What’s the Difference Between Compliance and Ethics?

“There will never be enough corporate resources to ensure each employee is following every law all of the time. What’s more: Not all laws have clearly delineated rules that can be followed easily. Under the Foreign Corrupt Practices Act (FCPA), for example, bribing a foreign official is a crime, but the FCPA does not provide a specific dollar amount for gifts and gratuities to foreign officials.”

In this case, your compliance organization would need to oversee and manage the employees’ opportunity to commit bribery. While it may not be illegal to provide some ‘generous gifts’, it would fall to your compliance organization to prevent misconduct.

What is ethics?

Ethics is doing what’s right – not just because of the wording of the government or law. Ethics is something you individually choose to consider before you take action; it’s the expressed intention to observe the law. A lack of ethics amongst employees and stakeholders can be disastrous to any organization.

Ethical compliance: What should it look like?

The trick to having effective compliance and ethics programs is balance. Your programs should be understood and supported by a strong leadership team. If your compliance rules, policies and processes are too complex, unwieldy or overbearing, guess what will happen? Your employees will stop following the rules and/or question which ones are worth adhering to. Next thing you know, they’re operating outside of your compliance controls.

Public companies and their C-suite team and board members could be held personally responsible for certain aspects of compliance and ethics. For best results, organizations should consider taking a value-based approach to ethical compliance. The executive team should thoroughly understand the culture and compliance controls that exist at any and all levels of their company.

You should try to position your ethical compliance programs as a part of the company culture – if it feels like the responsibility of every individual and a respected part of your organization, employees are far more likely to adhere to the rules. These policies should be applied fairly to all stakeholders, including the board members and senior executives.

Compliance without strong ethics

As outlined in an interview with Michael McMillan, director of ethics and professional standards at the CFA Institute by the Wall Street Journal, your organization can have a good compliance program without basing it on strong ethical values.

You can have the right rules and regulations in place to ensure your employees aren’t breaking the law – but just because they follow these policies doesn’t mean that they’re acting in the best interests of your customers.

Having a strong compliance program alone can still permit an unethical environment to exist. 

Benefits of strong ethics

Ethics has to be a proactive process. If you invest as much time, effort and money into ethics training as you do compliance training, stakeholders throughout your company may choose to do what’s right naturally, which in turn means you will have stronger compliance throughout your organization.

Having a strong ethical culture means the need for compliance initiatives is automatically diminished. Your company values are already promoting doing the right thing, and this means your employees are acting with the best interests of your customers at heart.

• Does your company culture encourage ethical behavior at all levels?
• Can all of your employees describe the company’s code of ethics?
• Do your employees understand the tone set by senior management?
• Do all of your employees feel free to ask questions and express concerns?
• Do your employees believe that the mechanisms are in place to allow them to voice opinions without fear of retribution?

The results from this assessment become the benchmarks that lay the foundation for an ethics and compliance program, as well as an effective control environment.

What does an effective ethics and compliance program look like?

There are a few key markers you can look for to evaluate if you have an effective ethical compliance program:

• A company culture that encourages ethics and compliance with the law.
• Clear responsibility on the part of senior management.
• Active and ongoing oversight by the board of directors.
• Day-to-day oversight by a high-level individual who has sufficient resources and authority. This could be, for instance, the Chief Ethics and Compliance Officer of your organization.
• Effective communication of standards and policies throughout the company.
• Periodic training for all stakeholders, including the board, management, and employees.
• Reasonable steps taken to achieve compliance and consultation, such as monitoring and reporting systems, or helplines.
• Incentives for compliance with the policies in place, appropriate response actions when offenses are detected, and consistent enforcement of disciplinary action towards all stakeholders.