Episode Transcript
[00:00:00] Speaker A: Hi, everyone. You've got questions and we've got answers. Welcome to another Bella Asks episode of the Ethicast.
At Ethisphere. We like to say that there's no competition in compliance, which is why we're using this show as a platform to answer high level questions about business integrity that have been posed to us by the members of the Business Ethics Leadership alliance, or bela. Bela is a global ethics and compliance community that provides exclusive access to helpful data, benchmarking events and other resources to advance your ENC program. It also provides a concierge service by which members can submit questions around best practices, and our internal experts will provide an answer, plus helpful resources with more information.
Most of these questions are particular to a specific company's needs, but many more of them speak to challenges and opportunities that face ENC professionals everywhere. So in this episode, we're going to answer one such question as part of our ongoing mission to make the world a better place by advancing business integrity.
And joining us to answer those questions is Bella chair Erica Salmon Byrne. Erica, thanks for joining us once more.
[00:01:14] Speaker B: Oh, Bill, it's 100% my pleasure. I'm happy to be here.
[00:01:17] Speaker A: Well, Erica, our next question is a risk assessment question and it reads, how should I be thinking about the risks of international remote work?
[00:01:25] Speaker B: Yep. Well, first off, Bill, you know, I love a good risk assessment question since that is the place that I take most of our questions, no matter what category they come in at. I always say you have to start with your risks. So I love it when they just come straight in as a risk assessment question. And this particular question came in from the Bella member who's actually looking to work on a policy related to international remote work. So this would be a situation where a particular employee is looking to work overseas for a certain period of time and continue to access the company systems that are necessary to do their job.
And so there's a couple of things that I would flag because this often comes up as a compliance issue. But like so many other things that ethics and compliance professionals deal with, it rarely ends there. So you obviously need to talk to your friends in HR and employment law about what kinds of potential employment issues might exist if you allow an employee to go work from a different location for a certain period of time. So maybe you've got a situation where you need to worry about length of time. Someone can only work in a certain jurisdiction for a certain amount of time before there become labor law issues. So that's, that's stop number one. Go, you know, figure out what you might be working with there definitely spend some good time talking to and working with your cyber team. Because particularly obviously if you're talking about remote work, this is knowledge work that can be done from a location that's not a company office. That means the individual is going to be accessing company systems. And you need to have a process in place to make sure that your cyber team, your security team, is vetting someone accessing systems from that location. So if I take, you know, those of us here at Ethisphere, for example, we have a clearance process where if we are going to be traveling outside the United States, which is where we are all located, you have to let our data security team know so that they can clear, vet and clear the location you're going to be accessing systems from and mark you in the system as allowed to access from outside from that, from that jurisdiction. And I learned this bill in the fall of 2025.
I forgot because it was a really quick trip. I forgot to tell our data security team that I was going to be attending a roundtable in Japan and I would be in Tokyo for four days. So it didn't even like, I was just, I was packing, I was going, I, you know, preparing my remarks, doing my presentations, all that sort of thing. I landed at the hotel in, I landed in Tokyo. I got to the hotel, I plugged my machine in, I went to access my email and I got, sorry, Erica, no go, because you haven't been approved to access the systems from this location. So I had to like use my phone to text our data security head and be like, hey, I'm sorry, I forgot to tell you, I was in Tokyo. And then he was able to, you know, get my access reset for me.
[00:04:19] Speaker A: But that having an anxiety attack right now for you imagining that.
[00:04:25] Speaker B: Fortunately, I had a local copy of my slides on my machine. So if I hadn't been able to get in touch with them, it wouldn't have been that much of a disaster, but it certainly would have been a hassle anyway.
So talk to your. The bottom line is talk to your data security team. There are going to be locations where this, where the, the security settings are going to be such that depending upon what your employees might be accessing, you are going to not want them to access company systems from that location or you're going to want to have other security protocols in place, a vpn, you know, some sort of, you know, some sort of other kind of additional level of security that would make you comfortable with someone from this jurisdiction being able to access your company systems. So you're going to want to go through all of those processes and figure out what is the procedure that I need my employees to follow. And then the third piece is going to be talking to your managers about when do you want to allow this and what is the framework going to be to make sure that the allowances are fair? Fair, right. Because as you and I have talked about, Bill, over the years, nothing destroys a sense of organizational justice in a team faster than someone feeling like there's favoritism. And so if you don't have a process to vet these things to, yes. Know these things to make sure that people understand what they need to do to get something like this approved, you're potentially creating a situation where your employees are going to feel like the rules are not the same for everyone. And that is extraordinarily detrimental to a company culture. So take the time to figure out what are the risks look like from an HR perspective, from a data security perspective, from a type of work this person is going to be doing perspective, can they actually do their job from an overseas location where they're operating on a different time zone than the rest of the team, for example? Right. Is that feasible from the manager's perspective? What are the things that I can give managers as guideposts to make sure that they're making these decisions consistently across their team? When people ask for this kind of dispensation and then the last thing I'll call out, just again, not knowing for sure what kind of work we're talking about somebody doing is you don't also want to look at your client contracts. So if you're doing work with other companies, there may be limitations on where people can access information related to that client from. And you just want to make sure that you're not putting the company inadvertently in a bad situation by allowing someone to work from somewhere where they really shouldn't be accessing that company's information.
[00:06:51] Speaker A: Well, Erica, this has been super, super helpful. Thank you so much for such a great answer and for coming back on to Bella Asks once again. So really appreciate, really appreciate the mind share.
[00:07:00] Speaker B: Absolutely, Bill. 100%. My pleasure. To all of those Bella members out there, please keep the questions coming.
You know, this is one of our favorite things that we get to do is to, to find ways to bring you all answers and things to ponder in this modality. So keep the questions coming and I'll promise I'll come back.
[00:07:17] Speaker A: To learn more about Bella, visit ethisphere.com bella to request guest access to the member Resource Hub and to speak with the Bella Engagement Director.
If you have a question that you would like answered on this program, contact the Bella Concierge Service and we'll get to work on it for you right away.
This has been another Bella Asks episode of the Ethicast. Thanks for joining us. We hope you've enjoyed the show. If you haven't already, please like and subscribe on YouTube, Apple Podcasts, and Spotify. And be sure to tell a colleague about us as well. Every like comment and share really helps this program. That's all for now, but until next time, remember, strong ethics is good business.
