“Most lawyers take ethics, speaking up and doing the right thing very seriously…and you won’t make many friends if you suggest otherwise” was the response I received from one GC when I mentioned I was writing a piece suggesting that they should do more.
So, let me be clear from the start: I’m not saying they don’t; I am saying that many lawyers appear, for good reasons, to care much more about, and have more energy for, risk management than ethics management. The key word here is “more”.
At least that’s my impression after working with in-house teams over many years. I’m also aware that most organisations have Compliance functions and some even have Integrity or Ethics functions and work on ethics tends to sit there. I know also that the subject of ethics is entwined with company values and culture.
But my point is that there is a very good reason why in-house counsel spend more time on risk management and that is because it’s measured, to some extent at least. And people tend to deliver only what’s measured.
One definition of ethics is “…a set of moral principles that govern a person’s behaviour or the conducting of an activity.” One can see why, therefore, that broad work on ethics isn’t easily measured, so broad work on ethics is, understandably, not a priority.
Moreover, in-house teams are under enough pressure doing “more for less” without inviting yet more work. The over-worked GC can also rightly point out that ethics are the responsibility of everyone in “the business”, not just lawyers. I wholly agree with this point and therefore feel that no function should have ethics with a capital E in its title.
Yet we know that poor conduct creates legal risk. Conduct is defined as observed behaviour over time. Poor conduct is poor or unethical behaviour observed over time. So why are ethics management not, typically, front and centre as a part of Legal’s strategy, to the extent that risk management is?
The answer is that there is neither a financial nor an emotional incentive for doing so. But why isn’t there? The recent high profile corporate “risk events” which involved seriously unethical behaviour by senior executives in organisations were, surely, in part a failure to anticipate and avoid the conduct which led to that wrongdoing.
With hindsight, would not the CEOs of those companies have approved a much greater Legal spend on reducing conduct risk if they had been forced to confront the high probability of those events occurring in advance?
One CEO said to me many years ago – “All I want from Legal is that they anticipate risk”. “Is that all?”, I thought. And what crystal ball were they going to provide in-house to do this? And is not risk anticipation a joint endeavour? Is that not the reason that in-house exits?
The average Top and Emerging Risk Report produced by GCs doesn’t place “the conduct of our directors” as its No 1 risk. If it did there’s a strong chance the risk would be mitigated by remedial action in respect of that behaviour.
It’s not that conduct risk isn’t by now a familiar term, particularly in the financial services sector. But this is not by choice. The Regulator has regulated conduct heavily since the Global Financial Crash.
But it’s not working. Earlier this year The Banking Standards Board published its second annual review and in respect of which The Financial Times ran the headline: “Bankers battle with ethics versus career quandary”.
Based on a survey of 28,000 employees at banks and building societies “more than a third fear negative consequences of voicing concerns…one in eight had seen instances where unethical behaviour had been rewarded…[a large number saw] a conflict between their organisation’s values and how it did business”.
“Conduct” has been commoditised as a term, reduced to a box which needs to be ticked, just like board “effectiveness”. Unless and until “the business” honours the spirit as much as the letter of the law then nothing will change and it’s only a matter of time before we open our newspapers to the next avoidable corporate scandal.
If a company’s Risk Register is a list of top and emerging business, legal and reputation risks, which could affect outcomes, it follows that conduct by directors should go right to the top of that list because most risks are forged in the crucible of boardroom relationships.
The topmost risk is the risk of systemic weaknesses in board decision-making and governance due to the failure of each director to change their worst behaviour and exploit their best.
What if the Legal function, in addition to the regular “calling out” it currently does as part of “BAU”, addressed this matter head on and became an agent of conduct change and demonstrated a link between improved conduct and reduced legal risk? Would that not make the annual battle that is the GC’s lot, of making the business case for legal spend easier?
My proposal is that you, in your role as in-house counsel, can choose to change the status quo. The incentive to do so is threefold: your function will receive more money if you sell in the idea properly; the business will be better protected and, crucially, your job will be more fulfilling.
But I don’t believe that the nettle has yet been fully grasped regarding the relationship between the GC and the CEO. I have spoken and written about this many times, particularly in a pamphlet entitled The GC-CEO Relationship post Global Financial Crash: Flourish or Flounder?. I help GCs and CEOs to grapple with these issues in the first hundred days of a new role. So I am close to the arguments on both sides.
The core of my argument is that GCs often fail to confront CEOs with the truth that they cannot do ten things for seven dollars, if ten things actually cost ten dollars. Often they retreat to the “diving catch” mode drummed into them at law school which is that you get it done, no matter what. This behaviour must have a knock-on impact on the time available for ethics management.
I acknowledge that many lawyers disagree with me on this point and feel that the 10 for 7 argument is a red herring. Indeed some feel it’s an affront to their professional code of doing what needs to be done. I respect this view but disagree with it.
I propose three actions:
First, the CEO should accept that they are, de facto and whether they like it or not, the chief ethics officer, all lower case.
Second the GC should help the CEO to publish a company wide ethics policy, heavy on the spirit of good behaviour and conduct, light on regulation and they should place director conduct at the top of the risk register.
Third, the GC and CEO should sign a Memorandum Of Understanding reflecting the reality of their relationship – and the reality that the GC role is a unique and tough one to execute – and which promises “only to deliver seven things for seven dollars”.
The CEO must then take responsibility for the missing three things, especially if one of them is withholding budget for Legal to spend time on the important, but not urgent, matter of helping to create an ethical culture.
In practical terms, the GC and team – down to the most junior lawyer – is in a position to contribute ideas to creating an ethical framework on a daily basis because they see things others don’t.
Whilst contributing to the creation of an ethical culture is the responsibility of every function, in-house teams have a particular budgetary incentive to champion it because, by helping the company to avoid conduct risk in practical ways, they would have to work less hard to justify their budgets. For many, that would come as a blessed relief.