Author: Doug Cornelius

You can find out more about Doug on the About Doug page

The Dark Side of Aggressive Goal Setting in the Workplace: A Shortcut to Unethical Behavior

ordonez

EthicsPoint sponsored a webinar by Dr. Lisa Ordóñez, University of Arizona, Professor of Management and Organizations in the Eller College of Management at The University of Arizona

“Applied managerial experience and hundreds of academic research studies have catalogued the positive impacts of goal setting on performance. Challenging, specific goals compared to instructions to “do your best” have been shown to increase effort, persistence, and performance. Goal setting theory has led to consultants training managers on how to use SMART (Specific, measurable, attainable, realistic, and timely) goals in their organizations. However, as Ordóñez, Schweitzer, Galinsky, & Bazerman (2009a, 2009b) point out, goals can have systematic, negative effects and can focus attention too narrowly, increase risk taking, and lead to unethical behavior.”ethicspoint-logo

These are my notes from the webinar.

Dr. Ordóñez discussed some of the findings from her research where she found that goal-setting can lead to bad results and bad outcomes.

She started with some examples of how goal-setting ended up with bad results.

Why is hard to find a cab on rainy days in New York? The cabdrivers go home early. Their goal each day is to reach 2X their cost. They reach the goal faster on rainy days, so they go home earlier. they could have made money if they worked a full day.

General Motors focused on reaching 29% of the US Market. Executives even wore lapel pins with “29” on them. They focused on hitting the number (for example offering short term incentives) and not the long term goals of the company.

Fannie Mae was looking to expand the home ownership by low-income people. That resulted in them underwriting riskier loans.

Billable hours and ethics. If management sets utilization goals, people are more likely to pad their hours.

They ran a lab experiment in 2004 that tested people on test-taking. participants checked their own work. When the goal was to “do their best” their was less cheating than when their was a specific goal for correct answers.

She raised some questions to ask before setting goals:

  • Are the goals too specific? Narrow goals can blind people to important aspects of a problem.
  • Are the goals too challenging?
  • Who sets the goal? People are more committed to goals they help to set.
  • Is the time horizon appropriate? Short term goals can hurt long term performance.
  • How might the goals influence risk taking? Unmet goals may induce risk taking.
  • How might goals motivate unethical behavior?
  • Can the goals be tailored for individual abilities while preserving fairness?
  • How will the goals influence organizational behavior?
  • Are individual intrinsically motivated? People may not like the activity anymore when their a goal tied to the activity.
  • What type of goal is most appropriate given the ultimate objective? By focusing on the goal, employees may fail to search for better strategies.

So how do you motivate employees without goals?

You don’t. You can only link to what the employee wants to the desired performance.

Goals can be effective for direct effort, they can communicate the values of the organization and are very useful for menial tasks that simply need to be completed.

She ends with a warning:

goals warning

Thanks to EthicsPoint (my company’s hotline provider) for putting on this great webinar.

References:

National Data Privacy Laws Move Forward

I'm just a bill from Schoolhouse Rock

With last week’s further revisions to the Massachusetts Data Privacy Law [Massachusetts Amends Its Strict Data Privacy Law (Yet, Again)], people are wondering if the federal government is going to step into the space and create a national standard. Most states have enacted some form of data breach or data privacy law, crating patchwork of laws across the country.

I found three separate bills moving through the legislative process: Data Accountability and Trust Act (H.R. 2221), Personal Data Privacy and Security Act of 2009 (S.1490), and The Data Breach Notification Act (S. 139)

Data Accountability and Trust Act (H.R. 2221)

This bill was in the House Committee on Energy and Commerce and referred to the Subcommittee on Commerce, Trade and Consumer Protection. They recommended it be considered by the House as a whole on September 30.

This act would requires the Federal Trade Commission to promulgate regulations requiring each person engaged in interstate commerce that owns or possesses electronic data containing personal information to establish security policies and procedures.

Personal Data Privacy and Security Act of 2009 (S.1490)

Last week, the Senate Judiciary Committee approved the Personal Data Privacy and Security Act of 2009 by a vote of 14-5, sending the bill to the full Senate for consideration.

This act would amends the federal criminal code to: (1) make fraud in connection with the unauthorized access of sensitive personally identifiable information (in electronic or digital form) a predicate for racketeering charges; and (2) prohibit concealment of security breaches involving such information.

This law would preempt state regulation in this area.

The Data Breach Notification Act (S. 139)

Last week, the Senate Judiciary Committee approved the Data Breach Notification Act by a vote of 14-2, sending the bill to the full Senate for consideration.

This act would requires any federal agency or business entity engaged in interstate commerce that uses, accesses, or collects sensitive personally identifiable information, following the discovery of a security breach, to notify: (1) any U.S. resident whose information may have been accessed or acquired; and (2) the owner or licensee of any such information that the agency or business does not own or license.  The notice must be given “without unreasonable delay” following discovery of the breach.

It also authorizes civil actions by state attorneys general to enforce the act. This act would supersede any other provision of federal law or any provision of law of any state law relating to notification by a business entity engaged in interstate commerce or an agency of a security breach.

These are just bills, so it’s hard to tell what may happen to them. The clock is ticking. The Massachusetts data security law goes into effect on March 1, 2010.

Another Private Fund Registration Bill

I'm just a bill from Schoolhouse Rock

As expected, Senator Dodd introduced a comprehensive bill for revising the regulatory system for the U.S. financial services industry.
Restoring American Financial Stability Act of 2009.pdf-icon

You can tell its comprehensive because the discussion draft weighs in at 1,136 pages. I have not read all of it, but I did focus in Title IV: Regulation of Advisers to Hedge Funds and Others, also labeled as the Private Fund Investment Advisers Registration Act of 2009. This is apparently the Senate counter-proposal to the House version passed by the House Financial Services Committee at the end of October: Private Fund Investment Advisers Registration Act is Passed by House Committee.

What are some of the differences between the House bill and the Senate bill:

Exemption level. The Senate bill has a threshold of $100m assets under management, the House bill an exemption for “small” funds under $150m.

Venture Capital. The Senate bill exempts both venture capital and private equity funds, the House bill only venture capital funds. Neither bill makes any attempt to define a “venture capital fund” or a “private equity fund.”

Reporting Requirements. Both bills contain similar requirements for funds to regularly report in certain basic information to the SEC, including information about the amount of assets under management, the use of leverage, counter-party risk exposure etc.

Investor Qualifications. The Senate bill contain provisions to continually update the accredited investor qualification standard to keep pace with inflation.

Further Study. The Senate bill provides for a further study regarding the feasibility of a hedge fund self-regulatory agency, the state of short-selling in the market, and the appropriate level for the accredited investor standard.

Independent Custodian Requirement. The Dodd bill calls for an independent custodian to be used by hedge funds to hold client assets.

The Restoring American Financial Stability Act of 2009 would also create a single bank regulator, provide for self-funding the SEC, and establish a new consumer financial protection agency and install plethora of other changes.

What does this mean for the likelihood of mandatory registration of private investment funds? It’s much more likely. But the venture capital exception and private equity exception are potentially very big. Of course that will depend on how the SEC defines these terms.  It also shows that the House and Senate are taking very different approaches to financial regulation. The House is looking at a series of small bills to fix some of the holes. The Senate is looking for a comprehensive change.

(Not to be a cynic, but Senator Dodd is up for re-election in 2010. I would guess that he is looking for a big new law to tie to his name and his re-election campaign. Not that it is bad. Just politics. Critics Question Dodd’s reform proposal.)

References:

Salute a Veteran

Veterans-Day-2009

U.S. President Woodrow Wilson first proclaimed an Armistice Day for November 11, 1919.

“To us in America, the reflections of Armistice Day will be filled with solemn pride in the heroism of those who died in the country’s service and with gratitude for the victory, both because of the thing from which it has freed us and because of the opportunity it has given America to show her sympathy with peace and justice in the councils of the nations…”

The United States Congress passed a resolution seven years later on June 4, 1926, requesting the President issue another proclamation to observe November 11 with appropriate ceremonies. An Act approved May 13, 1938, made the 11th of November in each year a legal holiday:

“a day to be dedicated to the cause of world peace and to be thereafter celebrated and known as ‘Armistice Day’.”

Congress amended this act on November 8, 1954, replacing “Armistice” with Veterans, and it has been known as Veterans Day since.

My thoughts go out to Marine Corps Corporal Jason Cohen

Trust and Financial Regulation

colombo

Ronald J. Colombo of Hofstra University School of Law wrote a great paper on The Role of Trust in Financial Regulation.

Trust is an important part of our financial markets. Scandals, massive incompetence, massive irresponsibility, massive fraud, have shaken trust in the financial markets. Commentators, policy makers, and industry leaders have all recognized the need for trust’s restoration.

Consistent with financial scandals in the past, the public officials are looking for increased regulation to restore trust in the markets. The last round of financial scandals in the Enron-WorldCom era brought us Sarbanes-Oxley.

Professor Colombo thinks the advocates for increased regulation have it half right.

“A critical set of questions should be considered. Can regulation serve to bolster and repair relationships dependent upon trust? And in the absence of trust, can regulation serve as an effective substitute to trust? In short, are there limits to the ability of regulation to resuscitate an economy that has suffocated due to lack of trust?

Conversely, can regulation work to “crowd out” trust, effectively transforming relationships that once were close and trustworthy to arm’s length and legalistic? Could regulation serve to displace relationships of trust with transactions subject merely to the “morals of the marketplace”?”

The Role of Trust in Financial Regulation applies trust scholarship to examine the current U.S. financial regulatory regime and some of the proposed reforms. I focused on a few sections.

Private Offering Regulation

In addressing the difference in treatment between the regulation of public offerings and private offerings, Mr. Colombo thinks the difference can be justified on grounds relating to the issue of trust.

A private offering is more like a personal contract between the issuer and the investor, free of public advertising. Also, a private offering is more likely to have a pre-existing relationship. “Interpersonal relationships and communications are conducive to such trust, and such relationships and communications are often found among the parties to a private offering.”

He concludes that the current regulation of private offering strikes the correct balance from a trust-favoring perspective.

Regulation of Investment Advisers

I found it interesting that Mr. Colombo spends some time focused on the 15 client rule exemption from registration. He finds that much of the investment adviser regulation has developed a heavy band of regulation that “can crowd out trust in a relationship, converting expectations and behavior based upon honor and integrity to those based on the letter of the law.”

Investment advisers with a small number of clients can have “closer, more personal and more lasting relationships with their small number of clients than those advisers with a much larger client base.” The small adviser exemption from regulation when you have fewer than 15 clients facilitates the trust aspect.

The Private Fund Investment Advisers Registration Act, just approved by the House Financial Services Committee, eliminates this exemption.

Hedge Funds

From a trust perspective, Mr. Colombo thinks the lack of hedge fund regulation seems sensible. As with the world of investment advisers, the hedge fund industry is marked by repeat players. Frequent and historical interactions among the parties can “lay the foundation for affective and generalized trust to develop.” After all, the original legislative intent of the U.S. securities laws was to protect the layperson, unfamiliar with the financial markets, with sophisticated investors fending for themselves. Give the high financial thresholds for investment in private funds, the investors are either sophisticated or have easy access to sophisticated investment advice.

Regulatory Reforms

Mr. Colombo does not seem to like the removal of the small adviser exemption from investment adviser regulation. For larger advisers, the increased disclosure and reporting requirements may be a good things.

As for hedge funds he thinks that hedge funds currently operating successfully on the basis of trust, with little regulation, have little to benefit their investors by registering with the SEC  and submitting themselves to the regulatory oversight. However, for funds that have not been able to develop that trust, voluntarily registering and submitting themselves to the regulatory oversight could help develop that trust. (I’m skeptical that investors think SEC registration carries any value in the world of private funds.)

The paper concludes that the existing financial regulatory regimes do a pretty good job with our understanding of trust. Greater regulation is imposed upon those sectors of the financial services industry where such regulation is trust enhancing, and lesser regulation is imposed upon those sectors where such regulation is trust defeating.

“In those areas where high quality trust relationships exists (or have the greatest potential to exist), we have, relatively speaking, the lowest levels of regulation: private offerings, investment advisers, and hedge funds. In those areas where only lower quality trust relationships are likely to exist (that is, relationships of cognitive and specific trust), we witness the highest levels of regulation: public offerings, secondary market trading, and banking.”

He also points out the more important areas of the capital markets are more heavily regulated. After all, we cannot wait to see if trust can be developed if the failure will lead to a systemic breakdown. The turbulence after the Lehman collapse was in part caused by the lack of trust. Nobody was sure if they could trust the stated financial stability of their counterparty.

References:

Colombo, Ronald J., Trust and Financial Regulation (October 1, 2009). Villanova Law Review, Forthcoming; Hofstra Univ. Legal Studies Research Paper No. 09-22. Available at SSRN: http://ssrn.com/abstract=1481327

Some other references from The Role of Trust in Financial Regulation:

Copyright and Compliance

strange maps

I am a big fan of maps. I work for a real estate company, so that should not be surprising. Pictures can usually put information into better context than mere words.

Frank Jacobs, just published a book: Strange Maps: An Atlas of Cartographic Curiosities.

In an interview with Annika Mengisen on the Freakonomics blog, Mr. Jacobs pointed out an interesting compliance technique to deal with copyright and piracy.

When asked about any strange facts about maps that most people might not know?, he replied:

“I don’t know how obscure this fact is, but the London A-Z contains a fictional street on each of its pages, in order to catch out copycats.”

The authors used a little counter-intelligence to ferret out content thieves.

References:

OFAC has Released its Economic Sanctions Enforcement Guidelines

treasury

The final Office of Foreign Assets Control. This rule sets forth the Enforcement Guidelines that OFAC will follow in determining an appropriate enforcement response to apparent violations of the U.S. economic sanctions programs that OFAC enforces.

The final rule will appear as an Appendix to the Reporting, Procedures and Penalties Regulations, 31 C.F.R. Part 501.

These are the new General Factors that OFAC will consider in determining the appropriate administrative response:

  • Willful or Reckless Violation of Law
    • Willfulness
    • Recklessness
    • Concealment
    • Pattern of Conduct
    • Prior Notice
    • Management Involvement
  • Awareness of Conduct
    • Actual Knowledge
    • Reason to Know
    • Management involvement
  • Harm to Sanctions Program Objectives
    • Economic or Other Benefit to the Sanctioned Individual, Entity, or Country
    • Implications for U.S. Policy
    • License Eligibility
    • Humanitarian activity
  • Individual Characteristics
    • Commercial Sophistication
    • Size of Operations and Financial Condition
    • Volume of Transactions
    • Sanctions History
  • Compliance Program
  • Remedial Response
  • Cooperation with OFAC
  • Timing of apparent violation in relation to imposition of sanctions
  • Other enforcement action
  • Future Compliance/Deterrence Effect
  • Other relevant factors on a case-by-case basis

The Guidelines are the final rule and replace the Guidelines previously promulgated as an interim final rule with request for comments on September 8, 2008.

References:

International Fraud Awareness Week

International Fraud Awareness Week

November 8-14, 2009 is International Fraud Awareness Week. This weeklong campaign, sponsored by the Association of Certified Fraud Examiners, encourages business leaders and employees to proactively take steps to minimize the impact of fraud by promoting anti-fraud awareness and education.

Test your knowledge about fraud with this Fraud IQ Test, which includes 20 actual questions from the CFE Exam

Fraud Prevention Check-uppdf-icon
How vulnerable is your company to fraud? Do you have adequate controls in place to prevent it? Find out by using the ACFE’s Fraud Prevention Check-Up, a simple yet powerful test of your company’s fraud health.

Managing the Business Risk of Fraud: A Practical Guide
This guidance paper, developed jointly by the ACFE, IIA and AICPA, provides key principles for proactively establishing an environment to effectively manage an organization’s fraud risks. It also provides tools, recommendations and real-life examples of how fraud risk management principles are applied.

Compliance Bits and Pieces for Nov. 6

The FCPA’s Imperialist Myth from The FCPA Blog

Why aren’t law professors training their students on the issue?  The answer, says Elizabeth Spahn, is tied up with false notions in the West about legal imperialism. Elizabeth Spahn’s article, “International Bribery: The Moral Imperialism Critiques,” 18 Minn. J. Int’l L. 155 (2009).

Conducting Ethical Corporate Investigations by Jaclyn Jaeger for Compliance Week

The ACC presented a panel discussion on internal investigations during its annual conference in Boston last week, and posed the following hypothetical: One of the company’s office managers has received an anonymous e-mail, where the writer claims to have compromised the salary and bonus information of several executives. The writer also claims to have stolen proprietary software from the company, whose customers are mostly manufacturers, and plans to give it to a competitor.

You, the general counsel, must investigate. How do you proceed?

ACC: The Use of Lawful and Ethical Strategies (Oct. 20, 2009)pdf-icon

Octopussy and the Golden Goose by Bruce Carton for Enforcement Action

If you are in an insider trading ring and your ring-buddies are using a “nickname” of any kind for you or others involved, it is all but certain that the nickname is going to be prominently mentioned when the SEC issues its press release about the case.

Google’s New Privacy Dashboard

google Dashboard

Have you ever wondered what data is stored with your Google Account?

Over the past 11 years, Google has focused on building innovative products for our users. Today, with hundreds of millions of people using those products around the world, we are very aware of the trust that you have placed in us, and our responsibility to protect your privacy and data.

In an effort to provide you with greater transparency and control over their own data, we’ve built the Google Dashboard. Designed to be simple and useful, the Dashboard summarizes data for each product that you use (when signed in to your account) and provides you direct links to control your personal settings. Today, the Dashboard covers more than 20 products and services, including Gmail, Calendar, Docs, Web History, Orkut, YouTube, Picasa, Talk, Reader, Alerts, Latitude and many more. The scale and level of detail of the Dashboard is unprecedented, and we’re delighted to be the first Internet company to offer this — and we hope it will become the standard. Watch this quick video to learn more and then try it out for yourself at www.google.com/dashboard.

I think it’s great that Google makes available all this privacy data in a single place.

You might be surprised how much Google knows in case you’ve already forgotten a service or two you’ve signed up with. Keep a close eye for the items on the page with this little blue icon meaning “this bit is public”. At the bottom of the page, Google disclaims that 16 additional products are not yet available in this dashboard.