakes can exacerbate the problem significantly. The companies and boards who got ahead of #MeToo allegations quickly and decisively have fared far better than those who have not. The procedures should be no different than any other serious allegation that touches the C-suite or could create a conflict for management to investigate on its own. Steps include, for example, establishing a special committee and reporting lines; engaging independent counsel; addressing corporate governance considerations to maintain independence and avoid the appearance of conflicts; and updating disclosures, stakeholder reporting, insurance considerations and communications plans, etc. Having a checklist will help directors address critically important procedural matters while allowing them to more effectively focus on the sensitive problems at hand.
4. Establish fundamental “rules of the road” for handling any report of unethical behavior, regardless of who conducts the investigation. A lot has been written about effectively responding to whistleblower complaints, but organizations continue to falter. Although every situation will have its own nuances, here are some basic tips:
- Remain objective. Don’t prejudge the facts. Don’t ignore red flags.
- Be empathetic to the whistleblower, listen and gather as much detail as possible, along with any evidence. Let them know the report is being taken seriously, responsibly and fairly.
- Ensure that any review is viewed as independent and fair. Assess immediately (and on a continuing basis) the level of escalation needed within the organization to avoid perceived and actual conflicts of interest.
- Assess whether there are indications of any potential systemic issues and how high in the organization they go.
- Avoid actual or perceived retaliation. Retaliation is not only against the law, but it will greatly increase the risk of escalation. Whistleblowers who feel wronged or treated unfairly will eventually seek help elsewhere.
- Document the findings, including any observations on systemic or cultural issues that may have contributed to the problem.
- Remediate – both the problem and any contributing factors.
- Have contingency plans in case the matter escalates or becomes public. Align whistleblower contingency planning with crisis management plans.
In the end, accept the fact that every organization will face challenges. Start the conversation today.
Bridget Moore is a Partner and Deputy Department Chair of Litigation at Baker Botts. Her practice focuses on securities enforcement, internal investigations and white collar defense. In particular, she helps clients settle enforcement matters brought by the Securities and Exchange Commission (SEC).
Prior to joining Baker Botts in May 2003, Ms. Moore worked as a staff attorney in the Division of Enforcement at the SEC. While at the SEC, she conducted investigations involving the antifraud provisions of the federal securities laws, proxy violations, insider trading and various disclosure and reporting violations. In addition, Ms. Moore participated in trials centering on the fraudulent promotion of stocks, earning her the Enforcement Division Director’s Award for Trial Work.
Ms. Moore was short listed as one of five national finalists for the “Up and Coming Regulatory Lawyer of the Year” award presented by Chambers USA (2012).
Amy Conway-Hatcher is a partner in Baker Botts’ Washington, D.C. office. Amy’s practice focuses on corporate internal investigations, corporate compliance and defending corporate and individual clients in criminal and civil enforcement matters. She has appeared before the Department of Justice, U.S. Attorneys’ Offices, the Securities and Exchange Commission, the U.S. Commerce Department, the Department of Treasury’s Office of Foreign Assets Control (OFAC), the New York Attorney General’s Office and other federal and state regulators.
