Labaton Sucharow LLP yesterday announced the results of its nationwide Ethics & Action Survey. Conducted by ORC International between November 17-20, the survey questioned 1,000 Americans on their knowledge of wrongdoing in the workplace and willingness to come forward and report it. With significant financial rewards and strengthened anti-retaliation and anonymity protections offered under Dodd-Frank, an overwhelming 78% of respondents indicated they would report wrongdoing in the workplace if it could be done anonymously, without retaliation and result in a monetary award. In fact, more than one-third (34%) of respondents knew about wrongdoing in the workplace. However, 68% were unaware that the Securities and Exchange Commission (SEC) has a new Whistleblower Program designed to protect and reward individuals who report violations of the federal securities laws.
This kind of Operational Risk doesn't have to involve insider trading or the SEC to be an issue. Do you have a controlling boss or a bully in the organization who uses their position of power to get what they want at any cost or to force you to look the other direction? What kind of facts point to their behaviors and the actions by others that contribute to a caustic and toxic work place setting or to further perpetuate the situation? Whether it is your Fortune 500 public company or your tiny 501(c)3 non-profit does not matter. When over one-third of the respondents of the ORC Ethics and Action Survey knowingly ignore or are afraid to report incidents of wrongdoing or ethics violations the culture is broken and in need of repair. The people who have the fiduciary duty to see that this kind of behavior is deterred also have the responsibility to provide the tools and the mechanism for those being victimized and those who are observing the malfeasance to anonymously defend themselves.
So what should you do as an Operational Risk professional to make sure this doesn't happen to the people in your respective organization? Here is a good start:
Many corporations have internal compliance programs for corporate misconduct. These programs are, in theory, designed to provide an audience for workers who want to report unethical or illegal corporate conduct. Whether to utilize internal compliance reporting procedures is not an easy question to answer. As a general proposition, some believe that where the wrongdoing is pervasive—as in the case of securities fraud—an internal compliance program will not provide an adequate means of redress. Some believe that where the issue involves massive overbilling to the Government, or an allegation that a corporation is receiving significant dollars in unlawful revenue through fraudulent conduct, the internal compliance system will not work.
It's imperative that you also become aware of and communicate to employees and volunteers what their rights are outside the formal processes that are in place within the organization. Sometimes the nature of the ethics violations will not easily fall into the category for the internal compliance department.
So even "A Decade After the Fall of Enron" the laws and the rules provide us with a false sense of security from the corporate and workplace malfeasance that so many U.S. citizens are being subjected to on a daily basis. And based upon the current-state-of-play around the beltway in Washington, DC you can expect that the coordination and cooperation is increasing by the minute.
The increased collaboration among the alphabet soup of enforcement and regulatory agencies is also due to a collateral effect of the current financial crisis: declining agency budgets. In the current downward budget cycle, agencies are working in concert more than ever before. This trend is exacerbated by a change in the mission of the FBI in the post-Sept. 11, 2001, world, shifting resources to counterterrorism and creating a need for other agencies to play an increased role. The overarching lesson from this increased collaboration is clear: Gone are the days that inside or in-house counsel can assume that the state or federal agency with whom they are dealing is acting alone; it is increasingly likely there are additional state or federal agencies involved, resulting in overlapping criminal, civil or regulatory exposure.
If you are charged with the position of the Senior Operational Risk professional in your organization, this topic of wrongdoing in the workplace can not be overlooked any longer. It is not too late to create a "Defensible Standard of Care" and to turn the word "Integrity" into a cultural pursuit for all to aspire to, before it is too late.