A Look Ahead to the Future
(1)
Ernst & Young, Cologne, Germany
It is not just here in Germany that compliance is probably one of the most talked about management buzzwords of our time. This makes it necessary to also cast a critical eye over the subject. What direction will the development of compliance take in the future? What pitfalls need to be taken into account when defending against corruption and white-collar crime? And what gaps still need to be filled?
After a short, critical assessment and an analysis of the empirical data, it quickly becomes clear that an understanding of compliance based on control and legal formalities can only be the first step on the road to a company attaining a sustainable corporate culture based on values. It is this culture that will automatically react against white-collar crime and corruption, driven by its inherent sensitivity to assets and values, rather like an antibody against infection. The requirement for this is truly sustainable and ethical corporate management based on the concept of good corporate governance.1
Therefore, this chapter will outline the basic features of good corporate governance.
5.1 Compliance in Germany: An Overview of the Current Situation
The importance of compliance has still not been realized everywhere. According to an EY survey from 2002 (see Ernst & Young 2012, p. 12 ff.), a third of the 871 business decision-makers surveyed only rated the subject of compliance as being of “medium importance.” Despite the fact that the remaining two thirds of respondents claimed that compliance was “important” or “very important” to them, the results gathered from other more specific questions in the survey told another story. Over one fifth of those companies surveyed admitted that they had no regulations in place to deal with compliance infringements, while only a half of those surveyed even had a chief compliance officer. And training sessions dedicated to the subject of compliance had only been institutionalized in 2 % of companies.
These figures indicate that although there is some awareness about compliance themes, there still remains a great deal to be done when it comes to integrating them into the day-to-day running of a company.
5.1.1 The Control Paradox of Compliance and Its Negative Effects
It would certainly be wrong to suggest that compliance in the form of an additional set of internal company rules is enthusiastically welcomed and celebrated everywhere. Although compliance has become generally accepted as a business buzzword and is being preached almost religiously from every soapbox, many managing directors and managers view this development critically. What do these new obligations initially mean for those in positions of responsibility at companies? The real answer is lots of time and effort! In practice, it will generally be necessary to create new responsibilities, processes, and structures that never previously existed in the company.
And the establishment of a compliance management organization within a company can often bring with it significant negative effects—ones that are unfortunately not dealt with sufficiently in the relevant literature or by consultants. So it may useful to examine them in more detail at this point. Compliance management is advertised instead using terms such as increased efficiency or effectiveness. These benefits will remain nothing more than a pipe dream if the most obvious obstacles to the implementation of compliance in a company remain unresolved.
The process should begin at the most fundamental of all levels—with the individual employees and their well-being. Because what does a newly introduced compliance management system with all of its various mechanisms and controls actually do in the first instance to these unsuspecting employees? It places them all under general suspicion. And then the situation becomes much worse when some of these suspicions are actually confirmed! The reason is that white-collar crime is a control-related offense. The more people look for it, the more cases are discovered. When compliance is taken seriously it initially makes the whole organization seem more criminal than before. Or at least this is the impression that it portrays. The consequences of this control paradox2 on the perceptions held by employees and the corporate culture or subcultures is often massively underestimated.
In many companies, the compliance organization and its employees have not yet found their proper place. Especially when faced with this control paradox, reservations and resistance to these new colleagues quickly develops, with many believing that their only role is to question business processes that have functioned well for many years and to harass employees with their compliance controls.
In the worst-case scenario, the compliance department effectively develops into a bureaucratic parallel organization, with the result that its work is rejected by the existing corporate culture, while its employees become ostracized. The culture of mistrust that then develops makes it more difficult for everyone to work in harmony with each another and immediately has a negative effect on the performance of the whole organization.
What this worst case scenario can mean in terms of efficiency is easy to imagine. Compliance—which has been incorrectly developed, understood, and conveyed—can slow down functioning companies and in the most drastic cases even paralyze them. Nobody should deceive themselves when dealing with this subject. Commercial controls often have a negative impact at first on efficiency and flexibility, even if they ultimately prove beneficial later on and prevent damage to the company.
The areas of the company whose strength lies in their dynamic approach and fast response need to be particularly carefully monitored and handled. These are often ironically the areas of the company most vulnerable to corruption and criminality, such as sales and purchasing.
Typical examples could be a broker who trades in real time, or a salesperson who needs to create or change quotations and calculations at short notice. Ultimately, it is crucial to find the right balance between exercising caution and charging in at full throttle—making sure that business success is not continuously hindered while ensuring the risk of damage to the company due to noncompliance is nevertheless reduced.
This small case study already clearly demonstrates that a purely control-oriented interpretation of compliance, as it is currently implemented to a large extent, will sooner or later reach its limits. This is due to the simple fact that this type of approach cannot provide an answer to every conceivable dilemma.
It is much more important—and this will be the starting point for the final section of the book—to develop such a high level of awareness for integrity and compliant behavior that, in the best case, there will be hardly any need for a large bureaucratically managed compliance organization within the company, which, it seems, is only there to apply the brakes.
Then the compliance organization would merely be required as a consultant for the various business units—acting as a temporary corrective measure to help only from the point at which training and the employees’ existing awareness for integrity stops. This model would see the compliance organization holding a much greater supporting and advisory role than it currently does in the majority of companies.
However, when evaluating compliance it is the superficially negative aspects that often lead to it being considered a “necessary evil” and, consequently, to it not always being resolutely implemented in companies. The extent to which these pro-forma solutions can actually be dangerous for those involved is examined in the following section.
5.1.2 The Danger of Pro-Forma Solutions
Anybody who views compliance as a “necessary evil” and does not take it seriously in these times of comprehensive manager liability should be urgently warned at this point. The establishment of sustainably functioning investigative and preventative systems has long since ceased to be merely a prestige project indulged in only by those particularly dutiful people in positions of responsibility. It has become a commercial and, most importantly, legal necessity, which is now also reflected in German legislature and legal judgments.
In this evaluation, the phrase “sustainably functioning” has been deliberately chosen at this point to describe these compliance management systems. The true commitment shown by those in positions of responsibility at some companies to preventing the development of corruption and white-collar crime in the first place, or comprehensively investigating and continuously following up cases of damage so that no further misconduct is experienced, must be clearly differentiated from so-called formal compliance.
Formal compliance can result in serious consequences for managers and management board members in positions of responsibility at the latest when the preventative measures are evaluated in the course of investigations by the public prosecutor’s office and subsequent court proceedings. District attorneys who deal seriously with these crimes and are also well versed with the subject matter ceased being taken in by Potemkin villages a long time ago.
The recent legal judgments issued in prominent cases confirm this fact. Anton Weinmann, former member of the management board at MAN, was convicted of aiding and abetting bribery payments because the judge was of the opinion that Weinmann had “not done enough to stop the practice of bribery” (see Editorial of the Handelsblatt 2012)—whether or not the company had a code of conduct or formally existing compliance system.
It is important to briefly clarify the situation in this case. Weinmann was not convicted because he had failed to deal with the subject of corruption in his area of the company. He had in fact done this. However, in the view of the judiciary he had not done it sustainably enough—and this should provide food for thought for every manager who thinks that they can buy their way out of any liability issues with formal compliance systems. The current trend clearly goes against pro-forma solutions.