Thought Leadership on Ethics & Compliance scale Final

RISK
MANAGEMENT
FRAUD
CONTROL
TM
Culpability Parameters for
Ethics Investigations
A guide to developing culpability matrix in
ethics investigations

@ TRUSTUS Institute, 2014 Thought Leadership2
A guide to developing culpability matrix in ethics investigation
1 Introduction
Organizations across the globe are striving towards encouraging ethical culture amongst their
employees, contractors, third party associates and business partners. These efforts are primarily driven
by the changing economic landscape of growing regulatory penalties, increasing demands for
transparency in business and extended visualization of community impact contributed by many
misconducts.
In todays world, organizations come across several patterns of misconduct ranging from misbehaviour to
misappropriation; dereliction of duties to disclosure of confidential information; corruption to conflict of
interest. These misconducts, if unattended can cause serious damage to the organization’s reputation
and overall health (financial/ ethical). An employee, a contractor, a supplier or a service provider or one
of their employees could be party to such misconduct.
Disciplinary action towards misconduct is considered a deterrent to such misconduct. While the extent of
deterrence impact created by disciplinary action on any misconduct is not easily quantifiable, the efforts
towards such actions cannot be undermined. Organizations adopt different approaches towards defining,
deliberating and deciding on disciplinary actions for misconduct, based on the available evidence to
substantiate a violation.
Evidences play a crucial role in deciding on disciplinary action. However, how the evidences needs to be
considered in the process depends on several factors including the impact due to violation, the level of
culpability and other circumstantial factors that intensify or de-intensify the level of disciplinary action.
Courts across the globe are moving towards structured sentencing guidelines for offences to ensure
consistency in decision making and enhance trust on legislative transparency.
This though leadership examines the need for Ethics & Compliance scale and key factors that shall be
considered in defining, deliberating and deciding on disciplinary actions.
2
3
4
Need for culpability parameters
Key factors for disciplinary action
Conclusion
Contents

3Thought Leadership @ TRUSTUS Institute, 2014
2 Need for developing
culpability matrix
Misconducts are not the same. Each type of misconduct
have varied root causes, dimensional impacts and differing level
of intent. While these aspects could not be definitively measured
in all circumstances, it is essential to consider them to the extent
feasible during the process. For instance, an accidental sharing of
financial information with a friend whose name is similar to that of
the board member or senior executive in the company, cannot be
treated the same way as a theft of intellectual property would be
treated.
Disciplinary actions on misconducts require varying treatments as
it has broader objective of prevention and cure besides the
obvious objective of punishment and deterrence. At its base, a
disciplinary action should reflect an attitude of zero tolerance
towards violation/ misconduct. The tolerance level, however may
depend on the type of misconduct.
Key types of misconduct that organizations face are fraud and
corruption, disclosure or misuse of confidential information,
misappropriation or damage to assets, behavioural misconduct
including misuse of powers, discrimination or harassment, conflict
of interest and others. There may be several sub types for each of
the above misconduct and accordingly the disciplinary approach
may vary.
Primary options available with organizations for disciplinary
proceedings include removal or dismissal, suspension, warning -
oral or written, withholding promotion or career progression,
withholding increments or bonus and counselling. In addition to
the primary options, organizations opt for reporting to law
enforcement for appropriate action.
In deciding on appropriate disciplinary action, organizations
essentially consider multiple factors. While some of the factors
considered mature over time, careful structuring of the essential
factors can enable organizations to prevent legal issues created
by rogue employee.
Each type of misconduct
have varied root causes,
dimensional impacts and
differing level of intent

Financial
Risk
LegalRisk
Key Disciplinary options
Key types of Misconduct
Broad level risks
Organizational
Ethics and
Compliance
A guide in nature of Ethics & Compliance scale is
essential for the organization due to the following
key reasons:
1. Disciplinary option for any misconduct may not
be same. For instance, Non declaration of
conflict of interest in a supplier by a
procurement manager may be different from a
conflict of interest in a supplier for a finance
person. This also represents the differences in
the impact and the level of culpability involved
in such violation.
2. Level of disciplinary option applied in many
instances are debatable. Organizations do
consider withholding promotion as an action
for certain misbehaviour. However, the
number of promotion cycles the employee has
to be withheld from is a debatable issue.
3. Ethics & Compliance Scale is such a guideline
for organizations in enabling consistent
disciplinary action across geographies and
time. It is not intended to be a rule book and
will leave the application of the guide to the
decision maker or the committee.
Source: TRUSTUS Research
4. An action in an organizational context comes
under a lot of scrutiny. It is hence necessary to
for the organisation to demonstrate a
transparent approach and avoid potential
opportunities for influence based decisions
with the aid of such a guide.
While a guide is essential, it may evolve to its
comprehensive best over a period of time.
Organizations shall always attempt to embed the
learnings from the implementation of guides as a
part of its evolvement process.
Actions taken by organizations for any given
misconduct may not be the same. The actions
taken will vary between organizations based on
their industry and their culture. For instance, a
culture of involving law enforcement or removal for
remote negligence in oversight are not common
across organizations.
Organizations should recognize the need for such
Ethics & Compliance scale and evaluate elements
/ reasons reflected above in structuring a definitive
base of disciplinary action for tackling issues of
misconduct.

3 Key factors for
disciplinary actions
Organizational environment exhibits multiple
factors in the process of determining appropriate
disciplinary action for misconduct. Key factors are:
1. Act of violation or misconduct – This factor
examines the nature of misconduct and its
overall impact.
2. Role in the violation or misconduct – This
factor examines the subject’s role in misconduct
including whether he was influenced to act.
Act of violation or
misconduct
Subject’s role in
violation or misconduct
Motivational elements
associated with misconduct
Behavioural clues associated
with investigation
Overall Organizational
perspective
x
3. Motivational elements – This factor examines
the aspects that may have motivated the subject
or whether the vulnerabilities are exploited.
4. Behavioural aspects – This factor examines
the subject’s level of cooperation, response to
warnings and trends of past violations amongst
others.
5. Organizational perspective - This factor
examines the impact due to violation or
misconduct.

x Act of violation or misconduct
Similar is the case in issues pertaining to
sexual harassment wherein, wherein, oral
evidence may be still be held reliable even
though the issue in question could still not be
corroborated from other sources.
3. Value or number of instances – Impact of
investigation also depend on the number of
instances of such fraudulent behaviour or value
of such frauds. For instance, a misbehaviour at
customer’s premises may lead to loss of
business, but consistent misbehaviour at the
customer may result in loss of market. Hence,
action against ethics violation shall also consider
the frequency of such acts.
4. Complexity and planning – A misconduct may
have differing levels of complexity or
sophistication. Treasury or hedging fraud may
have been perpetrated with considerable
planning. Similarly, an attempt to hack into a
server to remove confidential customer
information may be perpetrated with
technological sophistication. These attempts will
require detailed planning and deeper intent to
cause harm. Intent to harm is one of the crucial
factors that guides decision making process.
5. Period of misconduct - Misconduct may have
occurred over a period of time. For instance, a
financial statement fraud may have occurred
over a long period of time. Similarly, corrupt
practices in businesses are seldom isolated
instances, these may have happened across
periods. Sustained occurrence of the
misconduct represents the possible intent and
deeper inflection of the wrongdoer in benefiting
out of such misconduct.
An assessment of these elements provides a clear
perspective of the impact due to act of violation.
1. Nature and seriousness of the misconduct –
Nature of misconduct and its seriousness is a
vital element in assessing the act of violation.
For example, discrimination based on religion
and conflict of interest will be handled differently.
The seriousness may vary significantly between
multiple nature of misconducts. For instance,
misuse of position by a senior management
personnel may have greater sensitivity.
Similarly, unauthorized download of certain
proprietary documents of a product exposes the
risk of sharing it with competitors thereby may
have higher level of sensitivity.
2. Adequacy of evidence – Evidence forms the
core part of organizational disciplinary action
process. Oral, documentary and digital are key
types of evidences. More than the existence of
evidence, whether the evidence is substantiating
the issue in question or whether it is only
circumstantial, determines the course of action.
Many a times, in instances of bribery and
corruption investigation, the evidences are more
circumstantial than direct.
Herein we examine the act of violation and its impact. These elements primarily
pertain to nature and seriousness of the misconduct, adequacy of evidence,
complexity related to perpetration, period of misconduct and frequency of
instances.
Nature &
seriousness
Adequacy of
evidence to
substantiate
Complexity
and level of
planning
Period of
misconduct
Value or
frequency of
instances

4. Organizations do come across instances of
misconduct wherein subordinates are involved
in certain acts based on the instructions from
their superiors. In these instances, the
subordinates may not understand the complete
impact of the misconduct. Further, hiring wife or
a relative in the team by abusing position is also
not uncommon.
5. A security guard who allows transit of materials
without adequate documentation, as instructed
by the store keeper, is influenced by the trust in
the role and responsibility of the store keeper. He
is culpable, however, the level of culpability
6. Similarly, abuse of fiduciary duties and abuse of
position of trust in diverting business leads to a
future employer by a sales manager or to
another related entity of a promoter post
receiving private equity funds have relative
higher degree of culpability.
1. Misconduct may be committed by more than
one individual. The involvement could be active
or passive. For instance, an employee may have
ignored harassment of another employee by a
manager, despite requests from victim for help.
In this given circumstance, had the employee
observing such a situation, had offered to help;
he would be accorded a different treatment as
compared to had he gone ahead and reported
such an incident
2. Involvement could also be based on peer
pressure, wherein the employee adopts corrupt
practices to gain business benefits. Further,
some of the misconduct activities may result due
to adoption of predecessors practices.
3. Many a times in sexual harassment case
wherein a secretary is raising concern on her
long standing manager, a question that arises is
why is the secretary raising the concern now? In
many instances it is due to exploitation.
Role in violation or misconduct
The role of the subject in the violation or misconduct is another crucial aspect in
the process of determining an appropriate disciplinary action. The elements
under this factor includes the level of involvement by the subject including
whether it is influenced by others and the extent of abuse of authority by the
subject.
Significant or
peripheral
role in
misconduct
Involvement
due to
coercion,
intimidation
or
exploitation
Involvement
due to
influence of
pressure
Abuse of
power, trust
or
responsibility
Role in violation or misconduct

Deliberate efforts
to exploit
vulnerability
Opportunistic
motivation (one of
violation)
Motivated by
financial/ other
gain
Limited awareness
on the impact of
misconduct
Threats or inappropriate
actions (black mail)
Discrimination based
motivation
Motivational
elements
Motivational/ Influencing factors
All acts of misconduct can be associated with certain motivation, while in many
cases the motivation may not be apparent or convincing. The motivational factor
includes financial gain , approach to exploit vulnerability, discrimination based
motivation or psychology based inappropriate actions.
1. Financial gain as a motivator is prominently
experienced in many misconduct cases
relating to fraud. In addition to the financial
gain, there may be other contributing or
coexisting motivational factors.
2. Motivation to exploit vulnerability is
increasingly becoming prominent in
information security related misconduct. Such
aspects may be more serious as it has a
focussed effort to exploit weakness.
3. There may also be circumstances wherein an
employee had submitted excess travel claim,
but failed to withdraw the same on realizing it.
During investigation if the employee regrets
his decision and agrees to withdraw his claim,
then it may only be an opportunistic
motivation.
4. Caste, nationality, colour or sexual orientation
based discrimination related misconduct may
have more serious impact on working
environment of the organization. Organizational
decision on disciplinary action shall take
cognisance of such elements also.
5. Similarly misconduct involving physical threats
or inappropriate actions may be equally serious.
6. Further, there may be circumstances wherein,
the perpetrator may not have understood the
impact of such misconduct. Harassment is
referable to the harm caused to the person
harassed rather than the actual intent of the
other. With people from different culture and
backgrounds it is essential to sensitise
individuals on appropriate conduct.

4. Some of the behaviours of the subject learnt
during the investigation may include his
addiction to drugs or pornographic content or
histrionic behaviour. During the course of
review, if the subject demonstrates steps to
recover from his addiction, the organization may
consider such behavioural improvement in
taking disciplinary action.
5. Further, the behaviour may also indicate the
subject’s efforts to facilitate other fraudulent or
undesirable behaviour.
6. Previous behaviours of the subject include the
nature of previous violations and its relevance to
the current act/ violation; or violations since last
warning or similar action. A failure to respond to
warnings may indicate non-inclination of the
subject to change his path.
1. Cooperation with investigation is one of the key
elements to consider. Acts of misconduct
involving bribery or financial statement fraud
may be perpetrated by more than 1 individual.
One of the individuals involved may agree to
become a cooperating witness and aid in
unearthing the extent of the misconduct. In such
a circumstance, while the act of violation by the
cooperating individual is serious, his behaviour
to support may be considered as supportive
information in disciplinary proceedings.
2. Voluntary reporting or early admission can also
be supportive behavioural cue in this regard.
Similarly, attempts to prevent victim from
obtaining assistance could be another
behavioural cue in disciplinary proceeding. This
may be by misguiding a victim on the process of
seeking assistance.
3. Subject’s attempts to share or conceal additional
information regarding the misconduct or
diverting the investigation may implicate the
subject further in a disciplinary action.
Behavioural factors
Behavioural factors relating to misconduct and the course of investigation have
a strong bearing on the disciplinary action. The elements under this factor
includes cooperation during investigation, history of violations, attempts to
conceal/ dispose of evidence and behaviour in responding to warnings.
Cooperation
and early/ late
admission
Attempts to
share or
conceal
additional info
Demonstration
of steps to
improve
Efforts against
victim on
reporting
Response to
warnings
History of
violations or
misconduct
Supported
other
misconducts
Behavioural
factors

Organizational factors
Any act of misconduct requires an assessment of the impact from the
organizational perspective. Organizational perspectives include losses and the
impact on reputation if not acted seriously.
1. Organizational impact due to misconduct may
be of several types. They are
• Financial impact: The financial impact due
to acts of misconduct includes financial
losses and/ or loss of business. It may also
include the investors’ departure from their
investment, which may result in cash
outflow.
• Reputational impact: Reputational impact
may include instances where organizations’
brand value, market standing, credit
worthiness, ethical representation and
business presence is put at stake.
• People impact: Certain type of misconduct
may have a significant impact on people.
These may not be quantifiable and may
include departure of key executives also. In
many large investigation scenarios, the
employees’ morale gets affected the most
and they move into a shell of protecting
themselves rather than being open about
innovative approaches for the organization’s
benefit. These impacts are sizeable and
detrimental for organizational prospects.
• Legal impact: Some of the misconduct may
involve legal consequences for the
organization including regulatory
proceedings and their associated impacts.
The financial, reputational, legal and people
impact determine the course of disciplinary
action. However, in many circumstances the
impact of the misconduct may not be apparent
and measurable at the time of disciplinary
proceedings. Organizations shall take
consideration of these possible impacts before
deciding on the disciplinary action.
2. Similarly, there may be certain misconducts
which may have serious implication on the
organization, if not acted upon appropriately.
This could be an issue of mass misconduct
involving multiple employees of same division or
sensitive misconducts. Sensitive misconducts
may be in nature of discrimination or sexual
harassment or senior management fraud. These
misconducts if not acted upon appropriately and
timely, may result in more serious impact on
organization than estimated.
It is essential for an organization to consider the
possible organizational impact due to the
misconduct and appropriately consider the options
for disciplinary proceedings.
Impact on
organization due
to misconduct
Misconduct that
may have
detrimental impact
if not acted upon
Organizational
perspective

4 Conclusion
With varying organizational processes across geographies and emerging types of misconduct,
organizations face several challenging circumstances in deciding upon appropriate disciplinary
actions. These disciplinary actions, if taken on a solitary case basis may sometimes become
inconsistent. These inconsistencies get noticed by whistle blowers, management and the subject of the
misconduct more closely. Considering the increasing usage of social media, impacts of mis-conceived
disciplinary action may have serious complications. Developing a structured developing culpability
matrix that guides the organizational approach towards disciplinary proceeding will contribute to
organizational transparency.

RISK
MANAGEMENT
FRAUD
CONTROL
TM
Contacts
reachus@trustussolutions.org
Corporate Office
S813, South Block, Manipal
Center, 47, Dickensen Road,
Bangalore – 560042
Branch Office
Level IV, Prabhavee Tech Park,
125, Baner Road,
Baner, Pune - 411045
About this publication
This thought leadership is based on the learnings primarily from
United States Corporate Sentencing Guidelines and United
Kingdom Crown Prosecution Guidelines. These guidelines provide
reasonable inputs for the Judges and Jury to determine the
appropriate disciplinary action to be taken on the identified
individual or the offender. This document is an attempt to represent
the relevant factors for corporate disciplinary proceedings.
This publication is from TRUSTUS Institute, a center for research
and thought leadership on ethics and compliance. TRUSTUS
Institute is a unit of TRUSTUS Solutions, a professional services
firm providing valued and lasting services to clients with risk
management and fraud control services.
This publication is prepared by TRUSTUS Solutions to provide the
reader a generic overview of the market scenarios and current
updates regarding forensic audit services. All information contained
herein are sourced from various public domains and other legal
avenues, and TRUSTUS Solutions makes no warranties or
representations regarding the accuracy, correctness or reliability of
the information contained herein. The information, events and
analysis contained herein are of generic nature only and are not
intended to be construed as advice of any manner against any
event or circumstances.
TRUSTUS Solutions neither assumes nor accepts any
responsibility for any loss arising to any person or entity acting or
refraining from acting as a result of any material contained in this
publication. This publication is not intended to transfer or license
any rights including intellectual property rights upon the reader.
This publication is not intended to substitute or by-pass or to
overrule any laws currently prevailing in India which the reader is
bound to observe and abide by law.
App to spread knowledge on
fraud investigation and risk
“Forensic Dimensions blog”
to share key perspectives.
Follow us on twitter
@TRUSTUSForensic
Copyright @ 2014, TRUSTUS Institute
Images credit: Flickr
Creative Commons
Icons credit: Flat Icon

Thought Leadership on Ethics & Compliance scale Final

More Related Content

What's hot

Viewers also liked

Similar to Thought Leadership on Ethics & Compliance scale Final

Thought Leadership on Ethics & Compliance scale Final