No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Typical Weaknesses of Codes of Conduct

by Jason Lunday
June 17, 2010
in Compliance, HR Compliance
colorful code of conduct text overlaid on screen

[Editor’s Note: This is the second in an ongoing series on Codes of Conduct by Jason Lunday. Follow this link to view all of Mr. Lunday’s articles in his Codes of Conduct featured column series.]

———-

Despite corporations’ proliferation of codes of conduct, codes oftentimes suffer from numerous weaknesses that undermine their effectiveness and place a company’s reputation for integrity at risk.  An understanding of these weaknesses helps a company to avoid such problems during a subsequent revision.

For the most part, a company’s standards of conduct serve as the central component of its integrity management program.  Yet many companies place their programs at risk because this central communication is not well constructed – principally, it does not effectively address the company’s specific characteristics and needs.  For instance, standards might not address the company’s primary operations or reflect its culture.  Or they might set the wrong tone, be too detailed or present other problems that undermine the effectiveness of the standards’ and, in turn, the company’s entire integrity management program.

Read more articles about codes of conduct

But by carefully considering and responding to the company’s characteristics and needs, management can best ensure that the standards – its integrity management program’s central tenets – best serve their purpose and provide an effective foundation for this program.

The Role of Standards

Standards of conduct play an important role in a company’s integrity management program.  For many companies, standards: (i) articulate the program’s basic policies; (ii) provide employees with their initial introduction to and impression of the program; (iii) continue to represent for employees the program’s principal communication; (iv) provide managers with direction for advising employees on ethics and compliance issues and otherwise supporting the integrity management program; (iv) overview the integrity management program’s structure and procedures.

These important tasks suggest that a company’s standards have a critical place in introducing, defining, supporting, and maintaining the company’s integrity management program.  Given these duties, it is not hard to appreciate that standards of conduct generally are a central tenet and foundation for the company’s integrity management program.  Therefore, it is imperative that management ensure that standards best fit the organization – that they are designed to effectively reflect the company’s characteristics and address its needs.

Yet many companies’ standards are not up to the challenge.  These standards suffer from numerous faults.  In many cases they:

  • Do not address the range of a company’s business activities, especially its principal ones.
  • Are not clearly linked with the company’s principal business objectives and culture.
  • Are not effectively linked to concepts of business integrity.
  • Set the wrong tone, perhaps one that is too legalistic or too vague.
  • Contain the wrong degree of detail regarding expectations.
  • Do not address the realities of conducting business.
  • Do not provide employees with effective ways to address business challenges.

These standards often are set up to fail because they do not specifically address the above challenges by addressing the company’s unique characteristics and needs.  Given the many other ways that a company’s integrity management program can flounder, it is incumbent on management to ensure that – at a minimum – its standards are well articulated.  The weaknesses of a company’s standards of conduct can severely undermine its integrity management systems.

Developing Effective Standards

It is not for lack of trying that companies’ standards often do not live up to their promise.  Rarely if ever do companies simply get hold of off-the-shelf standards and establish them as company policy.  By and large, companies make some effort to customize standards to their needs.  But this effort often is only partially successful, which is unfortunate given the role that standards play in underpinning the company’s entire integrity management program.

For many companies, standards do not live up to their promise as critical management tools because of one or more of the following seven problems:

1. Standards don’t address the range of a business’s activities, especially its principal ones.

When standards do not address both the breadth of a company’s activities and its major ones, employees cannot be expected to readily understand how their actions across the board impact the company’s integrity.  This problem generally occurs when companies select the topics and issues their standards will address largely by benchmarking other companies’ standards.  Any effort to develop standards certainly can benefit from benchmarking, but the development effort must go beyond this step and involve scrutinizing a company’s own business activities, as well.

Oftentimes, companies include standards in their codes of conduct that cover a fairly common set of topics: conflicts of interest, use of company assets, non-discrimination, environmental protection.  These are all salient and meaningful topics (and usually should be included!), but they are often not the company’s principal activities.  What are a company’s principal activities?  It sells products.  It manufactures products.  It services products.  Depending on the company, these are precisely the types of topics that are underrepresented among standards.  For instance, few companies’ standards address issues regarding advertising, but all companies advertise.  Standards must address a company’s principal activities since these activities can present the greatest risks to the company.

send me the eblast

Further, a company’s standards must also be broad-based, addressing the range of the company’s activities.  Many of the early corporate codes of conduct addressed a fairly limited list of topics: conflicts of interest, use of company property, non-discrimination.  Since that time, the corporate world has evolved in its understanding of the topics that impact a company’s integrity: customer and supplier relations, relations with consultants, fair competition practices, substance misuse (including alcohol), community relations, to name a few.  Senior managers increasingly understand integrity management as touching all aspects of the company’s business.  Even today, the list of topics grows: not only sexual harassment but racial harassment, not only community relations but workers’ rights, not only relations with suppliers but a suppliers’ own business practices.  Any and all of these activities, when improperly handled, can put a company on the front pages of next morning’s newspaper.  To ensure that employees act with integrity in the range of a company’s business dealings, its standards must address such topics.

Yet addressing the range of a company’s business activities raises the challenge of overly lengthy and detailed standards.  This is where companies need to identify creative alternative to accomplish both objectives: a thorough treatment of important topics along with materials that the average employee can understand and use.  For instance, a company’s standards do not need to be contained in only one publication.  Many financial services companies also use a compliance manual to address industry-specific topics.  Another example involves providing standards on certain topics to employees as needed.  Some companies only communicate standards covering international business issues to managers when they accept overseas assignments or take on international-related work.  Managers need to find innovative ways to provide their employees with the information they need to safeguard a company’s integrity.

2. Standards don’t clearly link to and align with the company’s overall objectives and culture.

Oftentimes, standards are developed without carefully considering these two important factors; therefore, the standards do not easily fit with the company’s purpose and style of doing business.  This leads employees to question whether abiding by the standards really fits with the company’s own objectives – that, while standards are filled with good intentions, they do not necessarily further the business’s interests.  (Indeed, this may be because many senior managers themselves do not clearly understand this linkage.)  Likewise, standards that do not reflect the company’s culture will seem alien to employees, like a manager who tries to introduce a formal dress code in a company with a casual and relaxed culture.

Standards should be a tool to help employees achieve the company’s principal business objectives, such as its mission, values and primary strategies.  For standards to play this role, they must be aligned with and link to these objectives.  It is astonishing to see companies that overlook this connection, as if a company can launch a global marketing campaign when its sales units are operating autonomously and possibly at odds with each other.  Management can establish this connection by including the principal objectives in a code of conduct, clearly presenting the standards as tools for reinforcing these objectives and, most important, articulating the standards in terms of how they help the company achieve these objectives.  Management can accomplish this last step by writing the standards to reinforce the company’s core objectives and then referring to the objectives periodically within the standards.  Some companies may even want to organize the standards within a code of conduct in terms of these objectives (for instance, by titling the code’s sections in terms of the company’s values).

Effective standards must also connect with the company’s culture.  For instance, a common fault among companies’ standards is a legalistic tone.  But what company would say that it has a legalistic culture?  Standards that do not tie with the culture will suffer the same fate of any initiative that does not truly reflect of how employees conduct business, how they communicate and how they interact.  Employees are more likely to see standards that are aligned with the company’s culture as tools that work in tandem with how business operates, helping these employees to employ the standards more easily and readily in their activities.  Standards can be tied with the culture by using language that is typical in the company’s culture (e.g., formal, casual, dynamic), developing standards to fit with how employees communicate and conduct activities, using design and layout attributes in a code of conduct that mesh with the culture, among other elements.  At the same time, it is important to ensure that the standards do not tie with negative aspects of its culture.

3. Standards don’t clearly link with business integrity.

This may seem simplistic but it is worth emphasizing because many standards are either not clearly tied to business integrity or done so rather marginally.  Oftentimes, this means employees view standards of conduct simply as additional company policies with little rhyme or reason to them.  At worst, employees may see such standards as whimsical and arbitrary.  Employees are more likely to see standards that clearly link with business integrity as the right thing to do and good for the business because the standards are appropriately justified.  This makes employees more comfortable with abiding by the standards and, in fact, should give employees a stronger justification for doing so than if the standards simply exist as policies without any appreciable rationale.  Interestingly, a study by Bird and Waters found that while managers avoid using moral terms when asked to describe the rationale underlying their decisions on ethics issues, they generally admit to basing their decisions on moral terms.1 The lesson is that managers seek to justify ethics-related decisions on more than financial and operational principles.  Managers are apt to make better decisions when their company provides them with the right tools.

In addition, the linkage between standards and business integrity should fit the standards’ particular conditions.  How management links standards to business integrity could be based on the overall linkage of the code of conduct’s – or a specific standard’s – relation to the business’s activities or the ease which readers can appreciate the linkage, among other factors.  For instance, standards that employees may not easily relate to business integrity may require a clearer association.  Typical linkages may include with: (i) the company’s values, (ii) such generic principles as integrity, honesty, trust or fairness, (iii) an activity’s impact on constituents, including stakeholders, (iv) to potential risks to inappropriate actions, or (v) to external standards, such as industry or legal rules.

4. Standards don’t present the right tone.

Oftentimes, when standards are part of an overall code of conduct, management does not intend for the standards to convey any specific tone, leading the standards to express a tone that management does not intend.  This is often a tone that may be legalistic, protective of top management, ‘school marm’ sounding, too ethereal – in any case, not a tone that benefits the standards’ purpose.  Given that the standards will convey some tone or another, it behooves management to choose that tone to buttress the standards’ objectives.  The right tone can, among other benefits, better reinforce management’s intentions for the standards, create a more welcoming feel for employees and better connect the standards to the company’s principal objectives and culture.

Tone is a product of numerous elements.  It is created by such elements as the style of writing used for the standards, a code of con-duct’s design and layout, an overall theme that unites the standards, a code’s organization and titles and utilities that assist employees in understanding the standards.  When all these elements work together, they can create a tone that sends a strong message about the standards.  Each company’s standards should reflect a tone that fits management’s intentions for the standards and the company’s culture.

5. Standards don’t provide the right degree of detail to address integrity-related issues.

Many companies find themselves trapped in an either/or situation: they do not want a code that is so brief that it does not cover the issues employees are likely to encounter, nor do they want one that is too long that employees will not read.  Both situations can create risk for a company.  So, companies either sacrifice providing sufficient detail in hopes that employees will read briefer, more general standards or they forgo the realistic possibility that employees will read the standards because they are too detailed, hoping that employees will turn to the standards as they need them.

In fact, companies can have both: standards that include the required detail and that are approachable for readers.  Again, management must look to innovative ways of achieving both objectives.  A few companies are developing summaries of their standards to initially educate employees and then following up with more detailed material as needed.  Some companies develop subject-specific booklets and distribute only to those employees likely to face related issues.  Or companies introduce standards that address new job requirements as part of related education and training.   To find the best alternative, management needs to identify available options and how each best meets the objectives for standards while mitigating any related risks.

6. Standards don’t address business realities.

Many standards come up short because they do not address certain realities of business.  Standards of conduct are typically labeled as being long on good intentions but short on acknowledging business practicalities.  This varies not only from company by company, but often by department, with employees closest to the field expressing the greatest question about the viability of the standards.  Some typical business realities include:

  • Many employees are not comfortable reporting misconduct, and a good percentage may never do so.
  • Employees indicate certain company standards are not realistic in the given business environment, like those that address ex-changing gifts and entertainment.
  • Employees are concerned about standards being applied inconsistently, especially where management is ostensibly sanctioned more leniently.
  • Employees may not turn to Human Resources for assistance.

Standards that ignore these realities create doubt among employees about how well they can follow them and still meet their own business objectives.  Take the typical case of the salesperson who will not make her month’s sales goals without offering an extra incentive (e.g., gift, entertainment) to a key customer above what competitors are offering.  The company may say it values the exchange of modest business courtesies, but employees look at the results of such actions to evaluate how truly these high standards ring.

To be most effective, standards of conduct must address the harsh business realities employees confront daily and that risk compromising the company’s integrity.  Standards cannot dance around uncomfortable issues, hoping that employees find their own way to the high road.  For standards maintain a high degree of credibility, they must address the business conditions that threaten the high ideals that they embody.  By acknowledging these business conditions, it is more likely that management can author the standards in a way that makes them more palatable and realistic themselves.  Take the following example:

“Do not provide expensive business gifts to customers.”

While its meaning is quite clear, employees can find a host of reasons why it is impractical: the company will lose out to competitors, customers expect such treatment, this is how the company often does business, etc.  By interjecting and then responding to marketplace realities, the standard proactively addresses some employee concerns:

“Fierce competition may tempt us to outdo competitors by using expensive gifts to win our customers’ business.  But we compete on quality products; using expensive gifts not only cheapens our overall reputation, it makes it harder to win the same business the next time around.  Therefore, we do not provide expensive gifts to customers.”

This approach helps stave off criticism that standards are high-minded and unworkable.  Of course, addressing business realities may involve using more words.  So, to keep a code of conduct to a reasonable length, incorporating such realities should be carefully weighed.  Issues that involve greater risk or are more commonplace, for example, may be targeted for addressing related realities.

7. Standards don’t incorporate effective ways to address challenges.

Many standards do not help employees understand how they can resolve challenges to abiding by the standards.  This often leaves employees feeling as though they are in an “either/or” situation: either they follow the standard and suffer related consequences, or they violate it to get business done.  In this either/or dilemma, employees begin rationalizing their behavior, perhaps claiming the standards were authored by managers in ‘ivory towers’ with no sense of the realities of business and how senior managers cannot possibly expect employees to follow all the rules and still accomplish the company’s objectives.  A common rationalization is simply, “How can my boss expect me to accomplish my objectives if she isn’t giving me the tools I need?”

To give employees confidence that they can tackle challenging issues, standards need to include tools to help employees resolve them and/or know where to go for additional help.   (These tools differ from other, more general resources that management should provide to employees, such as a helpline telephone number or identity of appropriate department personnel.)  Some tools may include the following:

  • Further explanation regarding what makes the issue a problem (often included in a standard’s rationale).  Being able to understand this is an employee’s first step to determining whether his or her decision-making could be compromised.
  • Treatment regarding how a standard fits a specific situation.  This helps an employee look beyond the letter of the standard to its intent and, thereby, better assess whether a particular situation may present a problem.
  • Conditions that would (or would not) constitute a problem.  In some cases, it may be appropriate to give employees discretion to think through the appropriate criteria and make a decision.  Using these criteria an employee can determine the appropriateness of his or her own situation.
  • Multiple alternatives to resolving an issue.  This provides an employee with appropriate options to consider.

By offering these tools, management encourages employees to think critically through an integrity issue and look for different, creative solutions.

Summary

By articulating standards of conduct, management has taken an important step in ensuring its company’s reputation for integrity.  But management must not stop there.  To ensure it receives the best return on its investment of time, attention and other resources devoted to the effort, management must ensure that its company’s standards are well written.

Standards must not fall prey to the many challenges that would otherwise thwart their success.  With the increasing reliance that senior managers place on standards of conduct as a management and risk control tool, standards must avoid the typical weaknesses that undermine so many companies’ efforts and leave employees questioning management’s intentions.

Notes

1 Frederick Bird & James Waters, “The Moral Muteness of Managers”, California Management Review, Fall 1989, pp. 73 – 88.


Tags: Code of Conduct
Previous Post

Disgorgement: The Devil You Don’t Know

Next Post

Monitoring for Compliance

Jason Lunday

Jason Lunday

Jason Lunday is principal consultant with The Ethical ElementTM, a professional services firm based in Washington, DC. Jason has worked in the ethics and compliance field for over twenty years, both inside companies and as a consultant to them.  His work has involved supporting corporate values initiatives, developing and revising codes of conduct and related policies, conducting organizational risk, culture and program assessments, developing and delivering live training, building monitoring systems and auditing compliance systems and activities. He has worked in or consulted with companies in a broad range of industries, including banking and insurance, manufacturing, industrial and consumer products, utilities and energy, healthcare and telecommunications. Noteworthy experience includes:

  • Held significant roles in corporate culture and ethics and compliance risk assessments and ethics and compliance program evaluations for companies in financial services, telecommunications, healthcare, life sciences and industrial manufacturing and involving document review, executive interviews, employee focus group and enterprise surveys.
  • Led development and of a consulting practice’s service line focused on written codes of conduct development and revision, and managed all client engagements.
  • Co-managed development and delivery of the corporate trust division of a large financial institution’s initial ethics and compliance global training initiative involving training needs assessment, program development and delivery of over 100 classroom workshops.
  • Developed a corporate ethics and compliance self-monitoring program designed to increase business line compliance responsibility and oversight and minimize corporate compliance work processes while ensuring adherence to the company’s ethics and compliance standards.
Jason’s past experience includes director of ethics and compliance at Premier, Inc., consultant in Arthur Andersen’s Ethics and Responsible Business Practices Consulting group, compliance analyst at Goldman, Sachs & Co., senior consultant in the Ethics Resource Center’s Advisory Services group and knowledge leader at LRN Corp. In addition, he has authored/co-authored numerous articles and papers on business ethics issues. Jason holds an MBA from the University of Virginia’s Darden Graduate Business School, with a focus in business ethics and organizational behavior, a BA also from the University of Virginia and additional business coursework at the New York Institute of Finance. Jason can be contacted via email at: jason.lunday [at] ethicalelement [dot] com. Follow the link to view Jason’s Code of Conduct featured column on CCI.

Related Posts

mcds

What Charges Against Former McDonald’s CEO Can Teach Us About Investigations of Senior Officers

by Lloydette Bai-Marrow
January 18, 2023

The case of Steve Easterbrook, the former CEO of McDonald’s, is a salutary lesson in the dire consequences of failing...

nfl main art_j

Touchdown or Fumble? What Compliance Can Learn From the NFL’s Disciplinary System

by David Bligh
September 7, 2022

Cheering for your favorite team (or against the one you hate), makes it easy to forget that NFL players are...

Study: 1 in 3 Major Corporations Have Ineffective Codes of Conduct

Study: 1 in 3 Major Corporations Have Ineffective Codes of Conduct

by Staff and Wire Reports
June 15, 2022

A review by LRN, an ethics and compliance training provider, indicates that many of the top public companies around the...

3d illustration of scooter carrying packages last mile.

Ensure Last Mile Delivery of Your Code of Conduct, Or Your Message Won’t Be Received

by Harper Wells
September 23, 2021

Simply "having" a code of conduct will not mitigate risk on its own. It requires constant upkeep, fresh training and...

Next Post
compliance monitoring illustrated with text and icons

Monitoring for Compliance

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT