Ethical Behavior: No one is truly listening to you

When leaders in other organizations ask me how they should go about launching an ethics program, they are often enthusiastic. Whether because of an article recently read or a director’s conference recently attended, these men and women have “gotten religion” and cannot wait to go forth and conquer. For those of you who heard me recently recount my discussion with Pam (here), you know that it takes a certain kind of mindset to lead the ethics program. But leaders launching an ethics program within an existing organization are also often convinced that its success will be measurable in a manner akin to counting widgets produced per hour, or similar.

The common refrain I hear is, “We’ve got to get this [ethics] program up and running fast! We’ve already drafted communications, planned all-staff meetings at each facility. We’re going to tell people all about it, so they’ll get on board right away!”

Now I don’t know about you, but when people I don’t really know are rushing toward me smiling, frantically waving their arms, and telling me in crazed fashion that “they’re here to help”, I run the other way. And so will employees when confronted with top-down headquarters-scripted communications and town hall meetings. Many of your employees have been at their facility longer than you’ve been out of college. They’ve seen the “program of the quarter” launch, fizzle and fade more than once. Don’t let your well-intentioned (and necessary) ethics program join the fizzle-and-fade folly.

Here’s the rub…your employees aren’t really listening to you most of the time. Unless you directly impact a man or woman’s paycheck, schedule, assignments, or working conditions, you are likely immaterial to their day-to-day professional landscape. An employee can only speculate what a remote company executive does each day, but he/she can surely tell you what his/her boss is doing, not doing, saying, not saying, etc.

If your line supervisor breaks promises, falsifies expense reports, or takes office supplies home for personal use, his/her employees not only know about, but they resent the supervisor for it. That very same supervisor could talk about ethics all day long, handing out buttons and pens galore, and the employees will smirk and roll their eyes.

Bottom line is that it’s not what you say about ethics that will strengthen ethical behavior in an organization, but what you and your fellow leaders model. The measure of success for a newly-launched ethics program will be that future moment where ethical behavior has been modeled so consistently from the CEO through the ranks to the shop floor, that when one employee sees another employee about acting unethically, the first employee holds the second employee accountable.

No words or fancy slogans will be necessary from that moment on…

An Effective Ethics Program: It’s Really Not About You

Recently a colleague at another organization had sought my input regarding her plan to initiate a formal ethics program. Pam’s organization had grown both organically and through acquisition, and with it new and more delicate issues had arisen. As its senior human resource executive, she had begun to sense that the burgeoning and increasingly diverse employee population could no longer simply rely upon an employee handbook and online training modules to guide day-to-day ethical decision-making.

Pam had done her homework. She understood the basis for developing a comprehensive Code of Conduct; establishing a Fraud & Ethics Hotline; and senior leadership setting the “tone from the top.” But where Pam got stuck was identifying the individual who would lead the Ethics Program and provide its “face” and its “voice”.

We delved into the importance of objectivity and consistency in all program activities and all communication issuing forth from the Ethics Officer. Pam recognized that such communication will range from informal dialogue to formal drafted opinions. We weighed the advantages and disadvantages of various professional backgrounds from which she could draw forth a qualified individual. Successful Ethics Programs  have been led by professionals with backgrounds as diverse as Legal, Internal Audit, Human Resources, Technology, Education, and Theology.

We agreed that the common thread of objectivity must prevail. An effective ethics leader is neither solely an advocate for the employee nor for the organization, but is instead an advocate for the shared values embodied in the organization’s Code of Conduct and associated policies. Thus, an ethics leader doesn’t bring his/her own personal opinions, viewpoints, morals, or theology to bear when reviewing a matter, but instead adheres to the organization’s documented guidelines.

Quite frankly, when an ethics leader acts in accordance with the organization’s culture of shared values, he/she will occasionally have to issue a formal opinion that will contrast with his/her own personal opinion. The outcome is about the good of the organization—not about personal preference or moral judgment. It’s not about you.

Over the course of time, this consistently objective approach will result in a library of ethics opinions that will provide predictability and precedent for leaders, employees, and successor ethics leaders to rely upon. Employee trust in the impartiality of the program will accrue through this neutral approach, further strengthening the organization’s culture of compliance.

And with that, Pam set off to recruit the ethics leader that would best represent her organization.

Untamed, Unruly and Unstoppable?!?

"There's a way to do it better—find it."  ~Thomas Edison

"Success is on the far side of failure."   ~Thomas Watson Sr.


Does the title above accurately describe your professional style? Or that of your Team? Your Organization?

Why not?

Much has been written regarding the unfortunate passing of the iconic Steve Jobs. Does your own leadership experience and outlook embrace the passion for your Organization's mission that was evident as Steve Jobs spoke to those 2005 Stanford graduates? Do YOU fondly recall your own failings with the same enthusiasm that Steve Jobs exuded when describing his ouster from Apple ten years after its founding?

Are you failing enough? Are you encouraging your Team's members to fail more often?

The financial services industry continues to evolve at breakneck speed. Online bill payment, account aggregation, bank-to-bank online transfers are now "old" technologies. Single location institutions have launched mobile banking. As soon as your Public Relations Team can place a piece on the PRNewswire, a dozen other competitors or peers simultaneously issue similar independent press releases.

Despite infinite media attention and blogs devoted to the "rise of regulation amidst Dodd-Frank" and all of the other horror stories about "new fees" that abound, a select few of your competitors are conceiving, testing, retooling, retesting and preparing to launch tomorrow's customer-friendly product or service. What are YOU doing to lead your Organization to the front of that cadre? Is your Board of Directors inspired...or mired in risk aversion?

Every merger has an acquirer and an acquired (regardless of how the Communications Team attempts to portray it). Yesterday's mergers were often about growing the footprint, expanding the brand to new markets, leveraging complementary channels for optimizing profits and controlling redundant costs.

Is your Organization untamed? Are you confident enough in your professional Team to accord them a percentage of their time to be unruly enough to identify, develop and launch the products and services that will satisfy tomorrow's customers/members?

Your Organization, under your leadership, will either be the acquirer--or the acquired--in tomorrow's merger. You will either be seeking to acquire an institution through which your Organization can channel its innovative products, services and servant leaders to WOW! new customers/members...or you will be explaining to your employees why many of them will need to seek employment elsewhere?

YOU are the Leader that everyone in your Organization is looking up to. Are you the Leader that everyone in your Industry is looking up to and attempting to emulate?

If not, then perhaps it's time you moved out of the way to allow that Leader to emerge...that Leader who will ensure that your Organization and each of its fully-invested Teams become and remain: UNSTOPPABLE!

Compliance & Ethics Guidance: “Require” or “Recommend”?

In our capacity as Compliance & Ethics professionals, we are invited daily by business line management to provide guidance on diverse topics. Because we are managing compliance and ethics across an entire organization, each topic must be reviewed with multiple internal stakeholder interests in mind. Externally, we are subject to scrutiny by our customers, our regulators, our industry, and the press. Thus, no review is undertaken in a theoretical vacuum, nor is any resulting guidance intended to provide a one-size-fits-all solution to all similarly-situated topics. Business line management doesn’t always understand those underpinnings when receiving guidance from us.

A frequent question heard by many C&E professionals upon delivering compliance guidance or an ethics opinion is, “So, is this a requirement…or merely a recommendation?” Management attaches very different treatment to our response to that question. Requirements may entail additional cost—whether an opportunity cost of a forgone initiative or a hard cost like implementing additional information system controls. Recommendations may at first blush appear to be optional activities that can be ignored and forgotten. The seasoned C&E professional knows that she must not leave management with any ambiguity about the risks of alternative future courses of action. We only add value to our organizations when we can achieve alignment between management’s risk appetites and our own governance, risk management and control frameworks.

A little confession here…at the onset of my career as an internal auditor, I wrote my recommendations as if they were self-evident edicts born of a brilliant mind. Fortunately I was also paired with managers and mentors who were equipped to deliver humbling learning opportunities to me, for which I have been ever grateful. Those formative leaders challenged me to support my assertions with specific corporate policies, statutes, or regulations. If my assertion was one supported by a matter less well-defined, such as fair trade practices or a matter of public policy, then I was urged to develop recommendations that objectively balanced the strategic interests of the business with the external interests, so as to allow management to make fully-informed decisions. These distinctions served me well. Perhaps you can relate to this transformation from your own career path.

Today I continue to improve my craft. I take great care in drafting compliance memoranda and ethics opinions that ensure well-substantiated transparency. I employ the word “require” when I seek to guide management away from the expedient pitfalls that ultimately lead to reputational loss, fines, lawsuits, or jail time for corporate officers. I employ the word “recommend” when I seek to guide management toward actions that will improve the customer experience; enhance the value of the brand; or reduce aggregate regulatory risk. To overuse “require” when “recommend” would suffice is to invite the “Chicken Little” effect and diminish Compliance & Ethics’ effectiveness. To overuse “recommend” when “require” is truly appropriate is to dilute our own integrity as C&E professionals and ignore our fiduciary duty to our organizations.

As such, when providing compliance and ethics guidance to management, I recommend (but not require) that we choose our words purposefully and substantiate objectively.

When Crisis Erupts: Surmount or Surrender?

“The easiest period in a crisis situation is actually the battle itself.

The most difficult is the period of indecision -- whether to fight or run away.

And the most dangerous period is the aftermath.

It is then, with all his resources spent and his guard down, that an individual must watch out for dulled reactions and faulty judgment.”  

~Richard M. Nixon, 37^th President of the United States

As a Chief Compliance & Ethics Officer, you know that the eventuality of crisis striking your organization is not a matter of “if”, but only of “when.” You spend your career crafting and implementing a governance system of policies & procedures, training, monitoring, and reporting whose value will ultimately be assessed in those moments and days following the crisis. Not all systems (nor all leaders) will survive the test.

Crisis will not politely schedule an appointment with you on a lazy afternoon, but will more likely descend upon you furiously, publicly and embarrassingly at the most inopportune of moments. Crisis will arrive in the guise of a viral tweet, a regulatory inquiry, or a criminal indictment. A loyal staffer will hesitantly summon you from a meeting into the hallway to advise you of the breaking news. And so begins the moment of decision.

As Compliance leaders we have trained our entire lives to guide and protect our organizations from harm. The very same principles that we have employed to prevent and mitigate risk will come into play when we must navigate our organization, its leadership and its board through and beyond the crisis. Decisive action that engenders trust must remain at the forefront of the response.

Thus, together we must continue to:

•        Act ethically and decisively;
•          Communicate frequently and transparently; and
•          Modify practices appropriately.

Act ethically and decisively

Crisis does not represent your organization in its entirety. Your mission, your values, and your people remain fundamentally sound, even when something has gone awry. Therefore, even as you and your leadership team are undertaking an investigation and crafting a response to the statement, incident, or charge, you will continue to direct your employees to perform their day-to-day responsibilities with the accustomed level of adherence to ethics, compliance, and mission-focus. Your organization will survive the crisis, and so the continued service to your employees, clients, customers, vendors and shareholders must remain highly-functioning.

Communicate frequently and transparently

Do not compound the temporary negative impact of a crisis by shrouding the crisis in a cloak of shame and secrecy. While not proud of the event that has triggered the crisis, you remain nonetheless committed to your employees, your customers, your brand, and your mission-focus for the long run. Within that long view context, communicate quickly that leadership is:

·         aware of the situation;

·         taking it seriously;

·         cooperating fully; and

·         is committed to resolving it.

Convey that future communications will follow as additional information becomes available, and adhere to that pattern, even if only limited information becomes available. Your stakeholders are better served by hearing the truth from you, than the mistrust that will take root if they begin to receive their information—accurate or misconstrued--from external sources.

Modify practices appropriately

While some crises will end with a conclusion that the crisis was merely malicious and unwarranted, often the investigation will reveal a compliance or control weakness that must be addressed by your organization. Once identified, own both the root cause and the solution, communicating the same to your stakeholders. Then set to work implementing the required changes that will ensure the situation has been appropriately addressed. If additional training is warranted, then make every effort to involve the affected employees in designing and testing the training before it is rolled out to the larger audience. Schedule subsequent time to review the modified practice and test its effectiveness, regardless of whether required to do so by a regulatory body or not.

***

Crisis will erupt. You will be called upon to act in the best interest of your organization and its stakeholders. If you have prepared yourself, your leadership team, and your board in advance of this moment, then you will pilot your organization to a brighter tomorrow with the flag flying high. Otherwise, armed only with dulled reactions and faulty judgment, you will find yourself waving the flag of surrender.

Regulatory Compliance: Tear Down That Ivory Tower!

I recently ran into a Compliance colleague, “Jill”, whom I hadn’t seen in a while. As we exchanged pleasantries, Jill explained how busy she has been at her organization, to a point where she “couldn’t even get out of her office for lunch most days.” I understood her sentiment, but I challenged Jill’s premise that her most effective oversight of her Compliance Management Program was being accomplished sitting at her desk with her nose to the proverbial grindstone.

“What do you mean?”, Jill inquired.

“For starters, how are you assessing the compliance culture within and across your organization?”, I responded. I waited for the predictable response.

“I receive reports from each department head on a quarterly basis. I meet with those same department heads at least annually as we update our risk assessment. “ And then she punctuated her response, “I always know what is going on from a Compliance perspective.”

We visited for a few more minutes before continuing on our respective journeys. I have the utmost respect for Jill, and the many colleagues with whom I’ve engaged in similar conversations over the years. But I was reminded again that day that differing viewpoints pervade our Compliance Management profession.

I liken the practice of our craft to that of a world traveler. In fact, given the international nature of Regulatory Compliance, many of us have become world travelers from time to time. But one cannot truly experience traveling the world by reading other people’s written accounts of foreign lands. Similarly, Compliance professionals cannot simply read stacks of reports, formally engage depart heads once or twice annually, and conclude that they have traveled the organizational “globe”.

We’ve got to come down out of our ivory towers. In fact, we’ve got to tear down our ivory towers in the Compliance Department and never return to our old ways. Instead, let’s engage leaders at all levels across our organizations as often as possible. Informal dialogue that may occur within the context of a scheduled project meeting, or a chance meeting in the hallway, can often generate useful information that lends itself well to a holistic risk assessment.

Leaders want to tell you what concerns they are facing, and when those concerns signal regulatory compliance exposure, you have an opportunity to collaborate further toward a resolution. Internal Audit provides another natural source of regulatory compliance risk data gleaned from its expansive reach throughout your organization. Regulatory Compliance also finds a natural ally in the Information Technology Department, where governance, risk management and compliance looms large over an ever-evolving landscape. Compliance professionals grow to become trusted confederates with leaders of lines of business, Internal Audit and Information Technology.

So join me! Grab your water bottle or coffee cup, and explore your organization more freely. Engage others daily and take a more genuine interest in the regulatory compliance challenges facing your fellow leaders. Collaborate with them to develop lasting compliance solutions. Your risk assessments and resultant regulatory compliance program will flourish, producing more meaningful results for the entire organization. You won’t want to return to the ivory tower.

WHEN ETHICS AND EXPEDIENCY COLLIDE

“It is the mark of an educated mind to be able to entertain a thought without accepting it.” ~Aristotle

“There are no easy answers' but there are simple answers. We must have the courage to do what we know is morally right.” ~Ronald Reagan


As Compliance and Ethics Professionals, we are daily reminded that violations of law and dignity are no less common now than they were in ancient civilizations. We report upon and read about corporate, government, and personal scandals that boggle the mind. Acts and omissions that defy common sense are nonetheless undertaken out of expediency, greed and ignorance, only to eventually expose the perpetrators in the public square.

Why?

Why--with all the failed historical examples, complex laws, regulatory bodies, education and training—do some organizations continue to succumb to poor judgment and wrongdoing, while other organizations rise above?

While we speak often about the ‘tone at the top’, we must also acknowledge that ideas and actions emanate at all levels of our organizations. Driven by deadlines, profits, corporate goals, marketplace competition, etc., individuals contemplate ideas and execute upon those ideas. But not all ideas for generating revenue, decreasing expenses, or streamlining processes merit the same consideration.

An organization’s culture, modeled by its leaders at all levels, must unambiguously communicate that execution must meet its values. A healthy exchange of ideas should always be weighed sufficiently and transparently by knowledgeable stakeholders, so as to expose potential ethical, legal and financial pitfalls. Though we are charged with educating our operational and administrative colleagues about our Code of Conduct and our Legal and Regulatory obligations, we have the additional obligation to actively counsel them as well.

Leveraging our Anonymous Reporting Hotlines, Internal Audit Departments, and industry and regulatory trends, we ourselves must be prepared to actively engage our colleagues across our organizations to probe for prospective lapses. In a highly-charged competitive environment, we cannot idly sit by and fail to question if expediency is trumping ethical decision-making. Let’s not forget that we are the protagonists—not the villains—in this story.

Why I Love Regulatory Examinations

“The superior man understands what is right; the inferior man understands what will sell.”

~Confucius

“Happiness does not come from doing easy work but from the afterglow of satisfaction that comes after the achievement of a difficult task that demanded our best.”

~Theodore Isaac Rubin

To this day, I enjoy going to the dentist. Almost nothing feels as good as that squeaky-clean sensation after the hygienist completes a thorough cleaning. When I was a child and others feared that periodic visit to the reclining chair, I looked forward to the cleaning, fluoride, and constructive criticism about my brush I received as I sat there. While not cavity-free, I have experienced far fewer than I otherwise would have.

Similarly, I’ve never experienced an unfavorable regulatory examination, though my experiences haven’t been “cavity-free.” Jokes comparing audits to root canal aside, I believe the same lessons learned in the dentist’s chair apply equally well amidst the increasingly complex regulatory landscape we face in our organizations. We each lead our organizations with our mission top of mind, but those of us who achieve the greatest success know that we must continuously improve our products/services, our processes, and our people. That is where our regulatory examinations and internal audits come into play.

But some of us have also led in organizations where government regulators were regarded by some of our colleagues as the barbarians at the gate. Those doomsayers would have us believe that examiners and auditors are the malicious brainchild of fiendish state and federal bureaucrats committed to descending our state or nation into communism. 

I’m not a fan of senseless or redundant government regulation by any means, but even Ronald Reagan retained most aspects of the federal regulatory infrastructure throughout his tenure. Judicious regulation has its rightful place in the untamed marketplace, and thus serves to balance the interests of fair-minded consumers and businesses against the carelessness of the few.

A fair-minded organization operates with a high-degree of transparency and employs efficient controls and feedback mechanisms to drive improvement. While operational metrics, financial reporting, and focus groups can provide much important data, the superior organization incorporates the findings and observations of its internal auditors, external information security auditors, and state & federal government regulators into its continuous improvement mechanisms.

I have had the pleasure to speak with countless committed regulatory professionals throughout my career. Well-educated, knowledgeable about their industries, insatiably curious—these men and women have provided me and my colleagues with great insight not only into our own organizations, but have also previewed industry trends before they became regulatory mandates.

Because we were willing to listen, anticipate and prepare, we were able to adapt practices, install or modify systems, and educate our employees and customers in a manner that displayed our genuine integrity as an organization. While I’ve led at organizations that have garnered awards and praise, I am pleased not to have worked at organizations that have headlined the scandal pages.

The truth is…regulatory professionals care deeply about their respective agencies’ missions. As within our own organizations, they are also subject to the ambiguity and uncertainty that new laws, regulations, and political battles entail. Without speaking ill of a rule, regulation or politician, a forthright regulatory professional will admit when the landscape is rocky, shifting or unstable. A wise leader walks that rocky road with the regulator, listening closely, communicating openly, and seeking clarity where clarity may be had. And even when we must agree to disagree on a matter, the relationship remains strong well into the future.

A forward-leaning organization positioned to succeed well into the future expands itself atop a firm foundation build solidly into the regulatory landscape. When regulatory examinations and internal audits inevitably occur, the transparent integrity and compliant processes we employ will carry the day. Importantly, our ability to humbly accept and evaluate the findings, recommendations and observations that are shared with us (formally or informally) may well drive adaptions or improvements that our stubborn competitors will be unwilling to receive. Hubris begets truth decay.

COMPLIANCE & ETHICS: STAND YOUR GROUND OR STAND DOWN?

“When restraint and courtesy are added to strength, the latter becomes irresistible.”  --Mahatma Gandhi

Building upon the topic of my last article, I want to explore how you respond when called upon for your compliance or ethics perspective.

On the one hand, as the cliché goes, to him whose only tool is a hammer, every issue is a nail. At some phase of our own careers we may have found ourselves expounding first and asking critical questions later. At the very least we have encountered compliance professionals who may have operated from this viewpoint. As I recall one individual saying to me years ago, “If he didn’t want my honest opinion, then he shouldn’t have come to me for compliance advice!” At this end of the spectrum, every situation that arises, every request that is received, is met with an oft-detailed compliance laundry list that can bog down many a promising business initiative.

At the other end of the spectrum is the laissez-faire attitude toward compliance and ethics. In such an environment the duty of care is subjugated to the operational imperatives of running the business. Time is money. Rules were made to be broken. What they don’t know won’t hurt them. And so forth. Where compliance has become a reactionary repair mechanism and ethics don’t weigh into substantive decision-making, an organization will eventually find itself on a collision course with the U.S. Federal Sentencing Guidelines and other civil and criminal laws. The wise compliance and ethics professional attempts to improve this culture, but if unsuccessful may best be advised to exit amidst a noisy withdrawal.

Between the Compliance Overlord and the Compliance Pushover models described above do we find the middle ground upon which the majority of us practice our profession. As we often must confess, the black-and-white scenarios aren’t the ones we’re generally called in to decide. Management can make those clear-cut calls on their own with ease.

When management encounters the Overlord too frequently, then management will avoid consulting compliance and ethics professionals. A resulting pattern of inconsistent and self-serving decision-making increases in this environment, exposing the organization to decreased morale, employee confusion, and potential litigation.

When management encounters the Pushover too frequently, then management will only seek out compliance and ethics professionals to rubber-stamp otherwise questionable or insubstantial decisions. A resulting pattern of patchwork compliance counsel that largely misses the breadth of business line decision-making spreads in this environment, exposing the organization to rogue players, overly-confident self-assessments, and potential litigation or criminal prosecution.

In short, know when to stand your ground and know when to stand down and let management carry on.

When our organization’s compliance & ethics culture is strong, visible, and active, then management and employees know that they can rely upon us to exercise good judgment in the face of ambiguity. Your good judgment is best understood within and across your organization when exercised judiciously. When you get to know your management colleagues, truly understand their business strategies and objectives, and defer to their expertise when compliance and ethical standards are being substantially met, you will earn that reputation for wise and judicious counsel.

When you weigh in on matters sparingly and appropriately, your organization will prosper ethically in your stead.

COMPLIANCE: A VALUE-ADDED SERVICE TO THE ORGANIZATION

“It’s a sign of troubled times when the concept of ‘pressure’ becomes an acceptable excuse for ethical shortcuts and moral shortcomings. Pressures are just temptations in disguise and it’s never been acceptable to give in to temptation.”  ~Michael Josephson

As a profession, we have worked diligently to shed the stereotype that long-plagued us, that of being a legalistic cost-center who impeded organizational growth. [While you may not have ever personally experienced the stereotype, let me assure you that many of us have received the sarcastic “oh, here comes Audit/Compliance…”]

Like me, many of you regularly engage in projects within your organizations to provide the compliance and ethics (C&E) perspective.  In some organizations, we are routinely invited to project planning sessions and kick-off meetings, remaining to consult with the project team until implementation. In other instances, we become aware of an in-process initiative that contains elements of regulatory risk and invite ourselves into the project. Either way, C&E professionals provide valuable subject matter expertise to ensure that the organization’s we represent are well-grounded in compliant activities.

That being said, I was reminded recently that our work is not over. A colleague had relayed to me a situation at her organization that continues to cause dismay to C&E professionals. During a stakeholder meeting to explore system integration and replacement options, my colleague put forth a variety of system security and operational suggestions to strengthen the information security and consumer compliance framework from inception. After dismissively alluding to costs associated with these suggestions more than a few times during the meeting, the project leader looked up at my colleague and replied, “Well, we may not be able to incorporate each of these items, but—you know—sometimes you just have to go along to get along…” Apparently, the project leader even slyly winked at my colleague as this was said.

I get a little choked up as I recount my colleague’s reply, as with a spine of steel she looked back (without a wink) across the table and said, “Well, no. This organization doesn’t knowingly build non-compliance into its new initiatives, so I wouldn’t sign off without the controls in place.” When the project leader published the next version of the system requirements, each of the compliance components had been incorporated as submitted, and had been risk scored accordingly.

We are going to be asked to participate in many initiatives over the course of our C&E careers. Certainly we will always seek the most cost-effective and internally-conducive methods to achieve compliant outcomes, because we believe in our organizations and wish to help them succeed in the marketplace.

But occasionally we are going to be asked to step beyond the fiduciary responsibility with which our Board has entrusted us, and which society expects of us. It is in those moments when our fidelity to doing the right thing will supplant simply bowing to doing the popular thing. It is in that moment of fortitude and loyalty to duty that we will have added true value to our organization…

REGULATORS, AUDITORS AND EXAMINERS --OH MY!

Q: What do you get if you cross a wild, ferocious, man-eating tiger with an internal auditor?
A: A dull tiger.


OK, by a show of hands, how many of you are excited when you receive the audit engagement letter or regulatory exam notification? Do you mark the dates on your calendar with the same enthusiasm with which you block off your two-week mid-winter Caribbean vacation?

Given what I've observed over the years, I think not. I am here to suggest that we can and should embrace those individuals entrusted with auditing and examining our Organizations--and, no, I have not lost my good sense.

I recall my days as a bank auditor, when my arrival on site appeared to suck the joy right out of the room. Mind you, in hindsight I can humbly admit that the process owners certainly knew their craft far better and more realistically than my well-studied audit manuals could have prepared me. And while I and many of my fellow auditors throughout history have long sought to conduct dispassionate audits with collegial objectivity, management frustration often bubbled just below the surface, bursting forth as certain numbered comments touched unforeseen raw nerves.

The passing of years witnessed my migration away from the internal audit function toward the risk management function via a brief passage through a regulatory agency. At each stage, I tried to bring all perspectives together into one cohesive approach to audits and regulatory exams. I do not believe that I am alone in this regard, as many Leaders more experienced than me have found themselves reconciling multiple facets of the audit/exam process throughout our careers.

What I find fascinating is how many otherwise well-balanced, seasoned Leaders bristle at the notion that they could learn from--let alone seriously consider--the noted exceptions or discussed observations during an operational audit or regulatory examination. The very same Leaders who would pay consultants handsomely to deconstruct and reorganize entire Divisions within the Organization, or who engage high-end vendors to supplant legacy technology with enterprise solutions, will balk at the suggestion that a professional committed to assuring the safety and soundness of the Organization would be any less committed to objective and sustainable improvement.

I am certainly not suggesting that we butter up, befriend or brown nose the independent auditor or government regulator charged with overseeing the thorough examination of our Organizations. I am suggesting that we, as Leaders, owe our Organizations a fiduciary duty to approach the audit/exam with an open mind and a willingness to accept that--despite our best efforts--our Teams could be performing one or more functions with greater care. Unlike the consultants and vendors we hire, our auditors and regulators are not primarily driven by a profit motive or to extract repeat business.

My first-hand experience with administering audits, especially those supported by early warning systems, was to (1) gain a better understanding of the operational processes; (2) identify remedies that had been made to previously-identified exceptions; and (3) offer best practice guidance and foreshadowing of regulatory effects that would impact the process owner's area of responsibility. Our Audit Team certainly wasn't there to one-up management or disrupt well-functioning operations.

On the Risk Management side, despite others' tendencies to view regulatory examinations as declarations of war against the various Organizations, I sought to assume the best intentions. Though it comes as a shock to some, I generally received what I had assumed: professional auditors/examiners (a) conducting objective assessments; (b) examining and documenting the sufficiency of mitigating controls; and (c) offering improvements supported either by industry best practices or foretellings of regulatory rule making. And although I had observed other Leaders come to blows in heated battle with examiners, I never found myself in that adversarial position.

We will all certainly continue to look forward to that two-week mid-winter Caribbean jaunt with much more excited anticipation than any audit or regulatory exam, but as Leaders we can certainly adopt a more collegial and consultative approach to those periodic and foreseeable occasions. You won't be disappointed.

GETTING TO "NO"

"Everyone must choose one of two pains: The pain of discipline or the pain of regret." ~Jim Rohn

"If a warrior is to succeed at anything, the success must come gently, with a great deal of effort but with no stress or obsession." ~Carlos Castaneda

 
I am obviously a proponent of workplace and societal effectiveness, especially when working in financial institution teams to accomplish myriad objectives that contribute to achieving the core aims of the organization. Often we are called upon to exhibit flexibility and efficiency to work effectively in those teams. And while many of us are familiar with Fisher & Ury's excellent negotiation read, GETTING TO YES, my friend, Monty Rainey, raises some interesting points in his article regarding the questionable effectiveness of Multitasking that led me to consider the alternative wisdom of "getting to no."


"Just Say No" became the popular cultural refrain in response to the epidemic of youth drug use a generation ago and remains equally important today. When faced with cataclysmic outcomes such as drug addiction, child abuse, or genocide, we may find it unquestionably simple to resoundingly say "no" to the heinous perpetrators and actions that lead to pain, suffering and death of countless individuals globally. Why, then, do so many of us lack that same resolve to say "no" when it comes to the everyday requests we find ourselves bombarded with via email, telephone, and in person?

As Stephen Covey aptly said, "(with people) if you want to save time, don't be efficient. With people, slow is fast and fast is slow." Yet, how often do we find ourselves attempting to efficiently multitask our family, household and faith life responsibilities? The internal conversation goes something like this: "Well, if I can review this proposal while helping Timmy with his Algebra homework after picking him up from hockey, then I can microwave some soup and help Betty with her science fair project that's due tomorrow once Lilly brings her home from ballet. That should leave me enough time to complete my presentation while I watch the 11 o'clock news." Did you smile knowingly, even just a little bit?

Our spouses, our children and our friends deserve the quality of our time, not simply the spectre of our harried presence. While there are admittedly differing viewpoints, as noted by Maureen Salamon (Healthday), this tendency to overschedule and multitask has even infiltrated the lives of our youth, causing varying degrees of unnecessary stress in children.

Applying that same perspective to our financial institutions and our teams, I invite you to review the outcomes you seek to achieve and I encourage you to examine the expectations and roles--both explicit and implicit--that each contributor is fulfilling to ensure that each member of the team has been assigned an appropriate share of the effort. As Leaders, we must factor into our review the cultural perceptions that each team member may have regarding priorities and imperatives, and ensure that an expectation of work-life balance is clearly communicated to everyone.

We must empower our team members to know that it is acceptable to choose to say "no" when a proposed additional task or project would impede an organizational objective of higher importance. While we must also be careful not to create the false impression that no one is expected to remain flexible when higher importance objectives arise, we should  emphasize that increased efficiency and decreased error rates can be achieved when one is allowed to "Just Do It"--to focus upon the highest priorities first--instead of attempting to juggle too many multitasked items. 

A confident and integrity-driven Leader knows that he can trust his team members to plan accordingly to meet or beat each milestone on the timeline. Given that trust, those same team members are better able to balance their lives outside of the organization, thus moving them personally into better alignment with their loved ones and their community. The most effective project leaders and team members I've observed are those men and women who know how to kindly say "no" and then get back to the task at hand. The strongest banks and credit unions will continue to be led by those focused Leaders.

TODAY'S QUESTION: Do members of your team continue to labor under the illusion of multitasking? What can we do as Leaders to authentically convey the effectiveness of focused attention and remove the expectation of multitasking?