Rounding out the sessions on day one of Compliance Week Europe 2016 in Brussels, Keith Read, Convercent’s Managing Director Europe, joined Agnes Ernmel-Grussbach, Corporate Ethics and Compliance Officer at DuPont de Nemours to lead a packed session on defining and managing conflicts of interest in today’s always-changing landscape.
Conflicts of interest are anything but straight-forward. Compliance professionals today need a system and without one, people tend to place their own judgments on what is acceptable and what is not acceptable.
Despite the wealth of available examples, many compliance executives and organizations don’t think COIs pose a serious threat. The examples below are real cases that Read investigated during his time as British Telecom’s CCO:
A senior manager used his position to force through a selection of a new supplier for a major contract.
The CEO of the previous, family-owned supplier had a heart attack as a result of the loss of business, from which he never fully recovered – and the CEO’s teenage son attempted to commit suicide.
It subsequently came to light that the new supplier was an indirect family friend of the senior manager.
It was only a whistleblower, working for a company without a compliance system that revealed a local history of employing relatives.
A senior manager employed his wife – and also his daughter, son and the CFO’s son. The daughter was paid €56,000 – yet this figure was not declared in the accounts as a related-party transaction.
Investigators were told that it was apparently not clear from the guidance what constituted a ‘close relative’ – the trigger for a conflicts of interest declaration.
An investigation revealed that the Chief Operating Officer had placed an HR review contract with his wife – and subsequently made payments of €100,000 to his wife’s company, of which he was the company secretary.
They had no conflicts of interest system in place, no procurement controls and totally inadequate separation of duties; the payments were also not disclosed as a related-party transaction.
A quiet, unambitious junior procurement officer in a major company lived a wealthy lifestyle – but in the absence of a conflicts of interest system, there was no formal request for disclosure.
By chance, the procurement officer took a holiday in the same resort as a senior manager who subsequently investigated; this revealed that he was feeding information to his partner, a director at a major competitor.
After explaining the above real-life examples of how out of hand conflicts of interest can become, Read presented to the audience a COI triangle exercise, which is comprised of opportunity, pressure and rationalization.
There are three factors, according to Read, that trigger COIs:
Opportunity: an employee gets a second job to get some additional cash.
Pressure: for the employee to get the job or disclose it.
Rationalization: justifying not disclosing the second job because it may not seem like it would be a problem or a potential risk.
These factors create the perfect environment for a COI and every time there is a COI they pass through each of these phases presented in the figure to the right.
A risk-based conflicts of interest platform allows for a proportionate approach to manage the nature and likelihood of conflicts. It should go without saying that if your company is at a high-risk of severe conflicts, you need a conflicts of interest system. If your company has a high-risk of minor severity, but you have a lot of them, your reputation could be jeopardized. Even if a risk may seem small, that risk should still be managed and mitigated appropriately as a risk of any size could drastically harm your company. Using a risk-based decision-model, Read advices, will help compliance professionals make a more sound and calculated decision.
In context, for a company with 5,000 – 10,000 employees or more, conducting this process manually is not the objective of a risk-based COI exercise. Rather, to be actually effective with this approach involves investing in increased resources (human capital and energy) as well as a more calculated platform that is based on an integrated compliance solution.
On the heels of our recent Convercent 4.0 announcement, which offers conflicts of interest disclosure escalation and translation, this is an area we are extremely passionate about not just from the perspective of our product, but from what is happening every day in the industry. Couple this with National Business Survey Ethics finding that nearly half of employees who witness misconduct do not report it, the risks that can occur is concerning.
Having the opportunity to speak alongside an agricultural leader such as DuPont’s Ernmel-Grussbach lead the conversation into two different paths that seek to accomplish the same goal: increase disclosures, define conflicts of interest, and how to manage the tremendous amounts of conflicts a compliance officer handles with proper processes, awareness and proactivity.
Echoing what we heard in the morning’s keynote moderated by CEO Patrick Quinlan (READ THE BLOG RECAP HERE), despite putting the definition of COI into say your Code of Conduct for example, there is an extremely unpredictable variable: the human factor.
IN PRACTICE: COIs AT DUPONT
Explicitly stated in the agri-business’ Code of Conduct, Ernmel-Grussbach outlined three common types of potential conflicts:
- Financial COI: an employee or family member has a significant financial interest in an outside enterprise which does or seeks to do business with, or is a competitor to DuPont.
- Personal COI: an employee hires a family member; a company doing business or competing with DuPont is owned by a family member.
- Professional COI: using one’s company position or title in connection with an outside activity that may infer the company’s sponsorship or support; outside employment like serving as director or consultant in an organization that conducts or competes with DuPont.
One of DuPont’s primary business operations is selling seeds like corn or soybeans for example to farmers across the world to purchase and use to grow their harvests. Due to the company’s agri-business model, they are in the unique position where COIs are literally everywhere since farming is typically a family-run operation. At any one given time, Ernmel-Grussbach said, there could be thousands of COIs she has to stay on top of.
COI – CHALLENGE AND OPPORTUNITY
While it is often easy to get caught up in the negative aspect of conflicts, there is a tremendous opportunity for compliance professionals to manage their programs in such a way that each conflict (there will always be conflicts in any organization) is easily managed and proactively, if possible, mitigated from growing into an irreversible risk.
“Whatever the approach, the direct legislative drive for a COI program is variable, with the consequence that organizations often expose themselves to completely unnecessary risk by failing to realize the benefits of an effective COI program,” says Read.
Despite the day-to-day practicalities of managing COI, a few key opportunities for organizations to reduce, compliance risk achieves by having more and better disclosure data to act on and analyze.
Gathering regular and frequent disclosures will allow you to:
- Get better insights into employee behavior: the more disclosures, the richer and more structured the data. For the compliance team, it provides a better picture of employee behavior, risk disposition and key drivers (motivators).
- Reduce the noise: Increase the number of legitimate disclosures and cut down the extraneous reports. Provide employees a more intuitive and welcoming experience when disclosing a potential or perceived conflict.
- Have an open dialogue: If you practice an ongoing, fluid disclosure process, it will keep the lines of communication open among your employees and steer away from sporadic hotline reports or semi-regular training and policy requirements.
- Give employees ownership: providing employees ownership and a secure portal to disclose their conflicts gives them skin in the game, which increases interest and engagement in creating a compliance-first culture.
- Provide a simplified employee experience: provide an easier and positive first interaction with compliance. Disclosures can, and should be, less threatening and provide an overall more positive and welcoming experience than reporting misconduct or other compliance points.
We don’t immediately think of a single mother with three children working part-time at a burger joint for additional income becoming distressed at the prospect of a disclosure leading to her looser her low-risk job. Situations like these and what occurs in vast complexity across industries may cause you to reassess your program and create your own COI risk assessment matrix based on the conflict type and likelihood that you see to the left.
Left unchecked, COIs can breed misconduct and risk for companies, including fraud, corruption insider trading and more. With the heightened regulatory focus being discussed at this conference, putting a proactive step forward when managing or establishing a COI system is no longer a nice-to-have, it’s standard practice.