Disturbing survey on business ethics
The Ethics Resource Center recently published their bi-annual business ethics survey, looking at the American business environment.
While I would not say the changes in results are remarkably different from their prior survey (in 2009), I was surprised by some of the statistics:
- 45% of employees have witnessed misconduct. While this down from 49% in 2009 and 55% in 2007, it is still remarkably high and justifies continued vigilance
- 65% say they have reported the misconduct they saw: the highest level on record
- 22% of those who reported misconduct suffered as a direct result. This is higher than the 15% in 2009 and 12% in 2007, and should be a cause of great concern.
- The only conclusion I can draw is that employees are not aware of their company’s hotline process. The report says only 5% of reported misconduct were via hotlines! Unfortunately, the study did not ask about awareness of hotlines
- The number of companies with ‘weak ethics cultures’ rose from 35% in 2009 to 42%. Yes, folks. This is America we are talking about, not some ‘emerging’ nation!
- 42% say “their company has increased efforts to raise awareness about ethics”. Not the language: they are not saying their company succeeded in improving ethical practices!
- 4% (up from 1% in 2009) report observing offers of improper payments to public officials
The report includes a discussion about the increased pressure on people who are active in social networking (defined as spending 30% (!) or more of their work day on social media sites). Presumably, if you complain through social networks you are more likely to get management attention (not always in a positive way) than if you complain through company channels. Interestingly, 42% of these people think it’s OK to criticize your company on blogs, etc.
The section on page 16 that describes how retaliation occurred is chilling.
Equally chilling was the report that more people (now at 13%) are feeling pressure to bend the rules, or even to break the law.
Fully 34% of employees said their managers do not display ethical behavior (24% in 2009). That will cascade in effect through the organization, with the result that all employees are more likely to violate the code of ethics.
Can you believe that the level of sexual harassment is 11%, up from 7% in 2009? Stealing is up from 9% to 12%, and health/safety violations up to 13%.
The report includes these recommendations:
- Invest in ethics and compliance programs, and make ethics a business priority
- Make ethical leadership part of how you evaluate managers at all levels
- Communicate your personal commitment to ethical conduct
- Use social networks to connect with employees and engage them in ethics-related discussions
- Revisit retaliation policies and practices
- Focus on the supervisors, for their actions (walking the talk) and responses to reports of misconduct are at the heart of the matter
But is this enough?
Is it time to revisit the HR-preferred “talk to your supervisor” and replace it with encouragement to report independently of your supervisor?
Shouldn’t the program be risk-based, looking at the areas of greatest potential harm (which may not include reports of wasting time at work – the most frequently reported misconduct according to the survey), ensuring policies and controls are sound (including training), putting metrics in place, and then monitoring at regular intervals?
How about asking internal audit to assess all or part of the program?
Recent Posts on this Blog
- Is a new maturity model for GRC the right model? September 25, 2016
- The Wells Fargo “Staff Scam”: More questions and fewer answers September 16, 2016
- The astonishing Wells Fargo fraud September 10, 2016
- Leading an effective information security capability September 4, 2016
- Have your provided comments on the COSO ERM draft? August 31, 2016
- How to do your internal audit risk assessment August 27, 2016
- Do techies really understand cyber risk? August 20, 2016
- Continuing to learn about culture from Toyota August 13, 2016
- The danger of an arrogant board August 7, 2016
- The Board and Technology: Questions to ask the management team July 31, 2016
- IIA Insights on Internal Audit Effectiveness July 22, 2016
- Deloitte predicts change for Internal Audit July 20, 2016
- Risk and Opportunity Management July 2, 2016
- Risk reporting to the Board June 26, 2016
- We need to review and provide feedback on the COSO ERM Exposure Draft June 19, 2016
- Fraud, Abuse, and Corruption September 26, 2016
- Reconsidering the Board: Its Composition and Oversight of Management September 19, 2016
- Time for the Board to Take a Deep Dive Into Risk Management and Risks September 12, 2016
- Oversight of the External Auditor September 6, 2016
- Signs of a Failing Board August 29, 2016
- Contrasting Comments on Internal Audit From a CAE and a Consultant August 23, 2016
- Asking the Tough Questions About Internal Audit August 15, 2016
- When Risk Management Fails August 8, 2016
- An Internal Audit Ambition Model August 1, 2016
- Understanding and Assessing Governance Risk July 25, 2016