On this page
* * *
NASSCOM Governance And Ethics Committee Releases IT’s Recommendations for the IT-BPO Industry - Best Practices’ to extend across company board, customers and employees.
NASSCOM in India said that it has finalized recommendations aimed at further strengthening corporate governance practices in the Indian IT-BPO industry. The report enumerates a set of detailed voluntary recommendations with an objective to establish highest standards of probity and corporate governance within the IT-BPO industry.
* * *
A Deloitte Survey - Fortifying Anti-Corruption in Today’s Corporation
A Deloitte survey of 329 executives from around the world, 41% of respondents indicated that senior management should investigate and deal with matters internally or wait to see if there are consequences rather than make a voluntary disclosure to authorities if a significant incident of corruption was uncovered at their organizations.
The study revealed the increasing role of internal audit in anti-corruption compliance. When asked to select up to three sources that would likely lead to changes in the respondents’ organizations, advice from internal auditors was identified by 57% of respondents as most likely to lead to changes in an anti-corruption program, while compliance and internal audits were selected by 80% of respondents as one of the best ways to measure a program’s effectiveness. In addition, 47% of those surveyed said that integrating an anti-corruption program into their internal audit system would make detection and prevention of corruption easier, with an additional 33% indicating that it is already integrated.
* * *
Integration of third parties into ethics and compliance programs “is the exception, not the rule,” says Conference Board report
The most common method for handling third party ethics and compliance issues is to adopt and stick to a code of practice or policies that governs the manner in which a company's own employees deal with third parties, according to a report by The Conference Board. Overall, companies rated their own ethics and compliance programs as only “somewhat effective,” but seemed satisfied with current methods of including third parties in ethics and compliance programs.
Third Parties Not Usually Included in Ethics & Compliance Programs
Ninety-five percent of the 169 companies surveyed by The Conference Board and the Ethics and Compliance Officer Association (ECOA) for the report on the essentials of corporate third party ethics programs said that while it is vitally important to address third party ethics and compliance issues through codes of conduct for their own employees, they are less inclined to involve third parties directly in these programs.
"With the exception of helplines or whistle-blowing systems, the direct inclusion of third parties in companies' ethics and compliance programs is the exception, not the rule," says Ronald E. Berenbeim, principal researcher at The Conference Board and author of the report with Rebecca Walker, an attorney specializing in corporate compliance and business ethics. "Nevertheless, companies are growing more dependent on third party relationships for the achievement of business objectives-either via joint venture, which may be mandated for entering into a new country, or working with suppliers or contractors."
In addition, written policies applicable to specific third parties are not common. In more than two-thirds of the responding companies (69 percent), the standards for third parties apply in the same manner to all third parties. Among the companies that had policies for specific third parties, contractors and agents are most likely to be mentioned.
The most common component that companies extend to third parties is offering employees of third parties an opportunity to report ethics — or compliance — related concerns. Virtually all of these systems (98 percent) rely on the same means used for a company's own employees to report suspected misconduct, rather than a separate system for third parties.
Training Programs Are Sometimes Required, Audits Are Infrequent
Ethics and compliance training programs are the third most frequent step that survey participants take in extending their own program to third parties. Slightly more than one-third (38 percent) of survey participants offer but don't insist on some kind of training program for third parties. Most of these programs devote some discussion to the company's own code. In almost every case, those parties that are asked to adopt or certify to the company's internal code of conduct are offered some form of training.
Company audits of third party compliance with ethics policies and practices are infrequent, and a majority of the companies that audit don't do so routinely. Slightly more than 35 percent of the survey participants perform audits or otherwise verify that third parties conduct themselves as required by the company's own compliance and ethics policies. Of this group, slightly less than half conduct audits on a routine basis, while the remainder focuses their audits on specific concerns.
The surveyed companies showed little interest in the third party's own ethics programs. Slightly more than one quarter of the survey respondents ask third parties whether or not they have them, but only 14 percent of respondents ask for documentation. Companies are especially likely to seek information on the third party's compliance program when considering an acquisition or a joint venture.
To download the full report, please visit the Conference Board website.
See also Language and Culture Worldwide 2007 report on incorporating international employees/stakeholders into ethics and compliance programs.
* * *
The following is the 11-point code, excerpted from the report.
For the full report, including explanations for each of the 11 points, references to existing legal standards, current company codes that incorporate these policies, and more detailed findings from the survey, please visit CPA’s website.
* * *
The Organization for Economic Cooperation and Development (OECD) published on December 1, 2006 “Methodology for Assessing Implementation of the OECD Principles of Corporate Governance.” The OECD Principles were first determined in 1999 and revised in 2004, but this is the first time that the organization has published a set of implementing guidelines.
The OECD press release quoted Grant Kirkpatrick, Senior Economist in the OECD’s Corporate Affairs Division, as noting: “We are seeing growing interest among analysts and researchers in assessing the corporate governance practices of companies and countries…This Methodology is intended to assist such assessments, in an environment where the importance of specific corporate governance features can vary greatly.”
The new report by the OECD stated that the approach of the Methodology is largely related to outcomes and assessments and are seen as principally being qualitative: although the Methodology may take into account certain quantitative measures (e.g. the structure of company pyramids), the assessment cannot be reduced to a quantitative score or set of quantitative scores. No use is made of indicators based on the number of “yes” and “no” answers for the reason that the importance of some responses will be quite different across countries depending on such variables as company law, ownership concentration and company groups. Moreover, counting “yes” and “no” answers is dependent on agreement about the number of elements judged to be important (even if the indicator is expressed as a percentage) and the relationship between the individual questions. This does not preclude the development of statistical indicators once there is consensus about what is to be measured and how, and in the context of functional equivalence.
A Partly Implemented assessment is likely appropriate in the following situations:
For more information see: http://www.oecd.org/corporate
* * *
As more and more companies adopt corporate ethics codes, learning from case studies and best practices has become increasingly important for ensuring their force and successful implementation. While critical to an ethical corporate culture, guaranteeing that employees who raise concerns are protected from retaliation is particularly difficult. This report by Emily Heard and William Miller of the International Business Ethics Institute (IBEI), a leading non-profit that works to promote business ethics through consulting and public education, applies the Institute's research of the codes of 100 multinational companies to create a list of suggestions for establishing, implementing and managing effective code standards around this issue.
Effective Code Standards on Raising Concerns and Retaliation
By Emily Heard and William Miller
More and more companies are adopting formal standards on reporting misconduct and non-retaliation. However, an examination of code documents from 100 multinational companies by the International Business Ethics Institute revealed these standards to be often ineffective, containing language that is counterproductive to an environment of open communication. In fact, the Institute found that only 31% of standards examined were deemed to be effective (1).
As reporting misconduct and non-retaliation continue to become increasingly important within the ethics and compliance community and in the legal arenas, it is in the best interest of companies to assess their current code standards to identify ways in which their standards could be made more meaningful and effective. This article, an excerpt from the Institute’s forthcoming publication, Creating an Open and Non-Retaliatory Workplace, outlines best practices for creating effective code standards on raising concerns and on non-retaliation.
Code Standards on Raising Concerns
Provide an Overview of Employee Responsibility to Raise Concerns and the Rationale
Include Guidelines for Addressing Concerns Regarding Minor Misconduct Directly with Colleagues
While there seems to be a significant amount of legal discomfort in the United States with employees resolving issues directly with colleagues, such an approach can mitigate against creating a “culture of reporting” and might make “speaking up” more favorable, particularly in areas where employees are wary of reporting on colleagues for cultural and historical reasons.
Standards should encourage employees to approach colleagues directly with concerns provided the misconduct does not constitute illegal activity and does not pose significant potential damage to the organization. Companies should provide examples of the forms of misconduct that are appropriate to discuss directly with colleagues (e.g., sending inappropriate e-mail, misuse of office supplies, etc). For this option to be effective, the standards should provide tips for approaching colleagues directly, (e.g., express your concerns factually and do not be confrontational).
Additionally, employees know their colleagues and will be able to assess whether or not a colleague will be open to a direct conversation about ethics and compliance issues. If an employee feels that his/her colleague is apt to become overly defensive or react in some other negative way, the employee should be encouraged to refer the matter to one of the company’s ethics and compliance resources.
Create a Carefully Worded “Good Faith” Policy
Yet with regard to other types of reporting, companies do need to protect themselves from employees who intentionally make “bad faith” allegations. The UPS Code of Business Conduct offers employees particularly effective language regarding the expression good faith.
“‘Good faith’ does not mean an individual has to be right; but it does mean believing information provided is truthful.” (4)
By taking the extra step of providing a working definition of “good faith,” the UPS standard successfully mitigates against the possibility of any chilling effect.
Some companies may also wish to include language in the standard explaining that employees who knowingly provide false information or accusations are subject to disciplinary actions, i.e., demotion, termination, etc.
Cite and Explain All Channels for Raising Concerns
It is likely that a company’s ethics and compliance resources will vary by geographical location. For example, some multinational companies may not have anonymous helplines in certain parts of Africa or Europe. Without providing specific local resources or contact information that may vary from one location to the next, the standards should detail the general global resources at an employee’s disposal (e.g., managers, Ethics Office, Legal, etc.).
Because different geographical regions are apt to have varying resources available and because ethics, compliance, and functional personnel can change periodically, it is best to include a separate regional or local insert in the company standards package that can be easily updated and replaced, as needed. For each resource, the insert should contain the following information:
Some companies are now making mention of external reporting channels and resources in their code standards. Providing such information will cause even the most ardent skeptics in a company to start believing that the organization takes misconduct seriously. Such non-profit organizations as Public Concern at Work in the U.K. and the Government Accountability Project in the U.S. will provide employees with confidential advice regarding how to raise a concern. In certain environments, it may also be appropriate to refer employees to their unions or works council. Include this contact information on the regional insert to the global code document.
Offer Guidelines for Raising Concerns in a Constructive Manner
Explain the Difference Between Anonymity and Confidentiality
The standard should inform employees that in raising a concern to a manager, Ethics Officer, or functional department, their report will remain confidential, where possible, meaning that the individual’s identity will not be revealed unless an investigation or legal proceedings require his/her identity to be disclosed. The ombuds function (6) is the only function in the United States that can guarantee confidentiality. In the U.S. this function can invoke the “ombuds privilege,” which states that an ombudsperson will not have to disclose the identity of an employee who has brought forward allegations of misconduct, even if challenged in a third-party lawsuit. (7) Employees in the U.S. and some other areas may also be able to report issues anonymously to helplines. This should be noted in the standard.
Describe the Process Followed Once a Concern is Raised
If, however, the company cannot guarantee that the procedures will be followed in each case, then this language should be omitted from the standard.
Include Guidelines for Receiving Reports of Misconduct
The standard should also point out that employees are apt to be sensitive and feel vulnerable after raising a concern. Managers should be provided with additional tips to help them understand how to continue to treat that employee fairly, e.g., engage in friendly conversation, provide meaningful assignments, etc.
Employ Language Appropriate for a Global Workforce
Code Standards on Retaliation
The fear of retaliation has a detrimental effect on open communications in the workplace. Companies should consider the following recommendations when drafting non-retaliation policies.
Make the Non-Retaliation Statement Clear
Retaliation against employees who raise concerns or questions about misconduct will not be tolerated. Employees who come forward with concerns play an important role in maintaining a healthy, respectful, and productive workplace, as well as protecting our stakeholders.
Note that the final sentence of the example provides a practical rationale for calling the company’s attention to retaliation when it is suspected or observed in the workplace.
Offer Examples of Formal and Informal Retaliation
It is important that employees and managers understand that employees who have made reports may be extremely sensitive to any perceived change in treatment in the workplace. In fact, some employees may register a change in treatment when no actual change has occurred.
Explain the Consequences of Retaliation
Let Employees Know How to Raise Concerns about Retaliation
Place No Conditional Protections on Retaliation
With the exception of legal staff, no employee will understand what “to the extent possible” actually means. Under what circumstances will the company not be able to protect an employee from retaliation, especially if the company has already indicated that it has a zero tolerance policy on the matter? This type of language does not make employees feel comfortable in reporting concerns. Further, it most likely serves as an obstacle to reporting, meaning the company will miss out on invaluable opportunities to learn about wrongdoing.
Emily Heard is Director of Education and Professional Services with the International Business Ethics Institute. William Miller is a consultant with the International Business Ethics Institute.
This article appears in the International Business Ethics Review (Volume 9, Issue 1).(1) For this study, the Institute reviewed and compared 100 code documents from multinational companies of diverse sizes, industries, and geographical “home regions.” (2) Judith Samuelson and Mary Gentile, “Get Aggressive About Passivity,” Harvard Business Review (November 2005). (3) Jathan Janove, “The Faragher/Ellerth Decision Tree,” HR Magazine (September 2003) www.shrm.org/articles.html.
(4) UPS, Code of Business Conduct.
(5) Article 29 Data Protection Working Party (February 1, 2006); “Privacy Rights of Whistleblowers and their Accused,” The Guardian (February 16, 2006).
(6) The ombuds office is another common resource to which employees can turn to seek guidance or raise concerns. A recent article by Andrew Singer in Ethikos (“Ombuds Office Helps Coca-Cola Bottler Avoid Explosions,” November/December 2005) provided the following definition: “An ombuds office is an impartial, confidential, and informal channel for resolving conflicts within an organization.” Employees can bring a wide array of issues to an ombudsperson, including ethics issues, discrimination, harassment, and compensation issues, among others.
(7) George Wratney, “Consider Adding an Ombudsman to Your Compliance Arsenal,” Compliance & Ethics Volume 2, Number 3(August 2005)
* * *
Professor Wesley Cragg, Principle Director, Voluntary Codes Research Group and Director and George R. Gardiner Programme in Business Ethics Schulich School of Business, York University, Toronto, is a leading international expert whose work, available in his books and on the Corporate Social Responsibility website of York University provide a comprehensive set of perspectives. The two major publications were produced as part of a five-year project funded by the Social Sciences and Humanities Research Council led by Dr. Cragg.
The research project was a response to the phenomenon of globalization which has altered in significant ways the tools available to regulate international commerce. One result of globalization has been the emergence of international codes, norms, principles, guidelines and standards of ethical and responsible business conduct. In compiling the Compendium of Ethics Codes, the goal was to identify and assemble the most significant and influential codes and other instruments of corporate responsibility.
The comprehensive volume looks at these developments with particular focus on five topic areas:
“Globalization has altered in significant ways the tools available to regulate international commerce. One result is the emergence of ethics codes, codes of responsible conduct, and best practice codes designed to win adherence to internationally acceptable norms of conduct on the part of corporations and other organizations interacting in the global marketplace."
He continues: “What is significant about these developments is the emerging emphasis on self-regulation as the primary method for raising standards of corporate conduct. The contributors examine the reasons for the emergence of ethical codes and the phenomenon of self-regulation within the context of globalization and look at the role of national governments, international government institutions and other international organizations in shaping and enforcing them. They also study the implications of these developments for corporate governance and the changing roles of national and international institutions in the regulation of international commerce.”
* * *