Future Students, Alumni & Visitors





Archive for the ‘Ethical Leadership, Citizenship and Integrity’ Category

Regulators turning up anti-bribery heat on corporate boards: But will practices change?

Russia is one of the most corrupt nations in the world (see a recent anti-corruption story on Russia by the New York Times). It ranks 143rd of all 182 countries on Transparency International’s corruption perception index, with a score of 2.4. Canada ranks the 10th least corrupt country in the world with a score of 8.7. New Zealand is the least corrupt country globally, ranking first with an overall score of 9.5. The US ranks 24th and the UK 16th, with scores of 7.1 and 7.8 respectively. See the “Full Table and Rankings,” where countries can be searched via the table. Lower rankings and higher scores mean the country is perceived as being less corrupt.

Prime Minister Harper visited China, India and Brazil to enhance trade with these countries, which are also some of the most corrupt nations in the world, ranking in at 95th, 75th and 73rd respectively. Libya, which involved the alleged Montreal-based SNC Lavalin bribes of some $56 million, comes in at 168. Within these countries, the governments themselves are the net beneficiaries of much of the corruption, so these politicians are far from motivated to impose reform.

Is it realistic to expect that Anglo-American nations, such as the US, UK and Canada, can impose “Western” will on the very way business is done, and has been done, in some countries for centuries? And if things will not or perhaps cannot change, should home country boards of directors be held responsible for systemic local corruption that may be beyond their control?

Regulators are taking corruption and the role of boards and senior management very seriously. The Securities and Exchange Commission and Department of Justice recently released 130 pages of guidance (see the PDF and other coverage here and here) on the Foreign Corrupt Practices Act (“FCPA”). The US has had the FCPA since 1977. Enforcement and penalties have gone up dramatically in recent years. The UK Bribery Act, from 2010, has some of the most stringent bribery laws in the world. In Canada, we have The Corruption of Foreign Officials Act (since 1999) and the recent guideline from the OSC for issuers operating in emerging markets (see the PDF).

Emerging economies are future markets for Canadian companies. The Prime Minister has a vision for Canada to be an energy supplier superpower. For this to happen, Canada will shift its trade to markets with 100s of millions or billions of consumers and much higher growth rates than our current major trade partner, the US, which could be coping with austerity due to its debt for years to come. Harper was in India last week to boost trade.

What is clear is that there is an enormous disconnect between the home country regulations now being imposed, and host country actual practices on the ground.

What should boards that have operations in emerging market jurisdictions do? Six things. First, if you are doing business in such a market, you need a director with extensive on-the-ground experience at the board table, who can tell you and management what the hotspots are. You should move a board meeting to the jurisdiction once a year so directors can get a first hand look. Second, boards must make it crystal clear to management that if the company is not going to bribe, management must walk away from certain business. And the board must support this and not have incentives that promote bribery. Third, the internal controls over financial reporting must be as strong in the emerging market as it is in the home market. Investment and resource commitments need to be made. Fourth, boards must have their own experts to scrutinize off-balance sheet and related-party transactions and complex structures; validate and assure internal controls; and provide foreign language document translation. Fifth, local auditors should have the same oversight, scrutiny, and as necessary direct contact with the audit committee that the home auditors have. Lastly, there needs to be zero tolerance by the board communicated to each employee and supplier. The UK is even banning facilitating payments, which are regarded as a “tip,” as these may be bribes in disguise.

Companies and politicians are feeling the pain, including on Canadian shores. The Wal-Mart bribery probe has widened beyond Mexico to include China, Brazil and India. The RCMP is investigating the SNC Lavalin bribery allegations, on which I advised a law firm suing the company. I blogged about Sino-Forest, a case of alleged Chinese fraud by a Canadian-listed company. In Quebec, the corruption inquiry has cost the Mayors of Montreal and Laval their jobs and this is only the beginning. There are allegations of kickbacks in cash that may reach other more senior politicians. And Ontario is not immune either. A senior Canadian director remarked that Ontario has a reputation for being “the best place to carry out a stock fraud in the industrialized world.”

Clearly, more work needs to be done. Canada’s corruption ranking on Transparency International may go down in 2012 instead of up.

Trust and integrity in corporate governance

I served on a panel this week with the CEO of a financial institution, among other panelists. We were talking about compliance with emerging governance regulations. The audience was primarily lawyers. Towards the end of the discussion, the CEO made a brief remark about the importance of trust on a board. “Trust is not in any of the regulations,” he said. Quite true. We didn’t have time to elaborate during the panel, but I want to expand on this issue by defining trust and integrity and outlining three types of governance relationships requiring trust, with examples, below.

Trust is crucial in a board environment to promote transparency and accountability. Without trust, there are gaps in oversight and information flow. Decision-making failure can result.

Trust, however, is underpinned by personal integrity. Integrity is the building block of trust.

“Integrity” has a very specific meaning in the governance context. “Integrity” means consistency between what a director says, writes and does. It means authenticity, candor, reliability, confidentiality, solidarity, and a willingness to accept personal accountability and be bound by board decisions and a director’s own role within them.

Most importantly, “integrity” means putting the interests of the organization above your own, and even putting your own reputation or that of the organization at risk in doing so. It means having the courage to take significant principled action when necessary, for the ultimate good of the company. “Integrity” also means using power appropriately and always acting in a way that withstands the harshest scrutiny. Integrity is one of the highest bars in the governance game because the opportunities for self-interest and enrichment are so plentiful.

If a manager or director has defects in integrity, in any of the above examples, others will not trust them.

There are at least three major types of trust in the governance context: (i) Board-CEO, (ii) CEO-C-Suite, and (iii) Director-Director trust.

(i)       Board-CEO trust

First, the board needs to trust the CEO to bring full disclosure and transparency into the boardroom. The CEO will not disclose fully if one or more directors do not possess integrity or the CEO does not. A CEO needs to trust a board that directors will react to candid thoughts and pre-plans in a mature, measured and confidential way. A CEO’s integrity is equally important. If a CEO is defensive, holding cards close to the vest, and selectively disclosing, a board will know this and get frustrated. Crucially, if a CEO ever holds back key information, or misleads the board, there is only one chance. The Board-CEO relationship will be permanently impaired.

I remember one meeting I observed when the CEO sat with arms folded, with a laptop (a barrier as no other directors had a laptop), and was interrupting directors, in an almost antagonistic way. My debrief with the board chair was that there was agreement among directors that they are left with a sense they are not being told everything. I developed a coaching program with the CEO based on improved board-CEO relations, proper disclosure and information flow, and improved body language and technique for board meetings. I also recommended adjusting the CEO’s compensation to include, among other factors, improved board-CEO relations. This worked in the short term, but the CEO still was not trusted by the board and was replaced.

(ii)      CEO-C-Suite trust

Second, trust is important between the CEO and C-Suite. If the CEO is not trusted by the troops, they cannot lead. The board should know what the views are of the CEO by direct reports. In a board review I undertook recently, I canvassed the views of all direct reports to the CEO, otherwise known as a “360 review.” I recommended to the independent Chair that all directors see these views. The C-Suite also had opportunity to express views on the directors and where they could improve, which was very helpful (and eye-opening) to directors. The directors had opportunity to express views on the CEO. What ultimately occurred was dissatisfaction by the C-Suite in the CEO and specifically a lack of trust. The CEO was replaced by the board soon after.

(iii)     Director-Director trust

Third, trust is also important between and among directors. Directors need to trust each other that each director will support board decisions once they occur, will respect confidentiality, will be consistent and honest in what they say and do, and will act only in the best interests of the company. If a director or chair acts out of self-interest, directors will not work as a coherent team. Issues will be avoided because of undue influence, entrenchment and self-gain.

I conducted a peer review recently (directors assessing each other) and it was apparent that one director had integrity concerns by many others. I convened a meeting with the board chair and governance committee chair. Without breaching confidence, I advised of this gap and ultimately the director who had the low integrity rankings was asked to resign.

So building an effective board takes a key step: “Integrity” is an important attribute in directors and officers and contributes to trustworthiness and “doing the right thing” in the interests of the company.

Integrity is so important that it should be recruited for, developed, and assessed. Don’t avoid assessing and having internal controls over integrity. It can be done. And if a director or manager doesn’t possess integrity, they need to go. In the words of Warren Buffet:

In looking for someone to hire, you look for three qualities: integrity, intelligence, and energy. But the most important is integrity, because if they don’t have that, the other two qualities, intelligence and energy, are going to kill you.

Recruit directors and officers with the utmost integrity and replace those who do not have it. Your board will be better for it.

SNC Lavalin and RBC in the News

If the CEO of SNC Lavalin allegedly over-rode his own CFO and breached the company’s code of ethics in authorizing $56 million of questionable payments to undisclosed agents that the federal Canadian police are now investigating, did the board of directors of SNC Lavlin have a role to play?

If the RBC (formerly Royal Bank of Canada) is alleged by a US regulator to have made “material false statements” in connection with non-arms length trades, reported in the Wall Street Journal to be “a scheme of massive proportion,” did the board of directors of RBC have a role to play?

The answer is “it depends” in these and similar cases. Speaking generally, as all allegations have yet to be proven, it is not credible to argue that boards do not have a role to play in compliance and reputational oversight. A board is the only body that has the legal authority and power to control management and designate all compliance and control systems. It alone acts or fails to act. A board is paid, handsomely paid at the senior most levels in Canada, to take all reasonable steps consistent with best practices, to ensure that it does know.

More regulation now, such as the UK Bribery Act, and the SEC Whistle-Blower Rule, are attempting to hold directors responsible and accountable for failing to direct proper anti-corruption and whistleblowing systems. The SEC rule enables employees to report wrongdoing directly to the regulator, thereby completely bypassing toxic work cultures where whistleblowing is neither independent nor anonymous. This legislation is putting the heat on boards and senior management, or at least it should be.

The Ontario Securities Commission last month released a scathing report about governance, risk management, internal control and auditing failures in companies operating in emerging markets.

In SNC Lavalin’s case, how could anomalous payments of this magnitude and internal controls be allegedly manually over-ridden, as is being reported, and would payments of this nature require explicit board or committee approval? SNC’s own internal report reveals a lack of disclosure of contracting parties and improper documentation and passwords. The board chair, Gwyn Morgan, said that the board wasn’t “able to really determine the use of those payments.” Back in 2010, federal minister Stockwell Day had signaled that certain aspects of SNC’s pricing were “absolutely unacceptable.”

The former CEO, Pierre Duhaime, is receiving almost $5 million dollars. A portion of this is stock options awarded before an independent review was completed, as is reported in the press. Basel includes (at page 38 of this report) a malus scheme whereby vesting occurs only if there is no breach of the code of conduct. Boards may wish to consider comprehensive – and independently drafted – malus or clawback clauses that include similar provisions.

It may be highly unlikely for fraud, bribery or ethical breaches to occur in a vacuum. Employees may have knowledge. The 2011 National Business Ethics Survey reveals that those who reported bad behavior they saw reached a record high of 65% and retaliation against employee whistleblowers rose sharply to more than one in five employees. The Conference Board’s Directors Notes, in “Lessons for Boards from Corporate Governance Failures” (see the PDF at page 3), reveals defects in whistleblowing systems that include lack of anonymity, lack of independence, lack of communication and training, lack of incentive, and lack of a proper investigation. These defects are exactly what the SEC rule is designed to address. As Chairwoman Schapiro has argued, “I find that many of the business ethics problems severe enough to be investigated by us are the result less of individual greed than of individuals succumbing to pressure from their peers.”

Whistle-blowing defects may be faults of a board. If a board is getting its information only from management, this is a red flag. Management may not even possess accurate knowledge, as we see in cybercrime. Independent assurance over anti-fraud and whistle-blowing procedures must occur for any prudent board. And “independence” does not mean the company auditor or legal counsel who assess their own or their firm’s work, nor any firm who does, has done, or seeks to do work for company management. Any assurance provider in this area could likely recommend action adverse to incumbent management or service providers.

Directors and boards themselves also need to step up. This includes international directors, moving board meetings to emerging markets, understanding corrupt business practices, structured deep engagement by directors, receiving third party assurance and disconfirming information (including culture surveys), and using alerts and social media.  See “What Better Directors Do,” by NACD Directorship.

Both SNC Lavalin and RBC received governance recognition and were among the top twenty-five companies in the Globe and Mail’s Board Games for 2011. SNC Lavalin was the 2007 award winner from the Canadian Coalition for Good Governance.

The question therefore, is, could occurrences such as these happen on other boards of directors? If you are a director on a board and cannot reasonably answer “no,” to this question, perhaps you should consider some of the above recommendations.

Boards and Sexual Assault on Campus

“As the graduate assistant put the sneakers in the locker, he looked into the shower. He saw a naked boy, Victim 2, whose age he estimated to be ten years old, with his hands up against the wall, being subjected to anal intercourse by a naked Sandusky. … The graduate assistant left immediately, distraught.”

I apologize to all readers for quoting this alleged abhorrently heinous criminal conduct from the Grand Jury report to what is reputed to be several young boys.

Universities are historic institutions, steeped in tradition. Many however have sorely outdated governance practices. Penn State is a good example. What can we learn?

Penn State prides itself on not changing the size or composition of its board since 1951. What this means is that the entire organization is not keeping up with the times.

Thirty-two directors is not a board: it is a theatre. A board this large means management dominates and decisions are made in advance rather than at the table.

The board of trustees should immediately disestablish the Executive Committee chaired by the President. An executive committee means a “real” board where management controls rather than the board and its committees.

The board size should be reduced to half: sixteen directors maximum and preferably fewer. Multi national corporations have fewer directors.

The university president, or any other member of management, should have no influence whatsoever into director selection.

Penn State does not even have an audit or risk committee. What good board does not have an audit committee? The audit/risk committee should oversee conduct and compliance reporting. Where is this obligation overseen by a committee of the Penn State board, I wonder? No committee charters are available, which is another red flag.

A nominating and governance committee should also be established. So should a human resource committee. It is remarkable that audit, nominating or HR committees do not exist and this again suggests undue influence by management who does not want this oversight.

Penn State’s governance statements are verbose, pompous, self serving and ineffective, as are those of many colleges and universities, deliberately so and written by management who write for a living. Key governance documents are missing, such as the competencies and skills of each director linked to their responsibilities; the code of conduct; compliance procedures for the code; whistle-blowing provisions; a position description for the president; and position descriptions for the board and committee chairs.

These are now requirements for publicly listed companies all over the world and leading not-for-profit institutions. Is Penn State or are other universities immune from such best practices?

If these governance and ethics oversight practices exist, they should be documented and accessible on Penn State’s website. That they are not leads me to believe they are ineffective or non-existent. (Note: the Penn State website appears to have changed slightly as of Sunday, November 13, 2011, to include backgrounds of 32 (was 35) directors.)

Next, more to the alleged sexual assaults on campus property by football coach Sandusky.

There needs to be greater rotation and succession planning at many universities and Penn State is no exception. The same director, employee, coach, dean, or otherwise at the helm for 20-30+ years – regardless of performance or money or donations being attracted – is wrong governance. Joseph Paterno was coach for 45 years and is 85 years old.

Inadequate succession planning like this would never fly in public companies, where CEO tenure is 4-5 years and good board tenure is 9. People don’t have time to get comfortable and start capturing people but need to do their job. On boards, retirement age is 72+ and good tenure is 9. In professional service firms, it is even earlier, from late 50s to early 60s to make way for the next generation of leaders.

No one is irreplaceable or larger than an institution. Incumbents create power and fiefdoms, currying favors – such as free sports tickets and equipment to young boys (as was alleged) – or protecting colleagues (also being alleged) – where they become so dominant they cannot be resisted, within pockets of toxic culture and risk – with management and even boards of trustees acquiescing instead of governing.

All allegations have yet to be proven, but if true this is likely what happened here: People become afraid to speak. If they speak, they will suffer enormous reprisals, even loss of their jobs or banishment. The board is at fault if this is the case as a result of a flawed structure (see above) and decisions it took or did not take.

At least half of the Penn State board should be businesspeople with clout. The board should have the same transparent recruitment that companies how have, with directors who are independent, have run businesses and can tell colleges who are behind the times, or who resist reform, that this is what has to happen. Having alumni, the governor, or even agricultural societies (likely a historical artifact) appoint or elect directors does not necessarily result in competent directors being at the table or staffing key committees. There needs to be a greater link – clear and transparent – between directors, their skills, and what is required to govern. The days of ceremonial appointments should be over. Clearly they are not.

Next, all colleges should have whistle-blowing procedures at the same level or above as companies are now obliged to do. This puts the heat under management to have proper procedures, as employees can go directly to an external ombudsperson or the regulator to get protection.

A code of conduct should be developed by all colleges and universities, as is the case for any leading organization. It should be signed off on by each and every trustee, employee and key supplier and be a condition of serving and employment, including for the president. Code compliance should be part of the president’s contract. Everyone has to sign that they do not know of any wrongdoing, directly or indirectly, anywhere on campus, every year. The sign-off statement should include obligations on how to report, protection mechanisms, and assurances of a proper independent investigation.

All code compliance should be reported directly to the audit committee of the Penn State board (note: non-existent at Penn State), and independently assured. The code must include conflicts of interest statements, treatment of assets, fair dealing and harassment. Training and education should also occur, for each employee. The code should be paramount and override defensive union agreements or guises of academic freedom.

Lastly, Penn State’s internal audit charter – if it exits – should be available on its website. The design and effectiveness of internal controls, including approvals, access to restricted rooms, campus security and lighting, keys, locks, areas of vulnerability, and potential for override – most of which were likely deficient in this case – should be reported directly to and overseen by the audit committee.  The audit committee should be able to insist upon independent assurance for any risk, based on the audit report. Good audit committees know and do all this. They direct the president, CFO and finance and risk personnel to comply with best practices.

Why would Penn State management do all this, under this resistance? Simple. The board tells them to. Or they get fired. This is why a strong board is so essential. The tone at the top starts – and stops – with the board. Sandusky is not a rogue any more than a rogue trader is at a bank. He is operating within a defective system, put in place by defective management and overseen by a defective board.

Conclusion: Reform to collegiate governance

Educational institutions are complex organizations, with interdependent stakeholders and many moving parts. They are sometimes more complex to run than a large company. In the vast majority of cases, they are staffed by committed and well-meaning people. They are however, hard to manage and especially difficult to govern, given defensive unions, historic tradition and tenured, specialized academics and staff. They are however taxpayer-funded entities from which leadership and accountability are expected. Indeed, they are supposed to set the example and practice what they teach.

It is very important that governance standards and practices be current and not myopic, and this is why colleges need strong, proper, effective independent boards to counteract resistance, have the clout to direct management and staff, and impose proper governance, risk management and internal controls are is being done for public companies.

Here, Penn State, and perhaps many other universities have much to learn.