Future Students, Alumni & Visitors





Archive for the ‘Ethical Leadership, Citizenship and Integrity’ Category

Can A Harvey Weinstein Situation Happen to Your Board?

Here is a hypothetical situation that I have encountered many times.

I am invited to observe and assess a board. When I do, I immediately see the red flags. I make hard-hitting recommendations, which have included the CEO and certain directors being fired.

Why does it take me to do what the board should have been doing much earlier?

Boards can be very defensive, and even in denial to what is blindingly obvious. “We missed it” or “it was a rogue employee” is their common defense.

Boards are now asking, “Could a Harvey Weinstein situation happen to us?”

The board’s role in overseeing corporate culture, potential harassment, and other conduct risk is increasingly being turned to by boards and regulators.

Here are twelve suggestions for boards to oversee conduct risk properly within their organizations. The best boards I work with do all of this. The worst do not.

  1. Act on your hunch.

If you have a question or concern, most of the board shares the same concern. Ask the question, and ask the second question. And if you don’t like what the answer is, press further. Where there is smoke, there is often fire. I have interviewed over a thousand directors over my career. The most common regret directors have is twofold: (i) I didn’t speak up when I should have; and (ii) I didn’t fire the CEO soon enough. One corporate secretary after a recent public scandal told me, “when the board does not ask questions, we have succeeded.”

  1. Insist on proper whistle-blowing.

Many whistle-blowing programs are flawed. They are not anonymous, protected, independent, rewarded or remedied. That is the board’s fault. Not surprisingly, people (especially women) do not come forward for fear of retaliation and career harm. If you think conduct risk is not occurring within your organization, you are wrong. It is just a question of degree. Bad news needs to rise, and go around management and directly to boardrooms. If bad news does not rise to the board, it does not go away. It gets worse. Good boards insist on proper channels directly to them.

  1. Renew your board regularly.

New directors see things that long-serving directors may not see or may be accustomed to. A fresh set of eyes can be invaluable. Have term limits for directors or regulators will impose them for you as is being done in several countries. Have a diverse board. Homogenous boards engage in group-think and do not ask tough questions.

  1. Do rigorous interviews and background checks.

Ensure that employees, agents, management and directors go through thorough and ongoing background, reference, social media, personality, criminal and financial checks and testing. People’s personality will not change. If you do not know someone’s faults, you have not done your homework, and they are a risk to your reputation.

  1. Remove management regularly from boardrooms.

Remove management from a portion of each board and committee meeting. Have a safe space so directors can speak confidentially. These “in camera” sessions are the main way that directors voice their concerns not within earshot of management. In camera sessions are the greatest contributor to board effectiveness, directors tell me.

  1. Act immediately at the first sign of an ethical lapse.

The standard you walk by is that standard you accept. When you see discrimination, disparagement, or unfair treatment, call it out. Speak up. And when necessary, fire the CEO or senior manager at the first sign of a lack of ethics. Otherwise, you signal to the entire organization what is acceptable to you. Boards have suffered by not acting when they should have. And if your board does not act when it should, resign.

  1. Receive dis-confirming information on company culture and executives.

If you get all your information from management, you are only hearing one side. Receive your own social media analytics, look at chat rooms, hear from employees, use google alerts, commission independent reviews, hear from reporters and analysts, walk around, and listen to what you hear and observe.

This does not mean that you are micro-managing, only that you are getting full information. If management tries to block you or dominate your information flow, that is a red flag.

  1. Receive employee feedback.

Retain survey providers to conduct employee morale surveys that are directly provided to the board and untampered with by senior management. Ask for qualitative exit interview results, staff turnover rates and litigation compared to your peers. Consider putting an employee on your board, or having an advisory committee or a designated director to represent the employee viewpoint.

  1. Look at how employees are paid.

People behave and take risks based on how they are paid, including customer-facing employees all the way to senior management and your CEO. Look at how pay incents conduct. Make sure that employee engagement forms a healthy portion of CEO incentive pay.

  1. Protect yourself and the company.

Benchmark management contracts for conduct and ethics clauses. Define just cause for dismissal to include ethics. Have fair treatment form part of all employment contracts. Ensure your Code of Ethics and Diversity Policy are conditions for incentive pay to vest, and claw it back if you discover misconduct after the fact.

  1. Benchmark your diversity and inclusion policy and practices.

Many human resource policies are legalistic and do not provide adequate examples and training. Train on unconscious biases. Provide examples of heterosexism, islamophobia and transphobia. Have voluntary, confidential self-identification of gender identity and LGBTTIQQ2A. Have a diversity and inclusion best practice presentation directly to the board of directors, as tone flows down from this.

  1. Be vigorous in your fiduciary duty.

Management may play the trust, confidence or micromanaging card. Press on. Insist on behavioural and integrity controls, and independent auditing of these by the internal auditor, who should report directly to you, not management. Many conduct failures have happened because senior management blocked access to the auditors from the board. Have internal audit test the controls for culture and integrity (including complaints, reaction time, investigation protocols, record keeping and non-retaliation) and report directly to you on their findings.

Conclusion

Governance is changing. Board are becoming far more active and are investing significant time in their duties and responsibilities.

There are occasions where the best efforts will fail, but for the most part conduct failure happens when a board is complacent and fails to act when it should.

Dr. Richard Leblanc, Editor of The Handbook of Board Governance (Wiley, 2016), can be reached at rleblanc@yorku.ca.

 

 

How should a board oversee ethics?

I recently moderated a keynote address by Andrew Fastow, the former CFO of Enron, and followed up by delivering a keynote on the role of the board in ethics, tying in aspects of Mr. Fastow’s speech. What follows is based on my speech; incorporates not only my interactions with Mr. Fastow, but also Messrs. Conrad Black and Arthur Porter; and draws on my work with boards that have succeeded and failed in their ethics oversight.

Here are ten ways a board can oversee ethics:

  1. Ask the right questions.

Good questions for boards, when faced with an ethically problematic action, are: (i) How will this action impact our reputation? (ii) How will this action impact us over the long-term? (iii) What are the aggregate effects of this action? (iv) What will the view of this action be by objective parties, especially if current circumstances change? (v) Even if this action is technically correct or permitted, does it meet the principle or spirit of applicable guidelines and rules? and (vi) Are we doing the right thing?

Management should have detailed answers to these questions. And they should leave the room so only independent directors can discuss.

  1. Have a line of sight over ethics, integrity, reputation and culture.

Many behavioural and integrity controls fail in their design and implementation, and because they do not go far enough or are subject to management override. These controls should be independently audited. Good companies are measuring and assuring reputation, integrity and risk culture for boards. It is important that this assurance reach the board un-funneled by reporting management. Good Audit and Quality Committees are reaching deep into organizations to view culture, quality and “tone in the middle.” Toxic culture or wrongdoing can bring enormous and rapid harm to brand and reputation. Bad news needs to rise, without delay, and good boards do not want surprises. The days of boards overseeing just the CEO and other senior management are gone. Management needs to accept more activist boards. This does not mean boards are running companies, but they are overseeing conduct.

  1. Use executive sessions, questions and information as your leverage touch-points.

Have the authority in your board and committee charters to obtain any information, to interview any personnel, and to obtain any outside assistance that you need to in order to fulfill your duties. If management blocks access, you now work for them. Obtain disconfirming information from the outside as well. Meet directly with auditors, consultants, the risk function, and the compliance function, including without any manager in the room. Meet also with major long-term shareholders without any manager present. Only then will you hear what others hear. Boards can live in an echo chamber otherwise. You do not want to be the last to know.

  1. Make sure your lawyer is independent.

The person drafting the above charters, including your clawback clause (see 6. below), should not be the general counsel or the external counsel who works for management, or colleagues of lawyers at the law firm. None of these parties is independent. Just like auditors and compensation consultants must be independent, so should the board’s counsel. Independent assurance on related party transactions, conflicts of interest, the code of conduct, investigations, integrity risks, and whistle-blowing cannot occur by management or their advisors. Only independent advisors will be free to recommend action that corrects and directs (and when necessary, terminates) reporting management.

  1. Address whistle-blowing defects.

Once the Ontario Securities Commission enacts a whistle-blowing reward regime like has been done by the Securities and Exchange Commission in the U.S., there will be a changeover from defective regimes currently in place. If the point of contact for a whistle-blowing program is any manager, the policy is defective. The point of contact must be an independent person or party who reports directly to the Audit Committee. Only then will anonymity be preserved and the channel be used fully. Bad news needs to rise, and investigations need to occur when warranted, and neither happens if it is management investigating management.

  1. Pay for conduct and performance.

Pay drives behavior, including ethics. Many pay committees under-utilize their executive pay toolbox and control over management.

Because pay practices can incent risk-taking and unethical conduct, good regulators and pay committees require ethical conduct to be tied to executive pay. If risk management or the Code of Conduct is breached, executive pay should not vest and be clawed back if it has vested. Conduct and risks should be evaluated every pay period before the pay committee allows equity to vest or a bonus to be received. And ethics and morals clauses should be in every executive and employee contract. And directors need to lead by example, with ethics clauses drafted into their terms of service. A good board insists on resignation in advance if an ethics clause is breached.

  1. Oversee the oversight functions.

Your eyes and ears in the company are internal audit, risk and compliance. These functions must now have reporting channels right into the boardroom and committees. Does your board directly oversee these functions? Does your company have these functions? I have recommended to numerous boards the hiring of these functions and doing so can greatly improve toxic culture, flawed risk management, and unethical conduct. Just as in the early 2000s when the audit committee began to hire, fire and pay the external auditor, now the audit and other committees and the board hire, fire and pay risk, compliance and internal audit.

  1. Speak up and recruit a board challenger.

When directors and chairs are chosen on the basis of preexisting relationships, which many or most are, this means directors are beholden to each other, or worse yet, to management. These directors will not speak up or ask tough questions, as they are owned by their extra-boardroom relationships. The board becomes accountable to management rather than the other way around. Boards where fraud has occurred often met governance guidelines, including Enron. Andy Fastow said that the Enron board not only approved but encouraged his actions (in the words of one director): “Fastow you are a —- genius!” Recruit directors who have no pre-existing relationship to any other director or manager. This includes female directors.

  1. Recruit independent, competent directors with courage.

Independence of mind is not formal independence. Smart managers can capture directors through relationships, perks and incentives. There are directors on boards are well out of their depth. They are there because of relationships, profile and glow, but know little about the actual business and cannot or will not challenge because they are captured. Seeing them ask perfunctory questions is akin to a fork trying to hold water. Only when a director is truly independent and competent, can that director then challenge. Often directors are docile because they simply do not know what to do.

  1. Set tone at the top.

Lastly, and most importantly, set the ethical tone. The actions and behaviour you observe as a director is the tone that you have just accepted. Good tone at the top is unambiguous, applies to everybody, and is consequential. And it is exercised. It is the board, not just management, that sets tone. I recall the story of the audit committee chair who saw the CFO go through customs at an airport and not declare a bottle of wine. The next morning, the CFO was fired.

Management is fond of explaining unethical conduct away by saying it was a “rogue” employee. Boards are fond of explaining unethical conduct by saying “we missed it.” If boards and management teams are truly honest, they know they should not have missed it and that it was not a rogue employee. It was an employee operating within the culture that was accepted.

In all of my interviews of directors over the years, including during ethical failure, when I ask about directors’ greatest regret, the answer is consistently, “I should have spoken up when I had the chance.” Speaking up is incredibly important when it comes to tone at the top. If you are uncomfortable, “speak up” is the best advice I could give a director. Chances are, several of your colleagues are thinking the exact same thing.

Why integrity is good for business, and the role that boards play

“We didn’t know.” “We missed it.” “It was a rogue employee.” There is not an excuse I have not heard for ethical failure. But when I investigate a company after allegations of fraud, corruption or workplace wrongdoing, almost always there is a complacent, captured or entrenched board that did not take corrective action. In a few cases, boards actually encouraged the wrongdoing.

The first myth is that the board is a “good” board. There is no relationship between the “glow” or profile of directors and whether the board is “good.” Often times, there is an inverse relationship, as trophy or legacy directors typically lack industry and risk expertise in recognizing fraud or understanding what proper compliance looks like, are not really independent, are coasting and not prepared to put in the work, or they themselves may not possess integrity.

How important is integrity? Extremely. Three factors make for a good director or manager: competence, commitment and integrity, with integrity ranking first. Otherwise, you have the first two working against you.

Integrity needs to be defined, recruited for, and enforced. “Does your colleague possess integrity?” “Yes” is an answer to this perfunctory question. Full marks. But when I define integrity to include avoiding conflicts of interest, consistency between what is said and done, ethical conduct, and trustworthiness – and guarantee anonymity, I get a spread of performance scores. Those who do not possess integrity in the eyes of their colleagues are poison and should are extracted from any board or a senior management team. They never should have been elected or hired in the first place, which is a recruitment failure.

Fraud, toxic workplaces, bullying, harassment and pressure do not occur in a vacuum. Many people in the company know. The issue will not go away, will only get worse, and is a latent legal, financial and reputation risk.

For bad news to rise, boards need to ensure that protected channels exist and are used – including for a director or executive to speak up in confidence, and for an independent consequential investigation to occur.

Ethical reporting also needs to assure anonymity to the fullest possible extent to receive reliable information. If a whistle-blowing program has any manager as the point of contact, it is not effective. Whistle blowing, culture surveys, and ethics audits should be conducted independently and reported directly to the board without management interference.

Frequently, I find ethical design and implementation failure are the culprits, with codes of conduct, conflict of interest policies, whistle-blowing procedures, culture and workplace audits, and education and communication being perfunctory at best, overridden by management at worst, and not taken seriously by employees or key suppliers, with minimal assurance and oversight by the board.

Complacent boards and executives are the last to know and deny any wrongdoing, having creating the conditions for fraud to flourish. Shockingly, lacking any pride, in full denial, and further reinforcing their entitled self-serving mindset, they refuse to resign.

After ethical failure happens, executives argue that it is a lone rogue employee or an isolated incident. Nothing could be further from the truth. It is an employee who reflects the true and actual culture, internal control environment, and practices of the organization, and who is attracted to and flourishes within them. There is no such thing as a rogue employee. It is a board that approved the conditions that management proposed within which employees operate. The board’s leverage of approval, documentation and questions went unused and unasserted. They are the very people who should not be overseeing subsequent reforms, as they are assessing their own shoddy work.

This lax control environment, where self-interest is pursued and where pressure is applied, is the heart of ethical failure.

There is a shocking lack of internal controls over employee and agent behavior that I have found in corrupt jurisdictions in which Western firms do business. This means, not only is the potential for fraud rampant, but also that costs of compliance are being borne by companies who do not bribe and have proper controls. They are penalized for doing things right.

Furthermore, there are corrupt jurisdictions whose companies and government officials offer and receive bribes and advantage themselves over Western counterparts, including in Russia, China, India and MENA. The most recent example is bribery allegations at FIFA. This unequal playing field puts Western companies – in the US, UK, Canada and elsewhere – at a disadvantage, when competing for business, opportunities and contracts.

This is why Western governments are seeking to put their countries and companies in the most competitive position possible. They are enforcing anti-corruption laws using long arms of justice to prosecute bribery. They are also debarring companies from government contracts who commit ethical breaches. This debarment is a powerful motivator to spur investment to internalize the costs of internal controls over integrity.

Western industry will mistakenly argue that integrity laws will disadvantage them or cost their industry jobs, but the reality is the opposite. Tough integrity laws will prevent substandard competitors from offering bribes, will disincent recipients from receiving bribes, and will strengthen Western companies who compete on the basis of price, quality and service.

When does it become unethical for a director to continue to serve?

I spoke to corporate and not-for-profit directors in Dallas, Texas, today, about board dynamics and board renewal. The subject of the length of board service and director retirement arose. I said there was a recent study that the optimal service for a director was nine years, beyond which firm value was adversely affected. Many directors serve beyond nine years. The most excessive example of long service occurred once when a director of a community bank board said, “Richard we have four directors who have been on our board for over 50 years.” I mistakenly thought that this was 50 years in total, among the four directors. But I was wrong. There were four directors who had been on the board for over 50 years, each.

Many directors hang on to directorships for far too long. I counted several directors who have been on corporate boards for 10, 15, 20 and 25 years. This blocks board renewal, up-skilling, and diversification. Incumbent directors offer reasons for staying: how they know the company, enjoy serving, etc., and are skillful at wiggling, raising the retirement age to 71, 72 and now 75 (from 69 and 70).

The academic evidence however does not support excessively long-serving directors, or directors who are serving on multiple boards (known as “over-tenured” and “over-boarded” directors, respectively). Firm value is adversely affected for over tenured directors (inverted U shape in relation to firm value); and oversight and long term performance are compromised by “consistent and convincing results” (according to Stanford researchers) for busy boards composed of over-boarded directors.

Often the most vocal directors are those who are the least relevant or most affected by renewal. When you do a proper board review, it is apparent who is performing and who is not. There is resistance to an expert third party board evaluation by underperforming directors for fear of being found out. Directors know who the non-performers are. I said to the audience this morning that every board has one (or more) underperforming or dysfunctional directors, and if you don’t know who it is on your board, then it is you.

If boards do not solve their lack of renewal, regulators will do it for them. It is already starting. Regulators in the UK, Australia, India, Hong Kong, Singapore and other countries are imposing term limits on directors of between 9 and 10 years, beyond which independence is questioned. Regulators are imposing diversity requirements on boards. In the UK, even auditors are subject to tendering every five years. Regulators read the press reports of directors serving 40 years, auditors even serving up to 100, and communicate with academics on what the empirical research findings are.

The fact of the matter is that boards, as self-policing bodies, may be incapable of solving the renewal issue on their own because of entrenchment and self-interest. And herein lies the ethical question, posed to me by a director today: “When does hanging on or digging in breach a fiduciary duty by the director to act in the company’s best interest, rather than the director’s?” When should doing what is right; putting oneself at risk; having proper succession planning; mentoring, coaching and developing the next generation of directors; and letting go gracefully and honorably, matter?

This is an integrity issue. If – or perhaps when – a director becomes irrelevant, or is destroying value, is it ethical for that director to continue? Is it ethical for the board to allow that director to continue? The problem is doing what is ethical vs. acting out of self-interest can get commingled in an under performing director’s mind, or even a founder’s mind, or even other directors’ minds (who have been captured by the entrenched director colleague), without an objective measurement. This is neither person-proofing governance, nor in the interests of the company and its shareholders.

Aggrandizing long service, referring to “god fathers,” compounds this renewal problem and wearing as a badge of honor how many boards one has served on, or does serve on. As one “godfather” recently remarked in open session at a corporate governance conference, “We did virtually no research.” Well, maybe research should be looked to more when policy is developed. Firm value and the oversight of shareholder investment are at stake.

Eventually, a director fights redundancy and relevance. A tipping point is reached if there is indefinite service. It is inevitable. No one wants to be irrelevant. If there is no policy or, better yet, no measurement of actual performance and follow up accordingly, self-interest is perpetuated and complacency is allowed to continue, by the very people who should be leading by example. Directors need to know when it is time to go. And if they do not, regulators will.

 

What boards and individual directors can learn from Toronto Mayor Rob Ford and managing conflicts of interest

What is the lesson here for boards of directors and individual directors and officers? Avoid conflicts of interest at all times, but if and when they do occur, the test is perception and process. Every board should have a conflict of interest statement that applies to officers and directors, and to a control person or significant shareholder if applicable. It should cover identification and resolving of the conflict. If you are in doubt as to whether you have a conflict, you must disclose and cannot influence or take part in a decision, transaction, arrangement or otherwise in which you: can be perceived to have an interest, direct or indirect; cannot be seen to be impartial from an outsider point of view; or receive a benefit not shared by other shareholders. If you do take part in the decision, or do not disclose the potential conflict, or attempt to influence the vote, you risk detailed legal scrutiny after the fact to show your conduct was improper and did not conform to best practice. Records of the matter should be kept, a special committee may need to be formed composed only of directors who are seen to be independent in all ways from the matter and the director or officer or shareholder with the conflict, and expert independent advice should be sought. These best practices will protect the board as well as yourself and your reputation that you acted prudently, exercised your duty of care, were transparent, and acted only in the best interest of the company and all shareholders.