SlideShare a Scribd company logo

Thought Leadership on Ethics & Compliance scale Final

Sundaraparipurnan Narayanan
Sundaraparipurnan Narayanan
1 of 12
Download to read offline
RISK MANAGEMENT FRAUD CONTROL TM Culpability Parameters for Ethics Investigations A guide to developing culpability matrix in ethics investigations
@ TRUSTUS Institute, 2014 Thought Leadership2 A guide to developing culpability matrix in ethics investigation 1 Introduction Organizations across the globe are striving towards encouraging ethical culture amongst their employees, contractors, third party associates and business partners. These efforts are primarily driven by the changing economic landscape of growing regulatory penalties, increasing demands for transparency in business and extended visualization of community impact contributed by many misconducts. In todays world, organizations come across several patterns of misconduct ranging from misbehaviour to misappropriation; dereliction of duties to disclosure of confidential information; corruption to conflict of interest. These misconducts, if unattended can cause serious damage to the organization’s reputation and overall health (financial/ ethical). An employee, a contractor, a supplier or a service provider or one of their employees could be party to such misconduct. Disciplinary action towards misconduct is considered a deterrent to such misconduct. While the extent of deterrence impact created by disciplinary action on any misconduct is not easily quantifiable, the efforts towards such actions cannot be undermined. Organizations adopt different approaches towards defining, deliberating and deciding on disciplinary actions for misconduct, based on the available evidence to substantiate a violation. Evidences play a crucial role in deciding on disciplinary action. However, how the evidences needs to be considered in the process depends on several factors including the impact due to violation, the level of culpability and other circumstantial factors that intensify or de-intensify the level of disciplinary action. Courts across the globe are moving towards structured sentencing guidelines for offences to ensure consistency in decision making and enhance trust on legislative transparency. This though leadership examines the need for Ethics & Compliance scale and key factors that shall be considered in defining, deliberating and deciding on disciplinary actions. 2 3 4 Need for culpability parameters Key factors for disciplinary action Conclusion Contents
3Thought Leadership @ TRUSTUS Institute, 2014 A guide to developing culpability matrix in ethics investigation 2 Need for developing culpability matrix Misconducts are not the same. Each type of misconduct have varied root causes, dimensional impacts and differing level of intent. While these aspects could not be definitively measured in all circumstances, it is essential to consider them to the extent feasible during the process. For instance, an accidental sharing of financial information with a friend whose name is similar to that of the board member or senior executive in the company, cannot be treated the same way as a theft of intellectual property would be treated. Disciplinary actions on misconducts require varying treatments as it has broader objective of prevention and cure besides the obvious objective of punishment and deterrence. At its base, a disciplinary action should reflect an attitude of zero tolerance towards violation/ misconduct. The tolerance level, however may depend on the type of misconduct. Key types of misconduct that organizations face are fraud and corruption, disclosure or misuse of confidential information, misappropriation or damage to assets, behavioural misconduct including misuse of powers, discrimination or harassment, conflict of interest and others. There may be several sub types for each of the above misconduct and accordingly the disciplinary approach may vary. Primary options available with organizations for disciplinary proceedings include removal or dismissal, suspension, warning - oral or written, withholding promotion or career progression, withholding increments or bonus and counselling. In addition to the primary options, organizations opt for reporting to law enforcement for appropriate action. In deciding on appropriate disciplinary action, organizations essentially consider multiple factors. While some of the factors considered mature over time, careful structuring of the essential factors can enable organizations to prevent legal issues created by rogue employee. Each type of misconduct have varied root causes, dimensional impacts and differing level of intent
@ TRUSTUS Institute, 2014 Thought Leadership4 A guide to developing culpability matrix in ethics investigation Financial Risk LegalRisk Key Disciplinary options Key types of Misconduct Broad level risks Organizational Ethics and Compliance A guide in nature of Ethics & Compliance scale is essential for the organization due to the following key reasons: 1. Disciplinary option for any misconduct may not be same. For instance, Non declaration of conflict of interest in a supplier by a procurement manager may be different from a conflict of interest in a supplier for a finance person. This also represents the differences in the impact and the level of culpability involved in such violation. 2. Level of disciplinary option applied in many instances are debatable. Organizations do consider withholding promotion as an action for certain misbehaviour. However, the number of promotion cycles the employee has to be withheld from is a debatable issue. 3. Ethics & Compliance Scale is such a guideline for organizations in enabling consistent disciplinary action across geographies and time. It is not intended to be a rule book and will leave the application of the guide to the decision maker or the committee. Source: TRUSTUS Research 4. An action in an organizational context comes under a lot of scrutiny. It is hence necessary to for the organisation to demonstrate a transparent approach and avoid potential opportunities for influence based decisions with the aid of such a guide. While a guide is essential, it may evolve to its comprehensive best over a period of time. Organizations shall always attempt to embed the learnings from the implementation of guides as a part of its evolvement process. Actions taken by organizations for any given misconduct may not be the same. The actions taken will vary between organizations based on their industry and their culture. For instance, a culture of involving law enforcement or removal for remote negligence in oversight are not common across organizations. Organizations should recognize the need for such Ethics & Compliance scale and evaluate elements / reasons reflected above in structuring a definitive base of disciplinary action for tackling issues of misconduct.
5Thought Leadership @ TRUSTUS Institute, 2014 A guide to developing culpability matrix in ethics investigation 3 Key factors for disciplinary actions Organizational environment exhibits multiple factors in the process of determining appropriate disciplinary action for misconduct. Key factors are: 1. Act of violation or misconduct – This factor examines the nature of misconduct and its overall impact. 2. Role in the violation or misconduct – This factor examines the subject’s role in misconduct including whether he was influenced to act. Act of violation or misconduct Subject’s role in violation or misconduct Motivational elements associated with misconduct Behavioural clues associated with investigation Overall Organizational perspective Source: TRUSTUS Research x 3. Motivational elements – This factor examines the aspects that may have motivated the subject or whether the vulnerabilities are exploited. 4. Behavioural aspects – This factor examines the subject’s level of cooperation, response to warnings and trends of past violations amongst others. 5. Organizational perspective - This factor examines the impact due to violation or misconduct.
@ TRUSTUS Institute, 2014 Thought Leadership6 A guide to developing culpability matrix in ethics investigation x Act of violation or misconduct Similar is the case in issues pertaining to sexual harassment wherein, wherein, oral evidence may be still be held reliable even though the issue in question could still not be corroborated from other sources. 3. Value or number of instances – Impact of investigation also depend on the number of instances of such fraudulent behaviour or value of such frauds. For instance, a misbehaviour at customer’s premises may lead to loss of business, but consistent misbehaviour at the customer may result in loss of market. Hence, action against ethics violation shall also consider the frequency of such acts. 4. Complexity and planning – A misconduct may have differing levels of complexity or sophistication. Treasury or hedging fraud may have been perpetrated with considerable planning. Similarly, an attempt to hack into a server to remove confidential customer information may be perpetrated with technological sophistication. These attempts will require detailed planning and deeper intent to cause harm. Intent to harm is one of the crucial factors that guides decision making process. 5. Period of misconduct - Misconduct may have occurred over a period of time. For instance, a financial statement fraud may have occurred over a long period of time. Similarly, corrupt practices in businesses are seldom isolated instances, these may have happened across periods. Sustained occurrence of the misconduct represents the possible intent and deeper inflection of the wrongdoer in benefiting out of such misconduct. An assessment of these elements provides a clear perspective of the impact due to act of violation. 1. Nature and seriousness of the misconduct – Nature of misconduct and its seriousness is a vital element in assessing the act of violation. For example, discrimination based on religion and conflict of interest will be handled differently. The seriousness may vary significantly between multiple nature of misconducts. For instance, misuse of position by a senior management personnel may have greater sensitivity. Similarly, unauthorized download of certain proprietary documents of a product exposes the risk of sharing it with competitors thereby may have higher level of sensitivity. 2. Adequacy of evidence – Evidence forms the core part of organizational disciplinary action process. Oral, documentary and digital are key types of evidences. More than the existence of evidence, whether the evidence is substantiating the issue in question or whether it is only circumstantial, determines the course of action. Many a times, in instances of bribery and corruption investigation, the evidences are more circumstantial than direct. Herein we examine the act of violation and its impact. These elements primarily pertain to nature and seriousness of the misconduct, adequacy of evidence, complexity related to perpetration, period of misconduct and frequency of instances. Nature & seriousness Adequacy of evidence to substantiate Complexity and level of planning Period of misconduct Value or frequency of instances Source: TRUSTUS Research
@ TRUSTUS Institute, 2014 Thought Leadership7 A guide to developing culpability matrix in ethics investigation 4. Organizations do come across instances of misconduct wherein subordinates are involved in certain acts based on the instructions from their superiors. In these instances, the subordinates may not understand the complete impact of the misconduct. Further, hiring wife or a relative in the team by abusing position is also not uncommon. 5. A security guard who allows transit of materials without adequate documentation, as instructed by the store keeper, is influenced by the trust in the role and responsibility of the store keeper. He is culpable, however, the level of culpability 6. Similarly, abuse of fiduciary duties and abuse of position of trust in diverting business leads to a future employer by a sales manager or to another related entity of a promoter post receiving private equity funds have relative higher degree of culpability. 1. Misconduct may be committed by more than one individual. The involvement could be active or passive. For instance, an employee may have ignored harassment of another employee by a manager, despite requests from victim for help. In this given circumstance, had the employee observing such a situation, had offered to help; he would be accorded a different treatment as compared to had he gone ahead and reported such an incident 2. Involvement could also be based on peer pressure, wherein the employee adopts corrupt practices to gain business benefits. Further, some of the misconduct activities may result due to adoption of predecessors practices. 3. Many a times in sexual harassment case wherein a secretary is raising concern on her long standing manager, a question that arises is why is the secretary raising the concern now? In many instances it is due to exploitation. Role in violation or misconduct The role of the subject in the violation or misconduct is another crucial aspect in the process of determining an appropriate disciplinary action. The elements under this factor includes the level of involvement by the subject including whether it is influenced by others and the extent of abuse of authority by the subject. Significant or peripheral role in misconduct Involvement due to coercion, intimidation or exploitation Involvement due to influence of pressure Abuse of power, trust or responsibility Source: TRUSTUS Research Role in violation or misconduct
8Thought Leadership @ TRUSTUS Institute, 2014 A guide to developing culpability matrix in ethics investigation Deliberate efforts to exploit vulnerability Opportunistic motivation (one of violation) Motivated by financial/ other gain Limited awareness on the impact of misconduct Threats or inappropriate actions (black mail) Discrimination based motivation Motivational elements Source: TRUSTUS Research Motivational/ Influencing factors All acts of misconduct can be associated with certain motivation, while in many cases the motivation may not be apparent or convincing. The motivational factor includes financial gain , approach to exploit vulnerability, discrimination based motivation or psychology based inappropriate actions. 1. Financial gain as a motivator is prominently experienced in many misconduct cases relating to fraud. In addition to the financial gain, there may be other contributing or coexisting motivational factors. 2. Motivation to exploit vulnerability is increasingly becoming prominent in information security related misconduct. Such aspects may be more serious as it has a focussed effort to exploit weakness. 3. There may also be circumstances wherein an employee had submitted excess travel claim, but failed to withdraw the same on realizing it. During investigation if the employee regrets his decision and agrees to withdraw his claim, then it may only be an opportunistic motivation. 4. Caste, nationality, colour or sexual orientation based discrimination related misconduct may have more serious impact on working environment of the organization. Organizational decision on disciplinary action shall take cognisance of such elements also. 5. Similarly misconduct involving physical threats or inappropriate actions may be equally serious. 6. Further, there may be circumstances wherein, the perpetrator may not have understood the impact of such misconduct. Harassment is referable to the harm caused to the person harassed rather than the actual intent of the other. With people from different culture and backgrounds it is essential to sensitise individuals on appropriate conduct.
@ TRUSTUS Institute, 2014 Thought Leadership9 A guide to developing culpability matrix in ethics investigation 4. Some of the behaviours of the subject learnt during the investigation may include his addiction to drugs or pornographic content or histrionic behaviour. During the course of review, if the subject demonstrates steps to recover from his addiction, the organization may consider such behavioural improvement in taking disciplinary action. 5. Further, the behaviour may also indicate the subject’s efforts to facilitate other fraudulent or undesirable behaviour. 6. Previous behaviours of the subject include the nature of previous violations and its relevance to the current act/ violation; or violations since last warning or similar action. A failure to respond to warnings may indicate non-inclination of the subject to change his path. 1. Cooperation with investigation is one of the key elements to consider. Acts of misconduct involving bribery or financial statement fraud may be perpetrated by more than 1 individual. One of the individuals involved may agree to become a cooperating witness and aid in unearthing the extent of the misconduct. In such a circumstance, while the act of violation by the cooperating individual is serious, his behaviour to support may be considered as supportive information in disciplinary proceedings. 2. Voluntary reporting or early admission can also be supportive behavioural cue in this regard. Similarly, attempts to prevent victim from obtaining assistance could be another behavioural cue in disciplinary proceeding. This may be by misguiding a victim on the process of seeking assistance. 3. Subject’s attempts to share or conceal additional information regarding the misconduct or diverting the investigation may implicate the subject further in a disciplinary action. Behavioural factors Behavioural factors relating to misconduct and the course of investigation have a strong bearing on the disciplinary action. The elements under this factor includes cooperation during investigation, history of violations, attempts to conceal/ dispose of evidence and behaviour in responding to warnings. Cooperation and early/ late admission Attempts to share or conceal additional info Demonstration of steps to improve Efforts against victim on reporting Response to warnings History of violations or misconduct Supported other misconducts Source: TRUSTUS Research Behavioural factors
10Thought Leadership @ TRUSTUS Institute, 2014 A guide to developing culpability matrix in ethics investigation Organizational factors Any act of misconduct requires an assessment of the impact from the organizational perspective. Organizational perspectives include losses and the impact on reputation if not acted seriously. 1. Organizational impact due to misconduct may be of several types. They are • Financial impact: The financial impact due to acts of misconduct includes financial losses and/ or loss of business. It may also include the investors’ departure from their investment, which may result in cash outflow. • Reputational impact: Reputational impact may include instances where organizations’ brand value, market standing, credit worthiness, ethical representation and business presence is put at stake. • People impact: Certain type of misconduct may have a significant impact on people. These may not be quantifiable and may include departure of key executives also. In many large investigation scenarios, the employees’ morale gets affected the most and they move into a shell of protecting themselves rather than being open about innovative approaches for the organization’s benefit. These impacts are sizeable and detrimental for organizational prospects. • Legal impact: Some of the misconduct may involve legal consequences for the organization including regulatory proceedings and their associated impacts. The financial, reputational, legal and people impact determine the course of disciplinary action. However, in many circumstances the impact of the misconduct may not be apparent and measurable at the time of disciplinary proceedings. Organizations shall take consideration of these possible impacts before deciding on the disciplinary action. 2. Similarly, there may be certain misconducts which may have serious implication on the organization, if not acted upon appropriately. This could be an issue of mass misconduct involving multiple employees of same division or sensitive misconducts. Sensitive misconducts may be in nature of discrimination or sexual harassment or senior management fraud. These misconducts if not acted upon appropriately and timely, may result in more serious impact on organization than estimated. It is essential for an organization to consider the possible organizational impact due to the misconduct and appropriately consider the options for disciplinary proceedings. Source: TRUSTUS Research Impact on organization due to misconduct Misconduct that may have detrimental impact if not acted upon Organizational perspective
11Thought Leadership @ TRUSTUS Institute, 2014 A guide to developing culpability matrix in ethics investigation 4 Conclusion With varying organizational processes across geographies and emerging types of misconduct, organizations face several challenging circumstances in deciding upon appropriate disciplinary actions. These disciplinary actions, if taken on a solitary case basis may sometimes become inconsistent. These inconsistencies get noticed by whistle blowers, management and the subject of the misconduct more closely. Considering the increasing usage of social media, impacts of mis-conceived disciplinary action may have serious complications. Developing a structured developing culpability matrix that guides the organizational approach towards disciplinary proceeding will contribute to organizational transparency.
@ TRUSTUS Institute, 2014 Thought Leadership12 A guide to developing culpability matrix in ethics investigation RISK MANAGEMENT FRAUD CONTROL TM Contacts reachus@trustussolutions.org Corporate Office S813, South Block, Manipal Center, 47, Dickensen Road, Bangalore – 560042 Branch Office Level IV, Prabhavee Tech Park, 125, Baner Road, Baner, Pune - 411045 About this publication This thought leadership is based on the learnings primarily from United States Corporate Sentencing Guidelines and United Kingdom Crown Prosecution Guidelines. These guidelines provide reasonable inputs for the Judges and Jury to determine the appropriate disciplinary action to be taken on the identified individual or the offender. This document is an attempt to represent the relevant factors for corporate disciplinary proceedings. This publication is from TRUSTUS Institute, a center for research and thought leadership on ethics and compliance. TRUSTUS Institute is a unit of TRUSTUS Solutions, a professional services firm providing valued and lasting services to clients with risk management and fraud control services. This publication is prepared by TRUSTUS Solutions to provide the reader a generic overview of the market scenarios and current updates regarding forensic audit services. All information contained herein are sourced from various public domains and other legal avenues, and TRUSTUS Solutions makes no warranties or representations regarding the accuracy, correctness or reliability of the information contained herein. The information, events and analysis contained herein are of generic nature only and are not intended to be construed as advice of any manner against any event or circumstances. TRUSTUS Solutions neither assumes nor accepts any responsibility for any loss arising to any person or entity acting or refraining from acting as a result of any material contained in this publication. This publication is not intended to transfer or license any rights including intellectual property rights upon the reader. This publication is not intended to substitute or by-pass or to overrule any laws currently prevailing in India which the reader is bound to observe and abide by law. App to spread knowledge on fraud investigation and risk “Forensic Dimensions blog” to share key perspectives. Follow us on twitter @TRUSTUSForensic Copyright @ 2014, TRUSTUS Institute Images credit: Flickr Creative Commons Icons credit: Flat Icon

Recommended

Setting Up and Managing an Anonymous Fraud Hotline
Setting Up and Managing an Anonymous Fraud HotlineSetting Up and Managing an Anonymous Fraud Hotline
Setting Up and Managing an Anonymous Fraud HotlineFraudBusters
 
Compliance Risk Assessment
Compliance Risk AssessmentCompliance Risk Assessment
Compliance Risk AssessmentCompliance Consultant
 
2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot Spots2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot SpotsRon Steinkamp
 
True Cost of Compliance
True Cost of ComplianceTrue Cost of Compliance
True Cost of ComplianceTripwire
 
Fraud, bribery and corruption: Protecting reputation and value
Fraud, bribery and corruption: Protecting reputation and valueFraud, bribery and corruption: Protecting reputation and value
Fraud, bribery and corruption: Protecting reputation and valueDavid Graham
 
How Audit Committees Can Help with Third-Party Risks
How Audit Committees Can Help with Third-Party RisksHow Audit Committees Can Help with Third-Party Risks
How Audit Committees Can Help with Third-Party RisksMHM (Mayer Hoffman McCann P.C.)
 
An Introduction To Compliance Program
An Introduction To Compliance ProgramAn Introduction To Compliance Program
An Introduction To Compliance Programlinhcuong
 
A Sharper Focus By Ahmar Azam Iia 70 Years Celebration Magazine
A Sharper Focus By Ahmar Azam Iia 70 Years Celebration MagazineA Sharper Focus By Ahmar Azam Iia 70 Years Celebration Magazine
A Sharper Focus By Ahmar Azam Iia 70 Years Celebration Magazineahmarazam
 

Recommended

Setting Up and Managing an Anonymous Fraud Hotline
Setting Up and Managing an Anonymous Fraud HotlineSetting Up and Managing an Anonymous Fraud Hotline
Setting Up and Managing an Anonymous Fraud HotlineFraudBusters
 
Compliance Risk Assessment
Compliance Risk AssessmentCompliance Risk Assessment
Compliance Risk AssessmentCompliance Consultant
 
2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot Spots2015 Tackling This Year's Audit Hot Spots
2015 Tackling This Year's Audit Hot SpotsRon Steinkamp
 
True Cost of Compliance
True Cost of ComplianceTrue Cost of Compliance
True Cost of ComplianceTripwire
 
Fraud, bribery and corruption: Protecting reputation and value
Fraud, bribery and corruption: Protecting reputation and valueFraud, bribery and corruption: Protecting reputation and value
Fraud, bribery and corruption: Protecting reputation and valueDavid Graham
 
How Audit Committees Can Help with Third-Party Risks
How Audit Committees Can Help with Third-Party RisksHow Audit Committees Can Help with Third-Party Risks
How Audit Committees Can Help with Third-Party RisksMHM (Mayer Hoffman McCann P.C.)
 
An Introduction To Compliance Program
An Introduction To Compliance ProgramAn Introduction To Compliance Program
An Introduction To Compliance Programlinhcuong
 
A Sharper Focus By Ahmar Azam Iia 70 Years Celebration Magazine
A Sharper Focus By Ahmar Azam Iia 70 Years Celebration MagazineA Sharper Focus By Ahmar Azam Iia 70 Years Celebration Magazine
A Sharper Focus By Ahmar Azam Iia 70 Years Celebration Magazineahmarazam
 
An industrial approach to risk and control self-assessments
An industrial approach to risk and control self-assessmentsAn industrial approach to risk and control self-assessments
An industrial approach to risk and control self-assessmentsGrant Thornton LLP
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance frameworkCeyeap
 
Compliance Officer update: What you should know about your Business Partner -...
Compliance Officer update: What you should know about your Business Partner -...Compliance Officer update: What you should know about your Business Partner -...
Compliance Officer update: What you should know about your Business Partner -...vivacidade
 
Combining Corporate Governance with Internal Leadership
Combining Corporate Governance with Internal LeadershipCombining Corporate Governance with Internal Leadership
Combining Corporate Governance with Internal Leadershipjobdoctors
 
Convergence-based Approach for Managing Operational Risk and Security In Toda...
Convergence-based Approach for Managing Operational Risk and Security In Toda...Convergence-based Approach for Managing Operational Risk and Security In Toda...
Convergence-based Approach for Managing Operational Risk and Security In Toda...Marc S. Sokol
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Alex Todd
 
2015 LOMA Conference - Third party risk management - Session 20
2015 LOMA Conference - Third party risk management - Session 202015 LOMA Conference - Third party risk management - Session 20
2015 LOMA Conference - Third party risk management - Session 20Marc S. Sokol
 
Legal Governance, Risk Management and Compliance
Legal Governance, Risk Management and ComplianceLegal Governance, Risk Management and Compliance
Legal Governance, Risk Management and ComplianceEffacts
 
CAEs speak out: Cybersecurity seen as key threat to growth
CAEs speak out: Cybersecurity seen as key threat to growthCAEs speak out: Cybersecurity seen as key threat to growth
CAEs speak out: Cybersecurity seen as key threat to growthGrant Thornton LLP
 
Third Party Risk Management Introduction
Third Party Risk Management IntroductionThird Party Risk Management Introduction
Third Party Risk Management IntroductionNaveen Grover
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk ManagementEC-Council
 
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015CBIZ, Inc.
 
Ethics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sEthics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sBabasab Patil
 
Governance, Risk, and Control Knowledge Elements
Governance, Risk, and Control Knowledge ElementsGovernance, Risk, and Control Knowledge Elements
Governance, Risk, and Control Knowledge ElementsIyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
BIZGrowth Strategies Summer 2016
BIZGrowth Strategies Summer 2016BIZGrowth Strategies Summer 2016
BIZGrowth Strategies Summer 2016CBIZ, Inc.
 
Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Deloitte UK
 
6 Steps to Legal Risk Management
6 Steps to Legal Risk Management6 Steps to Legal Risk Management
6 Steps to Legal Risk ManagementBerkman Solutions
 
GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013FixNix Inc.,
 
Business ethics Decision Making
Business ethics Decision MakingBusiness ethics Decision Making
Business ethics Decision MakingLenny Rosadiawan
 
Ethics and business decision making
Ethics and business decision makingEthics and business decision making
Ethics and business decision makingkarencicala
 
Ethics and Decision Making
Ethics and Decision MakingEthics and Decision Making
Ethics and Decision MakingDoctoral Student, NCU
 

More Related Content

What's hot

An industrial approach to risk and control self-assessments
An industrial approach to risk and control self-assessmentsAn industrial approach to risk and control self-assessments
An industrial approach to risk and control self-assessmentsGrant Thornton LLP
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance frameworkCeyeap
 
Compliance Officer update: What you should know about your Business Partner -...
Compliance Officer update: What you should know about your Business Partner -...Compliance Officer update: What you should know about your Business Partner -...
Compliance Officer update: What you should know about your Business Partner -...vivacidade
 
Combining Corporate Governance with Internal Leadership
Combining Corporate Governance with Internal LeadershipCombining Corporate Governance with Internal Leadership
Combining Corporate Governance with Internal Leadershipjobdoctors
 
Convergence-based Approach for Managing Operational Risk and Security In Toda...
Convergence-based Approach for Managing Operational Risk and Security In Toda...Convergence-based Approach for Managing Operational Risk and Security In Toda...
Convergence-based Approach for Managing Operational Risk and Security In Toda...Marc S. Sokol
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Alex Todd
 
2015 LOMA Conference - Third party risk management - Session 20
2015 LOMA Conference - Third party risk management - Session 202015 LOMA Conference - Third party risk management - Session 20
2015 LOMA Conference - Third party risk management - Session 20Marc S. Sokol
 
Legal Governance, Risk Management and Compliance
Legal Governance, Risk Management and ComplianceLegal Governance, Risk Management and Compliance
Legal Governance, Risk Management and ComplianceEffacts
 
CAEs speak out: Cybersecurity seen as key threat to growth
CAEs speak out: Cybersecurity seen as key threat to growthCAEs speak out: Cybersecurity seen as key threat to growth
CAEs speak out: Cybersecurity seen as key threat to growthGrant Thornton LLP
 
Third Party Risk Management Introduction
Third Party Risk Management IntroductionThird Party Risk Management Introduction
Third Party Risk Management IntroductionNaveen Grover
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk ManagementEC-Council
 
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015CBIZ, Inc.
 
Ethics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sEthics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sBabasab Patil
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
BIZGrowth Strategies Summer 2016
BIZGrowth Strategies Summer 2016BIZGrowth Strategies Summer 2016
BIZGrowth Strategies Summer 2016CBIZ, Inc.
 
Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Deloitte UK
 
6 Steps to Legal Risk Management
6 Steps to Legal Risk Management6 Steps to Legal Risk Management
6 Steps to Legal Risk ManagementBerkman Solutions
 
GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013FixNix Inc.,
 

What's hot (19)

An industrial approach to risk and control self-assessments
An industrial approach to risk and control self-assessmentsAn industrial approach to risk and control self-assessments
An industrial approach to risk and control self-assessments
 
Governance, risk and compliance framework
Governance, risk and compliance frameworkGovernance, risk and compliance framework
Governance, risk and compliance framework
 
Compliance Officer update: What you should know about your Business Partner -...
Compliance Officer update: What you should know about your Business Partner -...Compliance Officer update: What you should know about your Business Partner -...
Compliance Officer update: What you should know about your Business Partner -...
 
Combining Corporate Governance with Internal Leadership
Combining Corporate Governance with Internal LeadershipCombining Corporate Governance with Internal Leadership
Combining Corporate Governance with Internal Leadership
 
Convergence-based Approach for Managing Operational Risk and Security In Toda...
Convergence-based Approach for Managing Operational Risk and Security In Toda...Convergence-based Approach for Managing Operational Risk and Security In Toda...
Convergence-based Approach for Managing Operational Risk and Security In Toda...
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)Governance, Risk, Compliance & Trust (OCEG graphics removed)
Governance, Risk, Compliance & Trust (OCEG graphics removed)
 
2015 LOMA Conference - Third party risk management - Session 20
2015 LOMA Conference - Third party risk management - Session 202015 LOMA Conference - Third party risk management - Session 20
2015 LOMA Conference - Third party risk management - Session 20
 
Legal Governance, Risk Management and Compliance
Legal Governance, Risk Management and ComplianceLegal Governance, Risk Management and Compliance
Legal Governance, Risk Management and Compliance
 
CAEs speak out: Cybersecurity seen as key threat to growth
CAEs speak out: Cybersecurity seen as key threat to growthCAEs speak out: Cybersecurity seen as key threat to growth
CAEs speak out: Cybersecurity seen as key threat to growth
 
Third Party Risk Management Introduction
Third Party Risk Management IntroductionThird Party Risk Management Introduction
Third Party Risk Management Introduction
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk Management
 
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015
 
Ethics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sEthics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom s
 
Governance, Risk, and Control Knowledge Elements
Governance, Risk, and Control Knowledge ElementsGovernance, Risk, and Control Knowledge Elements
Governance, Risk, and Control Knowledge Elements
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance Services
 
BIZGrowth Strategies Summer 2016
BIZGrowth Strategies Summer 2016BIZGrowth Strategies Summer 2016
BIZGrowth Strategies Summer 2016
 
Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018
 
6 Steps to Legal Risk Management
6 Steps to Legal Risk Management6 Steps to Legal Risk Management
6 Steps to Legal Risk Management
 
GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013
 

Viewers also liked

Business ethics Decision Making
Business ethics Decision MakingBusiness ethics Decision Making
Business ethics Decision MakingLenny Rosadiawan
 
Ethics and business decision making
Ethics and business decision makingEthics and business decision making
Ethics and business decision makingkarencicala
 
Ethics and Decision Making for Leaders
Ethics and Decision Making for LeadersEthics and Decision Making for Leaders
Ethics and Decision Making for LeadersSaji Madapat
 
Personal Code Of Ethics
Personal Code Of EthicsPersonal Code Of Ethics
Personal Code Of Ethicsjosephw0817
 
Handling ethics issues in the workplace
Handling ethics issues in the workplaceHandling ethics issues in the workplace
Handling ethics issues in the workplaceCase IQ
 
INFOSYS - Ethical Practices
INFOSYS - Ethical PracticesINFOSYS - Ethical Practices
INFOSYS - Ethical PracticesPallav Tyagi
 
ethical values of wipro
ethical values of wiproethical values of wipro
ethical values of wiproAkshay Karande
 
Business ethics @ tata
Business ethics @ tataBusiness ethics @ tata
Business ethics @ tataRajeev Sharan
 
Ethics in the workplace
Ethics in the workplaceEthics in the workplace
Ethics in the workplaceviviandabu
 
Workplace Ethics PowerPoint Presentation
Workplace Ethics PowerPoint PresentationWorkplace Ethics PowerPoint Presentation
Workplace Ethics PowerPoint PresentationAndrew Schwartz
 

Viewers also liked (17)

Business ethics Decision Making
Business ethics Decision MakingBusiness ethics Decision Making
Business ethics Decision Making
 
Ethics and business decision making
Ethics and business decision makingEthics and business decision making
Ethics and business decision making
 
Ethics and Decision Making
Ethics and Decision MakingEthics and Decision Making
Ethics and Decision Making
 
Ethics and Decision Making for Leaders
Ethics and Decision Making for LeadersEthics and Decision Making for Leaders
Ethics and Decision Making for Leaders
 
Business Ethics Project
Business Ethics ProjectBusiness Ethics Project
Business Ethics Project
 
Business Ethics
Business EthicsBusiness Ethics
Business Ethics
 
Personal Code Of Ethics
Personal Code Of EthicsPersonal Code Of Ethics
Personal Code Of Ethics
 
Business ethics
Business ethicsBusiness ethics
Business ethics
 
Handling ethics issues in the workplace
Handling ethics issues in the workplaceHandling ethics issues in the workplace
Handling ethics issues in the workplace
 
Personal code of ethics
Personal code of ethicsPersonal code of ethics
Personal code of ethics
 
INFOSYS - Ethical Practices
INFOSYS - Ethical PracticesINFOSYS - Ethical Practices
INFOSYS - Ethical Practices
 
Wipro ethics
Wipro ethicsWipro ethics
Wipro ethics
 
ethical values of wipro
ethical values of wiproethical values of wipro
ethical values of wipro
 
Hr Ethical Issues
Hr Ethical IssuesHr Ethical Issues
Hr Ethical Issues
 
Business ethics @ tata
Business ethics @ tataBusiness ethics @ tata
Business ethics @ tata
 
Ethics in the workplace
Ethics in the workplaceEthics in the workplace
Ethics in the workplace
 
Workplace Ethics PowerPoint Presentation
Workplace Ethics PowerPoint PresentationWorkplace Ethics PowerPoint Presentation
Workplace Ethics PowerPoint Presentation
 

Similar to Thought Leadership on Ethics & Compliance scale Final

Ask these questions when you are building your organization’s ethical foundation
Ask these questions when you are building your organization’s ethical foundationAsk these questions when you are building your organization’s ethical foundation
Ask these questions when you are building your organization’s ethical foundationBarbara Richman, SPHR
 
Anti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesAnti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesDun & Bradstreet
 
Third Party Due Diligence - Know Your Third Party - EY India
Third Party Due Diligence - Know Your Third Party - EY IndiaThird Party Due Diligence - Know Your Third Party - EY India
Third Party Due Diligence - Know Your Third Party - EY IndiaErnst & Young
 
Memphis business journal.tips to assist employers in creating a harassment fr...
Memphis business journal.tips to assist employers in creating a harassment fr...Memphis business journal.tips to assist employers in creating a harassment fr...
Memphis business journal.tips to assist employers in creating a harassment fr...Barbara Richman, SPHR
 
Memphis business journal. strengthening the ethical culture of your organizat...
Memphis business journal. strengthening the ethical culture of your organizat...Memphis business journal. strengthening the ethical culture of your organizat...
Memphis business journal. strengthening the ethical culture of your organizat...Barbara Richman, SPHR
 
Memphis Business Journal. Strengthening The Ethical Culture Of Your Organizat...
Memphis Business Journal. Strengthening The Ethical Culture Of Your Organizat...Memphis Business Journal. Strengthening The Ethical Culture Of Your Organizat...
Memphis Business Journal. Strengthening The Ethical Culture Of Your Organizat...Barbara Richman, SPHR
 
Memphis business journal. strengthening the ethical culture of your organizat...
Memphis business journal. strengthening the ethical culture of your organizat...Memphis business journal. strengthening the ethical culture of your organizat...
Memphis business journal. strengthening the ethical culture of your organizat...Barbara Richman, SPHR
 
Memphis Business Journal.Compliance Challenging In A Complex Regulatory Envir...
Memphis Business Journal.Compliance Challenging In A Complex Regulatory Envir...Memphis Business Journal.Compliance Challenging In A Complex Regulatory Envir...
Memphis Business Journal.Compliance Challenging In A Complex Regulatory Envir...Barbara Richman, SPHR
 
Share with the class the most valuable topic or subject area you l.docx
Share with the class the most valuable topic or subject area you l.docxShare with the class the most valuable topic or subject area you l.docx
Share with the class the most valuable topic or subject area you l.docxbagotjesusa
 
Fraud Risk Assessment- detection and prevention- Part- 2,
Fraud Risk Assessment- detection and prevention- Part- 2, Fraud Risk Assessment- detection and prevention- Part- 2,
Fraud Risk Assessment- detection and prevention- Part- 2, Tahir Abbas
 
Combining Corporate Governance with Internal Leadership
Combining Corporate Governance with Internal LeadershipCombining Corporate Governance with Internal Leadership
Combining Corporate Governance with Internal LeadershipDwayne Jorgensen
 
Hbo chapter 10 issues between organizations and individuals
Hbo chapter 10 issues between organizations and individualsHbo chapter 10 issues between organizations and individuals
Hbo chapter 10 issues between organizations and individualsLeslielibantosaligumba
 
Ethics and-internal-auditing published
Ethics and-internal-auditing publishedEthics and-internal-auditing published
Ethics and-internal-auditing publishedsavassociates1
 
Binary Scam Watch Monitor Prohibit Online Scam
Binary Scam Watch Monitor Prohibit Online ScamBinary Scam Watch Monitor Prohibit Online Scam
Binary Scam Watch Monitor Prohibit Online ScamBinaryScamWatchMonitor
 
How to integrate risk into your compliance-only approach
How to integrate risk into your compliance-only approach How to integrate risk into your compliance-only approach
How to integrate risk into your compliance-only approachAbhishek Sood
 
compliance tracking
compliance trackingcompliance tracking
compliance trackingammicure
 
Pre-Employment Checks: An Employers Guide
Pre-Employment Checks: An Employers GuidePre-Employment Checks: An Employers Guide
Pre-Employment Checks: An Employers GuideMiqui Mel
 
http___www.aphref.aph.gov.au_house_committee_ee_bullying_subs_sub48
http___www.aphref.aph.gov.au_house_committee_ee_bullying_subs_sub48http___www.aphref.aph.gov.au_house_committee_ee_bullying_subs_sub48
http___www.aphref.aph.gov.au_house_committee_ee_bullying_subs_sub48Penny Webster, PhD
 

Similar to Thought Leadership on Ethics & Compliance scale Final (20)

Ask these questions when you are building your organization’s ethical foundation
Ask these questions when you are building your organization’s ethical foundationAsk these questions when you are building your organization’s ethical foundation
Ask these questions when you are building your organization’s ethical foundation
 
Anti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third PartiesAnti-Bribery and Corruption Compliance for Third Parties
Anti-Bribery and Corruption Compliance for Third Parties
 
Procurement fraud-0614-1
Procurement fraud-0614-1Procurement fraud-0614-1
Procurement fraud-0614-1
 
Lean Auditing
Lean AuditingLean Auditing
Lean Auditing
 
Third Party Due Diligence - Know Your Third Party - EY India
Third Party Due Diligence - Know Your Third Party - EY IndiaThird Party Due Diligence - Know Your Third Party - EY India
Third Party Due Diligence - Know Your Third Party - EY India
 
Memphis business journal.tips to assist employers in creating a harassment fr...
Memphis business journal.tips to assist employers in creating a harassment fr...Memphis business journal.tips to assist employers in creating a harassment fr...
Memphis business journal.tips to assist employers in creating a harassment fr...
 
Memphis business journal. strengthening the ethical culture of your organizat...
Memphis business journal. strengthening the ethical culture of your organizat...Memphis business journal. strengthening the ethical culture of your organizat...
Memphis business journal. strengthening the ethical culture of your organizat...
 
Memphis Business Journal. Strengthening The Ethical Culture Of Your Organizat...
Memphis Business Journal. Strengthening The Ethical Culture Of Your Organizat...Memphis Business Journal. Strengthening The Ethical Culture Of Your Organizat...
Memphis Business Journal. Strengthening The Ethical Culture Of Your Organizat...
 
Memphis business journal. strengthening the ethical culture of your organizat...
Memphis business journal. strengthening the ethical culture of your organizat...Memphis business journal. strengthening the ethical culture of your organizat...
Memphis business journal. strengthening the ethical culture of your organizat...
 
Memphis Business Journal.Compliance Challenging In A Complex Regulatory Envir...
Memphis Business Journal.Compliance Challenging In A Complex Regulatory Envir...Memphis Business Journal.Compliance Challenging In A Complex Regulatory Envir...
Memphis Business Journal.Compliance Challenging In A Complex Regulatory Envir...
 
Share with the class the most valuable topic or subject area you l.docx
Share with the class the most valuable topic or subject area you l.docxShare with the class the most valuable topic or subject area you l.docx
Share with the class the most valuable topic or subject area you l.docx
 
Fraud Risk Assessment- detection and prevention- Part- 2,
Fraud Risk Assessment- detection and prevention- Part- 2, Fraud Risk Assessment- detection and prevention- Part- 2,
Fraud Risk Assessment- detection and prevention- Part- 2,
 
Combining Corporate Governance with Internal Leadership
Combining Corporate Governance with Internal LeadershipCombining Corporate Governance with Internal Leadership
Combining Corporate Governance with Internal Leadership
 
Hbo chapter 10 issues between organizations and individuals
Hbo chapter 10 issues between organizations and individualsHbo chapter 10 issues between organizations and individuals
Hbo chapter 10 issues between organizations and individuals
 
Ethics and-internal-auditing published
Ethics and-internal-auditing publishedEthics and-internal-auditing published
Ethics and-internal-auditing published
 
Binary Scam Watch Monitor Prohibit Online Scam
Binary Scam Watch Monitor Prohibit Online ScamBinary Scam Watch Monitor Prohibit Online Scam
Binary Scam Watch Monitor Prohibit Online Scam
 
How to integrate risk into your compliance-only approach
How to integrate risk into your compliance-only approach How to integrate risk into your compliance-only approach
How to integrate risk into your compliance-only approach
 
compliance tracking
compliance trackingcompliance tracking
compliance tracking
 
Pre-Employment Checks: An Employers Guide
Pre-Employment Checks: An Employers GuidePre-Employment Checks: An Employers Guide
Pre-Employment Checks: An Employers Guide
 
http___www.aphref.aph.gov.au_house_committee_ee_bullying_subs_sub48
http___www.aphref.aph.gov.au_house_committee_ee_bullying_subs_sub48http___www.aphref.aph.gov.au_house_committee_ee_bullying_subs_sub48
http___www.aphref.aph.gov.au_house_committee_ee_bullying_subs_sub48
 

Thought Leadership on Ethics & Compliance scale Final

  • 1. RISK MANAGEMENT FRAUD CONTROL TM Culpability Parameters for Ethics Investigations A guide to developing culpability matrix in ethics investigations
  • 2. @ TRUSTUS Institute, 2014 Thought Leadership2 A guide to developing culpability matrix in ethics investigation 1 Introduction Organizations across the globe are striving towards encouraging ethical culture amongst their employees, contractors, third party associates and business partners. These efforts are primarily driven by the changing economic landscape of growing regulatory penalties, increasing demands for transparency in business and extended visualization of community impact contributed by many misconducts. In todays world, organizations come across several patterns of misconduct ranging from misbehaviour to misappropriation; dereliction of duties to disclosure of confidential information; corruption to conflict of interest. These misconducts, if unattended can cause serious damage to the organization’s reputation and overall health (financial/ ethical). An employee, a contractor, a supplier or a service provider or one of their employees could be party to such misconduct. Disciplinary action towards misconduct is considered a deterrent to such misconduct. While the extent of deterrence impact created by disciplinary action on any misconduct is not easily quantifiable, the efforts towards such actions cannot be undermined. Organizations adopt different approaches towards defining, deliberating and deciding on disciplinary actions for misconduct, based on the available evidence to substantiate a violation. Evidences play a crucial role in deciding on disciplinary action. However, how the evidences needs to be considered in the process depends on several factors including the impact due to violation, the level of culpability and other circumstantial factors that intensify or de-intensify the level of disciplinary action. Courts across the globe are moving towards structured sentencing guidelines for offences to ensure consistency in decision making and enhance trust on legislative transparency. This though leadership examines the need for Ethics & Compliance scale and key factors that shall be considered in defining, deliberating and deciding on disciplinary actions. 2 3 4 Need for culpability parameters Key factors for disciplinary action Conclusion Contents
  • 3. 3Thought Leadership @ TRUSTUS Institute, 2014 A guide to developing culpability matrix in ethics investigation 2 Need for developing culpability matrix Misconducts are not the same. Each type of misconduct have varied root causes, dimensional impacts and differing level of intent. While these aspects could not be definitively measured in all circumstances, it is essential to consider them to the extent feasible during the process. For instance, an accidental sharing of financial information with a friend whose name is similar to that of the board member or senior executive in the company, cannot be treated the same way as a theft of intellectual property would be treated. Disciplinary actions on misconducts require varying treatments as it has broader objective of prevention and cure besides the obvious objective of punishment and deterrence. At its base, a disciplinary action should reflect an attitude of zero tolerance towards violation/ misconduct. The tolerance level, however may depend on the type of misconduct. Key types of misconduct that organizations face are fraud and corruption, disclosure or misuse of confidential information, misappropriation or damage to assets, behavioural misconduct including misuse of powers, discrimination or harassment, conflict of interest and others. There may be several sub types for each of the above misconduct and accordingly the disciplinary approach may vary. Primary options available with organizations for disciplinary proceedings include removal or dismissal, suspension, warning - oral or written, withholding promotion or career progression, withholding increments or bonus and counselling. In addition to the primary options, organizations opt for reporting to law enforcement for appropriate action. In deciding on appropriate disciplinary action, organizations essentially consider multiple factors. While some of the factors considered mature over time, careful structuring of the essential factors can enable organizations to prevent legal issues created by rogue employee. Each type of misconduct have varied root causes, dimensional impacts and differing level of intent
  • 4. @ TRUSTUS Institute, 2014 Thought Leadership4 A guide to developing culpability matrix in ethics investigation Financial Risk LegalRisk Key Disciplinary options Key types of Misconduct Broad level risks Organizational Ethics and Compliance A guide in nature of Ethics & Compliance scale is essential for the organization due to the following key reasons: 1. Disciplinary option for any misconduct may not be same. For instance, Non declaration of conflict of interest in a supplier by a procurement manager may be different from a conflict of interest in a supplier for a finance person. This also represents the differences in the impact and the level of culpability involved in such violation. 2. Level of disciplinary option applied in many instances are debatable. Organizations do consider withholding promotion as an action for certain misbehaviour. However, the number of promotion cycles the employee has to be withheld from is a debatable issue. 3. Ethics & Compliance Scale is such a guideline for organizations in enabling consistent disciplinary action across geographies and time. It is not intended to be a rule book and will leave the application of the guide to the decision maker or the committee. Source: TRUSTUS Research 4. An action in an organizational context comes under a lot of scrutiny. It is hence necessary to for the organisation to demonstrate a transparent approach and avoid potential opportunities for influence based decisions with the aid of such a guide. While a guide is essential, it may evolve to its comprehensive best over a period of time. Organizations shall always attempt to embed the learnings from the implementation of guides as a part of its evolvement process. Actions taken by organizations for any given misconduct may not be the same. The actions taken will vary between organizations based on their industry and their culture. For instance, a culture of involving law enforcement or removal for remote negligence in oversight are not common across organizations. Organizations should recognize the need for such Ethics & Compliance scale and evaluate elements / reasons reflected above in structuring a definitive base of disciplinary action for tackling issues of misconduct.
  • 5. 5Thought Leadership @ TRUSTUS Institute, 2014 A guide to developing culpability matrix in ethics investigation 3 Key factors for disciplinary actions Organizational environment exhibits multiple factors in the process of determining appropriate disciplinary action for misconduct. Key factors are: 1. Act of violation or misconduct – This factor examines the nature of misconduct and its overall impact. 2. Role in the violation or misconduct – This factor examines the subject’s role in misconduct including whether he was influenced to act. Act of violation or misconduct Subject’s role in violation or misconduct Motivational elements associated with misconduct Behavioural clues associated with investigation Overall Organizational perspective Source: TRUSTUS Research x 3. Motivational elements – This factor examines the aspects that may have motivated the subject or whether the vulnerabilities are exploited. 4. Behavioural aspects – This factor examines the subject’s level of cooperation, response to warnings and trends of past violations amongst others. 5. Organizational perspective - This factor examines the impact due to violation or misconduct.
  • 6. @ TRUSTUS Institute, 2014 Thought Leadership6 A guide to developing culpability matrix in ethics investigation x Act of violation or misconduct Similar is the case in issues pertaining to sexual harassment wherein, wherein, oral evidence may be still be held reliable even though the issue in question could still not be corroborated from other sources. 3. Value or number of instances – Impact of investigation also depend on the number of instances of such fraudulent behaviour or value of such frauds. For instance, a misbehaviour at customer’s premises may lead to loss of business, but consistent misbehaviour at the customer may result in loss of market. Hence, action against ethics violation shall also consider the frequency of such acts. 4. Complexity and planning – A misconduct may have differing levels of complexity or sophistication. Treasury or hedging fraud may have been perpetrated with considerable planning. Similarly, an attempt to hack into a server to remove confidential customer information may be perpetrated with technological sophistication. These attempts will require detailed planning and deeper intent to cause harm. Intent to harm is one of the crucial factors that guides decision making process. 5. Period of misconduct - Misconduct may have occurred over a period of time. For instance, a financial statement fraud may have occurred over a long period of time. Similarly, corrupt practices in businesses are seldom isolated instances, these may have happened across periods. Sustained occurrence of the misconduct represents the possible intent and deeper inflection of the wrongdoer in benefiting out of such misconduct. An assessment of these elements provides a clear perspective of the impact due to act of violation. 1. Nature and seriousness of the misconduct – Nature of misconduct and its seriousness is a vital element in assessing the act of violation. For example, discrimination based on religion and conflict of interest will be handled differently. The seriousness may vary significantly between multiple nature of misconducts. For instance, misuse of position by a senior management personnel may have greater sensitivity. Similarly, unauthorized download of certain proprietary documents of a product exposes the risk of sharing it with competitors thereby may have higher level of sensitivity. 2. Adequacy of evidence – Evidence forms the core part of organizational disciplinary action process. Oral, documentary and digital are key types of evidences. More than the existence of evidence, whether the evidence is substantiating the issue in question or whether it is only circumstantial, determines the course of action. Many a times, in instances of bribery and corruption investigation, the evidences are more circumstantial than direct. Herein we examine the act of violation and its impact. These elements primarily pertain to nature and seriousness of the misconduct, adequacy of evidence, complexity related to perpetration, period of misconduct and frequency of instances. Nature & seriousness Adequacy of evidence to substantiate Complexity and level of planning Period of misconduct Value or frequency of instances Source: TRUSTUS Research
  • 7. @ TRUSTUS Institute, 2014 Thought Leadership7 A guide to developing culpability matrix in ethics investigation 4. Organizations do come across instances of misconduct wherein subordinates are involved in certain acts based on the instructions from their superiors. In these instances, the subordinates may not understand the complete impact of the misconduct. Further, hiring wife or a relative in the team by abusing position is also not uncommon. 5. A security guard who allows transit of materials without adequate documentation, as instructed by the store keeper, is influenced by the trust in the role and responsibility of the store keeper. He is culpable, however, the level of culpability 6. Similarly, abuse of fiduciary duties and abuse of position of trust in diverting business leads to a future employer by a sales manager or to another related entity of a promoter post receiving private equity funds have relative higher degree of culpability. 1. Misconduct may be committed by more than one individual. The involvement could be active or passive. For instance, an employee may have ignored harassment of another employee by a manager, despite requests from victim for help. In this given circumstance, had the employee observing such a situation, had offered to help; he would be accorded a different treatment as compared to had he gone ahead and reported such an incident 2. Involvement could also be based on peer pressure, wherein the employee adopts corrupt practices to gain business benefits. Further, some of the misconduct activities may result due to adoption of predecessors practices. 3. Many a times in sexual harassment case wherein a secretary is raising concern on her long standing manager, a question that arises is why is the secretary raising the concern now? In many instances it is due to exploitation. Role in violation or misconduct The role of the subject in the violation or misconduct is another crucial aspect in the process of determining an appropriate disciplinary action. The elements under this factor includes the level of involvement by the subject including whether it is influenced by others and the extent of abuse of authority by the subject. Significant or peripheral role in misconduct Involvement due to coercion, intimidation or exploitation Involvement due to influence of pressure Abuse of power, trust or responsibility Source: TRUSTUS Research Role in violation or misconduct
  • 8. 8Thought Leadership @ TRUSTUS Institute, 2014 A guide to developing culpability matrix in ethics investigation Deliberate efforts to exploit vulnerability Opportunistic motivation (one of violation) Motivated by financial/ other gain Limited awareness on the impact of misconduct Threats or inappropriate actions (black mail) Discrimination based motivation Motivational elements Source: TRUSTUS Research Motivational/ Influencing factors All acts of misconduct can be associated with certain motivation, while in many cases the motivation may not be apparent or convincing. The motivational factor includes financial gain , approach to exploit vulnerability, discrimination based motivation or psychology based inappropriate actions. 1. Financial gain as a motivator is prominently experienced in many misconduct cases relating to fraud. In addition to the financial gain, there may be other contributing or coexisting motivational factors. 2. Motivation to exploit vulnerability is increasingly becoming prominent in information security related misconduct. Such aspects may be more serious as it has a focussed effort to exploit weakness. 3. There may also be circumstances wherein an employee had submitted excess travel claim, but failed to withdraw the same on realizing it. During investigation if the employee regrets his decision and agrees to withdraw his claim, then it may only be an opportunistic motivation. 4. Caste, nationality, colour or sexual orientation based discrimination related misconduct may have more serious impact on working environment of the organization. Organizational decision on disciplinary action shall take cognisance of such elements also. 5. Similarly misconduct involving physical threats or inappropriate actions may be equally serious. 6. Further, there may be circumstances wherein, the perpetrator may not have understood the impact of such misconduct. Harassment is referable to the harm caused to the person harassed rather than the actual intent of the other. With people from different culture and backgrounds it is essential to sensitise individuals on appropriate conduct.
  • 9. @ TRUSTUS Institute, 2014 Thought Leadership9 A guide to developing culpability matrix in ethics investigation 4. Some of the behaviours of the subject learnt during the investigation may include his addiction to drugs or pornographic content or histrionic behaviour. During the course of review, if the subject demonstrates steps to recover from his addiction, the organization may consider such behavioural improvement in taking disciplinary action. 5. Further, the behaviour may also indicate the subject’s efforts to facilitate other fraudulent or undesirable behaviour. 6. Previous behaviours of the subject include the nature of previous violations and its relevance to the current act/ violation; or violations since last warning or similar action. A failure to respond to warnings may indicate non-inclination of the subject to change his path. 1. Cooperation with investigation is one of the key elements to consider. Acts of misconduct involving bribery or financial statement fraud may be perpetrated by more than 1 individual. One of the individuals involved may agree to become a cooperating witness and aid in unearthing the extent of the misconduct. In such a circumstance, while the act of violation by the cooperating individual is serious, his behaviour to support may be considered as supportive information in disciplinary proceedings. 2. Voluntary reporting or early admission can also be supportive behavioural cue in this regard. Similarly, attempts to prevent victim from obtaining assistance could be another behavioural cue in disciplinary proceeding. This may be by misguiding a victim on the process of seeking assistance. 3. Subject’s attempts to share or conceal additional information regarding the misconduct or diverting the investigation may implicate the subject further in a disciplinary action. Behavioural factors Behavioural factors relating to misconduct and the course of investigation have a strong bearing on the disciplinary action. The elements under this factor includes cooperation during investigation, history of violations, attempts to conceal/ dispose of evidence and behaviour in responding to warnings. Cooperation and early/ late admission Attempts to share or conceal additional info Demonstration of steps to improve Efforts against victim on reporting Response to warnings History of violations or misconduct Supported other misconducts Source: TRUSTUS Research Behavioural factors
  • 10. 10Thought Leadership @ TRUSTUS Institute, 2014 A guide to developing culpability matrix in ethics investigation Organizational factors Any act of misconduct requires an assessment of the impact from the organizational perspective. Organizational perspectives include losses and the impact on reputation if not acted seriously. 1. Organizational impact due to misconduct may be of several types. They are • Financial impact: The financial impact due to acts of misconduct includes financial losses and/ or loss of business. It may also include the investors’ departure from their investment, which may result in cash outflow. • Reputational impact: Reputational impact may include instances where organizations’ brand value, market standing, credit worthiness, ethical representation and business presence is put at stake. • People impact: Certain type of misconduct may have a significant impact on people. These may not be quantifiable and may include departure of key executives also. In many large investigation scenarios, the employees’ morale gets affected the most and they move into a shell of protecting themselves rather than being open about innovative approaches for the organization’s benefit. These impacts are sizeable and detrimental for organizational prospects. • Legal impact: Some of the misconduct may involve legal consequences for the organization including regulatory proceedings and their associated impacts. The financial, reputational, legal and people impact determine the course of disciplinary action. However, in many circumstances the impact of the misconduct may not be apparent and measurable at the time of disciplinary proceedings. Organizations shall take consideration of these possible impacts before deciding on the disciplinary action. 2. Similarly, there may be certain misconducts which may have serious implication on the organization, if not acted upon appropriately. This could be an issue of mass misconduct involving multiple employees of same division or sensitive misconducts. Sensitive misconducts may be in nature of discrimination or sexual harassment or senior management fraud. These misconducts if not acted upon appropriately and timely, may result in more serious impact on organization than estimated. It is essential for an organization to consider the possible organizational impact due to the misconduct and appropriately consider the options for disciplinary proceedings. Source: TRUSTUS Research Impact on organization due to misconduct Misconduct that may have detrimental impact if not acted upon Organizational perspective
  • 11. 11Thought Leadership @ TRUSTUS Institute, 2014 A guide to developing culpability matrix in ethics investigation 4 Conclusion With varying organizational processes across geographies and emerging types of misconduct, organizations face several challenging circumstances in deciding upon appropriate disciplinary actions. These disciplinary actions, if taken on a solitary case basis may sometimes become inconsistent. These inconsistencies get noticed by whistle blowers, management and the subject of the misconduct more closely. Considering the increasing usage of social media, impacts of mis-conceived disciplinary action may have serious complications. Developing a structured developing culpability matrix that guides the organizational approach towards disciplinary proceeding will contribute to organizational transparency.
  • 12. @ TRUSTUS Institute, 2014 Thought Leadership12 A guide to developing culpability matrix in ethics investigation RISK MANAGEMENT FRAUD CONTROL TM Contacts reachus@trustussolutions.org Corporate Office S813, South Block, Manipal Center, 47, Dickensen Road, Bangalore – 560042 Branch Office Level IV, Prabhavee Tech Park, 125, Baner Road, Baner, Pune - 411045 About this publication This thought leadership is based on the learnings primarily from United States Corporate Sentencing Guidelines and United Kingdom Crown Prosecution Guidelines. These guidelines provide reasonable inputs for the Judges and Jury to determine the appropriate disciplinary action to be taken on the identified individual or the offender. This document is an attempt to represent the relevant factors for corporate disciplinary proceedings. This publication is from TRUSTUS Institute, a center for research and thought leadership on ethics and compliance. TRUSTUS Institute is a unit of TRUSTUS Solutions, a professional services firm providing valued and lasting services to clients with risk management and fraud control services. This publication is prepared by TRUSTUS Solutions to provide the reader a generic overview of the market scenarios and current updates regarding forensic audit services. All information contained herein are sourced from various public domains and other legal avenues, and TRUSTUS Solutions makes no warranties or representations regarding the accuracy, correctness or reliability of the information contained herein. The information, events and analysis contained herein are of generic nature only and are not intended to be construed as advice of any manner against any event or circumstances. TRUSTUS Solutions neither assumes nor accepts any responsibility for any loss arising to any person or entity acting or refraining from acting as a result of any material contained in this publication. This publication is not intended to transfer or license any rights including intellectual property rights upon the reader. This publication is not intended to substitute or by-pass or to overrule any laws currently prevailing in India which the reader is bound to observe and abide by law. App to spread knowledge on fraud investigation and risk “Forensic Dimensions blog” to share key perspectives. Follow us on twitter @TRUSTUSForensic Copyright @ 2014, TRUSTUS Institute Images credit: Flickr Creative Commons Icons credit: Flat Icon