Policy Simplification: Making Ethics and Compliance Real and Accessible for Everyone
By Susan Divers, Senior Advisor at LRN and former CECO at AECOM
The surprise success this year of Marie Kondo’s bestseller on the Japanese art of decluttering and simplifying one’s life may signal a broader societal trend away from clutter and complication. The same trend is emerging as a best practice in the area of ethics and compliance as well.
In early November 2015, the Department of Justice announced seven metrics by which it would judge the effectiveness of ethics & compliance programs.
The third metric asks “are compliance policies clear and in writing? Are they easily understood and translated?”
The early stages of ethics and compliance programs were dominated by rules, the more the better in general, and a proliferation of processes. Recognizing the limits of this approach and its potential for harm, companies such as Eli Lilly and Company, General Electric, European multinationals and others have invested in simplification.
Their goal is reversing decades of policy proliferation, jargon, and complexity by simplifying their policies and procedures, before the concept was embraced by the regulators.
What kind of simplification? Radical. Far-reaching. Values-driven. Employee and business-focused. Or, as Al Rosa, Chief Ethics & Compliance Officer for GE put it, “compliance moving at the speed of business.”
As a best practice driven by high-performance companies, simplification is consistent with LRN’s focus on integrating and infusing an organization’s values into its policies.
Michael McLaughlin, Chief Ethics & Compliance Officer of Dell Computer noted in an article for Ethisphere Magazine, last year “most compliance programs today emanate from a place of purpose and values while still maintaining the appropriate focus on following the rules. The next challenge, in my view, is using the purpose and values that underpin our programs to win employees’ hearts and, in so doing, gain the all-important share of mind that is the engine that drives the execution of our programs.”
Simplification, if done right, drives that goal by connecting the underlying values and shared goals for each policy clearly and concisely to its actual requirements.
Policies wreathed in “whereas” clauses, defined terms, acronyms, obtuse statutes, cross-references, Code of Federal Regulations references and the like are generally written by lawyers for regulators, not for employees. The approach is short-sighted and defensive. The underlying premise is that the company checks the box for a compliance topic by trying to address all possible permutations of a law or rule in an elaborate policy, usually without any reference to values or purpose. If a breach occurs, the policy is trotted out as proof that the company did its duty and cannot be held responsible.
For a good reality check on this approach, consider how many people actually read and understand the software licenses they click to “accept” when downloading or using a service. According to a report in the September 29, 2014 edition of The Guardian (U.K.) newspaper, the terms and conditions for signing up for a London “hotspot” included a “Herod clause” promising free Wi-Fi but only if “the recipient agreed to assign their first born child to us for the duration of eternity.” Nonetheless, people signed up. Employees that speak English as a second language or do not have high literacy will particularly struggle to understand what is expected from complex policies.
Moreover, when done right, the process of simplification promotes respect for employees and fosters trust.
As Lilly’s Chief Ethics and Compliance Officer Melissa Stapleton Barnes has articulated, Lilly’s three core values of integrity, excellence, and respect for people underlie their three-year policy review and simplification process.
The goal is to increase understanding and, at the same time, transparency and openness.
An essential feature of Lilly’s effort involves employee review — both by a panel of subject matter experts for all policies and procedures emanating from the simplification process as well as a set of international focus groups. These employee litmus tests have proven to be a powerful tool for employee engagement and policy simplification.
For General Electric, the emphasis has been on encouraging employees to use good judgment, rather than trying to craft a rule for every conceivable situation that might occur. GE’s effort looks at operationalizing policies and procedures so that business gets done more efficiently and compliance is embedded in the effort. The simplification effort can also drive efficiency and profit.
Policy Simplification is a Journey, Not a Destination
Lilly’s ethics and compliance team’s effort to simplify its company policies is now in its mid-phase. By rooting the effort in the company’s values, the project became “more than a housekeeping task or something to outsource to law firms” according to Audrey Mills, Lilly’s Senior Director for Global Policies and Standards who leads the effort.
The effort has three simple objectives:
- Foster a culture of integrity
- Encourage employees to exercise good judgment
- Simplify policies and procedures.
Once these were in place, the team assigned to the project determined the scope, timeline, architecture and, critically, integrated employee feedback into every phase of the project. They obtained the full support of Lilly’s leadership and mapped out communications, training and implementation plans as part of an integrated effort.
The overall architecture started with global, values-driven policy statements applied “verbatim” worldwide and to be followed by all employees. Next, the team provided operating groups around the world with a template setting parameters by which they were asked to craft procedures consistent with the global values and with local requirements. Each procedure then was published with an explanation of “why this is important.”
This approach brings the materials to life and makes them relevant to employees by connecting them to the company’s core values and commitment to serving the customer.
The Lilly policy team then reviewed the local procedures to provide feedback and ensure they met particular criteria: alignment with global policies and procedure templates, a focus on principles versus rules, ownership by local business leaders and simplicity in writing, using clear and human terms.
“We need employees to understand our policies and procedures, and why they are important, so that they are equipped to apply good judgment every day,” said Barnes. “This allows us to ensure that employee actions are aligned with our company values and enables us to achieve Lilly’s mission to help people lives longer, healthier, more active lives.”
A few years ago, General Electric’s CEO set an ambitious goal of company-wide emphasis on simplification in every area, not only policies. GE’s focus on simplification means using speed and technology to build a leaner organization.
The effort is tied to key values — promoting trust and encouraging values-based judgement.
Instead of crafting lengthy policies to address every potential scenario, the company leadership sought to inspire compliance and treat employees as capable of exercising good judgement consistent with GE’s values. In the Ethics & Compliance area, the effort at policy simplification sparked innovation.
Historically, policies at GE evolved at the operating unit level, which had the virtue of reflecting local business culture and requirements. The end result, however, was often lack of consistency and some policies were over-engineered, according to Al Rosa, the Chief Ethics and Compliance Officer. Length was also an impediment to both comprehension and efficiency. The company had instituted consistent, detailed policies for high risk areas such as anti-corruption and third party retention, but these needed simplification as well, to mesh more seamlessly with the business operations and processes.
“The Spirit & The Letter,” GE’s Code of Conduct, was simplified in 2013 to provide ethical decision-making guidance and plain-language “Rules to Remember.” At the same time, GE redesigned online integrity training and available resources for employees to make them simpler, shorter, more global, more interactive and more effective, thereby helping employees understand why integrity matters and how to “do the right thing” in their jobs.
In addition, GE released a two-page Simple Reference Guide, a streamlined “The Spirit & The Letter” employee guide and a new company intranet site, all of which were redesigned with the goal of making these resources more simple, user-friendly and global.
Another solution was the SEEK initiative — simplify, empower, educate and know. SEEK’s goal is giving managers the tools to deal with compliance as part of the business and the “go to market” strategy. Policies shrank from ten pages or more to two to three pages, in clear, simple words. The legal team designed wallet-sized cards with essential compliance considerations on one side and the numbers to call for more guidance on the other. The initiative also focused on operationalizing policy requirements into tools and processes already used by the business.
This approach cut down on the amount of time spent on compliance as an activity separate from the business, promoted more integrated and informed business judgments and allowed for real-time monitoring of compliance without waiting for an internal audit.
In short, it facilitated getting to “yes” or “no” more quickly with the facts in one place for review.
Not Just a U.S. Journey
Policy simplification efforts are not limited to U.S. companies, nor is it a new phenomenon. Eight years ago, Ellie Doohan, former UK Executive General Counsel of Asda, a $30bn food and goods retailer and British subsidiary of Wal-Mart, described her new job as “to make it as simple and easy as possible for the business to run safely and legally.”
Similar to GE, she focused on integrating compliance into business processes, making it easier for workers to do the right thing, as well as simplified policies.
Her journey started with operating procedures at the delicatessen counters — looking at how and where compliance requirements fit with the way store employees served customers. She found that the two lacked connectivity and policies were too legalistic and wordy.
By working with the operations team, Asda’s compliance department produced the “Big Box” — a series of simple picture-based guides for how to run each department that combined compliance requirements with business process. To keep the “Box” fresh, a cross-functional governance team updated it as store processes or the law changed. This led to significant cost savings by removing unnecessary work, and also improved the customer experience. It also led to better employee engagement as they understood why and how they needed to deliver safe and legally compliant results.
The Asda team also launched a “Clear as a Bell” initiative. Similar to the GE and Lilly endeavors, they looked at the most frequently-used contracts and forms and simplified them.
The key to success for Clear as a Bell was a panel, made up of a mix of hourly paid store employees as well as head office staff, to review documents for understanding and eliminate jargon.
The result was short and simple documents which were more easily understood and usually agreed more quickly. The approach also spilled over into other areas of the business and, for example, when a hand axe had to be recalled as a result of a defect, the company’s notice to its customers read —
Our Hand Axe would be fantastic apart from the fact that the head can come detached from the handle. Quite clearly this is not on so we’ve decided that you need to know. Thankfully no one has been hurt. If you’ve bought one then could you please bring it back. In return we will of course give you your money back — you don’t even need your receipt. We’ve also had a word with the buyer to make sure this doesn’t happen again. It goes without saying… we’re very sorry indeed.
Asda’s effort more than paid for itself in promoting good will with customers and simplicity in operations. It also echoed other values-based efforts by companies to acknowledge quality problems frankly and directly to customers without spin.
Domino’s Pizza regained customer trust by frankly acknowledging its pizza was terrible and then improving it. Bank of America’s clarity commitment is a similar example of simplification enhancing the customer relationship.
A Journey Worth Taking
Simplification isn’t always simple, but can pay big dividends for business and compliance. Some common shared learnings from these efforts:
- Get executive support.
- Draw up a project plan and timeline.
- Base the effort in company values.
- Use employee input extensively — it’s the most powerful catalyst when it comes to simplifying policies and procedures.
- Write materials in human terms, not jargon.
- Use graphics where possible.
- Emphasize principles but correlate to practical and workable procedures.
- Operationalize the policy — embed it in how the company actually does business.
Companies frequently struggle in the ethics and compliance area with concerns that its values are U.S or Western-centric or culturally alien, but by following these principles in formulating ethical principles and policies, a company can articulate values that transcend nationalities and give life to its program.
A global commitment never to compromise integrity in winning business lays the basis for specific guidance prohibiting bribery, kickbacks or improperly obtaining competitors’ information.
Respect for people underlies anti-discrimination, fair labor practices and zero tolerance for harassment or bullying without regard to jurisdiction or location.
Emphasizing values while giving everyone the tools they need to make sound judgments in real time promotes trust in the workplace as well as efficiency.
Employees can understand both the “why” and “what” of compliance expectations.
At LRN, we believe that the best ethics and compliance program is one that engages both hearts and minds, to paraphrase Dell’s Chief Ethics and Compliance Officer. Infusing values into every aspect of a program allows companies to move beyond the checklist mentality in formulating and evaluating their programs. Checking boxes and layering on requirements too easily becomes a mindless exercise, getting in the way of compliance moving at the speed of business and frequently giving the leaders a false sense of security regarding their program’s effectiveness.
Our research shows that focusing on engagement, respect for employees, fostering trust, promoting accountability and responsibility leads to better performance and a vibrant culture of compliance. These examples illustrate how leading companies are driving best practices on their own initiative, rather than waiting for prodding by regulators. At LRN, part of our mission is to identify and highlight such trends and practices and thus facilitate their spread in the community.
We recommend that companies embarking on a policy simplification journey start with their values and how they are, or are not, being implemented in the business. Our advisory services practice has helped major companies start this journey and experts can facilitate it, without losing that focus.
If you have questions about policy simplification or would like help launching such an effort, respond to this post or contact us. If you found this article helpful, recommend it or share it with your colleagues.