Like so much else on Twitter, the question shot out of nowhere and raced across my attention span: Are ethics and compliance harder to achieve at large companies, or easier? And like so much else on Twitter, I shot back an answer without really thinking: “Ethics is harder at large companies; compliance is harder at small ones.”
Only later, when that answer had been retweeted by others several times, did I realize I might actually have a good point.
The question came from Chris MacDonald, a professor of philosophy and business ethics at St. Mary's University in Nova Scotia and author of the Business Ethics Blog, which is worth reading if you're someone who reads about these things. MacDonald was musing about the challenges of ethics and compliance at global corporations, where one compliance department (and often just one chief compliance officer) is supposed to ensure the good behavior of tens or even hundreds of thousands of employees. That chore would be much easier, he argued, if it were assigned to many small companies instead of one large one, because you'd then have many chief compliance officers instead of just one.
MacDonald's point makes a lot of sense—although, in truth, I hadn't read his blog when I voiced my opinion about ethics at large companies and compliance at small ones. (Like I said, this is Twitter. Nobody gives much thought to anything before speaking.) I perceived the underlying issue—getting employees to behave in a certain way—somewhat differently, and I'd like to elaborate on that here.
Ethics is not about compliance; ethics is about the discipline to follow a certain code of conduct. Where compliance is mandatory (someone else forces you to obey the code), ethics is voluntary (you choose to obey the code). I go back to that word “discipline” because it's important: you the employee, you personally, must exercise the discipline to behave a certain way. Nobody can compel you to behave in that certain way; you must, as the cliché goes, buy into that code of behavior willingly.
I know what you're thinking: This is all the Compliance Theory 101 material we see in the first few slides of the consultant's PowerPoint presentation; been there, done that, and still facing a subpoena for employee misconduct. But I humbly suggest that we often forget where that ethical code, where “behaving in a certain way,” actually comes from: other people. Whether we write down those expectations in a code of conduct, or convey them through unwritten practices and social cues, the rules of ethical behavior are simply the sum of what other people expect you to do.
Hence the first half of my statement, that ethics are harder at large companies—because, more precisely, ethics is easier at smaller companies. The accounts payable clerk can buttonhole that errant sales exec about expense reports in the break room; the department head can see the long-time employee who suddenly is arriving at work late every day, and ask how the divorce is going. Smaller scale means closer contact, and assuming nobody in your office is a jerk (sometimes a big if), you can navigate the streams of social interaction more deftly. You can entice people on your team to behave in a certain way more easily, because nobody likes the embarrassment of being “difficult” in front of his peers.
Compliance is something quite different. Compliance is about obedience to a code of conduct, yes, but it can be any code of conduct, including codes people dislike or don't find interesting. These codes don't evolve naturally, like the social practices that emerge from a small office; to most employees, these codes appear via immaculate conception: suddenly there, a new page on the employee manual, to be signed and returned to the central office. The discipline to obey it comes from above (the boss, the CEO, the regulator) rather than within.
Worse, because we now live in such a hyper-connected society, we have an abundance of codes that need to be followed. We've cultivated a society where everything must go right for a company to thrive, but anything can go wrong for a company to falter. That's a lot of discipline that needs to be enforced from above, if you want a group of people to behave in a certain way.
That brings us back to the other part of my statement, that compliance is harder at smaller companies—again, because more precisely, compliance is easier at larger ones. Critics were right to say the Sarbanes-Oxley Act (and the Dodd-Frank Act, and plenty of other acts) imposes a bewildering number of burdens on small companies that simply don't have the right structures to enforce compliance. They do have the right mechanisms to enforce ethics, but those mechanisms are social cues and peer pressure. That's quite different than the mechanisms for compliance, which are all about spreadsheets, legal departments, internal auditors, and reporting systems.
Let's go back to our errant sales executive who isn't submitting expense reports. One way to gain his cooperation is to impose a formal policy about expense reports, complete with an internal auditor to follow up on compliance. Another is for the accounts payable clerk to stroll over and say, “Look, if I don't get the reports by Friday, I can't reimburse you for the expenses. Why are you putting me on the spot like that?”
The goal here is to get that expense report. Which way would work better in a company of 60,000 employees? Which would work better at a company of 60? Most importantly, which way would work better at a company like yours?
No comments yet