Hello, welcome back to our course on corruption. This is Week 4, Lecture 2. And today, we're going to talk about control of corruption by business firms. Now, if you're not working with a business firm, you're not in a business firm, it's still interesting to see how organizations can try to attempt to control corruption from numbers outward. We're going to talk about three different kinds of approaches to control by firms. [COUGH] First, is the Department of Justice, Serious Fraud Office recommendations. Second, we'll talk about the debate between compliance programs and integrity programs. And then finally, we'll touch on something that's trendy right now, and that's mock investigations. The Department of Justice is the office within United States of America, tasked primarily, well, there's a few others that do as well, but primarily tasked with the investigation and prosecution of allegations of corruption. In the United Kingdom, that responsibility is given to the Serious Fraud Office. Now, I'm not using the Department of Justice and the Serious Fraud Office because they happen to be close to where I'm recording this. I'm using them, because of all the different agencies around the world, they are the two that have promulgated the most detailed recommendations, with respect to control, by business firms, of the phenomenon of corruption. And if we synthesize the various recommendations that the Department of Justice and the Serious Fraud Office have made, we can come up with a fairly clear and fairly comprehensive set of steps for creating and implementing an effective program for controlling corruption. So let's walk through these steps. The first step is to, prior to anything, assessing risk, right? Taking an honest and detailed look at what industry a firm is in, or industries, what location a firm is in, or locations, right? Who a firm works with, who their stakeholders are, who they interact with. The assessment will guide everything that flows from this, but the assessment should be a detailed and honest assessment. A person, or firm, cannot treat a venture into a small, I don't want to pick on any particular country, but a small Central African nation in the same way that they treat a venture into a large Scandinavian country. The approaches that one needs to take in each will be different. The second step is to, based on the assessment risk, develop a clear program, that addresses that risk. Now this program should be proportionate. It will be a different program going into Sweden, than it will be going into [COUGH] say, the Central African republic. Probably, this involves a written code of conduct. I say probably, because there is some debate as to whether or not a firm should focus on integrity, or should focus on compliance. We're going to talk about that a little bit later, but the general consensus is, particularly for larger firms, even if integrity is the objective, it's very useful for employees, agents, and other associated people to have a written policy that specifically addresses corruption. And that policy, whether written or unwritten, needs to address issues that have been identified in the assessment as particularly difficult. And typically, difficult issues include gift giving, entertainment, travel. And something that some firms don't think of, how should employees, agents, managers, etc., respond to extortive demands? Pay me or I will deny you this service. The third step is to implement this policy, this policy that's been developed in response to the risk assessment, in a meaningful way. And a meaningful way includes, the policy needs to be communicated clearly. The policy needs to be embedded in those to whom the policy supposed to provide guidance. And so, there needs to be some form of training, and continued training, a refresher throughout the relationship between these people and the business firm. Now, the Department of Justice and the Serious Fraud Office don't emphasize this, but the implementation needs to communicate to the people associated with a business firm, that this policy really is how a firm wants people to approach corruption. It needs to become embedded in the way these people think about these issues. Again, were now combining theories of institutional strength and theories about the ways people think. One of the most interesting implementations I ever got to witness was a picnic. A firm had a picnic, it said we're unrolling our policy regarding corruption, we want you to bring your family. And I went to the picnic and there were balloons, and the balloons said, we are no longer corrupt. And the tables had cloths on them and the cloths said, don't pay bribes. And they had a sack race with the kids, and the kids were all in sacks that said something like, we're an honest company. And it was really fun to watch people subconsciously associating this policy with their lives, the lives of their firms. And I'll tell you, it didn't hurt to have their kids there, because their kids reinforce the fact that, this is the way the firm really thought. Now I'm not telling you we need to have a picnic anytime we unroll an anti-corruption policy, or a policy dealing with issues of corruption. The point is, that the implementation should not just communicate what the policy is, it also needs to communicate that this is serious. And that's related to the fourth step in the synthesis of Department of Justice and Serious Fraud Office. Both agencies emphasize that senior management must show it is serious. In everyday parlance, we refer to that as the tone at the top. And study after study shows, particularly with respect to issues of corruption, the tone at the top is very important. When senior management takes these issues seriously, those who follow take these issues seriously. Now, [COUGH] the policy needs to rely on. A structure. And what the Department of Justice and the Serious Fraud Office recommend is that a clearly identified person or people be responsible for controlling corruption. And different firms have taken different approaches to this, but it certainly sends a message. When the people who are responsible for corruption report directly to the chief executive office, or the president's office, rather than working their way through a bureaucracy to be heard on this particular issues. It's very helpful if there's a mechanism for people to ask questions, because no matter how careful we are in creating our rules, particularly with the large organization, the rules will not cover every situation that people encounter. If they can ask questions, they're more likely to comply with these rules, they're more likely to fulfil the spirit on which these rules are written than if they're left to their own devices. Similarly, there needs to be a clear and unpunished mechanism for reporting violations. We can't have independent monitors everywhere. If general people, if the people who work, who work with, who manage a firm, can freely report without repercussion the activities of others that endangered the firm, then they are far, far, far more likely to do so. And it is far easier for a firm to catch these behaviors before they become potentially disastrous for the firm. And both the Department of Justice and the Serious Fraud Office recommend clear procedures for dealing with violations. What you want to avoid in any organisation, business of otherwise, is spending so much time dealing with how to deal with an issue. We want to avoid people being able to say, justifiably, you didn't tell me this, this wasn't clear, I didn't know about this. It's much easier and much more effective to design the mechanism for dealing with violations before those violations occur. Due diligence, large organizations, large businesses in particular, are very dynamic, constantly changing, constantly going into new relationships, new industries, new regions. We need to at least go through the first two steps. Assessment of risk. Design a policy based on that risk for each of these new endeavours in relationships, regions, and industries. Auditing is strongly recommended. It is not as required as some of the other stuffs. Auditing by a third party, a third party certification are wonderful bulwarks against accusations that a firm has acted without diligence with respect to corruption. However, that can be somewhat expensive, and some firms are able to work with self ironing, self reporting, and not necessarily incurring the expenses incurred by a third party certification. But in any case, there should be periodic review of the risk, of the policy, of the extent to which this policy is embedded in the people associated with the firm, and of the effectiveness of the structures and procedures that implement and enforce this policy. An example of business firm that has done a very respectable job of implementing these kind of policies is the Panama Canal Authority in the Country of Panama. The Panama Canal Authority is supervising what is called the Third Locks Project, and the Third Locks Project is, at this time, the largest single public construction in the entire world, it is an enormous undertaking. And as an enormous undertaking, it involves literally thousands of contracting agents. And each of these contracting agents potentially could involve kickbacks, commercial bribery, a very common form of private sector corruption. As well as, the potential for corruption in any relationships that the Panama Canal Authority has with a number of governments that have some kind of stake in the Panama Canal. Now, no business is perfect, but the Panama Canal Authority has done an incredible, and that's the only word I can think of, an incredible job of controlling these thousands of potential areas and interactions in which corruption could occur. And they did so by very conscientiously assessing the risk attendant to a large construction project, such as the Third Locks Project, by developing a very clear policy, and articulating that policy. And by very carefully educating, training, embedding within the thousands of people involved in this project including suppliers, subcontractors, other construction firms. And then, by having a very clearly articulated mechanism for dealing with any questions, concerns, or issues that arose with respect to potential issues of corruption. It can be done, and it can be done on a very large scales. There is a debate. [COUGH] Both in the academic literature, and more importantly, in the field, as to whether or not the kind of structures I just described really work, or if instead a firm should look to norms. And this debate is often called the debate between compliance and integrity. Now, rules that dictate action are wonderful, they're clear and they are accessible. The problem with rules that dictate action is they're finite, they are limited to the words that spell out these rules. And human behavior and business endeavors are, in a sense, infinite, there's always something new that comes up. That means that rules themselves can not govern all of behaviors that people and business firms are going to undertake and going to encounter. And so, an alternative, a suggestion, is rather than spell out rules, spell out norms. This is how we want you to behave. This is our objective. This is the spirit of our organization. This is the soul of our firm. Problem of course with norms is that they don't necessarily provide the clearest guidance to a person who's in an ambiguous situation, or who's at a new situation that wasn't necessarily anticipated when those norms were generated and articulated. All right, and so in the real world, what we usually see. Is a sentences of the two. But clearly integrity is very important and clearly having some sort of guiding spirit is going to be very useful to people in the field who encounter, new situations that the rules do not cover. Now, the country of Australia is filled with agencies, business firms, government offices, that have done very interesting research on how one creates integrity. If we synthesize some of the things that these Australian agencies have found [COUGH] we can get some guidelines for how to create integrity in an organization. And once again the most important guideline is ethical leadership, right the tone at the top. But here's particularly important because we trying to convey, without finite articulated words how people should behave. And in the case of integrity, we can convey that through example. So an ethical leader, leads by example in the case of corruption, the example instructs those who follow, how to behave. That's buttresses by active management and supervision. A hands off manager is less likely to be able to imbue in those who that manager manages, and understanding of how to deal with corruption. Unethical workplace a place with integrity is also made more feasible by employing the right people. We sometimes are very teleological in this skill set that we want to bring in to our workplace we want the best Math person. We want the person who is the best proof reader. But in a place with integrity will also look at the character of people. Interestingly this is something that the Fed, the Federal Reserve in the United States is asking banks to do as they bring on new cadres of young bankers. And of course assessment of risk is important. And not just assessment of the risk but developing a process for addressing that risk in particular. Same as department of justice and serious fraud office recommendations. And again somewhere to the recommendations of the department of justice and serious fraud office. It helps if people feel confident in reporting actions that may not fit within the vision of integrity in this particular firm. If people can talk to their managers about these kind of issues without fear of negative repercussions. One of the most respected business managers who created a workplace of integrity is Toyoda, the founder of Toyota Motor Company. Toyoda himself was considered by all who met him and who work with him to be a man of substantial integrity. And he led the nascent Toyota company in the creation of a work place, an organization that placed integrity at the forefront of its interactions and its business endeavors. Now Toyota Motor Company has grown immeasurably since its founding by Toyoda. And it's interesting to know that Toyota has now extensive policies, written rules, written procedures that's probably a function of the fact that Toyota Motor Company has become a global company of immense size. But we can look to Toyoda as a sterling example a very good example of how a person with integrity can imbue a firm, imbue an organization with that sense of integrity. The last thing I want to talk about is something that's kind of train you right now and that's Mock Investigations. A number of business firms consider it to be to their advantage to have pretend investigations into offices, bureaucrats, divisions, subdivisions with an aim for finding whether or not there is corruption. It sounds good, and I'm sure iterations of this type of activity will continue for decades. But I want to point out a couple of problems. Research into these kinds of activities, these Mock Investigations and some of the best research that's been done, has been done in Canada. Has found that, rather than teaching people how to avoid these behaviors, corrupt behaviors. It actually teaches people how to avoid detection of these behaviors. All right, people learn to not be explicit about corrupt activities in their email to one another. People learn to use code words. It becomes almost a game, all right? There's a mock investigation, so there's no serious repercussions. And how can I fool them? How can I avoid Their detection of any activities I'm engaged in? So rather than mock investigations, research suggests that it's actually beneficial to use mock audits, right? So this isn't the official audit that will be released as a report to stakeholders rather it's an exercise in an audit. And better than a mock audit it's a self audit an audit that is real. It's an audit that's actually trying to find out not for communication to stakeholders but instead as an exercise in self-diligence whether or not there are activities that raise questions. A useful way of evaluating and measuring in a self audit is something called a Balanced Scorecard. And balanced score card is a means of self evaluation that has been used for decades. If you are not familiar with the balanced scorecard, there are any number, enumerable resources that can be used to assist you in developing a balanced scorecard. This balanced scorecard was borrowed from the Center for Business Ethics. And it is aimed at, it's intended to get at issues of trust with respect to stakeholders flowing from issues of corruption and performance. So when we talk about control of corruption by firms a very useful starting place is the Department of Justice Serious Fraud Office recommendations. And those two agencies if we synthesized the recommendations that we've made. We can come up with a fairly clear and fairly comprehensive steps, set of steps for creating and implementing an effective program for controlling corruption. As another approach or better yet, the complimentary approach we also want to build integrity into our organization, into our business firm. And probably want to avoid exercises that look good that make it kind of common sense that actually backfire. Instead I suggest that we audit ourselves in a useful means of evaluating that audit is a balanced scorecard that looks at things like will our stakeholders trust us? Are we acting in ways that are trustworthy rather than ways that might be considered corrupt? Thank you and I look forward to seeing you for our next lecture.