[00:00:00] Speaker A: Hi everyone and welcome to a special year end episode. I'm your host Bill Coffin, and this is the best of the Ethicast 2024 has been a pretty eventful year in the ethics and compliance space, both for good and bad reasons. For every best practice that rightfully earned its deserved spotlight, there was a mammoth failure of controls or business integrity that also vied for our attention. Along the way. However, Ethisphere Chief Strategy Officer Erica Salmon Byrne joined the show to share her insights on some of the biggest E and C news stories as they broke, lending her valuable perspective and expertise not just to understand these stories in the moment, but to put them in their proper context for driving the ethics and compliance discipline forward. In this episode, we present to you some of those moments and insights from the biggest ENC news breaks of the year and we'll have links for you in the show notes for where you can learn more about each of these new stories you're about to see. And now, here's Erica in its official statement around these corruption charges, Trafigor notes that they have committed to building a robust compliance and governance program since the time alleged in the charges since 2009 to 2011. But when you go to their website, the details of their governance and compliance program are kind of hard to find. They're buried in their sustainability section. And even then it's not exactly an intuitive or super detailed accounting of the program. So I guess my question to you is, when a company wants to share with the public how its program works, when it wants to build that confidence that it's being forthright about its efforts here, what are some of the best practices you have seen with regards to website information, publicly available documents, et cetera?
[00:01:52] Speaker B: I mean, look, Bill, we live in the information age, right? Finding information if you want it to be found is not hard.
If the information is challenging to be found, it is because it's not a priority for the company to make sure that it can be found, right?
This is not challenging. There's lots of great examples out there of companies that have made a deliberate decision to make it very clear how they have structured their program and what their priorities are. You can, as you said, you look on websites, it's one or maybe two clicks away from the main page. You read the ESG report, it's in the report. Some companies are even creating specific standalone ethics related reports that talk about the program and the structure of the program. So a company that's truly committed to building a culture of transparency and accountability will be transparent and Accountable with the way that they talk about that program in the public. And when that does not happen, it means one of two things. Either the company doesn't think the outside public has any reason to know Trafigura is a private company. So they may, you know, have made a decision that nobody on the outside needs to know. Now, given the position they're in, the ongoing investigations into their behavior. Right. Because they're not done. All of the news stories note that there are, you know, there's additional investigations out there there. Given the fact that. That they are under the scrutiny that they are under, and given the fact that they have the amount of activity, prosecutorial activity, swirling around them. Were I in their shoes and I had actually built a program that was worth bragging about, you would see it everywhere. Right. It would be on the website, it would be on the main page. It would be something that I would talk about. My compliance chief would be out discussing what the company had built. We haven't seen any of that. Right. We haven't seen any of that. And so my suspicion is that the words are being said because the lawyers have told him, told the CEO that the words need to be said and that there really is not very much underpinning those words.
[00:03:54] Speaker A: The board of Fat Brands made headlines last year when it prompted numerous lawsuits over the removal of, I believe it was five independent board members.
[00:04:01] Speaker B: Five independent directors. Yeah.
[00:04:03] Speaker A: Who are then replaced with members of Whitehorn's family. So first, and the obvious question is, how much of a red flag is that to you as a governance expert? And secondly, from risk management perspective, how much does a move like that invite the kind of scrutiny that is bound to uncover any other misconduct if it exists?
[00:04:22] Speaker B: Yeah.
So, Bill, what happened in this particular situation, you know, when Fat Brands went public, it went public as a controlled corporation, but the family had not elected to actually sit the board that way. Right. They followed what all of us would see as more typical governance activities. So if I'm an investor in Fat Brands, yes, I understand that there's a controlling shareholder, but it's not being managed as a controlled corporation at that point.
What they did when they flipped the board is they took the five independent directors that were on the board at the time, they remove them, they replace them with three of his family, three of his. His children, and two franchisees. And that is, if I'm an investor in Fat Brands, an enormous red flag. Right. Because that basically means that there is no one in that boardroom that is going to be comfortable telling the leadership team no. And that they are truly a rubber stamp board at that point. Right. Whatever it is the CEO wants, they're just going to go ahead and do. And even after he was no longer the CEO, whatever the, whatever he wants as the controlling shareholder, he's going to go ahead and do. Now, part of his counterpoint, and you see this in some of the news articles, you know, from the, from that particular period in time was, well, we always disclose the fact that it was a control corporation. And that is true. But just the fact, just because it's a control corporation doesn't mean you don't have a fiduciary duty to the people who invested in the business. Right. The process, and you and I have talked about this bill over the years, the process of going public is a compact, a social contract that you make with the people who have given you their money and they give you money to grow the business and in return you're supposed to take good care of it. And when you don't do that, that is a violation of the way in which you are supposed to be accessing the capital markets and you end up in situations like this. So from my perspective, just looking at the publicly available facts in this situation, every one of those directors should be ashamed of themselves.
[00:06:26] Speaker A: Yeah. And you know what was interesting is that as we were doing research for this episode, a statement that really struck me was, I think it was when the lawsuits regarding this board switch, you know, were filed and there's a bit of furor over it.
You know, the response from Fat Brands was, hey, you know, we've always been a family oriented business, so that's why we're putting family on the board. And that just struck me as a, a particularly disingenuous explanation and one that didn't speak at all to how is this new slate of directors going to help, you know, direct the company in a more, a more, a more meaningful way. It struck me as the reddest of flags.
[00:07:03] Speaker B: Yeah, I mean, if you, if you look at those, if you look at the quality, at the description of who sits on the Fat Brands board, Right. There is no one on that, almost no one on that list that knows what good governance looks. Looks like. I won't say no one, because there's a couple of people with a background where they should have known better. But you know, the fact of the matter is, is you've got people sitting on that board who have no idea how to handle the responsibility of being a director, because it is a responsibility. And you know, they have no Sense of how to engage in the kind of oversight that the business needed. And that's obvious by what has happened. Right. It's not just the former CEO that's been indicted. The company's in a heck of a lot of trouble too, as is the rest of the, you know, other members of the leadership team.
[00:07:49] Speaker A: Yeah, yeah. And one last word about the board is that, you know, I don't know any of those people personally, of course, but looking at their relationships to Widerhorn himself, none of those people strike you as having any kind of authority to really challenge anything that Widerhorn says. So if he says jump, they're saying, hell, hi. And that's not the way it should be between CEO and the board.
[00:08:07] Speaker B: That, I mean, that's the reason why, Bill, I referred to them as a rubber stamp board. Right. There is not a single person that, that based on, you know, the information that the company itself put on their website about who they are that would, would have been in a position to look at Widerhorn and say, you can't do that.
[00:08:27] Speaker A: Every plea deal or resolution with the government holds lessons for compliance professionals. So can you tell me what are some of the biggest lessons that are to be learned here?
[00:08:36] Speaker B: You know, Bill, that's something that you and I have talked about a lot in the past. No consent decree, no deferred prosecution agreement, no plea deal should really go unmind by compliance professionals. There are lessons in there for what could happen at your organization. With a little creativity, everybody can think of what this could look like for them. And then there are also lessons in how the regulators are thinking about issues right now and what they are expecting to see in the event that they come in to look at a program. And so, you know, any compliance officer worth their salt should really be looking at all of those documents to make sure that they understand what the regulators might be expecting if they wind up in a conversation with them. There were a couple of things that stood out to me in the plea deal. The biggest one is the desiloing of the program. So in the statement of facts, one of the things that the department says, and Boeing of course has to agree with as part of the plea deal is the anti corruption and anti bribery program at Boeing was siloed. It was separate from any other compliance efforts that might have been in place at the organization. So it was sort of a one off risk specific program. And as part of the resolution of their issues, what Boeing has to do is Boeing has to connect that program with its safety and quality program because the government is Looking at safety and quality compliance failures as fraud failures. And so they have basically said, given the business that Boeing is in, that a failure of compliance and safety and quality is fraud on the government. And Boeing has to create a comprehensive program that links its anti corruption and anti bribery efforts to its quality efforts and really holistically goes from across all of the risk areas rather that the organization is facing. We have been talking about desiloing programs for a decade, we have been talking about data layering for a decade. And the reasons for that are exceptionally strong. Because if you think about compliance as a second line of defense model, where audit is your third line of defense, all of your compliance functions have to be pulling in the same direction. They have to be coordinated and they have to be working together. We saw the first indications of this position from the government's perspective in the evaluation of corporate compliance programs, updates, where they specifically said that in the event a program is in front of them, they will be asking, what data did you try to get your hands on that you couldn't? That might have prevented the issue that happened. That was the first indication of data layering, layering rather, which is really this practice of saying, okay, here's my data set. What does your dataset look like? Let's not be myopic about what we're looking for in the data, but let's instead partner together across quality, safety, it, hr, finance and compliance to and communications, you know, all of those sister functions to have a holistic view of what's happening across the business. You know, we did a Bella asks earlier this year where we talked about the Jurassic park example where if you are tracking your 47 velociraptors, you only ever see 47 velociraptors in the park when the fact of the matter is, is you have, you know, four times that many velociraptors and you've got a velociraptor problem.
[00:11:46] Speaker A: Well, exactly.
[00:11:47] Speaker B: Basically what the government has said to Boeing in this plea deal is you have a velociraptor problem and you need to make sure that your program is set to be able to capture however many velociraptors there are in the park, not just the 47 that you've trained your program to look for.
[00:12:02] Speaker A: Yeah, and the really exciting thing about all this, apart from the fact that, you know, we got a chance to say velociraptor on the show one more time.
But seriously though, one of the exciting things about this is that, you know, the path forward for Boeing is it's not all on the compliance function. It's actually the path forward. It gives a lot of opportunity for all those sister functions to have a really important part to play in crafting the recipe for success for Boeing going forward. And so it gives a lot of people a chance to be the hero here.
[00:12:29] Speaker B: Yeah, absolutely, absolutely. You know, I'm reminded of the, you know, the conversation that I had with Doug Langler back when he was the chief compliance officer for Pfizer in the, the mid aughts when, when you know, they went through their off label marketing issues and you know, part of Doug's big campaign for Pfizer's program post the resolution of those challenges, it was a program that he called it's mine. And the point of the it's mine program was whose responsibility is it to do the right thing? It's mine. Everybody was part of it's mine. And it's that same sort of attitude that Boeing is being asked to cultivate here, which is you need to think about safety and quality as important as fraud, as corruption, as bribery, as some of these other sort of significant risks. And if you don't think about it holistically, oh, guess what, here comes your monitor to make sure that you are.
[00:13:23] Speaker A: I'm so glad you brought up Pfizer because that's such a great example of an organization that had a lot of work to do, turned it around and embraced the solution. And as a result, you know, in a way, Pfizer is also a very strategic organization. Boeing is very strategic. We're all invested in Boeing being successful, right?
[00:13:37] Speaker B: Absolutely.
[00:13:38] Speaker A: And we're all invested in Pfizer being successful. And guess what? A pandemic came along and because Pfizer put in that work, they were ready to seize the moment in a way that probably they couldn't have been if they had been the same organization they had been back in the mid aughts, you know. So it's really, it's really exciting to see that. And I love the Pfizer example quite a lot.
Rank and file TD bank employees themselves took substantial bribes to help launder money. Point DOJ mentioned. I think $57,000 in gift cards were given to kind of, you know, grease the wheels. And that strikes me as a high frequency, low severity aspect of bribery.
So I guess my question is how does an organization of this size reset culturally to prevent this kind of misconduct from occurring?
[00:14:23] Speaker B: They've got to take a real hard look at their really everything from a compliance perspective inside of TD Bank. And in particular, yeah, I mean, every company on the planet in their code of conduct says gift cards. Accepting gift cards is a violation of our code. Who knew that this was happening? Who saw it happening? In some cases, the fact pattern says that employees use the same debit cards that they sent to Colombian drug cartel members to take their piece of the pie. Obviously, there was a look the other way element of this. People had to know that that was happening and chose not to say anything. But also, I think, you know, there's a, there's a definite element of this that is, you know, what happened to the people who did raise their hand and say, we're not keeping up with our risks. What happened to the people who said, you know, our controls are not keeping pace with the growth of the business? I think the monitor that comes in needs to look really carefully at the cultural aspects of this, at the willingness of people to say what's happening in their particular branches. Because anytime that you have an organization of this size, you're going to wind up with some people who are open to a bribe to look the other way. And so you have to rely on your systems and your controls to be able to catch those kinds of circumstances. And in this case, from what I can tell, there simply weren't any.
[00:15:49] Speaker A: You know, we talked about this earlier this year in our culture report. You know, we talked about the Speak up gap and something like. I think it's like 93% of people say they'd be willing to, to report misconduct when they see it. When the moment of truth happens, that number drops to 50%. And when you ask people why, it's because they are afraid of retaliation or they're afraid nothing's going to happen as a result of it. As TD bank does a cultural stock taking, if you will. I'd be curious to know what those numbers look like within TD Bank. I think that might be a really interesting indicator of the health of Speak up culture with regards to, you know, how much that deteriorated because the, you know, bribery culture came up, or if simply other factors were keeping it low and that helped the bribery culture come up. I think there's correlation is not always causation, but I'd be curious to see what causalities there could be here. They might be significant.
[00:16:34] Speaker B: Inside of any organization, your culture is a combination of your formal systems and your informal systems. Your informal systems are always going to be stronger than your formal systems. Right? Your informal systems of sort of how do we do things here? The things that people are not willing to challenge the unspoken rules of a particular manager or a particular team or a particular piece of the organization. But when you have really weak formal systems, your informal systems are really going to triumph, right? And so I think one of the things that we see in this particular circumstance is a deliberate underinvestment with a name on it, right? A deliberate underinvestment of informal systems coupled with informal systems that can exist inside a new organization. And so, you know, to those out there listening to this and thinking to themselves, well, my formal systems are stronger than TD Bank's formal system. So I'm all good.
A that's probably true, but that's not a real high bar for you to be stepping over.
And B you know, all of us can benefit from spending some time thinking about the ways in which our informal systems may be either augmenting or undermining the formal systems that we put in place at our organizations.
[00:17:46] Speaker A: What is it that Matt Galvin said at the ges? What's the definition of culture?
[00:17:50] Speaker B: Culture is the worst behavior an organization will tolerate.
[00:17:52] Speaker A: As we head into 2025, life doesn't look like it's going to get any easier for the ethics and compliance space, so be sure to visit ethisphere.com regularly to catch up on the latest news, events, resources, solutions and more, as we all do our part to make the world a better place by advancing business integrity. I'm Bill Coffin, and this has been the Ethicast. For more episodes, please Visit the Ethisphere YouTube
[email protected] ethisphere and if this is your first time enjoying the show, please make sure to like and subscribe on YouTube, Apple Podcasts, and Spotify. If you'd like to appear in the show as a guest yourself, drop us a
[email protected] ethicast thanks so much for joining us, and until next time, remember, strong ethics is good business.
