My notes, live, from the Compliance Week keynote speech by Harvey Pitt on Ethical Cultures in a Down Economy:
After a very brief introduction (especially compared to yesterday’s keynote) by Scott Cohen, Mr. Pitt dove into an entertaining and informative speech.
Learning from history is in fact virtually impossible. The only thing we only learn from history is that we never learn from history. It is the science of what never happens twice.
Cutting corners may have some short term benefits, but endanger your long term success. This century has barely begun and we already have plethora of financial scandals. So many high-flying companies have come crashing down, destroying the companies and the investors. We have to avoid failures at all corporate levels that every person within the company is responsible for being a watchdog for transgressions.
It seems that we never learned from the Enron era scandals. Business scandals are inevitable, as is the follow-up government action. But those too often only focus on the last crisis and do not look ahead to potential new issues. SOX did not prevent the current economic crisis and its failures of corporate governance. It is inevitable that new laws will come out to address the crisis that just happened. Mr. Pitt seems skeptical that they will prevent the next set of crisis and failures.
Mr. Pitt thinks directors will be held accountable for the failures of their organization and the failure of their risk management. he thinks the answer is simple. The long term success of a company is the ability to survive under “Corporate Darwinism.” Only those with the best governance and the most ethical culture will survive. The regulatory and prosecutorial environment is going to be hostile for the foreseeable future. Being law-abiding only gets you so far. It is not same as acting honestly and ethically.
Something always go wrong.
Good corporate ethics is not just talking the talk, but also walking the walk. You need to recognize that an ounce of prevention is worth a pound of cure. You need to minimize risk and continually assess the risk. You need to deal with the risk before the next crisis.
Be a Boy Scout and “Be Prepared.” It is better to be ahead of the curve and ready for what may be coming.
Knowledge is power. You need full and complete information in order to assess risk and govern the organization. The most dangerous risk is the risk you are nor aware of. You need to make sure that information flows up the chain and throughout the organization.
Don’t shoot the messenger. Risk management should not be thought as a cost center.
Make sure that everyone is “invested” in the organization. It is part of everyone’s job description to be alert for potential problems, addressing problems and resolving problems. You need to engage all employees in developing and running the program.
There is no such thing as a “small” ethical problem. They always grow into a big problem if left unaddressed. Not every breach is a hanging offense, but they all need to be treated seriously.
It’s the quality not the quantity that counts. You can have binders full of policies. But they are useless if employees are not aware of them and ignore them.
Pay for integrity. If boards want to show the importance of ethics, they need to tie compensation to it. They need to place a cost for failures as well.
Trust, but verify. Ask the tough questions and examine the underlying premise of their information. You need to make sure your conclusions are sound.
The third little pig had it right. You can’t build your house out of flimsy materials.
Treat everyone who cries wolf as if they are credible. It is the warning you ignore that is more likely to hurt your organization. It’s not how complaints are raised. The only issue is whether there is any truth to the claims. You need to find the truth. The only way to find out is to respond to the call and investigate.
If you manage for the short term, you will not be around in the long term.
At the end of his speech, Mr. Pitt sat down with Mr. Cohen.
Mr. Pitt pointed out that government failed to have effective risk management during the current financial crisis.
He thinks SOX was hastily drafted. It was necessary because of the upheaval and government needed to show that it would put up with that kind of behavior. He thinks SOX has been ineffective. It is approached as a liability issue and treated with a check the box mentality. We would not have had the most recent crisis if SOX was effective.
What me need now is not more regulation or less regulation, it is smarter regulation. Businesses sit back and wait for government to tell them what they are doing wrong and then don’t like what the government tells them to do. Businesses need to discover problems before they become a problem.
(These notes are taken live, so I apologize if I left out anything or misquoted someone. Please forgive any typos or grammatical errors.)