May 23, 2012
Guest post from Researcher Nick Hayes.
Chris and I recently published a report describing how to build risk and compliance principles into your company’s corporate culture. As we worked to finalize, edit, and publish the report, a flurry of new corporate scandals emerged, all related to this topic.
Here are just a few of them:
- Wal-Mart executives accused of trying to hush up bribery cases in Mexico (article here).
- A whistleblower accuses Infosys of engaging in a systematic practice of visa fraud (article here).
- A former Goldman Sachs employee writes an op-ed for the New York Times blasting the company’s ethics (article here).
- JP Morgan suffers a $2 billion trading loss due to “poorly monitored” trades (article here).
What’s the common theme? The financial, reputational, regulatory, and operational risks related to poor employee behavior are massive, and often overlooked.
To avoid seeing your company become the next on this list, make sure your strategy includes a focus on building the right corporate culture, one that’s based on sound compliance and risk management principles. This requires more than just implementing tighter internal controls and policies; it means getting your entire workforce to intuitively know how to act, even when no one is watching – it means influencing your workforce’s underlying assumptions.
You should work to infuse these principles into all corporate functions using a strong mix of policies, incentives, enforcement, and numerous communication channels; then reinforce all of these with a strong, consistent “tone-at-the-top.” The benefits extend beyond risk reduction. In fact, the most ethical companies tend to fare better in investor returns than the S&P 500.
Forrester identified five best practices critical to establishing the right risk and compliance culture; we recommend you take a look.
- business transformation & organizational change management
- governance risk & compliance (GRC)
- security & risk