OnPoint - ethics thoughts from David Childers

Evaluating Your GRC Program’s Effectiveness

noreply@blogger.com (David Childers) — Tue, 08 Mar 2011 22:35:00 +0000

Last week I traveled to Houston to be a part of the SCCE’s 2011 Utilities, Energy Compliance & Ethics Conference. While there, I was fortunate to host a panel discussion with three great compliance professionals representing Schlumberger, ConocoPhillips and Chesapeake Energy for an audience of compliance professionals in the energy industry. During our presentation and following discussion, I was able to electronically survey the audience to learn where they stood on the questions we were discussing as a panel.

Four questions were asked. Each was designed to capture a general understanding from the utilities & energy audience’s perspective and was not intended to be statistically relevant. What we anonymously collected was a frank internal perspective on how they view their current GRC programs.

The multiple choice questions and results are as follows:

Where do you believe your company’s compliance program is in terms of maturity and effectiveness?

No one in the room believed that they had an “optimized” program and most considered their program “a work in progress.”

What drives your desire to assess your program’s overall effectiveness?

While the operational and regulatory risks represented the majority of thoughts in the room, it was great to see 22% of the audience acknowledge that a well-functioning GRC program is, simply, good for business.

What is the biggest hurdle you faced, or are facing, while developing your compliance program?

Tracking consistently with recent surveys I’ve read regarding GRC funding availability in 2011 the lack of “financial support” was not considered a significant hurdle. The “lack of resources” was presented as a combination of “people, process & technology” available to the compliance organization. When the survey results were shown, I asked if “organizational complexity” was a new problem and learned that keeping abreast of employee count, geographies served, number of business units and sub-contractors utilized has long been the most daunting task for this audience.

How are you currently managing your compliance matters?

No real surprises here. This information tracks with several of the recent surveys that state more than 50% of compliance professional operate with off the shelf, or limited tools, to manage their compliance programs.

As the discussion continued, a number of people in the audience engaged with the panel around other GRC-related concerns. They included the transition of the Federal Energy Regulatory Commission (FERC) from regulatory agency to enforcement agency as well as the continued expansion (and conflicts) of global regulatory mandates. FERC concerns are not limited to energy and utility organizations, as most regulatory agencies have moved to an enforcement model. Both concerns underscore the need for a comprehensive compliance program that transcends traditional Enterprise Risk Management (ERM). Successful programs allow organizations to broadly collect and analyze data on their current state of affairs. I have been evangelizing transparency into operational risk events for the past five years because working from the actual risks you face versus the perceived risk you think you might face not only illustrates an effective risk and compliance program, it is simply good for business.

If you had been in the audience in Houston, how would you have respond to the survey about your organization’s compliance program effectiveness?

Recent Changes to the UK Bribery Act Parameters

noreply@blogger.com (David Childers) — Thu, 03 Mar 2011 00:02:00 +0000

Monday's Daily Telegraph in London disclosed that the Act will loosen its grip on corporate hospitality, be more understanding with facilitation payments – as long as the payments are not considered “serious” – and extends plausible deniability to companies who find themselves involved in questionable joint ventures.

We are still waiting to see how the Ministry of Justice and SFO will outline the adequate procedures, but they are heading in the right direction. These recent adjustments will enable multinational companies with UK interests to operate rationally without eminent fear of retribution.

The UK Bribery Act – Hurry Up and Wait

noreply@blogger.com (David Childers) — Tue, 22 Feb 2011 19:05:00 +0000

For most multinational organizations the UK Bribery Act has caused a great deal of concern. Not totally dissimilar from the Foreign Corrupt Practices Act, it does have some unique differences such as disallowing facilitation payments and much broader jurisdictional reach. Organizations have accelerated their preparations only to be kept waiting for the official guidelines to be issued by the UK Serious Fraud Office. On February 2, 2011, the Serious Fraud Office announced that the twice delayed April 2011 effective date would now be sometime this “autumn.” This begs the question, why are we still waiting?

Do our colleagues across the pond really need help putting together the guidelines around defining bribery? Or establishing adequate procedures to mitigate bribery and corruption? Riddle me this…we are talking about a concept that is as old as Judas, and the US has been refining the Foreign Corrupt Practices Act (FCPA) for over thirty years! With an active FCPA “template” that has levied fines in the billions of dollars the past three years, developing the UK’s regulatory guidelines around bribery and corruption should not be this arduous. But do they really need the FCPA? The UK signed the anti-bribery convention – and has its language – in accordance with OECD more than 10 years ago. In my mind, there is no technical reason why the UK is having trouble developing a bribery policy.

But observers protest that is only half the problem– what about the defining the guardrails for adequacy in mitigation and potential injunctive relief? No good template you say? Au contraire! The US Sentencing Guidelines – and specifically Chapter 8 of the guidelines – have been around since 1991 and were revised again last year. So what is the hold up?

I could be a bit of an ugly American here and suggest that the Brits are simply distracted from the task and more consumed with high tea, Manchester United’s march to the EPL Championship, or preparing diligently for the Chelsea Flower Show than getting the Act fully promulgated. But my jest aside, this problem is completely political.

The reality is the change in government after the recent election and aggressive lobbying from UK business have created this delay. I have the utmost respect for Vivian Robinson, the General Counsel for the SFO. Robinson is bright, engaged and dedicated to the task. He knows what to do, but he must gain consensus in the UK government before announcing the guidelines. I will be moderating a panel in London the end of March where Robinson will be sharing his views. I sincerely look forward to learning from him and sharing with you after our meeting.

So let me turn the tables. What is keeping corporations who do business in England, Ireland and Scotland from taking appropriate steps to mitigate their impending risk? Multinational companies who contend with FCPA are already 95% compliant. Most do a good job of defining appropriate facilitation payments and controlling them. All indications are that the SFO will be logical with their view to these payments. But what is keeping the rest of these companies doing business in the region, especially the ones who comprise the “extended enterprise” of most multinationals, sitting on the sideline?

The writing on the wall is clear, but it seems that unfortunately we continue to confuse good business practice with regulatory requirement. Mitigation of bribery and corruption is good for business and good for the global economy. So, in my opinion, it is time to do what is right – even without a looming legal mandate.

Does anyone else share my opinion?

French Rules on Whistleblower Hotlines are Changing

noreply@blogger.com (David Childers) — Tue, 01 Feb 2011 20:14:00 +0000

As many of you operating globally know, the laws and regulations in differing countries can prove tricky to navigate. There have been changes recently in the way an organization can operate whistleblower hotlines in France that will be of interest to our multinational clients. In October 2010, the Commission nationale de l'informatique et des libertés (or CNIL), the French data privacy regulatory body, amended the “single authorization” method for whistleblower hotlines. The amendments included both a clarification and broadening of the scope of acceptable issues organizations can receive through the hotline and still be in compliance with the single authorization.

The October amendments removed the ability to capture issues of “vital interests [to] the company or moral or physical integrity of the employees.” However, the CNIL did broaden the scope of reportable issue types to include issues related to anti-competition practices, Sarbanes-Oxley and Japanese SOX. Accordingly, the CNIL clarified that the single authorization method will allow reporting on all of the following: finance/accounting, banking, fight against corruption, anti-competitive practices and compliance with Section 301(4) of the Sarbanes-Oxley Act and the Japanese Financial Instruments and Exchange Act.

An organization has six (6) months (beginning December 8, 2010) to modify their system to be in line with these new single authorization rules, or apply for formal consideration of their hotline through the CNIL. Operation of a whistleblower hotline outside the scope of the single authorization or without formal approval from the CNIL on a broader scope, puts organizations at risk for criminal sanctions and hefty fines. These criminal sanctions and fines may be issued by the CNIL and the French courts have the authority, in civil litigation, to multiply these sanctions up to 5 times.

For more information, please see the following from the IAPP (requires membership in IAPP to access). Or this article from the Global Regulatory Enforcement Law Blog.

Dodd-Frank Section 922

noreply@blogger.com (David Childers) — Tue, 09 Nov 2010 23:56:00 +0000

The governance, risk and compliance (GRC) industry has worked hard over the past six years to help corporate America implement effective ethics and compliance programs. GRC procedures have become part of the viable business processes that drive decision making at the highest level of most public corporations.

In response to the most recent financial meltdown, the US Government introduced the Dodd-Frank Act. The critical task for the Dodd-Frank Act is to address the increasing propensity of the financial sector to put the entire system at risk to eventually be bailed out at taxpayer expense. In doing so, it attempts to: identify and regulate systemic risk, propose an end to too-big-to-fail, expand the responsibility and authority of the Federal Reserve, restrict discretionary regulatory interventions, reinstate a limited form of Glass-Steagall (the Volcker Rule) and regulate the transparency of derivatives. As part of the identification and regulation of systematic risk, the Act's Section 922 attempts to protect, encourage and incent whistleblowers to come forward, a tactic that could have decreased the risk of the impending meltdown had whistleblower claims been adequately explored in the years previous.

Dodd-Frank section 922 mandates the establishment of a government-sponsored program to pay awards of up to 30 percent to eligible whistleblowers who voluntarily provide original information about potential securities law violations that lead to sanctions of $1 million or more. While solidifying the value of corporate whistleblowers is certainly important, the requirement potentially undermines the value of internal ethics & compliance departments. This process will create profitable association with the voicing of ethical violations and therefore competition for this vital information. The question then becomes, “How is an internal department expected to keep pace with the promise of millions of dollars in reward money from the SEC?”

As a tax payer, investor, business leader and responsible corporate citizen, I fully appreciate the need for the regulatory environment to evolve in order to protect the stakeholders. Financial fraud has run amok and no one wants a continuation of the current economic turmoil due to deceit performed by the few, but impacting the many. Whistleblower provisions should help protect those bringing misconduct or neglect to light, but provisions under Section 922 tacitly bypass companies who are working diligently to preserve open channels to report wrongdoing internally and create competition to externally report without the careful exploration and care that would be provided by the company itself.

If this appears to be a plea to decrease the avenues open to whistleblowers, consider this: all public entities are under consent decree to report any allegations of wrongdoing, so the corporation is legally bound to be the first reporter of accusations of ethics & compliance violations to the Federal Government already. However, accusations made by whistleblowers under Section 922 are public record, meaning that every complaint lodged with the SEC is publicly available when it’s filed, whether valid or not.

Not only does Dodd-Frank create a competition between the internal compliance department and the whistleblowers to be the "original" reporter of the violation to the SEC (another existing regulatory requirement), but this information also allows Wall Street to react to reported violations without the benefit of due process. Historically the number of whistle blowing complaints that are maliciously filed have been very low. Internal ethics and compliance departments investigate all allegations, and report wrongdoing when they move beyond the allegation phase to a valid complaint. Hard working compliance and legal officers diligently protect their companies and officers from these reports from achieving their intentional harm.

Remember, under Dodd-Frank whistleblowers are under no obligation to report to the ethics and compliance departments before taking their complaints to the SEC. Wall Street has never reacted well to good governance. Good governance requires transparency and Wall Street tends to react to the false perception of risk created by allegations - regardless of proven conduct. It remains to be seen how the SEC will answer these questions and concerns; they are currently taking comment on the whistleblower provisions and a final decision is expected in April 2011. In the meantime, we continue advising clients on the most robust programs to increase trust and dialogues internally.

Vehicles and Venues

noreply@blogger.com (David Childers) — Fri, 03 Sep 2010 17:01:00 +0000

Today, we are beginning a newsletter at EthicsPoint – send us your email to be added here - where we hope to keep clients better informed of informational and educational opportunities along with company and industry news and this is meant to be a kind of introduction. Likely the best way to do so is outlining the elemental shift in EthicsPoint’s strategy that’s occurred over the past year. While we have historically offered a hotline and case management solution, fundamentally we’ve always felt we were an awareness company – helping customers gain insight into the risks facing their operations through the effective collection, management and analysis of reported issues. As customer needs from a GRC perspective have changed, we’re changing with them – by providing solutions to specific business problems, such as complying with anti-fraud legislation like the Foreign Corrupt Practices and UK Bribery Acts, mitigating the risk posed by third-parties within supply chains, gaining deeper insight into the actual vs. perceived risks throughout your operations, etc.

To that end, we successfully made two acquisitions earlier this year and are close to assimilating both software solutions into our core framework. These acquisitions mark the expansion of our services, providing customers with more robust analytical, tracking and reporting tools, the first of which will be showcased at SCCE’s 2010 Compliance & Ethics Institute in Chicago on Sept 12-15. We’ll be in booth #200, we’d enjoy seeing you stop by for a demonstration!

From the outside it may be hard to perceive the changes we’re continually making at EthicsPoint, but we aim to constantly improve for both our customers and the industry. As always, we welcome your feedback so please feel free to contact me with comments and/or suggestions.

Three Things I Know

noreply@blogger.com (David Childers) — Fri, 28 May 2010 18:31:00 +0000

There aren’t too many weeks in the year that I’m not out speaking somewhere on the importance of integrity in the workplace or sharing benchmark and other statistical data on the risks faced by organizations around the world. These past two weeks were no exception. On May 17th, I traveled to London to attend the Society of Corporate Compliance and Ethics’ (SCCE) conference on “Managing Third Party Anti-Corruption, Compliance and Ethics Risk.” And this past Monday, EthicsPoint hosted a breakfast on the recently passed UK Bribery Act in which we were extremely fortunate to have Vivian Robinson of England’s Serious Fraud Office and Neill Blundell a partner with Eversheds as additional speakers. The event had an incredible turnout of over 100 senior executives from the London area.

Lately, I have been beginning my speaking engagements with the “three things I know.” The first thing I know is that the level of regulations and regulatory pressure on organizations around the world is constantly increasing. The second is that this constant influx of new rules, laws and guidelines makes it very difficult for a multi-national firm because many of these requirements are in conflict. For example, Sarbanes Oxley requires any company listed on a US stock exchange to have an anonymous whistleblowing mechanism for reporting misconduct. However, these types of systems are illegal in Spain and Portugal - this is just one example and unfortunately there are many, many more. The third thing I know is that every regulatory agency has shifted their focus from writing these guidelines to enforcing them with a vengeance - the monetary fines associated with regulatory non-compliance are often upwards of hundreds of millions and can even include jail time for culpable individuals.

This April, the United Kingdom passed the Bribery Act. While similar to the Foreign Corrupt Practices Act (FCPA) in the United States, the jurisdictional reach and view of facilitation payments (legal under the FCPA) is considered bribery under the Bribery Act. This presents a significant conflict between these two Acts.

While addressing the audience in London, I couldn’t help but think it was 2002 all over again, when we were just learning about the potential impact of SOX and the mountain of undefined work ahead of us. Based on the very broad jurisdictional reach of the Bribery Act, a UK company, as well as any non-UK company that conducts business in the country will fall under the scrutiny of the Serious Fraud Office – this provision certainly provides for a great deal of anxiety for obvious reasons.

I had the opportunity to have lunch with Neill following the session and he told me that his multinational clients, especially those from the US, had no real fear of the Bribery Act. This lack of alarm may stem from the fact that companies have become desensitized by the onslaught of regulatory pressures and view the Bribery Act as just one more requirement. On the other hand, the Brits, who have never seen such enforcement, do indeed harbor serious fear, uncertainty and doubt (FUD). The FUD surrounding Sarbanes generated three years of “full employment and empowerment for all US legal and accounting firms” - no doubt it will have a similar affect in the UK.

In 2004, I had the privilege to work with some very bright and dedicated people while helping to craft the original Open Compliance and Ethics Group (OCEG) Red Book guidelines for Sarbanes compliance, I therefore feel I have a solid understanding of what needs to occur in the UK. I have tried to boil it down and I am in the process of completing a white paper on the “Ten Simple Steps to UK Bribery Act Compliance.”

These 10 simplified steps are as follows:

1. Assign an individual the authority and responsibility to understand and address the requirements of the Bribery Act and if/how they apply to your organization

2. Assess and prioritize your risks

a. Look for potential impact areas and stakeholders
b. Devise your organization’s “risk profile” and understand how to apply your organizations unique sensitivities to risk

3. Create, gain approval and communicate your strategy for reacting to these risks

4. Review, revise or create a Code of Conduct that includes all salient requirements of the risk and regulatory requirements your organization faces

a. Build a separate code specifically for vendors, suppliers and agents
b. Don’t overlook the impact of reputational risk when crafting a Code of Conduct

5. Review, revise and train to the policies, procedures and guidelines that support the principles contained in your Code of Conduct

6. Ensure you have a proven and effective means for gaining stakeholder feedback

a. Track “open door policy” communication
b. Create an “alert criteria” for exit interviews
c. Have a publicized and visible “whistleblowing” system

7. Workflow Consistency is the key to the Serious Fraud Office’s satisfaction with your solution

a. Triage all reports according to the same check list
b. Investigate reports of misconduct following a standard workflow
c. Ensure resolution and adjudication is consistent across your geographies
d. Have a system to audit and monitor all the above

8. Create or extend your internal controls to ensure compliance with policies, procedures and guidelines that support the Act

9. Report regularly on the status and impact of your compliance solution

a. Develop incident and trending reports
b. Foster Board of Director access and awareness
c. Publish sanitized reports of misconduct as training aids to your stakeholders

10. Review all of these processes at least once a year and refine any and all that can be improved or enhanced

These steps are merely the product of my experience and are an extrapolation of the Seven Essential Elements found in Chapter 8 of the US Federal Sentencing Guidelines and the OECD Guidelines for Multinational Enterprises. Since 1991, the US Sentencing Commission has worked to revise these guidelines and provide organizations an instruction manual to help mitigate the risk of prosecution. These guidelines have been revised in 2003, 2007 and are currently under review for revision once again in 2010. Our friends across the pond will do well to study these “essential elements” and learn from the mistakes we made formulating a strategy of compliance.

27625 The UK Bribery Act

noreply@blogger.com (David Childers) — Mon, 17 May 2010 22:57:00 +0000

I’ve been on an airplane quite a bit these past few weeks and this last week was no exception. The Conference Board of Canada was kind enough to invite me to address their Corporate Ethics Membership Council in Vancouver and on my return flight I was able to catch up on some reading. We have a few analysts on our EthicsPoint team and one supports me by looking at hundreds of websites and blogs that address trends in our industry and passing on the most important or informative of these for my review.

In all honesty, it is a necessity. I couldn’t possibly do what I do without Bryan keeping me “in the know” with information from a variety of sources. I read hundreds of pages a week on new developments which means that he must read thousands. (Note to self: remember to say thank you more often.)

Looking through this week’s folder, I found a tremendous amount of detail surrounding the new UK Bribery Act. The Bribery Act is the companion regulation, if you will, to the United States’ 33 year-old Foreign Corrupt Practices Act (FCPA). The Bribery Act has not yet been fully promulgated by England’s Secretary of State, but the hand-writing is clearly on the wall.

The Bribery Act extends its reach far beyond the FCPA and as it is currently written should send shivers down the spine of every multinational company with operations or sales in the United Kingdom. It does not just deal with corporations, it also empowers the Serious Fraud Office to set fines and demand jail time for individuals associated with answerable organizations, corporate managers & officers and even board directors. Like the FCPA, the Bribery Act also makes organizations responsible for the actions of their vendors, suppliers and agents.

However, the Bribery Act goes further than the FCPA in other areas as well, such as rejecting facilitation payments as acceptable behavior- this will be important to watch how this conflict of opinion plays out. Facilitation payments are payments for services or positioning to which you are entitled. For example, suppose your passport has expired and you need to travel immediately. You can fly to a passport office and stand in line to get an expedited passport, or you can overnight your information and pay $300 to a “facilitator” who will immediately furnish the passport you were entitled to receive. Under the FCPA, this type of payment is fine but the Bribery Act deems it as bribery.

The territorial reach of the Bribery Act is also broader than that of the FCPA. The US Department of Justice’s (DOJ) involvement is somewhat restricted and requires local cooperation. However, under the Bribery Act, even if a company “conducts business” in the UK, the Serious Fraud Office (SFO) has the jurisdiction to take a primary position in punishing organizations for misconduct.

As concerning as this jurisdictional reach may be, I began to realize that the typical fines imposed as a result of a bribery violation are ‘chump change’ when compared to the other related costs. For example, Daimler paid a combined $185 million dollar fine for bribery and improper influence. A tidy sum, but they reportedly paid over $400 million in additional legal and accounting support. This realization was an inflection point for me. It isn’t just the fines but also the related costs and business distractions associated with these types of violations that organizations should be concerned about.

To make matters worse, just as we saw with Sections 404 and 302 within the Sarbanes-Oxley Act, the oppressive fines, fees and reprioritization of management time do not discriminate between small to mid-sized businesses and larger corporations. Therefore, the 3 to 4 times expense ratio for legal and accounting fees to support the actual fine amount are the norm. This total magnitude is far more impactful and injurious to a small organization when you consider it as a percentage of EBIT.

There is hope, however. The Bribery Act and FCPA are mandates that can be mitigated, but it takes an acute understanding of the risks associated to the individual organization, a demonstrated plan of action to minimize these risks and an audit trail that the organization is walking the talk. The Federal Sentencing Guidelines established a direct link between the ‘Seven Essential Elements’ contained within Chapter Eight of the Guidelines and mitigation. I have long been both a student and believer of these seven elements and the mitigation value they hold for organizations.

This is a big proactive bill to fill (pun intended), but when you consider the financial and reputational consequences and damages, it is the most cost effective and prudent position for an organization to take.

What do you think?

Another Sh*tty Deal

noreply@blogger.com (David Childers) — Fri, 30 Apr 2010 18:46:00 +0000

For the past few days I’ve been following the news surrounding the testimony of Goldman Sachs executives before a Senate panel investigating the investment bank’s role in the financial crisis. Wow! If you haven’t followed this crazy ride, the transcripts from the hearings can be found all over the web and while there are still more questions than answers, it points to a major disconnect in our capital system.

The dialog is almost comical. Certain lawmakers compared the bank’s mortgage bankers to bookies – with the senator from Nevada further expressing his displeasure by saying, “Bookies have more ethics than Goldman.” Senator Carl Levin asked repeatedly why Goldman Sachs sold securities that their internal emails called “really sh*tty deals.” If the frauds perpetrated here weren’t so frustrating and disheartening, the dialog would make Lenny Bruce laugh out loud. Levin used the term “sh*tty” 11 times in one set of questions and began to ask the Goldman executives if they could define degrees of “sh*tty” in the deals they promoted.

Levin also asked Daniel Sparks, who ran the bank’s mortgage unit at the time, “How about the fact that you sold hundreds of millions of that deal after your people knew it was a sh*tty deal. Does that bother you at all?” While there was a great deal of polite posturing by Mr. Sparks, the apparent unspoken answer was not only “No”, but “Hell No!” Other questions related to Goldman’s “moral obligation” or “duty of care toward the best interest of the client” also received a “yeah, not so much…” response - really scary and sickening.

This past Monday I had the pleasure to be in New York for McGraw Hill’s publication premier of Buffett's Bites: The Essential Investor's Guide to Warren Buffett's Shareholder Letters. Buffett’s Bites is a stellar book written by a good friend of mine, LJ Rittenhouse. Rittenhouse has been fighting for transparency and improved corporate communication for years. She helps CEO’s formulate their shareholder letters and has created a very interesting ranking based on the candor, or lack thereof, found in many CEO letters. Rittenhouse recognized that Buffett’s letters are his legacy. As you read these letters, you realize his demand for an appropriate use of capital and you begin to understand the core of his investment philosophy.

Rittenhouse blogged early on about the 2009 Goldman shareholder letter and sensed there was trouble in River City. She was right - but I have learned she generally is. By looking at the word choices and the vocabulary utilized in shareholder letters, Rittenhouse has proven a correlation between the amount of “fog” in a letter and downstream share value.

Later that night at dinner with friends and colleagues, Goldman was one of the topics of conversation - at the end of the night we all shared a collective sigh of disgust and cynicism. The problem is clear. The dollars associated with making the deal are worth more than the value of the deal. Therefore, there is no duty of care or moral responsibility to the investor – and, if it is a “sh*tty deal”, the deal maker just invests in derivatives that bet against the deal so they make money when the deal tanks.

Senator Levin summed it up when he said, “You shouldn't be selling junk. You shouldn't be selling crap. You shouldn't be betting against your own customer at the same time you're selling to them." While not as a direct response, Goldman Sachs CEO Lloyd Blankfein indignantly expressed that clients who bought subprime mortgage securities from Goldman in 2006 and 2007 came looking for risk "and that's what they got."

Although we were at dinner to celebrate Mr. Buffett’s letters, it was another Buffett, Jimmy, whose words we sought for solace. “We need more fruitcakes in this world and less bakers! We need people that care! I'm mad as hell! and I don't want to take it anymore!" ...

Self-Governance, An Abstract Concept.......

noreply@blogger.com (David Childers) — Tue, 20 Apr 2010 19:29:00 +0000

Satellite technology is a wonderful thing. While traveling to Dallas this past Sunday, I was able to watch the Verizon Heritage golf tournament live from my coach seat on Continental Airlines. It was a particularly tight match - by the 10th hole, three players were in close contention for the championship. In professional golf, there are significant spoils to the winner. In this particular event, the winner received $1.03 million and second place received a paltry $616 thousand - with the dollars falling off to where 60th place made just over $11 thousand. This doesn’t even take into consideration the value of the FedEx Cup points, but I digress.

Going into the 18th hole, tournament leader Jim Furyk held a one stroke advantage over his playing partner Brian Davis. On the 18th, Davis hit a combination of great shots and tied the tournament with a birdie - at the end of regulation both players were tied at 13 under par and a sudden death playoff ensued. The Verizon Heritage golf course is one of the most precise courses on the PGA tour. The fairways are narrow, the greens are small, the bunkers and trees are large and the wind is brutal. The course was actually carved from a swamp and the remnants of reeds and undergrowth still abound.

As the players engaged the first hole of the sudden death playoff, Furyk’s second shot landed safely on the green about 30-40 feet from the pin. I’ve learned to never underestimate the prowess of professional golfers, but this clearly set up Furyk for a “Hail Mary” birdie putt to win. Davis’ second shot approached the green but caught the greenside bunker. The commentators expected the playoff to continue to the next hole - anticipating Furyk to 2-putt for par and Davis to successfully get “up and down” from the bunker for a similar par. Then something totally unique to golf occurred.

Immediately after hitting his bunker shot, Davis called a penalty on himself. In real time, no one saw his miniscule mistake, but the world collectively groaned as the TV replay showed his sand wedge ever so slightly tap a reed twig laying in the bunker on his backswing. The rule is clear, moving a twig in a bunker is against the rules, and Davis knew he had broken it. After a very painful five or six minute interval of muffled dialog and continuous TV replay of the infraction, the PGA rules officials confirmed it was a two stroke penalty – Furyk wins. After this righteous display of “self-governance” by Davis, I looked up this term on Wikipedia which classified it as an “abstract concept.”

My golfing partners and I play reasonably well, but not anywhere close to the level of the pros. In my group of 14-16 handicappers we don’t hold ourselves to this level of rule scrutiny, in fact, a foot wedge is one of the most commonly used clubs in our bag. We generally consider being in the rough punishment enough, so if your ball lands in a divot you get to move it out. After all, we aren’t playing for a million dollars.

As I continued my airborne journey, it just so happened I was on a connecting flight with a PGA official so I asked his opinion on the matter. He said something that made me think – “This is what makes golf special.” I couldn’t agree more, so when I got to the hotel I looked up how often this situation has occurred. The most extraordinary example of self-governance in professional golf was the 2008 self-disqualification of golfer J.P. Hayes. Hayes played a non-conforming (illegal) golf ball by mistake for one hole of a PGA Tour qualifying event in Texas.

Hayes subsequently disqualified himself from the tournament which made him ineligible to play fulltime on the PGA Tour in 2009. What an incredible example this sets for those of us who honor the game and struggle to get better. I then began to think. Wouldn’t it be great if the top corporations, the ones that I aspire to model EthicsPoint after, held themselves to this level of scrutiny?

I then recalled the complaints from many of my peers that the Sarbanes-Oxley guidelines and regulations under Section 404 were too onerous for small corporations. The smaller, less established corporations didn’t have the revenue to support these requirements. It was estimated that 404 controls cost $3-8 million to manage regardless if your company generated $1 million or $100 billion. Thankfully this law has been changed.

Just like the rules of golf are more appropriate for the pros, the 404 SOX controls were more appropriate for very large corporations, but tedious and overly burdensome to smaller organizations.

But back to self-governance. Why is it that we see the Enron’s of the world as the poster children for greed and deceit when they should be the shining example for self-governance? I could pontificate for another 1000 words on the why and what I think they should do, but I am more interested in what you think?

A Life Well Lived

noreply@blogger.com (David Childers) — Tue, 13 Apr 2010 20:16:00 +0000

A couple of weeks ago I received a call in the wee hours of the morning that I had been dreading for months. My good friend and cousin called to tell me that his dad, my uncle, Howard Glenn “Jiggs” Childers had passed away at the age of 89. His health had been slowly deteriorating for several months and I knew it was just a matter of time before he succumbed. I share this story with you only because I think there is a message here we need to embrace.

During childhood and even into my 20’s and 30’s, my uncle’s children, grandchildren, siblings and other extended family complained about his controlling nature. They complained about his demanding personality and brutal honesty when you wandered outside his scope of approval. People would also comment that he never got his hands dirty – but as it turns out it wasn’t because he was lazy, it was because he insisted on orchestrating the tasks and organizing the projects.

He had an eye for detail, a sharp pencil when negotiating terms and a soft heart for any project that improved his community. He also loved the land. Many of you know that my parents were first generation ‘off the farm’ – both my dad and uncle were born in a 3-room house on the acreage their father farmed. I am proud to say, like my father, my uncle never forgot his roots. He was grounded by the land and the majesty of nature.

I flew to Oklahoma for the funeral and was immediately immersed with family, many of whom I had not seen since my dad’s funeral in 2007. I come from a big family and when you have a big family there tends to be a lot of bickering and strife. That wasn’t the case on this day. Everyone was there to honor my uncle who we recognized had touched each of our lives.

By the time I got to the service, it was apparent my uncle had touched the lives of many people. The 750+ people in attendance filled the neighborhood church, its gym and every other overflow area available - a truly amazing sight.

As the eulogies started I began to reflect on my uncle’s influence on my life. He was a man of integrity and insisted on honesty, fairness, love of God and family. He always put family first. As my peers began to express their sentiments I realized that what they were saying was true. During my 55 years on this Earth, I had never heard my uncle utter a harsh word – a stern word yes, but never in anger and always in love and directed at the best possible outcome for the situation. They spoke of his kindness and his compassion and how he made time for people and listened to their needs. The minster spoke of when he needed something done in the church – money, building, and supplies – he only needed to make one phone call. My uncle would tell him not to worry and the minister knew that someone would be calling soon to volunteer, provide the necessary items or discount their work to make it affordable for the church.

I also heard from every person I had grown up with who had so often criticized or bemoaned my uncle’s controlling nature and rigid expectations, acknowledge and appreciate his unwavering expectation of principled behavior. This day they spoke of how he had made them better and shaped them into who they were today. They also spoke as mature adults (most of us are 45+ today), of how his values and guidance had helped them formulate the way in which they shepherded their own families.

I began to reflect myself and I could only agree. I admired my uncle. His immediate family was just as idiosyncratic as mine, but they were tight and mutually supportive. They were all educated and had been provided the opportunity to excel. They each also carried a responsibility to serve their family, church of choice and community. I had a sobering moment because I realized these are character traits I demand from my six children and their spouses.

As the expressions of love and respect continued, I began to ponder and in fact question my own corporate leadership. I asked myself – am I demanding enough? Do I balk to be politically correct or “keep the peace”? Am I harsh with my tone or do I express my expectations with love and a calm firmness and set expectations that are both realistic and unwavering?

Then I began to reflect on what we do at EthicsPoint as compliance professionals. I realized we should set the same expectations for our organization – realistic and unwavering. I realized I worry too much about being loved in the moment and so I tread too softly when my management team fails to meet my expectations. Do you do the same in your company?

Have we become more concerned about turnover, morale, creating a “hip culture” or just avoiding the work it takes to stay the course instead of creating an unwavering expectation of principled based performance?

For me, I plan to dig deeper this year, work harder to inspire great leadership with my team and ensure that my values and expectations are visible and verbalized.

The Unintended Consequences of Sunshine Laws

noreply@blogger.com (David Childers) — Mon, 05 Apr 2010 23:55:00 +0000

Laws created to ensure the open review of government information on the local, state and federal level, such as the Freedom of Information Act, are a good thing. Typically referred to as sunshine laws, these requirements were designed to make previously inaccessible government information available to the public. These laws not only apply to government documentation, they also grant the public and media access to government meetings.

I’m a huge proponent of the public’s right to know and of transparency. However, some consideration must be given to what falls within the public’s right to know when it comes to an organization’s internal issues, especially when an issue is communicated to a supervisor, manager, HR professional or through an employee hotline or other method for anonymous reporting.

EthicsPoint operates reporting hotlines and delivers case management solutions to more than 2,300 clients around the world. Last year, we collected over 150,000 cases from both the hotline and our clients’ web-based report forms. An analysis of these cases shows that 15-18% were found to be frivolous or unfounded, e.g., a rant or a malicious attempt to cast doubt on a co-worker or manager, while 10-15% were immediately actionable and/or contained enough specifics to allow the case manager to quickly resolve the issue or concern. The remaining 70+%, however, required a certain degree of finesse, exploration and as much ‘art as science’ to reach a point of resolution.

Recently, a high school principal in Texas abruptly retired after learning he was under investigation for allegedly sexually harassing one of his staff. His actions are not the subject of my concern, by all appearances the school district was doing a great job of seeking information and investigating the validity of the allegations. However, what does concern me is the media’s open records request for any documents pertaining to the investigation under the auspices of open records laws.

The school district’s counsel has wisely requested an opinion from Texas’ Attorney General seeking exemption from producing the documents. In her request, the counsel stated the document(s) “contains highly intimate or embarrassing facts, which if publicized would be highly objectionable to a reasonable person, and the information contained in the report is not of legitimate concern to the public.”

In 2007, another Texas school district took an entirely different path. They suspended the use of their hotline and case management system to avoid the unnecessary scrutiny the state’s sunshine law had created. In this instance, the sunshine law created the opposite effect for which it was designed. The school district retreated and many of the proven tools used to mitigate fraud and abuse were abandoned. As a result, the school district’s interests weren’t served and the people charged with protecting the school district’s interests were technologically handicapped in their ongoing efforts.

This isn’t just a Texas phenomenon. In 2009, an Arizona reporter acknowledged – “Official action by government should be public and transparent. But I think the body politic suffers – in terms of competence, efficiency and effectiveness – by making our government employees work in a fish bowl. But these broad, sweeping public-records requests are clearly fishing expeditions, intended to harass and intimidate. And as such, they constitute a threat to the rule of law.”

So while I passionately believe in bringing visibility and transparency to the issues and events that pose risk to any organization, I also feel the unintended consequences of sunshine laws have the potential to dramatically limit accountability unless they are limited in scope. How do you feel about this and do you think that open information laws should have some governing guidelines in protecting privacy, relevance and appropriateness?

Play by the Rules?

noreply@blogger.com (David Childers) — Thu, 04 Mar 2010 04:09:00 +0000

For the past few years I’ve used every forum at my disposal to discuss the inequity of a rule-based environment. You can never have all the rules, and even if you try to have all the rules you ultimately end up with an exhaustive list of requirements that no one can understand or hope to follow.

Instead, I’m a huge believer in principle-based performance: Educate to values and integrity, establish clear guardrails and the “rules” for the most part will take care of themselves. The reality, however, is there are people who will choose to break a rule, push a line or tread on thin ice regardless of how much you instruct them otherwise.

One example of an organization that maintains too many rules is the NCAA. For the record, to the disdain of most of my children (Go Ducks!), I bleed crimson and gold. My youngest daughter graduated from the University of Spoiled Children (or USC) and during her four years in Los Angeles I found myself completely rooted within the Trojan family. So, like every other loyal Trojan, I’ve been avidly following the NCAA’s attempt to discredit the University of Southern California.

Bear in mind there is no allegation whatsoever that USC did not play by the NCAA’s rules. However, the NCAA claims that the family of former USC running back Reggie Bush sought and obtained virtually free housing in the Los Angeles area from an individual that had no direct affiliation with the university. In fact, there isn't even an allegation that any university officials or boosters were involved or even aware of the Bush family arrangement.

Just like many other universities, USC took all the necessary steps to educate players and their families on NCAA rules regarding improper behavior. This is essentially what is referred to as compliance training in the corporate world. The issue is that a player and his family, along with an agent, chose to break the rules – not the university. However, the university is somehow held accountable.

For those who’ve been reading my blog, you know I have been focused on the extension of compliance concepts to vendors, suppliers and agents because when they screw up it is the corporation who is found guilty – either in the courts or in the court of public opinion.

USC has been serving time in both of these “courts” lately. USC will likely be found guilty of a violation of something – because the NCAA unfortunately has enough major and minor rules to make this happen.

However, USC didn’t help its cause when it hired Lane Kiffin from the University of Tennessee as its new coach following the departure of Pete Carroll to the Seattle Sea-Chickens. Kiffin is no stranger to questionable behavior and he would not have been among my candidates for the job. According to the New York Times, in less than 14 months at Tennessee, Lane Kiffin committed six secondary violations and is under investigation for the use of student “hostesses” in recruiting. Three of Kiffin’s recruits were also dismissed from the team after they were arrested for armed robbery.

Despite promising that his number one priority at USC was to run a clean program, Kiffin has already committed a minor violation by picking up a USC recruit at the airport in a limo. I fly into LAX quite often and while limos may be an odd sight in Ann Arbor, they are pretty common in Los Angeles. I’m not saying what he did was right, I’m just trying to focus on the situational norms – not a bunch of rules. If Kiffin was trying to impress some kid by showing him the ‘So-Cal’ lifestyle, then Kiffin was in the wrong. If he just didn’t want to fight the traffic on I405 and wanted to talk to the kid along the route, what was the harm? Plenty. Kiffin knew what he was doing was wrong. The principle is “inappropriate influence” and he chose to ignore it.

I am not suggesting that if the NCAA gets rid of all of its rules that universities will automatically clean up their athletic programs. I am simply suggesting that all the silly little rules get in the way. Minor rules must be made for breaking otherwise they wouldn’t be classified as minor?! If the NCAA created and verbalized a clear set of guidelines to every stakeholder (coaches, players, athletic directors, boosters, agents and family members) and enforced them swiftly and fairly, then I think everyone would get the message.

I've been preparing this week for a talk I will give in a couple of months on gaming fraud – specifically focused on Native American casinos. What I have learned is that Native American gaming establishments are not unique and the fraud and abuses that are prevalent in Las Vegas are just as prevalent in Tulsa, Oklahoma. What I have also learned is that the sophistication and pride within Native American tribes makes a huge amount of difference in the volume of fraud-based activity. The tone from the Principal Chief and the value set by which the tribe members hold themselves accountable is the real measure by which you should begin to rank or rate the fraud potential.

It should be the same for college athletics. Coaches should set the tone and lead by example, and the alumni must remember that the true sense of winning in college athletics isn’t always measured by trophies or scoreboards.

College sports are dominated by the “what have you done for me lately" or "we need to win now" attitude. This can be likened to the sentiment in the corporate world which saw the downfall of Enron and the like, too much focus on short-term profits and not enough focus on long-term growth. Universities need to realize the eventual damage this attitude may inflict down the road if they don’t build a program based on integrity and principle-based performance.

Principle-Based Leadership: Setting the Tone

noreply@blogger.com (David Childers) — Mon, 22 Feb 2010 22:41:00 +0000

As a member of numerous web 2.0 forums, I oftentimes listen to esoteric rants and the splitting of hairs in the Governance, Risk and Compliance world. Every so often, however, I get the opportunity to read something that is refreshingly lucid.

All of us in the compliance world struggle with moving the needle and improving the “ethical quotient” of our organizations. For the last few years, I have come to believe it isn’t the “transformation” of people that is important, it is the tone from the top and the people you hire. Setting the tone and expectation of principled integrity for your organization and interjecting the right DNA into an organization can have a greater impact than any training program. When people are faced with an ethical dilemma they often turn to the example set by leadership or their co-workers. Having well-grounded individuals in your organization that embrace the organization’s goals and know the difference between right and wrong will prove invaluable.

Recent comments by Daniel Roberts of RAAS consulting made me take notice. Dan discussed the obituary of one of the translators at the Nuremberg War Crimes Tribunal and recounted this person's recollection of the interrogation of Rudolf Höss, the former head of Auschwitz. The translator asked Höss if he had ever sought to enrich himself off the Jews he was killing. Apparently Höss replied, "What kind of man do you think I am?"

This is the verbatim quote from Dan that sparked this post: “Ethics are defined by what we believe to be right and wrong. Höss was not living in an ethical vacuum, just in a place/time in which the ethics were so distorted from our understanding of the word as to earn him a place in history as one of the most loathsome humans ever. Yet he considered himself ethical.

Start by looking at the ethical norms or leadership and you will discover the ethical norms of the organization. An ethics program by itself is noise. It is the actual behaviors of leadership that matter. If they cover up inappropriate or even criminal behavior (seen it done), or simply refuse to truly investigate it (seen it done), punish those reporting the potential abuse (seen that done too), then all the ethics handbooks and programs are meaningless.”

Thanks Dan for reminding us that inspiring principled based performance and a sense of “presence,” not the issuance of rules and requirements, is how we will change our organizations.

Government Transparency: An Oxymoron

noreply@blogger.com (David Childers) — Wed, 17 Feb 2010 01:33:00 +0000

For almost a decade, EthicsPoint has provided software and services that help organizations gather, review and resolve issues and events that impact their operations. Most of these issues and events are risk factors that can dramatically affect confidence and share value or result in a serious monetary loss. At EthicsPoint, we provide services to a multitude of organizations from a variety of industries. But if you peel back the onion, you will notice that we service only a handful of municipalities and no government agencies, I’ve often wondered why that is.

I used to believe it was because EthicsPoint delivers its services in the “cloud” as a software-as-a-service provider and doesn’t provide a premise offering that can be put behind an organization’s firewall. But lately I have come to the conclusion that transparency and government -any government - simply doesn’t exist. For all practical intents, the US government became a venture capital company in 2009 and EthicsPoint does service several financial institutions. Therefore, I don’t believe it’s the function of the organization that dictates a lack of transparency, but rather something inherent in the way our government is run. As a tax payer this is frustrating to me.

I was a history major in college and looking back I don’t know if real transparency has ever existed in our government. The reasons for this lack of transparency may be varied, but the result has been the same. For instance, in the earliest days it was a literacy void and the general public’s inability to read helped support our representative form of government. Next, it was a genuine communication failure in reaching the populous due to distance and an unreliable “yellow” journalistic press. Then it was a protectionist view – because we couldn’t let the commies know what we were doing. Today it is just the “way things are done.”

It is somewhat akin to the situation of a plumber not showing up to your house and when you express your discontent to a co-worker she immediately understands and says, “Yeah, that’s just the way those guys are.” We’ve become so accustomed to bad government that we roll our eyes and say, “Yeah, that’s just the way those guys are.”

Several months ago I blogged about “hating the word Ethics” and repeatedly expressed that I personally had difficulty drawing a definitive ethical line when dealing with certain issues or events in the compliance world. Earlier this week, Mark Meaney, the number two man at the city of Chicago’s Office of Compliance, resigned amid allegations he mishandled an intern’s 2008 sexual harassment complaint against a top official at Chicago’s 911 emergency center. I had the opportunity to work with Mark and I personally find this hard to believe. He and his boss Tony Boswell had the very unenviable and daunting task of developing and running the compliance department for the city of Chicago.

The city of Chicago has been monitoring city hiring since the 2005 scandal that found a member of Mayor Daley’s staff guilty of rigging city hiring and promotions to benefit pro-Daley political workers. However, the city’s hiring monitor and other consultants have proven inefficient and, according to the Chicago Sun-Times, have cost Chicago taxpayers $6.2 million. It has also been reported the city’s hiring monitor has been accused of falsifying allegations of misconduct by Boswell and Meaney in order to discredit them and gain total control of the city’s hiring process. This is where that ethical line starts to blur.

The situation gets better or worse depending on your perspective. If you know anything about whistleblowing, it is the responsibility of the compliance officer to protect the organization from any “retribution” resulting from an individual coming forward. The ethical line blurs even further once you know the 911 center official in question is a high-ranking deputy who was stripped of his responsibilities in 2008 after blowing the whistle on alleged contract irregularities involving Motorola that cost taxpayers $2.25 million.

Mark’s quote in the Sun Times says it all. “It was a privilege to have been part of something that had never been tried before; corporate-style compliance in municipal government…Mayor Daley should be applauded in his efforts at true reform. Unfortunately, fear and blame seem to be winning over culture change. I return to the private sector with no regrets for having spent the last two years working with some of the best public servants anywhere.”

What a twisted web. You have heard me say many times the role of a compliance officer is not black and white. The role requires discernment and often a balancing act of issues that would make Solomon shudder. This is no different in government or the private sector. Let’s consider for a moment that the evidence in this case is inconclusive (let me be clear that I have no inside information on this matter). Yes, there is an accusation but it is difficult to fully substantiate. There are multiple variables in play and the subject of the investigation is a person who “blew the whistle.” Appropriately, you might have some trepidation that the accusations could be retaliatory. So I ask you – what would you do?

I like Mike and Tony, which makes this difficult for me. It upsets me that in the public sector what some members of government say in front of a microphone, even for their own benefit or gain, often shapes the court of public opinion, and good guys pay the price.

Global Sourcing: The Next Level of Risk

noreply@blogger.com (David Childers) — Wed, 10 Feb 2010 18:16:00 +0000

As I mentioned in my last posting, the Justice Department is becoming more serious about Foreign Corrupt Practices Act (FCPA) enforcement and the recent sting operation in Las Vegas certainly reflects the hard-line, somewhat insidious, strategy of their new playbook. While the indictments involved individuals in the defense/arms industry, I expect enforcement to increase across many industries.

Aside from the recent events foreboding stricter enforcement, some of my peers are also predicting a surge in activity. For example, a former US Attorney assured me this sting was only the beginning and that two more will emerge in the coming months. Dan Karson, an executive managing director for Kroll, said the recent sting operation has “sent chills” down the spine of small and mid-sized businesses who may have falsely hoped the Justice Department’s interest in FCPA was reserved for global Fortune 500 companies.

This increasing level of FCPA enforcement has major implications for companies and how they choose supply chain partners. In the past, a partner’s misconduct may have impacted the organization but didn’t necessarily come with the immediate publicity and massive fines experienced today. This is why companies who never considered making the investment are now starting to consider extending their internal compliance expectations and training throughout their supply chain. Cultural and language barriers aside, this remains a daunting task.

Global sourcing relationships have always been about trust and service – but this is new territory that stretches the boundaries of these relationships. The two most important factors in mitigating an FCPA violation in this instance are selecting the right vendor, supplier or agent from the start and developing a process that ensures transparency. I will be writing much more on this topic as the year moves forward. Let me know what you think – can you expect a vendor, supplier or agent to act in accordance with a company’s compliance policies, procedures and guidelines?

Back in the Saddle

noreply@blogger.com (David Childers) — Fri, 22 Jan 2010 20:10:00 +0000

This past year was a difficult one for most companies. I am happy to say that EthicsPoint not only survived but thrived during one of the worst economic periods in recent memory. But the work load to succeed took its toll and my conversation with you suffered.

To all of you who took the time to link into my blog last year, I want to reiterate how much I enjoy sharing my thoughts in a blog format and that I am dedicating the time and discipline this year to be attentive to this dialog.

My blog will soon take on some new dynamics. I also have one of our analysts working with me to ensure I remain current and vocal around the important topics in GRC. A new section of my blog site will be dedicated to monitoring important legislation or regulations. There are many new areas of fraud and risk evolving and the compliance emphasis on FCPA, supply chain management and green initiatives is growing exponentially. I hope to keep current on each of these and share my thinking both here and thru Twitter.

This past week the FBI showed that it was serious about FCPA enforcement. Their sting efforts were very effective. Dan Karson of our partner Kroll Worldwide said in a recent article,“This [sting] has sent a chill down the back of a lot of companies…Mainstream companies, not just from the defense industry, are now wondering, 'Am I at risk?'” I have been suggesting for months that small and midsized companies need to better understand their supply chain and extend their compliance programs to these stakeholders. With these new "rules of engagement" the risk level within supply chains just moved to a new DEFCON level.

More comments to follow and please comment and tell me what you think.

Can Web 2.0 rekindle America’s love affair with the automobile?

noreply@blogger.com (David Childers) — Thu, 30 Apr 2009 19:11:00 +0000

As many of you know I made the decision to go back to school this year and have been attending an extended learning program at MIT Sloan School of Business. I have my quarterly meeting in Cambridge coming up and was reading through my assigned case studies this weekend. One of the readings concerned a supply chain situation at Ford that was taken from events earlier this decade. I don’t know if the professor was looking to evoke this line of thinking, but I started wondering if the automobile world could transform itself and convert to the Dell distribution model. So while this is outside the realm of my normal blog topics I am hoping to leverage this forum to get some quick feedback for this zany idea.

The Dell Direct Model has been very successful from a supply chain and margin contribution perspective. Dell Direct is a business model that eliminates the traditional distribution channel and goes directly to the consumer. Traditionally, as is in the case of Ford and others, there is a supply chain that supports the manufacturer (the “brand”); the finished goods are shipped to a variety of distribution outlets and the consumer selects a branded product from one or more of these outlets.

Dell broke this model by using a Web 2.0 enabled business model that removed the traditional hardware distributors and opened a line of communication directly with their customers. They also ensured/marketed that the computers they sold would be customized for each client and delivered to their home. They built a website with a well defined on-line configurator and allowed the consumer to craft the PC of their choice.

Stick with me – I know this may sound crazy, but with the automobile industry in chaos-wouldn’t this model work for cars just as it has for computers?

One of the many problems with the auto industry is over supply. In 2008 manufacturers had the capacity to make 17 million cars annually to support a 10 million domestic car demand. The current cost-to-market structure and low margin of profit per vehicle has collectively rendered auto company business plans not successful at the 10 million vehicles sold rate. Regrettably, the industry has continued to blindly build significantly more than 10 million cars, go deeper in debt and is now financially and credibility bankrupt.

By changing their go-to-market strategy Dell proved they could derive stronger margins, control their inventory costs and nurture a very satisfied consumer base. So what would this mean for the car buying consumer? First the buying experience would change dramatically. Showrooms would be totally reconfigured with more interactive displays and computer simulations but the overall footprint would be reduced dramatically. Sure the auto dealers would need to have a few, very few, new models in stock for the person who just wanted a good, better or best model and wanted a new car today. There would still be used cars, but for a new car the majority of us would configure our new car, do the paperwork and have it arrive 3-4 weeks later. Or, we might never visit a showroom and simply configure and buy the car on-line.

If you let your mind wander a bit and if you have ever configured a Dell system you can begin to think about how this buying experience might work. Packages and promotions would be similar. Like a free upgrade to a XM/Sirius radio instead of an upgrade to a DVD Burner from a standard CD drive. How about custom wheels in lieu of an extended battery? Door to door shipping is a premium option, but a cost-efficient pick up area near a rail distribution hub could provide the lowest shipping cost option.

The advantages of this system could be remarkable. The cost to build and maintain (just think of the property tax savings in some states) a dealership would be significantly reduced. Even rural communities would be better supported with this model. While the assembly-line process would need to evolve to ensure overall vehicle costs do not rise dramatically, the advantage of knowing your exact demand would eliminate excess inventory and floor-plan costs would be dramatically reduced. Because manufacturers are primarily shipping product on demand it is likely transportation costs would improve – the carbon footprint would also be reduced.

I can imagine unique designer packages for interiors that are truly unique. Resale values might hurt downstream with some poor choices, but why not a Martha Stewart, NASCAR, or NCAA interior of your choice? All would add license opportunities and potential additional revenue. Buying online also provides click through revenue from alternative financing sources or custom items from tailpipe extensions to HD-DVD systems made for the vehicle, but not available from the manufacturer.

More importantly, just like Dell, the auto manufacturer would begin to know what motivates the consumer and cars would evolve just as PCs have to meet the usage demands of the consumer. Lower R&D costs, fewer miscalculations (can anyone say Pontiac) and an overall improved track record for consumer loyalty. Can you imagine blogs and twittering by designers, engineers and quality assurance folk who were sincerely interested in market feedback?

There are a number of specific business planning details I will need to construct before going to MIT next week, but help me out with a little informal survey…would you buy a car using a system like this? If not, why not?

THIS JUST IN -- Chrysler files for Chapter 11 (http://tinyurl.com/d3f5kf) -- are they better off dead or alive??

Say on Pay

noreply@blogger.com (David Childers) — Wed, 25 Mar 2009 01:31:00 +0000

My wife, who I consider a good lawyer and I totally disagree on the way the public outcry has been unleashed against some executives at AIG and other organizations. She holds to the belief that this “bonus money” is her tax dollars and these people don’t deserve to be paid with her money. I get the frustration, but my point is why does this “say on pay” deserve to be different than an individual shareholder’s opportunity to control the way corporations incentivize and pay their executives? In my view it doesn’t.

I have never been in favor of say on pay by shareholders or God forbid the Government. Shareholders have the right to make their feelings heard but most are not qualified to make decisions for the organization. Shareholder say on pay should remain a vote with their feet or their proxy statements. In my last installment I said that boards have to step up, dig in and bring some collective sensibility to this process. I think it is also time for shareholders to step up, dig in and remove some board members. Some of these directors also need to be thanked for their meritorious service and sent to permanent retirement not just shuffled to the next board.

I believe that the world has to hold Board of Directors to an increased level of accountability. Boards (not shareholders) have the obligation to understand what it takes to hire and incentivize key executives. Boards (not shareholders) are empowered to set reasonable and appropriate incentive targets – regardless of the number of trailing zeros. We have a governance system that has worked for more than 100 years, but greed and lack of accountability has diluted its value. And what is this silly tax idea??? Simply stated, boards must return to accountability for executive compensation so that is ensures that all the organization’s stakeholders get rewarded.

So what do you think government’s or a shareholder's role should be on “say on pay”?

Accountability

noreply@blogger.com (David Childers) — Sun, 22 Mar 2009 21:55:00 +0000

I have tried to stay on the sidelines because a number of people are blogging about the AIG bonus issue, but I can’t contain myself any longer. This is likely to be part one of a three or four part series, because this issue, in my opinion, is much larger than just the public’s reaction to these bonus payments.

First, no one that earned and received these bonuses at AIG is guilty of anything. They did their job and deserved to be rewarded for their efforts based on contractual agreements. So I am not only saddened but ashamed of the blame game behavior of both the liberal and conservative news media and a number of very ignorant protestors camping out on AIG executive’s lawns.

If you have never worked in a variable compensation model it is impossible to understand the pressure of carrying a quota or delivering the next great source of new revenue. Therefore, targeting these very blue collar individuals to interview on TV just makes the situation worse.

So, if these executives aren’t to blame then who is? It is a long list – the senior executives who built the compensation models, followed by the compensation committee and the board of directors for AIG that approved them. Next in line is the US Government for not being proactive in evaluating and better adjusting or confirming these bonuses when AIG first was asking for money. Congress comes next for not reading Dodd’s language – which expressly allows for the bonuses to be paid. Finally this is just another faux pax by the Obama administration. The President’s Chief of Staff needs to clean house of their PR and protocol staff because their actions and mistakes in the first 60 days of this administration are comical to the point of being criminal.

Do I think that all these multi-million dollar bonuses that a number of companies that took bailout money are fair or justified, no I don’t. But that isn’t the question on the table. If these payments were being decided in a court of law, not a court of public opinion, there isn’t a case to be made that these should not be paid. The Constitution, if it made it to the Supremes would also support payment.

The real conversation should be about Board accountability and “Say on Pay.” For the moment I am going to concentrate on accountability and will save comments on say on pay until my next installment.

President Obama’s reaction to AIG bonus payments isn’t the first time has echoed the public’s outrage. Most American’s felt pretty much the same way when executives on Wall Street and executives from bailed out banks received significant year-end bonuses and other compensations. The President followed up with a “close the barn doors after the cows are in the pasture” $500,000 salary freeze for executives of organizations that take new Federal funds. If I am to believe CNN the average American thinks a $500,000 salary package is unbelievable – almost immoral.

So how much is a CEO worth? In this silly quarter to quarter world we live in they seem to be worth a lot for what seems to be very little sustained performance. If there are “criminals” in this process it is the compensation committee chairs and boards that approve these crazy compensation plans. Incentive compensation is all about moving the needle. If as a CEO I can show growth, profitability, new market expansion, or ?? to improve my company’s share value and sustainability I am worth a lot, and no one should complain because by moving the needle every stakeholder of the company is getting rewarded. But let’s get serious, the transactions and deal sizes have gotten crazy and justification of paying a small “percentage” of the deal is ludicrous. Don’t misunderstand me, I get hard work, creativity and value and don’t balk at million dollar plus bonuses – but $20 million? Boards have to step up, dig in and bring some collective sensibility to this process.

What do you think?

Blowing the Whistle Just Got Easier

noreply@blogger.com (David Childers) — Wed, 18 Mar 2009 15:24:00 +0000

With the passage of the American Recovery and Reinvestment Act of 2009 (ARRA), commonly known as the Stimulus Act, $500,000,000,000 (sorry I just wanted to type all those zeros) is now being moved into employers across a wide spectrum of industries to stimulate our economy.

If you work for or run an organization that is in defense, education, energy, environmental cleanup, government technology, healthcare, housing, hunger assistance, infrastructure projects, scientific research or transportation you are first in line for these funds.

That is the good news. The bad news is that within the Act is the McCaskill amendment which significantly broadens the scope of whistleblowing and puts EVERY EMPLOYER at serious risk.

The Amendment to the Act does not cover Federal Employees (they have the Whistleblower Protection Act), but is extended to all private employers and state and local governments, including their contractors and subcontractors, who receive Stimulus funds. This means if I get ARRA funds and I hire you as my contractor, and you hire a sub-contractor(s) to complete the project – every organization in this chain is accountable to the McCaskill amendment.

The Act significantly expands the whistleblowing provisions defined under SOX includes “internal disclosures, including disclosures made by employees in the ordinary course of performing their job duties.” Attorneys Allen Roberts and Frank Morris of EpsteinBeckerGreen did a great job of detailing this act and I encourage you to review their whitepaper.

I hope you are listening. This means that not only should every employer have a methodology to support anonymous reporting, but they need a methodology to document, classify, escalate and otherwise track issues brought forward which would be considered relevant information through an “open door policy.” Here are the “violation types” or talk tracks specifically identified:

Gross mismanagement of an agency contract or grant relating to Stimulus funds,
Gross waste of Stimulus funds,
Substantial and specific danger to public health or safety related to the implementation or use of Stimulus funds,
Abuse of authority related to the implementation or use of Stimulus funds, or
Violation of law, rule, or regulation related to an agency contract or grant awarded or issued to Stimulus funds.

This law puts the responsibility firmly on the employer as there does not need to be a preponderance of evidence of retaliation, in fact it can be circumstantial. Therefore, the employers should implement and consistently follow procedures that document their actions during and post receipt of any disclosure.

Should employers retaliate against the "whistleblower," the action is swift and significant. The Office of the Inspector General is bound by the Act to review and make a determination within 30 days of the validity of the claim. If the claim is deemed valid, the Act requires the IG’s office to make a determination within 180 days. The complainant is entitled to reinstatement, back pay, compensatory damages, attorneys’ fees, and if warranted exemplary damages. If it goes to trial the complainant is entitled to a jury trial and the Act specifically removes any employer right to arbitration.

Finally there is no preemption to this Act, so States have the option to add to this Act if they feel it “necessary.” So over time this could be become very messy.

The bad news isn’t over yet. Everyone is waiting for Health and Human Services to promulgate the Act’s requirements for changes in HIPAA privacy regulations. When they do I will let you know the risks and requirements.

Full Disclosure – EthicsPoint is a market leader in Hotline/Helpline & Issue Management market. We will no doubt benefit from the passage of this legislation, but my intent is not to encourage or scare you into purchasing products and services from our company. My concern is one of big government, that in my opinion, just got a lot bigger and the downstream risks to smaller private employers in the Stimulus Act are significant.

Contracts and Covenants

noreply@blogger.com (David Childers) — Mon, 09 Mar 2009 15:51:00 +0000

Yesterday morning I honored my daughter’s wishes and attended the performance of the church bell choir she to which she belongs and loves. At the end of the week I didn’t have any intention of attending services but took one for the team, letting my wife and other daughter stay home to work and study, to hear our oldest daughter play the bells.

When I looked at the bulletin I saw that the homily was to be delivered by a Franciscan Monk. I can’t say that I was excited about the prospect. A number of years ago I spent some time in study of the Franciscan Order hoping to improve the work / family balance in my life. I sincerely admire their Order and mission of personal peace and harmony with the world around us. But after taking a vow of silence and spending two days in a monastery setting without speaking a word I knew that I am not cut out for the Franciscan lifestyle.

Much to my surprise and delight the homily was not only topical and insightful but also uplifting. The jist of his message was examining the difference between the “Contract God” we imagine and the “Covenant God” that spoke to Abraham.

This caused me to think about my own management style and the way in which I deal with people and provide stewardship for my family. Without a doubt I live a contract driven life. I will give or reward you with this, if you are successful in providing that. Get good grades, get a car. Drive revenue and get a promotion, more pay and more recognition. Work hard, save money to your 401K, be prudent with your investments and you will be rewarded with monetary security and someday retirement – oops.

What happened to my contract? Given the recent sub-prime and other implosions the global economy my 401K, as I was reminded during the homily, has been reduced to a 200 1/2K.

The homily went on to describe God’s covenant relationship with Abraham. This is a great story regardless of your religious persuasion. Imagine being a 99 year old guy that God taps on the shoulder and says “time to get started.” But this “mission” wasn’t (according to the Friar’s homily interpretation) a contract to go and build a nation, but rather a covenant of unconditional trust, expectation and hope.

While I it is unlikely I will shift completely away from my contract roots, I hope that I can translate some of this teaching into the way I interact and support my team and family. I have always strived to deliver integrity in my “contracts.” During these uncertain times, I want to find a fitting level of integrity as I set clear expectations, trust in the commitment and abilities of the people we have chosen and trained, and inspire hope for the future.

The SEC Sucks

noreply@blogger.com (David Childers) — Mon, 02 Mar 2009 19:40:00 +0000

When retiree Phyllis Molchatsky filed suit in NY against the SEC in December 2008 for failing to protect investors I just looked at it as going after the deepest pockets. But after watching the 60 Minute segment on Sunday night I think she may be justified in pointing the blame their direction.

In the CBS interview, Harry Markopolos was asked how many times he sent materials to the SEC. Markopolos calmly responded, "May 2000. October 2001. October, November, and December of 2005. Then again June 2007. And finally April 2008. So five separate SEC submissions."

Markopolos is not superman, he is a 52 year-old accountant who said he was able to see that something was wrong in minutes and it only took him 2 hours of study to prove it. He went on to say that the SEC was full of lawyers who were great at scrutinizing documents, but were not trained or capable of identifying fraud.

A few weeks ago I was watching the news where a congressman asked if they could bring the regulators associated with the issue into the hearing room. When asked why, he responded because “I want to tell them they suck at their job!”

It seems that the SEC does suck at its job. There is no shortage of litigation around the Madoff matter. My question is can and should the SEC and its regulators be held directly liable for failing to protect shareholders?

You can’t make this stuff up…

noreply@blogger.com (David Childers) — Fri, 27 Feb 2009 02:06:00 +0000

A friend of mine sent me this link tonight (http://www.truthout.org/022409J) and it is so sad it is almost comical. What a pathetic politically correct world in which we live. If the implications of this are factual then God help us all.

Blowing the Whistle

noreply@blogger.com (David Childers) — Tue, 24 Feb 2009 19:27:00 +0000

Sorry that I have been away for so long, it isn’t for the lack of desire – too many responsibilities with the year-end, shareholder meeting and 2009 growth demands.

This weekend I began to prepare for my participation in the “Great Debate” sponsored by the Oregon Independent College Foundation (OICF). It seemed to be the appropriate Blog subject and I was incredibly lucid in my thinking, but following a system crash I had to redo this blog post; and it now comes with an epiphany – if Microsoft made cars we would walk to work three or four times a week.

As I now sit here on Monday night, after a very long day of work and a session with my personal trainer who seems to just live to kick my ass I am far less lyrical.

In an earlier post I mentioned my involvement with the University of Arizona and the Eller Ethics Bowl. I find my time with these very bright and inspired students to invigorate my thinking and challenge me to be a better mentor.

The OICF Ethics Bowl is an academic competition that stresses the importance of ethics in the workplace, combined with leadership, decision making, and interpersonal relations. So aside from being a judge on Saturday, this Friday I will be on stage with 7 other CEO's in Oregon, judged by a student panel from the OICF's member schools debating a current ethical dilemma.
The topic is all too real. A senior bank executive, who is not part of the lending operations, discusses the impending risk they see based on the bank’s sub-prime policy with the bank’s CEO. The CEO tells the executive they have always been a team player, but have also always been too risk adverse. The CEO explains that the bank had hedged against the sub-prime risk and that while they appreciate this concern; a more immediate concern is the less than stellar growth numbers the executive’s division is reporting. The executive goes home and tells their spouse that they are conflicted at work. The spouse’s response is “how do we pay our bills and keep our kids in private school if you lose your job?”

The question for the panel is basically “what’s a girl to do…” This scenario can be played a dozen different ways. A single mom sees her boss doing something wrong, but how do you pay the rent if you are retaliated against. This is a real problem and while I can discuss the how and why surrounding the importance of having the right culture to report misconduct it doesn’t answer the question.

In this case, a person raised their hand, expressed an opinion and was told there is no risk and you better get your personal house in order if you keep pushing this agenda.
However, I can also turn the tables. People at Peanut Corporation of America must have seen and felt the same way. They didn’t want to lose their jobs, but by the last week in January, the number of tainted peanut butter salmonella cases had reached 600, at least nine people are dead and PCA is bankrupt.

So I ask you – how could this executive be more effective in exposing this risk? Or, should they remain silent?