|
 |
|||||||
|
|
|
|
|||||||||||||||||
|
|||||||||||||||||||
|
|
|||
|
Reader
Profile
Editor's note: Each month, we ask a Directors & Boards reader to comment on critical issues facing directors today. If you'd like to participate in this section in the future, please email Scott Chase. Just how do directors use the powers vested in them to shape a sound anonymous reporting system? What kinds of competitive advantages can their technology programs create? What are the best practices in this arena? What practices should be avoided? Ah, the good old days, when your hotline service sent case reports by U.S. mail. When most reports got tossed in the trash immediately upon arrival (because they didn’t tell you very much). When those which did survive got sent to bosses who may or may not have followed up. When directors were blissfully unaware of problems. When companies were high-flying one day, and named in a scandalous headline the next. Those were the days all right, and many of us are not the least bit nostalgic. Today there’s no excuse for boards not to know what’s really going on in companies. Technology is a key enabler of effective and high-return anonymous reporting solutions, and in 2007, it’s hard to imagine a public company bypassing the enormous benefits of a progressive outsourced solution. It costs a pittance relative to “404” – and uncovers a whole lot more fraud and prevents a lot more reputation damage than accounting controls. What should directors be doing to shape a sound anonymous reporting program? That’s management’s job, right? In order to provide the oversight and guidance required of them, directors must understand the culture of the company, and they must assure that ethics and compliance programs are in place and working. Yes, management operates the programs, but the board oversees their efficacy, and the board directs management to change course when the corporation’s long-term economic growth and viability are at stake. Having a culture that permits legal or values violations to occur can rip the reputation, and with it, the value of the enterprise. Board members should ask pointed questions about how employees are educated about rules and values and about how reports of wrongdoing bubble up to the surface and how they are handled. The essential question is whether all levels of employees feel safe using the service and what is done to assure this. Unless the service is provided by a truly independent firm, there is a high likelihood that it is not trusted by employees. If it’s not trusted, it’s not used. You might go to the next board meeting and hear “we don’t outsource the hotline, but we get a gazillion reports, so what we’re doing internally must be good.” Beware. It’s basic, but be sure employees know about it. Are they encouraged, yes, encouraged, to use it? How is the service publicized? Put the toll-free number, the web address and the PO Box for submitting issues right on the intranet, and give employees an easy way to search electronically for the submission information. Don’t bury the phone number in the code of conduct booklet and assume it will be found when the time comes to call in a tip. Are the people who take the calls skilled and do they have the technology to do their jobs well? Listeners should have electronic tools at-the-ready, such as must-ask questions when/if a key word (such as “bribe”) is mentioned. This allows them to be well equipped to ask critical questions, yet the confidence to have a free-form dialog with the submitter, which elicits the best information. Strict scripts should be avoided. Are web submitters required to fill out endless fields in a web form? If so, abandonment will be high, and you’ll never know what you didn’t hear. Keep it simple, and let submitters use technology the way they want to. Are sensitive cases being sent via email, which is inherently insecure? Best practice is to have cases saved directly to a secure database where the information remains locked down yet accessible to those with permission. Can the board members get their own individual login IDs and passwords to the ethics database? With the more progressive hotline services, directors can login whenever and from wherever and see high level summary reports from the front line. They can click through pie pieces to get detail when they want. Also, when a senior member of management has been alleged to be involved in serious wrongdoing, the case becomes a “bypass” case, and it is up to the board to handle the issue. They usually first learn of the bypass issue through an alert email. They then login to the web portal, and use it to carry on an anonymous dialog with the submitter; they also keep any notes there about the case, and ultimately close the case. This web portal resides on the service provider’s servers, further reinforcing security and confidentiality. Does the anonymous reporting service use a sophisticated application which sends highly tailored auto-alerts when certain activity occurs? Or does one person receive all reports and then dole them out after review? The board should approve an architecture for case-handling which employs checks and balances along with responsibilities to assure transparency and alacrity. What are some questions savvy directors and board members should ask themselves and each other to be confident that the systems in place are reliable and useful? Can the board and management readily analyze data, looking for patterns and creating meaningful reports whenever they choose? Can internally generated reports of ethical violations be consolidated with external submissions into a single searchable database? Is the anonymous reporting service accompanied by a disciplined follow-up system so essential for appropriate action? What are some metrics that will tell a board whether it’s working like it should, and how seriously management takes it? Are all levels of employees being heard from? From all divisions of the company? Is management responding to submitters in a timely way? Are they probing for additional facts by taking advantage of the anonymous dialog feature? Is management acting on what it hears? Is management searching the consolidated data to proactively identify and address risks? One of the best early-warning indicators inside a company is its anonymous employee feedback. While the ideal is open communication in a completely non-retaliatory environment, smart companies have a failsafe in the form of a well executed anonymous reporting program. Strong systems are required to create the capabilities and inject the disciplines necessary to maximize the probability that appropriate action will be taken as a result of what was reported. When done right, anonymous reporting produces information that can’t be gleaned any other way, reduces a company’s risk, improves the quality and transparency of its financial reporting, reduces director risk, leads to better results, and advances the public’s trust.
|
|
||
| Alice
Peterson is the president of Syrus Global, a leading provider of ethics
and compliance solutions headquartered in Chicago. Ms. Peterson
founded the company in 2002. Ms. Peterson serves on the board of
directors of Hanesbrands. From 1989 through 2000, Ms. Peterson held various senior positions at Sears, Roebuck and Co. She ran Sears Online from 1998 through 2000, overseeing significant growth in web-related revenues. She was the vice president and treasurer of Sears from 1993 through 1998, during which time she spearheaded many of the company’s major transformation efforts, including the IPOs and spin-offs of Allstate and Dean Witter Discover. Ms. Peterson also serves on the boards of RIM Finance (a wholly owned unit of Research in Motion, maker of the BlackBerry™ handheld), Ravinia Festival (summer home of the Chicago Symphony Orchestra), and the Music Arts School of Highland Park. She is a member of the board of directors of the Institute for Business & Professional Ethics at DePaul University and the National Association of Corporate Directors Chicago Chapter. She participates in a number of other civic and professional organizations in and around Chicago. Ms. Peterson holds an M.B.A. from Vanderbilt University’s Owen Graduate School of Management, and a B.A. from the University of Louisville. Copyright © 2007 Directors & Boards, P.O. Box 41966 Philadelphia, PA 19101-1966. All rights reserved. Contact the webmaster. < Privacy Notice > |
||||
