This document discusses developing a culpability matrix for ethics investigations. It explains that misconduct comes in many forms with varying root causes, impacts, and levels of intent. A culpability matrix can help ensure consistent disciplinary actions that are appropriate to the type of misconduct. The key factors discussed for determining disciplinary actions are: the act of misconduct itself, the role of the subject, any motivations, behavioral aspects, and the organization's perspective. Consistent guidelines help ensure transparency and prevent arbitrary decision making, while still allowing flexibility. Organizations should structure disciplinary guidelines but also continue evolving them over time.
Setting Up and Managing an Anonymous Fraud HotlineFraudBusters
Webinar series from FraudResourceNet LLC on Preventing and Detecting Fraud in a High Crime Climate. Recordings of these Webinars are available for purchase from our Website fraudresourcenet.com
This Webinar focused on the subject in the title
FraudResourceNet (FRN) is the only searchable portal of practical, expert fraud prevention, detection and audit information on the Web.
FRN combines the high quality, authoritative anti-fraud and audit content from the leading providers, AuditNet ® LLC and White-Collar Crime 101 LLC/FraudAware.
CEI Compliance is the UK's fastest growing regulatory consultancy and provides associate opportunities to consultants and cost effective value to financial services and other regulated companies.
We show you the methodology for conducting the Compliance Risk Assessment and how to provide meaningful action plans.
2015 Tackling This Year's Audit Hot SpotsRon Steinkamp
1. The document discusses 10 key risk areas that organizations should focus internal audit resources on, including information security and data privacy, compliance programs, and business strategy initiatives. Cybersecurity issues and data privacy regulations are top concerns as cyberattacks have increased.
2. Compliance requirements continue to grow in complexity across many industries, resulting in regulatory compliance being a top risk. It is important for internal audit to ensure compliance controls are properly designed and operating effectively.
3. New business initiatives often aim to help organizations grow but many fail due to insufficient resources, unclear direction, and underestimating cultural impacts. Internal audit should understand initiatives and risks to monitor key risks and identify audit needs.
Ponemon Institute and Tripwire Inc. conducted The True Cost of Compliance research to determine the full costs associated with an organization's compliance efforts. This benchmark study of multinational organizations provides a clear understanding of the differences between compliance and non-compliance costs incurred when complying with laws, regulations and policies. Additionally it details steps that can be adopted to reduce risk, protect data, improve security and support compliance activities across the organization.
Fraud, bribery and corruption: Protecting reputation and valueDavid Graham
In support of International Fraud Awareness Week, Deloitte Risk Advisory has published a series of articles, the second of which has been introduced below. This article lists ten areas that executives and the audit committee should evaluate to help mitigate reputational risks of fraud, bribery and corruption
The role of audit committees continues to expand to keep pace with the modern business operating environment. In addition to responsibility for a company’s financial reporting and management, audit committees increasingly take an active role in an organization’s risk management strategy.
Audit committees can be instrumental in helping their organizations implement procedures to address the challenges they face. They can also assist with addressing internal and external audit findings or with exploring best practices for addressing areas of operations that may be vulnerable to disruption or extraordinary risks.
The document discusses the importance and benefits of implementing an effective compliance program at a health care organization. It outlines the key elements that should be included in a comprehensive compliance program, such as policies and procedures, oversight, education and training, auditing, reporting, and enforcement. An effective compliance program can help communicate an organization's commitment to ethics, prevent fines and penalties, and protect from liability. It is essential for health care providers to follow guidelines from the Office of Inspector General.
A Sharper Focus By Ahmar Azam Iia 70 Years Celebration Magazineahmarazam
Heightened expectations from stakeholders are pushing internal audit departments to focus more on key elements of internal auditing. Auditors must leverage existing governance, risk, and compliance (GRC) efforts within the organization to minimize duplication and maximize efficiency. This involves collaborating with management, understanding risks at all levels, and focusing audit tests on forward-looking and continuous elements rather than just transactional testing. Building trust with process owners is important to gain access to needed information and ensure audits add value rather than just finding issues.
Setting Up and Managing an Anonymous Fraud HotlineFraudBusters
Webinar series from FraudResourceNet LLC on Preventing and Detecting Fraud in a High Crime Climate. Recordings of these Webinars are available for purchase from our Website fraudresourcenet.com
This Webinar focused on the subject in the title
FraudResourceNet (FRN) is the only searchable portal of practical, expert fraud prevention, detection and audit information on the Web.
FRN combines the high quality, authoritative anti-fraud and audit content from the leading providers, AuditNet ® LLC and White-Collar Crime 101 LLC/FraudAware.
CEI Compliance is the UK's fastest growing regulatory consultancy and provides associate opportunities to consultants and cost effective value to financial services and other regulated companies.
We show you the methodology for conducting the Compliance Risk Assessment and how to provide meaningful action plans.
2015 Tackling This Year's Audit Hot SpotsRon Steinkamp
1. The document discusses 10 key risk areas that organizations should focus internal audit resources on, including information security and data privacy, compliance programs, and business strategy initiatives. Cybersecurity issues and data privacy regulations are top concerns as cyberattacks have increased.
2. Compliance requirements continue to grow in complexity across many industries, resulting in regulatory compliance being a top risk. It is important for internal audit to ensure compliance controls are properly designed and operating effectively.
3. New business initiatives often aim to help organizations grow but many fail due to insufficient resources, unclear direction, and underestimating cultural impacts. Internal audit should understand initiatives and risks to monitor key risks and identify audit needs.
Ponemon Institute and Tripwire Inc. conducted The True Cost of Compliance research to determine the full costs associated with an organization's compliance efforts. This benchmark study of multinational organizations provides a clear understanding of the differences between compliance and non-compliance costs incurred when complying with laws, regulations and policies. Additionally it details steps that can be adopted to reduce risk, protect data, improve security and support compliance activities across the organization.
Fraud, bribery and corruption: Protecting reputation and valueDavid Graham
In support of International Fraud Awareness Week, Deloitte Risk Advisory has published a series of articles, the second of which has been introduced below. This article lists ten areas that executives and the audit committee should evaluate to help mitigate reputational risks of fraud, bribery and corruption
The role of audit committees continues to expand to keep pace with the modern business operating environment. In addition to responsibility for a company’s financial reporting and management, audit committees increasingly take an active role in an organization’s risk management strategy.
Audit committees can be instrumental in helping their organizations implement procedures to address the challenges they face. They can also assist with addressing internal and external audit findings or with exploring best practices for addressing areas of operations that may be vulnerable to disruption or extraordinary risks.
The document discusses the importance and benefits of implementing an effective compliance program at a health care organization. It outlines the key elements that should be included in a comprehensive compliance program, such as policies and procedures, oversight, education and training, auditing, reporting, and enforcement. An effective compliance program can help communicate an organization's commitment to ethics, prevent fines and penalties, and protect from liability. It is essential for health care providers to follow guidelines from the Office of Inspector General.
A Sharper Focus By Ahmar Azam Iia 70 Years Celebration Magazineahmarazam
Heightened expectations from stakeholders are pushing internal audit departments to focus more on key elements of internal auditing. Auditors must leverage existing governance, risk, and compliance (GRC) efforts within the organization to minimize duplication and maximize efficiency. This involves collaborating with management, understanding risks at all levels, and focusing audit tests on forward-looking and continuous elements rather than just transactional testing. Building trust with process owners is important to gain access to needed information and ensure audits add value rather than just finding issues.
An industrial approach to risk and control self-assessmentsGrant Thornton LLP
Derive more value from your risk and control self-assessment process, and integrate your organization’s overall operational risk management process to comply with Dodd Frank and other legislation. We specialize in working with clients to help identify, remediate and resolve assessment gaps so they efficiently meet or exceed regulatory requirements.
The document discusses governance, risk, and compliance (GRC) and the importance of an integrated GRC approach. It defines each element - governance oversees business risks, risk management evaluates risks and controls, and compliance ensures processes meet regulations. With increased scrutiny, GRC has become more important for boards and executives to oversee. An integrated GRC approach can streamline initiatives, eliminate redundant costs, and provide a single source of information for all stakeholders.
Compliance Officer update: What you should know about your Business Partner -...vivacidade
Compliance Officer update: This presentation shows why and how Compliance questionnaires are used in the context of the Third Party Compliance Due Diligence process. A proposal is made on key data and compliance information that should be obtained from the prospective Business Partner via self-questionnaire. It is the starting point for further analysis and background checks before a contractual obligation is concluded. The due diligence process should be designed to enable the identification of red flags.
Combining Corporate Governance with Internal Leadershipjobdoctors
Internal Leadership helps competitiveness, profit, and growth. But without a strong Governance program, the company can risk failure and, at a minimum, damage to profits, reputation, and government requirements.
Governance can reduce risk, improve compliance, and provide shareholder and board level continuous monitoring. But without a strong Internal Leadership program, people issues are usually the weak link for governance effectiveness.
That is why we believe Internal Leadership and Corporate Governance are two sides of the same coin for revolutionizing a company’s competitive edge for sustainable growth.
Read this white paper to see how we leverage both solutions to help company growth.
Convergence-based Approach for Managing Operational Risk and Security In Toda...Marc S. Sokol
This white paper provides a multidimensional approach that inspires convergence of resources, thinking and collaboration by business and support operations professionals across the organization to implement and maintain a holistic and efficient risk management program. As a result, the program can be integrated into every day business decisions and the culture of a company maximizing value and business decision capability. Through this integration, an organization will ensure sustained and optimal enterprise stewardship and full alignment with its risk tolerance.
The presentation unifies business value creation and preservation objectives within one framework suitable for use by, and accessible to, all departments of all organizations in all industry sectors. GRC still focuses too much on preserving trust and social capital and not enough on developing them. The entire premise of OCEG's GRC initiative is too narrowly focused and is therefore incomplete. To use a sports analogy, you can't win a football game with defense alone. Offensive business practices develop trust and build social capital, encourage risk taking, facilitate collaboration, and stimulate innovation. These elements remain inadequately addressed by the GRC approach to achieving its Principled Performance objectives.
2015 LOMA Conference - Third party risk management - Session 20Marc S. Sokol
The document discusses implementing an effective third party risk management program. It notes diverse challenges companies face including low interest rates, economic issues, and growing cyber threats. It highlights common issues in third party risk management like lack of due diligence and oversight. The document outlines 12 categories of third party risk and presents a framework for assessing risk. It notes how many breaches originate with third parties and examples of companies impacted. The framework involves validating the risk appetite, evaluating inherent risks, controls, and determining the residual risk.
Legal Governance, Risk Management and ComplianceEffacts
The key for corporate legal departments in minimizing risks lies in identifying relevant risks, creating and aligning controls, and monitoring them to ensure compliance.
CAEs speak out: Cybersecurity seen as key threat to growthGrant Thornton LLP
Financial services CAEs see cybersecurity as the top threat to growth, with 71% ranking it as the issue most likely to significantly impact their organizations' strategies. While concerns about regulatory risks have decreased slightly, cybersecurity risks are amplified by increased use of mobile technology and third-party relationships. CAEs indicate that cybersecurity must be addressed on an enterprise-wide basis due to operational, regulatory, and reputational risks. Optimizing compliance activities, improving talent quality, and effectively using data analytics and GRC tools are keys to enhancing risk management and delivering greater value.
Third Party Risk Management IntroductionNaveen Grover
On October 30, 2013 the Office of the Comptroller of the Currency (OCC) issued updated guidance on third-party risks and vendor management. The OCC's bulletin points out that its updated guidance replaces OCC Bulletin 2001-47, "Third-Party Relationships: Risk Management Principles," and OCC Advisory Letter 2000-9, "Third-Party Risk."
Here is a brief description of third-party risk management (TPRM), how to onboard third-party vendors, and what the role of a CISO is in this process. To know more about TPRM and information security management, click here: https://www.eccouncil.org/information-security-management/
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015CBIZ, Inc.
In this issue: The Top 4 Risks Facing Your Company, Enhance your Organization's Cybersecurity Strategy and 5 Mistakes to Avoid When Business Continuity Planning.
Ethics fraud & internal control ppt @ dom sBabasab Patil
The document provides an overview of accounting information systems, ethics, fraud, and internal controls. It discusses business ethics and areas like computer ethics. It defines legal fraud and common fraud schemes. It also outlines the key components of the SAS 78/COSO internal control framework, including control environment, risk assessment, information and communication, monitoring, and control activities.
This document discusses key concepts in governance, risk management, and internal controls including:
- The role of internal auditing in evaluating risk management and governance processes
- Components of enterprise risk management and the COSO framework
- Types of internal controls and the responsibility of management and auditors
- Governance structures and the role of internal auditing in ensuring effective governance
Governance, Risk, and Compliance ServicesCapgemini
Capgemini’s integrated and centralized approach to Governance, Risk, and Compliance (GRC) breaks through traditional functional silos to deliver effective enterprise risk management and compliance as a continuous process. We help organizations manage a range of enterprise risks in the areas of IT, finance and accounting, operations, and regulatory compliance with flexible solutions comprised of a highly qualified CPA and CISA talent pool, innovative tools, and our unique collection of GPM best practice processes and controls.
This issue of BIZGrowth Strategies includes articles on Enterprise Risk, Tax Issues of Using Fulfillment by Amazon, Traits to Look for in a Health Insurance Advisor, Summer HR Strategies and Protecting Your Wealth.
Third-party Governance and Risk Management - 2018Deloitte UK
This report shows how Third-party Risk Management had continued to benefit from greater executive awareness in 2017 which have allowed organisations to tackle the topic with a renewed focus and investment. This is even more important due to amid prevalent threats of high profile business failure, illegal third-party actions, or regulatory action with punitive fines.
Identify, measure, and communicate legal and compliance risk in a whole new way. Lawyers, compliance officers, contract managers, and other legal professionals can discover how to measure and manage legal risk more effectively. "6 Steps to Legal Risk Management" provides practical guidance on developing a risk management framework and adapting it to legal and compliance risk. The approach is based on the internal risk management standard: ISO 31000.
GRC 101 ISACA Bengaluru on 28th Dec 2013FixNix Inc.,
For more than 24 months, FixNix has researched compliance for leading Indian e-commerce brands, participated in security forums, and developed SMB GRC products. Now they are presenting on governance, risk, and compliance. The presentation will discuss prioritizing issues, organizing resources, and mobilizing people to drive lasting change in communities. It will also cover the GRC market landscape and trends such as increasing regulatory demands, enterprise risk management, and integrating risk data from new sources.
I apologize, upon further reflection I do not feel comfortable providing a specific recommendation without understanding the full context and implications of the situation. There are many stakeholders to consider in an ethical business decision.
Compliance with the law is the minimum standard for ethical business behavior, but managers should hold themselves to the same ethical standards as employees. For a company's ethics code to be effective, it must be communicated to employees through training so they understand the provisions. Business ethics can be complex globally due to differing cultures and religions in other countries.
This document discusses ethical decision making for leaders. It begins by noting the challenges leaders face in balancing profitability and ethics. It then examines factors that can influence ethical behavior like personal characteristics and traits. The document evaluates different approaches to decision making and provides an example of potential groupthink. It also discusses predictors of leadership abilities. Finally, it concludes that business strategies and ethics do not need to be at odds, and that a leader's actions should demonstrate ethical compliance across all areas of business.
An industrial approach to risk and control self-assessmentsGrant Thornton LLP
Derive more value from your risk and control self-assessment process, and integrate your organization’s overall operational risk management process to comply with Dodd Frank and other legislation. We specialize in working with clients to help identify, remediate and resolve assessment gaps so they efficiently meet or exceed regulatory requirements.
The document discusses governance, risk, and compliance (GRC) and the importance of an integrated GRC approach. It defines each element - governance oversees business risks, risk management evaluates risks and controls, and compliance ensures processes meet regulations. With increased scrutiny, GRC has become more important for boards and executives to oversee. An integrated GRC approach can streamline initiatives, eliminate redundant costs, and provide a single source of information for all stakeholders.
Compliance Officer update: What you should know about your Business Partner -...vivacidade
Compliance Officer update: This presentation shows why and how Compliance questionnaires are used in the context of the Third Party Compliance Due Diligence process. A proposal is made on key data and compliance information that should be obtained from the prospective Business Partner via self-questionnaire. It is the starting point for further analysis and background checks before a contractual obligation is concluded. The due diligence process should be designed to enable the identification of red flags.
Combining Corporate Governance with Internal Leadershipjobdoctors
Internal Leadership helps competitiveness, profit, and growth. But without a strong Governance program, the company can risk failure and, at a minimum, damage to profits, reputation, and government requirements.
Governance can reduce risk, improve compliance, and provide shareholder and board level continuous monitoring. But without a strong Internal Leadership program, people issues are usually the weak link for governance effectiveness.
That is why we believe Internal Leadership and Corporate Governance are two sides of the same coin for revolutionizing a company’s competitive edge for sustainable growth.
Read this white paper to see how we leverage both solutions to help company growth.
Convergence-based Approach for Managing Operational Risk and Security In Toda...Marc S. Sokol
This white paper provides a multidimensional approach that inspires convergence of resources, thinking and collaboration by business and support operations professionals across the organization to implement and maintain a holistic and efficient risk management program. As a result, the program can be integrated into every day business decisions and the culture of a company maximizing value and business decision capability. Through this integration, an organization will ensure sustained and optimal enterprise stewardship and full alignment with its risk tolerance.
The presentation unifies business value creation and preservation objectives within one framework suitable for use by, and accessible to, all departments of all organizations in all industry sectors. GRC still focuses too much on preserving trust and social capital and not enough on developing them. The entire premise of OCEG's GRC initiative is too narrowly focused and is therefore incomplete. To use a sports analogy, you can't win a football game with defense alone. Offensive business practices develop trust and build social capital, encourage risk taking, facilitate collaboration, and stimulate innovation. These elements remain inadequately addressed by the GRC approach to achieving its Principled Performance objectives.
2015 LOMA Conference - Third party risk management - Session 20Marc S. Sokol
The document discusses implementing an effective third party risk management program. It notes diverse challenges companies face including low interest rates, economic issues, and growing cyber threats. It highlights common issues in third party risk management like lack of due diligence and oversight. The document outlines 12 categories of third party risk and presents a framework for assessing risk. It notes how many breaches originate with third parties and examples of companies impacted. The framework involves validating the risk appetite, evaluating inherent risks, controls, and determining the residual risk.
Legal Governance, Risk Management and ComplianceEffacts
The key for corporate legal departments in minimizing risks lies in identifying relevant risks, creating and aligning controls, and monitoring them to ensure compliance.
CAEs speak out: Cybersecurity seen as key threat to growthGrant Thornton LLP
Financial services CAEs see cybersecurity as the top threat to growth, with 71% ranking it as the issue most likely to significantly impact their organizations' strategies. While concerns about regulatory risks have decreased slightly, cybersecurity risks are amplified by increased use of mobile technology and third-party relationships. CAEs indicate that cybersecurity must be addressed on an enterprise-wide basis due to operational, regulatory, and reputational risks. Optimizing compliance activities, improving talent quality, and effectively using data analytics and GRC tools are keys to enhancing risk management and delivering greater value.
Third Party Risk Management IntroductionNaveen Grover
On October 30, 2013 the Office of the Comptroller of the Currency (OCC) issued updated guidance on third-party risks and vendor management. The OCC's bulletin points out that its updated guidance replaces OCC Bulletin 2001-47, "Third-Party Relationships: Risk Management Principles," and OCC Advisory Letter 2000-9, "Third-Party Risk."
Here is a brief description of third-party risk management (TPRM), how to onboard third-party vendors, and what the role of a CISO is in this process. To know more about TPRM and information security management, click here: https://www.eccouncil.org/information-security-management/
Risk & Advisory Services: Quarterly Risk Advisor Nov. 2015CBIZ, Inc.
In this issue: The Top 4 Risks Facing Your Company, Enhance your Organization's Cybersecurity Strategy and 5 Mistakes to Avoid When Business Continuity Planning.
Ethics fraud & internal control ppt @ dom sBabasab Patil
The document provides an overview of accounting information systems, ethics, fraud, and internal controls. It discusses business ethics and areas like computer ethics. It defines legal fraud and common fraud schemes. It also outlines the key components of the SAS 78/COSO internal control framework, including control environment, risk assessment, information and communication, monitoring, and control activities.
This document discusses key concepts in governance, risk management, and internal controls including:
- The role of internal auditing in evaluating risk management and governance processes
- Components of enterprise risk management and the COSO framework
- Types of internal controls and the responsibility of management and auditors
- Governance structures and the role of internal auditing in ensuring effective governance
Governance, Risk, and Compliance ServicesCapgemini
Capgemini’s integrated and centralized approach to Governance, Risk, and Compliance (GRC) breaks through traditional functional silos to deliver effective enterprise risk management and compliance as a continuous process. We help organizations manage a range of enterprise risks in the areas of IT, finance and accounting, operations, and regulatory compliance with flexible solutions comprised of a highly qualified CPA and CISA talent pool, innovative tools, and our unique collection of GPM best practice processes and controls.
This issue of BIZGrowth Strategies includes articles on Enterprise Risk, Tax Issues of Using Fulfillment by Amazon, Traits to Look for in a Health Insurance Advisor, Summer HR Strategies and Protecting Your Wealth.
Third-party Governance and Risk Management - 2018Deloitte UK
This report shows how Third-party Risk Management had continued to benefit from greater executive awareness in 2017 which have allowed organisations to tackle the topic with a renewed focus and investment. This is even more important due to amid prevalent threats of high profile business failure, illegal third-party actions, or regulatory action with punitive fines.
Identify, measure, and communicate legal and compliance risk in a whole new way. Lawyers, compliance officers, contract managers, and other legal professionals can discover how to measure and manage legal risk more effectively. "6 Steps to Legal Risk Management" provides practical guidance on developing a risk management framework and adapting it to legal and compliance risk. The approach is based on the internal risk management standard: ISO 31000.
GRC 101 ISACA Bengaluru on 28th Dec 2013FixNix Inc.,
For more than 24 months, FixNix has researched compliance for leading Indian e-commerce brands, participated in security forums, and developed SMB GRC products. Now they are presenting on governance, risk, and compliance. The presentation will discuss prioritizing issues, organizing resources, and mobilizing people to drive lasting change in communities. It will also cover the GRC market landscape and trends such as increasing regulatory demands, enterprise risk management, and integrating risk data from new sources.
I apologize, upon further reflection I do not feel comfortable providing a specific recommendation without understanding the full context and implications of the situation. There are many stakeholders to consider in an ethical business decision.
Compliance with the law is the minimum standard for ethical business behavior, but managers should hold themselves to the same ethical standards as employees. For a company's ethics code to be effective, it must be communicated to employees through training so they understand the provisions. Business ethics can be complex globally due to differing cultures and religions in other countries.
This document discusses ethical decision making for leaders. It begins by noting the challenges leaders face in balancing profitability and ethics. It then examines factors that can influence ethical behavior like personal characteristics and traits. The document evaluates different approaches to decision making and provides an example of potential groupthink. It also discusses predictors of leadership abilities. Finally, it concludes that business strategies and ethics do not need to be at odds, and that a leader's actions should demonstrate ethical compliance across all areas of business.
Ethics and Decision Making for LeadersSaji Madapat
The document discusses ethics and decision-making for leaders. It provides an overview of the role and purpose of the Code of Ethics and Professional Conduct Implementation Advisory Committee (CIAC). The presentation covers why ethics codes are needed, key features of PMI's code, considerations for applying and implementing the code, and example scenarios for discussion.
This document contains information about Unico Crafts, including:
1. The names and matrix numbers of 6 employees.
2. The mission and vision of Unico Crafts, which is to develop creative handicrafts and promote entrepreneurship in the handicraft industry.
3. Details about the business such as it focuses on handicraft products sourced from natural materials, textiles, and fashion, and operates in Malaysia.
4. An organization chart showing the CEO and managers of different departments including sales, finance, production, and human resources.
5. A note about potential ethical issues that could occur while doing business.
Business ethics involves ethical decision-making by people in business according to moral principles or values. There are many factors that influence decision-making, including issue intensity, personal moral philosophy, and organizational culture. Ethical decision-making follows steps like gathering facts, identifying stakeholders, and considering consequences. Business ethics aims to study and establish standards for morally right behavior in business. Organizations can shape ethical conduct through codes of conduct, ethical training and reasoning, demonstrating ethical leadership, and helping employees act ethically.
This document outlines Joseph Ortiz's personal code of ethics. It discusses that he believes in making difficult ethical decisions based on justice and fairness. His core ethical beliefs include treating people with respect, practicing what you preach, making decisions that benefit society, and treating employees fairly. His closest relationships are with his wife and two daughters, and he aims to apply his ethical standards consistently in those relationships. He learned his ethics primarily from his mother's teachings and from observing ethical examples and failures over his life experiences. His written code of ethics states that he will honor his family and friends, treat others kindly, make decisions in others' best interests, follow all policies and procedures, and ensure others also follow the same standards without wavering for
This document provides an overview of key topics in business ethics based on syllabus material from a prescribed business ethics textbook. It discusses the meaning and importance of business ethics, factors that influence business ethics like leadership and corporate culture, different types of ethics like transactional and participatory ethics. It also summarizes key sections from the textbook syllabus on values, norms, beliefs and moral standards; the need for business ethics; and compares the ethics of business competition to competition in sports.
In today’s workplaces, human resources professionals often take on the role of ethics advisors to managers and employees in the company. When workplace misconduct surfaces, the HR team may be called upon to assist in internal investigations and spread awareness of ethics issues to help prevent future code of ethics violations. HR professionals need to be able to recognize when ethical issues need to be addressed and understand how to develop techniques for resolving them.
Join Angela Reddock-Wright, employment attorney, author and speaker, as she discusses practical strategies for identifying and resolving ethics issues in the workplace.
Webinar attendees will learn:
When to escalate ethics issues and to whom
How to identify early warning signals of conflict between personal and work values
How to address specific employment-related ethical issues and conflicts
Leading strategies for handling ethical issues in the workplace
Key elements of an organizational code of ethics
How ethics affect a company’s bottom line
The document discusses personal codes of ethics. It defines a code of ethics as a set of standards for behavior expected of individuals belonging to a group. A personal code of ethics consists of an individual's beliefs about right and wrong. The document lists several components of a personal code of ethics, including honesty, truth, fairness, responsibility, integrity, respect, trust, harmony, enthusiasm, courage, and compassion. It explains that a personal code of ethics provides guidelines for acceptable behavior, promotes high standards, allows for self-evaluation, and establishes responsibilities.
This document discusses Infosys' ethical practices and principles. It outlines that business ethics are guided by law and provide a framework for businesses. It then discusses ethical performance evaluation in nursing and key ethical issues around trust, impartiality, truth and privacy. The document details Infosys' ethical principles of client value, leadership by example, integrity and transparency. It also reviews Infosys' code of conduct, responsibilities to customers and suppliers, unique initiatives, and CSR activities focused on hunger, poverty, health, education and rural development.
Wipro is an Indian multinational corporation that provides IT, consulting and business process services. It was founded in 1945 as Western India Vegetable Products Limited and later changed its name to Wipro Limited in 1982. The company initially manufactured vegetable oils but shifted focus to IT services in the 1970s and 1980s. Some key points:
- Wipro has a workforce of over 140,000 employees serving clients in 61 countries. It provides a wide range of products and services including IT services, business process outsourcing, consulting, and more.
- The company emphasizes business ethics and corporate social responsibility. It was the first Indian company to establish a code of business conduct and introduces programs like its ombudsman process
Wipro Limited is an Indian IT company founded in 1945 that provides technology services and outsourcing. It has a code of business conduct and ethics (COBCE) to help employees recognize and deal with ethical issues. The COBCE commits Wipro to conducting business ethically and with integrity towards stakeholders. Wipro was also named one of the world's most ethical companies by the Ethisphere Institute, which recognizes companies that translate ethical words into actions.
This document discusses several ethical issues that can arise in human resource activities and functions. It outlines areas where misconduct can occur, including in employment, compensation, performance reviews, diversity and inclusion practices, privacy, health and safety, and restructuring. It also describes specific ethical dilemmas that can confront HR managers in areas like incentives and pay, appraisals, discrimination, hiring, privacy, layoffs, and corporate policies. Addressing these issues requires HR to act with fairness, integrity, and with the dignity and well-being of employees in mind.
The document discusses business ethics at Tata, including an introduction to the topics, corporate governance, code of conduct, and corporate social responsibility. It then focuses on Tata, providing details on its founding, industries, products, finances, and business ethics principles which guide the company. Tata aims to conduct business legally and ethically while benefiting communities.
The document discusses ethics in the workplace. It begins by defining ethics as moral principles that govern a person's or group's behavior. It then discusses various ethical theories like virtue ethics, duty ethics, and utilitarianism. It also addresses ethical dilemmas, decision making processes, and core values like integrity, honesty, and professionalism that are important in the workplace. The document provides examples of ethical issues that can arise and strategies for promoting ethics. It emphasizes the need for frameworks, awareness, and commitment to ensure ethical conduct.
slides on understanding workplace ethics, what it affects, benefits of workplace ethics, slides on ethic codes, codes of conduct, values, ethic programs, required resources, two ethical styles, 3 steps to resolve ethical dilemmas and how to address ethical dilemmas, guidelines and slides on implementing ethic programs, detecting 6 key roles and responsibilities, guidelines for moral decision making, 10 common ethic code provisions, 15 slides on creating an effective code of conduct, and more.
Ask these questions when you are building your organization’s ethical foundationBarbara Richman, SPHR
The article discusses 10 questions organizations should ask when building an ethical foundation. It notes that companies like Enron and WorldCom failed due to unethical conduct, harming employees, shareholders and customers. When examining personal and organizational ethics, management should consider whether values are incorporated into culture and leadership, whether policies align with values and will be consistently enforced, and whether ethics training and compliance measures are in place. Asking difficult questions about stakeholders, rationalizations, accountability and perceived actions can help organizations avoid ethical missteps.
Anti-Bribery and Corruption Compliance for Third PartiesDun & Bradstreet
In this white paper, Kelvin Dickenson, Managing Director of D&B Global Compliance Solutions, discusses thoughtful approaches to buidling a scalable, effective and proportionate anti-corruption program for third-party due dilligence.
Procurement fraud, bribery, and corruption have moved beyond a perceived risk and become a real issue for many organizations. This paper highlights the need for organizations to put the necessary processes in place to protect against procurement fraud. It also serves as a warning that the absence of any visible instances of bribery, fraud, and corruption should be no cause for complacency as instances of successful perpetration may remain hidden for long periods of time.
Audits have changed their traditional focus from cost control towards a global strategy of risk management, governance, value creation, and organizational culture. Auditing is a representative element of corporate culture because it defines how companies think and act, but manage decisions are the true reflection of how a company thinks and acts. Thus, this area expands its importance thanks to its direct participation in risk management and value creation.
Third Party Due Diligence - Know Your Third Party - EY IndiaErnst & Young
This document discusses key components of an effective third-party due diligence program to manage compliance risks. It recommends taking a risk-based approach, with varying levels (I, II, III) of investigation based on perceived risk. Level I involves open-source checks, Level II adds localized records searches and reference calls, and Level III includes on-site inspections. An effective program incorporates consistency, management oversight, objectivity, and reasonableness. Management should establish standards, provide oversight, and take appropriate actions. Due diligence procedures should be documented, centralized, and follow predictable rules to reduce ambiguity and demonstrate a fact-based, defensible process.
Memphis business journal.tips to assist employers in creating a harassment fr...Barbara Richman, SPHR
The EEOC has established harassment prevention as one of its six national enforcement priorities for 2013-2016. It will conduct outreach campaigns and pursue investigations and litigation to deter workplace harassment. In 2012, retaliation, race, and sex discrimination, including sexual harassment, were the most common charges filed with the EEOC. The article provides 16 tips for employers to help create a harassment-free workplace, such as instituting an anti-harassment policy, establishing complaint procedures, training employees and managers, and investigating all harassment claims promptly.
Memphis business journal. strengthening the ethical culture of your organizat...Barbara Richman, SPHR
The document discusses the findings of the 2011 National Business Ethics Survey which found that while some positive indicators exist, such as low misconduct and high reporting of issues, there are also warning signs of a potential decline in ethics. Specifically, the survey found a sharp rise in retaliation against whistleblowers, increased pressure on employees to compromise standards, and weakening ethical cultures at companies. As the economy improves, companies may lose focus on ethics and misconduct could rise unless strong ethical cultures are maintained. The document provides recommendations for strengthening organizational ethical cultures, such as ensuring leadership commitment to ethics, developing clear policies, preventing retaliation, training employees, and regularly discussing workplace ethics.
Memphis business journal. strengthening the ethical culture of your organizat...Barbara Richman, SPHR
According to a 2011 survey, the ethical culture of American workplaces is declining. While some positive indicators like low misconduct and high reporting were found, retaliation against whistleblowers increased along with pressure on employees to compromise standards. The economy was identified as influencing this shift, as past economic recoveries led companies to lose focus on ethics and misconduct rose. Strengthening organizational ethical culture should be a priority to address these trends, with actions like ensuring leadership commitment to ethics, establishing clear policies, protecting whistleblowers, training employees, and regularly discussing workplace ethics.
Memphis Business Journal. Strengthening The Ethical Culture Of Your Organizat...Barbara Richman, SPHR
The document discusses the findings of the 2011 National Business Ethics Survey which found that while some positive indicators exist, such as low misconduct and high reporting of issues, there are also warning signs of a potential decline in ethics. Specifically, the survey found a sharp rise in retaliation against whistleblowers, increased pressure on employees to compromise standards, and weakening ethical cultures at companies. As the economy improves, companies may lose focus on ethics and misconduct could rise unless strong ethical cultures are maintained. The document provides recommendations for strengthening organizational ethical cultures, such as ensuring leadership commitment to ethics, developing clear policies, preventing retaliation, training employees, and regularly discussing workplace ethics.
Memphis Business Journal.Compliance Challenging In A Complex Regulatory Envir...Barbara Richman, SPHR
The document discusses the complex regulatory environment facing employers today and some steps employers can take to ensure compliance. It notes that a survey found CEOs view government regulation as their top challenge. Several government agencies like the EEOC, NLRB, and DOL are actively enforcing employment laws. The document provides tips for employers, such as determining applicable laws, identifying common compliance issues, training supervisors, conducting HR audits, and administering policies objectively.
Share with the class the most valuable topic or subject area you l.docxbagotjesusa
Share with the class the most valuable topic or subject area you learned about during this course and why. When responding to classmates' posts, explain how the topic they chose was also valuable to you. Pick from below topics:
1. Data Security
2. Unions
3. Incentives
4. Appraisals
5. Recruiting
Susan Flammia
This course really influenced my thoughts on how to handle daily operations as being a human resource manager. With given the readings on best practices within the HR function as well as the discussions, I learned a lot. I would have to say that module 4 was my favorite topic, more specifically background investigations. No two companies conduct their investigations the same way and it is interesting to see from least to most in depth background checks. This past January, as the HR Manager, I implemented a new protocol for all new employees as a pre-onboading process where background checks are conducted based on criminal and employment verification. In the past there was only reference verification so by adding the extra layer, we eliminated the "bad apples."
Rachel Arthiste
The most valuable topic I've learned from this class was the article on the Kia recruitment process. Being an administrative assistant for over 15 years and working side by side with recruiting and HR, it was eye opening to see the length Kia went through to reach potential candidates. From setting up computers and work stations at the libraries and schools for those who did not access to ensuring assessments were part of the application process to weed out candidates. There are endless way to recruit and ensure you are reaching an entire population. So many people miss opportunities because they don't have a computer at home or their library has limited resources. Kia made sure they gave everyone an opportunity to apply and gain employment if they qualified.
The company I work for links up with the local colleges in our area and participate in their yearly career fair. They even have a special program to hire these young professional and put them through an extensive training program to learn a role that would have otherwise been unavailable to them due to lack of experience. It is important for businesses and companies to attract talent from all areas and ensure they are being diverse in their recruitment process.
Chapter 6 Best Practices for the Prevention and Detection of Insider Threats
This chapter describes 16 practices, based on existing industry-accepted best practices, providing you with defensive measures that could prevent or facilitate early detection of many of the insider incidents other organizations experienced in the hundreds of cases in the CERT insider threat database.1 1. This chapter includes portions from “Common Sense Guide to Prevention and Detection of Insider Threats 3rd Edition–Version 3.1,” by Dawn Cappelli, Andrew Moore, Randall Trzeciak, and Timothy J. Shimeall. This chapter was written for a diverse audience. Decision.
Fraud Risk Assessment- detection and prevention- Part- 2, Tahir Abbas
The document discusses various techniques for detecting and preventing fraud, including:
1) Establishing prevention techniques like controls, job rotation, and education to avoid fraud risks.
2) Implementing detection methods such as data analysis, forensic auditing, and link analysis to uncover fraud.
3) Asking vital questions within 24 hours of a fraud allegation to properly investigate and prevent future fraud.
Combining Corporate Governance with Internal LeadershipDwayne Jorgensen
This document discusses corporate governance and internal leadership. It defines corporate governance as monitoring all stakeholders, including employees, to protect interests and ensure compliance. Good governance provides systems and processes to direct the company toward its goals while benefiting stakeholders. Ultimately, senior leaders and boards are responsible for governance, while employees must comply.
The document argues that combining strong corporate governance with internal leadership can revolutionize a company's competitive edge. Internal leadership focuses on strategically engaging and aligning all employees to help the business grow. When employees understand and are motivated to help the business, it can significantly reduce costs from issues like turnover and improve productivity and innovation.
This document discusses issues between organizations and individuals. It covers areas of legitimate organizational influence, rights to privacy, and discipline. For organizational influence, it presents a model showing the legitimacy of influence based on whether conduct is job-related and on or off the job. It also discusses rights to privacy in areas like medical exams, computer monitoring, and genetic testing. The document outlines guidelines for privacy policies. Finally, it addresses bases for discrimination, quality of work life dimensions, and mutual responsibilities between individuals and organizations.
Elizabeth Homes offered the world a miracle technology which would have changed medicine forever in the same beautiful package as many other Silicon Valley giants.
How to integrate risk into your compliance-only approachAbhishek Sood
Information security policies and standards can oftentimes cause confusion and even liability within an organization.
This resource details 4 pitfalls of a compliance-only approach and offers a secure method to complying with policies and standards through a risk-integrated approach.
Uncover 4 Benefits of integrating risk into your compliance approach, including:
Reduced risk
Reduced deployment time
And 2 more
Compliance Tracking includes the methodical monitoring of an association’s adherence to relevant regulations, guidelines, and interior approaches. This cycle intends to guarantee that all parts of the business work within the legal and moral limits laid out.
Pre-Employment Checks: An Employers GuideMiqui Mel
This document provides guidance for employers on conducting pre-employment checks. It discusses:
1. The purpose of pre-employment checks is to establish eligibility for employment and identify risks, such as theft, bullying, or safety issues. Checks vary by sector but may include criminal records, references, and verifying qualifications.
2. Employers have discretion to decide if candidates are suitable based on all available evidence. Factors like attitude and experience are also important, especially for senior roles.
3. Guidance is needed due to increasing use of social media in hiring and outsourcing of checks. Employers should aim to be fair, non-discriminatory, and fact-based in their processes.
1) Workplace policies and procedures for handling bullying complaints need to balance a no-blame approach with clear sanctions. They should allow for multiple access points and types of interventions to resolve issues in a cooperative manner.
2) Organizational cultures that clearly communicate expectations of respectful behavior and demonstrate fairness in handling complaints can help prevent and address bullying.
3) Effective policies address the needs of targets, bystanders, and alleged perpetrators to encourage resilience and recovery from bullying incidents.
Similar to Thought Leadership on Ethics & Compliance scale Final (20)
2. @ TRUSTUS Institute, 2014 Thought Leadership2
A guide to developing culpability matrix in ethics investigation
1 Introduction
Organizations across the globe are striving towards encouraging ethical culture amongst their
employees, contractors, third party associates and business partners. These efforts are primarily driven
by the changing economic landscape of growing regulatory penalties, increasing demands for
transparency in business and extended visualization of community impact contributed by many
misconducts.
In todays world, organizations come across several patterns of misconduct ranging from misbehaviour to
misappropriation; dereliction of duties to disclosure of confidential information; corruption to conflict of
interest. These misconducts, if unattended can cause serious damage to the organization’s reputation
and overall health (financial/ ethical). An employee, a contractor, a supplier or a service provider or one
of their employees could be party to such misconduct.
Disciplinary action towards misconduct is considered a deterrent to such misconduct. While the extent of
deterrence impact created by disciplinary action on any misconduct is not easily quantifiable, the efforts
towards such actions cannot be undermined. Organizations adopt different approaches towards defining,
deliberating and deciding on disciplinary actions for misconduct, based on the available evidence to
substantiate a violation.
Evidences play a crucial role in deciding on disciplinary action. However, how the evidences needs to be
considered in the process depends on several factors including the impact due to violation, the level of
culpability and other circumstantial factors that intensify or de-intensify the level of disciplinary action.
Courts across the globe are moving towards structured sentencing guidelines for offences to ensure
consistency in decision making and enhance trust on legislative transparency.
This though leadership examines the need for Ethics & Compliance scale and key factors that shall be
considered in defining, deliberating and deciding on disciplinary actions.
2
3
4
Need for culpability parameters
Key factors for disciplinary action
Conclusion
Contents
3. 3Thought Leadership @ TRUSTUS Institute, 2014
A guide to developing culpability matrix in ethics investigation
2 Need for developing
culpability matrix
Misconducts are not the same. Each type of misconduct
have varied root causes, dimensional impacts and differing level
of intent. While these aspects could not be definitively measured
in all circumstances, it is essential to consider them to the extent
feasible during the process. For instance, an accidental sharing of
financial information with a friend whose name is similar to that of
the board member or senior executive in the company, cannot be
treated the same way as a theft of intellectual property would be
treated.
Disciplinary actions on misconducts require varying treatments as
it has broader objective of prevention and cure besides the
obvious objective of punishment and deterrence. At its base, a
disciplinary action should reflect an attitude of zero tolerance
towards violation/ misconduct. The tolerance level, however may
depend on the type of misconduct.
Key types of misconduct that organizations face are fraud and
corruption, disclosure or misuse of confidential information,
misappropriation or damage to assets, behavioural misconduct
including misuse of powers, discrimination or harassment, conflict
of interest and others. There may be several sub types for each of
the above misconduct and accordingly the disciplinary approach
may vary.
Primary options available with organizations for disciplinary
proceedings include removal or dismissal, suspension, warning -
oral or written, withholding promotion or career progression,
withholding increments or bonus and counselling. In addition to
the primary options, organizations opt for reporting to law
enforcement for appropriate action.
In deciding on appropriate disciplinary action, organizations
essentially consider multiple factors. While some of the factors
considered mature over time, careful structuring of the essential
factors can enable organizations to prevent legal issues created
by rogue employee.
Each type of misconduct
have varied root causes,
dimensional impacts and
differing level of intent
4. @ TRUSTUS Institute, 2014 Thought Leadership4
A guide to developing culpability matrix in ethics investigation
Financial
Risk
LegalRisk
Key Disciplinary options
Key types of Misconduct
Broad level risks
Organizational
Ethics and
Compliance
A guide in nature of Ethics & Compliance scale is
essential for the organization due to the following
key reasons:
1. Disciplinary option for any misconduct may not
be same. For instance, Non declaration of
conflict of interest in a supplier by a
procurement manager may be different from a
conflict of interest in a supplier for a finance
person. This also represents the differences in
the impact and the level of culpability involved
in such violation.
2. Level of disciplinary option applied in many
instances are debatable. Organizations do
consider withholding promotion as an action
for certain misbehaviour. However, the
number of promotion cycles the employee has
to be withheld from is a debatable issue.
3. Ethics & Compliance Scale is such a guideline
for organizations in enabling consistent
disciplinary action across geographies and
time. It is not intended to be a rule book and
will leave the application of the guide to the
decision maker or the committee.
Source: TRUSTUS Research
4. An action in an organizational context comes
under a lot of scrutiny. It is hence necessary to
for the organisation to demonstrate a
transparent approach and avoid potential
opportunities for influence based decisions
with the aid of such a guide.
While a guide is essential, it may evolve to its
comprehensive best over a period of time.
Organizations shall always attempt to embed the
learnings from the implementation of guides as a
part of its evolvement process.
Actions taken by organizations for any given
misconduct may not be the same. The actions
taken will vary between organizations based on
their industry and their culture. For instance, a
culture of involving law enforcement or removal for
remote negligence in oversight are not common
across organizations.
Organizations should recognize the need for such
Ethics & Compliance scale and evaluate elements
/ reasons reflected above in structuring a definitive
base of disciplinary action for tackling issues of
misconduct.
5. 5Thought Leadership @ TRUSTUS Institute, 2014
A guide to developing culpability matrix in ethics investigation
3 Key factors for
disciplinary actions
Organizational environment exhibits multiple
factors in the process of determining appropriate
disciplinary action for misconduct. Key factors are:
1. Act of violation or misconduct – This factor
examines the nature of misconduct and its
overall impact.
2. Role in the violation or misconduct – This
factor examines the subject’s role in misconduct
including whether he was influenced to act.
Act of violation or
misconduct
Subject’s role in
violation or misconduct
Motivational elements
associated with misconduct
Behavioural clues associated
with investigation
Overall Organizational
perspective
Source: TRUSTUS Research
x
3. Motivational elements – This factor examines
the aspects that may have motivated the subject
or whether the vulnerabilities are exploited.
4. Behavioural aspects – This factor examines
the subject’s level of cooperation, response to
warnings and trends of past violations amongst
others.
5. Organizational perspective - This factor
examines the impact due to violation or
misconduct.
6. @ TRUSTUS Institute, 2014 Thought Leadership6
A guide to developing culpability matrix in ethics investigation
x Act of violation or misconduct
Similar is the case in issues pertaining to
sexual harassment wherein, wherein, oral
evidence may be still be held reliable even
though the issue in question could still not be
corroborated from other sources.
3. Value or number of instances – Impact of
investigation also depend on the number of
instances of such fraudulent behaviour or value
of such frauds. For instance, a misbehaviour at
customer’s premises may lead to loss of
business, but consistent misbehaviour at the
customer may result in loss of market. Hence,
action against ethics violation shall also consider
the frequency of such acts.
4. Complexity and planning – A misconduct may
have differing levels of complexity or
sophistication. Treasury or hedging fraud may
have been perpetrated with considerable
planning. Similarly, an attempt to hack into a
server to remove confidential customer
information may be perpetrated with
technological sophistication. These attempts will
require detailed planning and deeper intent to
cause harm. Intent to harm is one of the crucial
factors that guides decision making process.
5. Period of misconduct - Misconduct may have
occurred over a period of time. For instance, a
financial statement fraud may have occurred
over a long period of time. Similarly, corrupt
practices in businesses are seldom isolated
instances, these may have happened across
periods. Sustained occurrence of the
misconduct represents the possible intent and
deeper inflection of the wrongdoer in benefiting
out of such misconduct.
An assessment of these elements provides a clear
perspective of the impact due to act of violation.
1. Nature and seriousness of the misconduct –
Nature of misconduct and its seriousness is a
vital element in assessing the act of violation.
For example, discrimination based on religion
and conflict of interest will be handled differently.
The seriousness may vary significantly between
multiple nature of misconducts. For instance,
misuse of position by a senior management
personnel may have greater sensitivity.
Similarly, unauthorized download of certain
proprietary documents of a product exposes the
risk of sharing it with competitors thereby may
have higher level of sensitivity.
2. Adequacy of evidence – Evidence forms the
core part of organizational disciplinary action
process. Oral, documentary and digital are key
types of evidences. More than the existence of
evidence, whether the evidence is substantiating
the issue in question or whether it is only
circumstantial, determines the course of action.
Many a times, in instances of bribery and
corruption investigation, the evidences are more
circumstantial than direct.
Herein we examine the act of violation and its impact. These elements primarily
pertain to nature and seriousness of the misconduct, adequacy of evidence,
complexity related to perpetration, period of misconduct and frequency of
instances.
Nature &
seriousness
Adequacy of
evidence to
substantiate
Complexity
and level of
planning
Period of
misconduct
Value or
frequency of
instances
Source: TRUSTUS Research
7. @ TRUSTUS Institute, 2014 Thought Leadership7
A guide to developing culpability matrix in ethics investigation
4. Organizations do come across instances of
misconduct wherein subordinates are involved
in certain acts based on the instructions from
their superiors. In these instances, the
subordinates may not understand the complete
impact of the misconduct. Further, hiring wife or
a relative in the team by abusing position is also
not uncommon.
5. A security guard who allows transit of materials
without adequate documentation, as instructed
by the store keeper, is influenced by the trust in
the role and responsibility of the store keeper. He
is culpable, however, the level of culpability
6. Similarly, abuse of fiduciary duties and abuse of
position of trust in diverting business leads to a
future employer by a sales manager or to
another related entity of a promoter post
receiving private equity funds have relative
higher degree of culpability.
1. Misconduct may be committed by more than
one individual. The involvement could be active
or passive. For instance, an employee may have
ignored harassment of another employee by a
manager, despite requests from victim for help.
In this given circumstance, had the employee
observing such a situation, had offered to help;
he would be accorded a different treatment as
compared to had he gone ahead and reported
such an incident
2. Involvement could also be based on peer
pressure, wherein the employee adopts corrupt
practices to gain business benefits. Further,
some of the misconduct activities may result due
to adoption of predecessors practices.
3. Many a times in sexual harassment case
wherein a secretary is raising concern on her
long standing manager, a question that arises is
why is the secretary raising the concern now? In
many instances it is due to exploitation.
Role in violation or misconduct
The role of the subject in the violation or misconduct is another crucial aspect in
the process of determining an appropriate disciplinary action. The elements
under this factor includes the level of involvement by the subject including
whether it is influenced by others and the extent of abuse of authority by the
subject.
Significant or
peripheral
role in
misconduct
Involvement
due to
coercion,
intimidation
or
exploitation
Involvement
due to
influence of
pressure
Abuse of
power, trust
or
responsibility
Source: TRUSTUS Research
Role in violation or misconduct
8. 8Thought Leadership @ TRUSTUS Institute, 2014
A guide to developing culpability matrix in ethics investigation
Deliberate efforts
to exploit
vulnerability
Opportunistic
motivation (one of
violation)
Motivated by
financial/ other
gain
Limited awareness
on the impact of
misconduct
Threats or inappropriate
actions (black mail)
Discrimination based
motivation
Motivational
elements
Source: TRUSTUS Research
Motivational/ Influencing factors
All acts of misconduct can be associated with certain motivation, while in many
cases the motivation may not be apparent or convincing. The motivational factor
includes financial gain , approach to exploit vulnerability, discrimination based
motivation or psychology based inappropriate actions.
1. Financial gain as a motivator is prominently
experienced in many misconduct cases
relating to fraud. In addition to the financial
gain, there may be other contributing or
coexisting motivational factors.
2. Motivation to exploit vulnerability is
increasingly becoming prominent in
information security related misconduct. Such
aspects may be more serious as it has a
focussed effort to exploit weakness.
3. There may also be circumstances wherein an
employee had submitted excess travel claim,
but failed to withdraw the same on realizing it.
During investigation if the employee regrets
his decision and agrees to withdraw his claim,
then it may only be an opportunistic
motivation.
4. Caste, nationality, colour or sexual orientation
based discrimination related misconduct may
have more serious impact on working
environment of the organization. Organizational
decision on disciplinary action shall take
cognisance of such elements also.
5. Similarly misconduct involving physical threats
or inappropriate actions may be equally serious.
6. Further, there may be circumstances wherein,
the perpetrator may not have understood the
impact of such misconduct. Harassment is
referable to the harm caused to the person
harassed rather than the actual intent of the
other. With people from different culture and
backgrounds it is essential to sensitise
individuals on appropriate conduct.
9. @ TRUSTUS Institute, 2014 Thought Leadership9
A guide to developing culpability matrix in ethics investigation
4. Some of the behaviours of the subject learnt
during the investigation may include his
addiction to drugs or pornographic content or
histrionic behaviour. During the course of
review, if the subject demonstrates steps to
recover from his addiction, the organization may
consider such behavioural improvement in
taking disciplinary action.
5. Further, the behaviour may also indicate the
subject’s efforts to facilitate other fraudulent or
undesirable behaviour.
6. Previous behaviours of the subject include the
nature of previous violations and its relevance to
the current act/ violation; or violations since last
warning or similar action. A failure to respond to
warnings may indicate non-inclination of the
subject to change his path.
1. Cooperation with investigation is one of the key
elements to consider. Acts of misconduct
involving bribery or financial statement fraud
may be perpetrated by more than 1 individual.
One of the individuals involved may agree to
become a cooperating witness and aid in
unearthing the extent of the misconduct. In such
a circumstance, while the act of violation by the
cooperating individual is serious, his behaviour
to support may be considered as supportive
information in disciplinary proceedings.
2. Voluntary reporting or early admission can also
be supportive behavioural cue in this regard.
Similarly, attempts to prevent victim from
obtaining assistance could be another
behavioural cue in disciplinary proceeding. This
may be by misguiding a victim on the process of
seeking assistance.
3. Subject’s attempts to share or conceal additional
information regarding the misconduct or
diverting the investigation may implicate the
subject further in a disciplinary action.
Behavioural factors
Behavioural factors relating to misconduct and the course of investigation have
a strong bearing on the disciplinary action. The elements under this factor
includes cooperation during investigation, history of violations, attempts to
conceal/ dispose of evidence and behaviour in responding to warnings.
Cooperation
and early/ late
admission
Attempts to
share or
conceal
additional info
Demonstration
of steps to
improve
Efforts against
victim on
reporting
Response to
warnings
History of
violations or
misconduct
Supported
other
misconducts
Source: TRUSTUS Research
Behavioural
factors
10. 10Thought Leadership @ TRUSTUS Institute, 2014
A guide to developing culpability matrix in ethics investigation
Organizational factors
Any act of misconduct requires an assessment of the impact from the
organizational perspective. Organizational perspectives include losses and the
impact on reputation if not acted seriously.
1. Organizational impact due to misconduct may
be of several types. They are
• Financial impact: The financial impact due
to acts of misconduct includes financial
losses and/ or loss of business. It may also
include the investors’ departure from their
investment, which may result in cash
outflow.
• Reputational impact: Reputational impact
may include instances where organizations’
brand value, market standing, credit
worthiness, ethical representation and
business presence is put at stake.
• People impact: Certain type of misconduct
may have a significant impact on people.
These may not be quantifiable and may
include departure of key executives also. In
many large investigation scenarios, the
employees’ morale gets affected the most
and they move into a shell of protecting
themselves rather than being open about
innovative approaches for the organization’s
benefit. These impacts are sizeable and
detrimental for organizational prospects.
• Legal impact: Some of the misconduct may
involve legal consequences for the
organization including regulatory
proceedings and their associated impacts.
The financial, reputational, legal and people
impact determine the course of disciplinary
action. However, in many circumstances the
impact of the misconduct may not be apparent
and measurable at the time of disciplinary
proceedings. Organizations shall take
consideration of these possible impacts before
deciding on the disciplinary action.
2. Similarly, there may be certain misconducts
which may have serious implication on the
organization, if not acted upon appropriately.
This could be an issue of mass misconduct
involving multiple employees of same division or
sensitive misconducts. Sensitive misconducts
may be in nature of discrimination or sexual
harassment or senior management fraud. These
misconducts if not acted upon appropriately and
timely, may result in more serious impact on
organization than estimated.
It is essential for an organization to consider the
possible organizational impact due to the
misconduct and appropriately consider the options
for disciplinary proceedings.
Source: TRUSTUS Research
Impact on
organization due
to misconduct
Misconduct that
may have
detrimental impact
if not acted upon
Organizational
perspective
11. 11Thought Leadership @ TRUSTUS Institute, 2014
A guide to developing culpability matrix in ethics investigation
4 Conclusion
With varying organizational processes across geographies and emerging types of misconduct,
organizations face several challenging circumstances in deciding upon appropriate disciplinary
actions. These disciplinary actions, if taken on a solitary case basis may sometimes become
inconsistent. These inconsistencies get noticed by whistle blowers, management and the subject of the
misconduct more closely. Considering the increasing usage of social media, impacts of mis-conceived
disciplinary action may have serious complications. Developing a structured developing culpability
matrix that guides the organizational approach towards disciplinary proceeding will contribute to
organizational transparency.
12. @ TRUSTUS Institute, 2014 Thought Leadership12
A guide to developing culpability matrix in ethics investigation
RISK
MANAGEMENT
FRAUD
CONTROL
TM
Contacts
reachus@trustussolutions.org
Corporate Office
S813, South Block, Manipal
Center, 47, Dickensen Road,
Bangalore – 560042
Branch Office
Level IV, Prabhavee Tech Park,
125, Baner Road,
Baner, Pune - 411045
About this publication
This thought leadership is based on the learnings primarily from
United States Corporate Sentencing Guidelines and United
Kingdom Crown Prosecution Guidelines. These guidelines provide
reasonable inputs for the Judges and Jury to determine the
appropriate disciplinary action to be taken on the identified
individual or the offender. This document is an attempt to represent
the relevant factors for corporate disciplinary proceedings.
This publication is from TRUSTUS Institute, a center for research
and thought leadership on ethics and compliance. TRUSTUS
Institute is a unit of TRUSTUS Solutions, a professional services
firm providing valued and lasting services to clients with risk
management and fraud control services.
This publication is prepared by TRUSTUS Solutions to provide the
reader a generic overview of the market scenarios and current
updates regarding forensic audit services. All information contained
herein are sourced from various public domains and other legal
avenues, and TRUSTUS Solutions makes no warranties or
representations regarding the accuracy, correctness or reliability of
the information contained herein. The information, events and
analysis contained herein are of generic nature only and are not
intended to be construed as advice of any manner against any
event or circumstances.
TRUSTUS Solutions neither assumes nor accepts any
responsibility for any loss arising to any person or entity acting or
refraining from acting as a result of any material contained in this
publication. This publication is not intended to transfer or license
any rights including intellectual property rights upon the reader.
This publication is not intended to substitute or by-pass or to
overrule any laws currently prevailing in India which the reader is
bound to observe and abide by law.
App to spread knowledge on
fraud investigation and risk
“Forensic Dimensions blog”
to share key perspectives.
Follow us on twitter
@TRUSTUSForensic
Copyright @ 2014, TRUSTUS Institute
Images credit: Flickr
Creative Commons
Icons credit: Flat Icon