Business Intelligence and Investigations
Providing firms with investigative expertise to help resolve conflict.Business Intelligence and Investigations
Integrating transparency, accountability and ethical behavior into company culture can help organizations mitigate risk and keep ahead of regulatory change.
Compliance forms an integral part of virtually every organization’s operations. Depending on the organization’s ownership structure, industry and location, everything from its accounting to its human resources may be subject to a regulatory regime, industry association guidelines or internal codes of conduct. Organizations that operate in more than one jurisdiction will, of course, have to contend with different regimes in each place.
The significant legal, financial, and reputational damage that a violation can bring is reason enough for enterprises to stress compliance. Yet compliance is also critical, because poor compliance often signals the larger problem of poor business practices, which expose the organization to further risk. Ultimately, compliance is about more than fulfilling regulatory or other obligations: It involves establishing a culture of integrity that is centered on transparency, accountability and ethical behavior.
A culture of integrity yields benefits beyond those that come with scrupulous behavior. Government regulations, which can seem ubiquitous, are also often in flux. Any jurisdiction’s regulatory priorities can vary significantly over time, depending on the administration in power and other variables. An effort at regulatory reform at the national level may filter down unevenly to the local level or may cross industries. In addition, emerging industries often find that they are operating in regulatory gray areas. At those times, companies with strong cultures of integrity can stay ahead of regulatory change. Moreover, enterprises from more stringent jurisdictions will prefer to do business with companies where compliance is just considered the right thing to do.
The real test of the commitment to a culture of integrity is how it responds to questionable or prohibited behavior — particularly when the transgression involves a key employee or a member of management.
However, building a culture of integrity is a broader, more complex undertaking than simply ensuring that checklists and reporting mechanisms are in place. In our experience working with governments and corporations to help build, sustain and monitor such cultures, we have found that they rest on a foundation of six distinct elements:
In the Kroll Global Fraud and Risk Report, we asked respondents about the extent to which they followed various best practices for instilling a culture of integrity (see Figure 16). Globally, each of the eight best practices is followed by roughly three-quarters of the organizations surveyed. However, while 35 percent say they have adopted all eight practices, one in four organizations say they have adopted half at most.
It is notable how few respondents strongly agree that their organization’s performance goals and incentives do not conflict with its risk management practices. While all of the practices listed are important, ensuring that performance goals and incentives can be met without compromising integrity is arguably the single most important step that organizations can take in building a culture of integrity.
While 35 percent of organizations say they have adopted all eight practices, one in four have adopted half at most.
For most organizations, building a culture of integrity is an ongoing task, with each element at a different level of strength at any given time. Organizations can use a matrix to assess the state of their culture of integrity and prioritize areas requiring further work (see table below).
Read the Global Fraud and Risk Report 2019/20.