Loading...

Yearbook 2023 for Global Ethics, Compliance & Integrity

by Bartosz Makowicz (Volume editor)
©2023 Edited Collection 542 Pages

Summary

The Yearbook 2023 for Global Ethics, Compliance and Integrity offers an up-to-date overview of the most recent and significant developments in the interdisciplinary area of organizational governance, ethics, compliance andintegrity management. The topics covered by the 2023 edition include the new concept of ESG, new approaches to compliance & integrity management, anti-money laundering and anti-bribery as well as whistleblowing and internal investigations. Uniquely, this publication offers exclusive insights from both practical and theoretical perspectives. This year’s edition also reflects the influence of the Covid-19 pandemic and Russian war in the Ukraine on governance and compliance. In each chapter, the Yearbook provides a comprehensive selection of views and in-depth analysis applicable to all kinds of organizations. It presents current challenges, development tendencies, new trends and modern management tools. The Yearbook provides excellent insights into the topics covered for both practitioners and researchers.
The Yearbook 2023 is edited by Professor Bartosz Makowicz and supported by the KBA Nota-Sys Integrity Fund. We thank the Fund for its kind support!

Table Of Contents

  • Cover
  • Title
  • Copyright
  • About the author
  • About the book
  • This eBook can be cited
  • Contents
  • Preface
  • Introduction to Yearbook 2023
  • Ethics, Compliance and Integrity in Times of Multidimensional Crisis
  • 1. Environmental Social Governance (ESG)
  • The Benefits of Using ISO 37000 to Establish an Integrated System of Governance for ESG
  • A Purpose With a Future for a Future With Purpose
  • Current Challenges in ESG Global Agenda
  • The Place of Risk Management in Environmental and Social Governance (ESG)
  • The New Star Theory of Fraud and Behavioural Sciences
  • 2. Compliance Management: New Approaches & Challenges
  • Effective Compliance Systems: Between Command and Control and Bonds of Trust
  • Regulatory Oversight and Monitoring Responsibilities of Compliance Functions Under Swiss Supervisory Regulations
  • How the Legal System Undermines Compliance and Ethics Programs
  • How Do You Eat an Elephant? Tackling the mammoth task of implementing a global compliance program
  • Successful Compliance Awareness and Training
  • Combatting Corporate Crime by Means of Evidence-based Compliance
  • Behavioral Compliance – Approaches to Evidence-based Compliance Management
  • Compliance in Sports
  • Compliance and the Rule of Law, a Perspective of the European Banking Sector
  • Compliance Management Systems (CMS) as the Standard in Health Care
  • The Cybersecurity Compliance: A fresh look at compliance in cyberspace.
  • 3. Integrity & Ethics
  • Integrity: The Secret Ingredient of an Effective Compliance Program
  • Integrity Pacts: An Essential Tool for Clean Procurement
  • “Let’s Talk About Integrity” – The Managers’ Integrity Dialogue
  • Nudging Corporate Compliance and Integrity – Based on an Ethical Compass
  • Ethics and Compliance: The Revolution Ahead
  • Ethical Leadership in Business Organizations: An Ethics & Compliance Perspective
  • Compliance, Ethics and Enforcement
  • 4. Anti-Bribery & AML
  • Empowering Women Through Education to Fight Corruption
  • What Anti-Bribery Compliance Function?
  • The Role of Ethics and Compliance in Preventing Typical Corrupt Practices
  • Combating Corruption – A Corporate Social Responsibility: Building Social Action Business Coalition
  • The Sixth Anti-Money Laundering Directive: harmonizing Anti-Money Laundering and Counter Financing Terrorism and tax evasion standards within the European Union
  • 5. Whistleblowing & Internal Investigations
  • How Can ISO37002 Help to Manage Whistleblowing in Europe?
  • Anonymity vs. Confidentiality. How to Protect Whistleblowers?
  • Whistleblower Awards: Overview, Trends and Ethical Debates
  • Whistleblowing in Germany: Where We Started and Where We Are Headed
  • Whistleblowing and the U.S. False Claims Act
  • Integrity@Inside: A Blockchain-backed Intra-Organizational Approach for Reporting Misconduct
  • Professionalising Corporate Investigators in a New Era of Ethical Scrutiny for Organisations
  • Opportunities and Challenges of Big Data and Artificial Intelligence in Ethics and Compliance Investigations
  • Author Bio’s

Preface

The 2023 Yearbook for Global Ethics, Compliance and Integrity appears in turbulent times. On the one hand, we have had the Covid19 pandemic, which has led to several lockdowns and long-lasting changes in our working world. Although it is continuing to prevail, it is no longer perceived in the same way as it was at the beginning. On the other hand, the Russian aggression against Ukraine we have witnessed since February 2022 has led to political, economic and cultural consequences that will significantly and permanently change not only individual economies but the entire geopolitical landscape. Eventually, ChatGPT throws some things into confusion.

Organizations and their members, and thus compliance, ethics and integrity, are far from immune to these developments. On the contrary, multidimensional crises of this kind sometimes result in the legislator quickly adopting new and not always well thought-out rules which leads to new compliance risks. Another effect is that people suddenly feel that their livelihoods are threatened, thereby providing them with a justification to break the rules. It is therefore obvious that crises can pose an enormous challenge to ethics, compliance and integrity in organizations.

At the same time, the work of those specialising in ethics, compliance and integrity is growing in importance. It is therefore both an honor and pleasure to note that the 2023 edition has attracted a number of excellent authors, despite being created at a time of crisis! This year, dozens of papers were submitted, which we carefully evaluated and arranged into six sections: (I) New Approaches and Trends for Compliance Management Systems, (II) Practical Approaches to ESG, (III) Ethics and Integrity Challenges, (IV) Selected Current Compliance Risks, (V) Whistleblowing Management Systems and, last but not least, (VI) Compliance Management in Selected Types of Organizations.

I was also pleased to see that some submissions concerned highly innovative projects supported by the KBA NotaSys Integrity Fund. This is the same foundation that enabled us to produce this year’s edition of the Yearbook. I would like to thank the KBA NotaSys Integrity Fund for its kind support, as well as all the other people who have contributed to the creation of the 2023 Yearbook! Above all, I would like to thank all the authors who have shared their valuable knowledge, experience and skills and made this work possible.1

I wish you happy and fruitful reading!

Prof. Dr. Bartosz Makowicz

Berlin, April 2023


1 The contributions to this book were submitted between 2021-2022 and are up to that date.

Prof. Dr. Bartosz Makowicz

Ethics, Compliance and Integrity in Times of Multidimensional Crisis

1. Introduction

The legal, social, economic and other aspects of the Covid19 pandemic have yet to be thoroughly examined. We have also been dealing with several crises in parallel which have affected various layers of society – including organizations and people. As such, these crises indirectly affect ethics, compliance and integrity. However, what does this mean in practical terms and what can be done? Will ethics, compliance and integrity pass the real stress test in the crisis year 2023?

2. Multidimensional crisis and its impact

It does not really matter which definition of a crisis we choose since currently almost all of them apply. For example, we generally speak of an economic crisis when economic growth stagnates and economic development hardly progresses. A geopolitical crisis exists when a conflict situation threatens spill over into war; if the purchasing power of money is significantly reduced, a currency crisis occurs; if a country’s supply of energy is uncertain, we have an energy crisis. These few examples should suffice to justify the claim that we are currently dealing with a complex multidimensional crisis. If such a crisis affects all human beings and all areas of society, it must also affect those acting within an organization and thus their ethics, compliance and integrity.

A multidimensional crisis is more devastating than we would like to admit since it produces destructive effects in several areas. However, I will now only concentrate on those areas that are significant from the perspective of ethics, compliance and integrity.

2.1. Legislation and compliance risks

The first of the three specific areas directly affected by crises is legislation. This indirectly concerns the area of compliance risk analysis as well, since statutory regulations are the subject of this analysis. Without taking sides, it must be said that legislators are under particular pressure in times of crisis. After all, every crisis virtually cries out for immediate action. This need is taken up by various lobby groups and the citizens themselves, who demand quick and effective help from their governments. Let’s take the Covid19 rules as the best example of it. During the pandemic, state and federal legislators caved-in to these multiple demands. Laws were passed that were not coordinated between the states, often inadequately drafted and failed to take scientific findings sufficiently into account. As a result, they ultimately alienated the citizens despite their willingness to comply. Eventually, their acceptance of new regulations declined with each passing month. This had serious long-term consequences for compliance, which will be discussed later.

2.2. Compliance and integrity management

We are now a significant step closer to compliance and integrity when we look at the impact of the multidimensional crisis on companies. However, one thing must be noted beforehand, namely, that the essential objective of private-sector companies is to make a profit. Of course, this is not their sole objective and they should certainly not pursue it ruthlessly. So, we must be grateful to the creators of the ESG concept for making us aware that companies should also care about sustainability, environment and society (sic!). The fact remains that the focus has always been on making a profit and that is our social consensus: otherwise, our prosperity would be threatened. It should therefore come as no surprise that this goal becomes even more important when companies are navigating the stormy seas of crisis. And so they start making plans about where and how to make savings. If one considers that compliance does not have as long a history as other functions in companies and is not even regarded as a function of existential importance by most decision-makers, it should come as no surprise that compliance departments end up for the chop when top management / governing body need to make savings.

This presents us with the dilemma that is probably one of the greatest threats posed by the multidimensional crisis to compliance & integrity, companies as well as society and the state. At the root of this compliance dilemma lies the simple mechanism of cause and effect. If you reduce or cut resources from the compliance department / compliance officers, the existing compliance management system (CMS) and with it the integrity of the employees can only suffer. But that is not all: if we consider that, in times of multilevel crisis, existing compliance risks still increase and entirely new ones arise (such as sanctions), it is obvious that there is actually a greater need for effective compliance solutions which demands higher investment. When the CMS becomes less effective or disappears altogether, the risks increase: a fatal result.

2.3. The gate to personal crises

Now the essentials: all members of the organization – from the employees to management and the governing body – are those who, in the worst case, can act non-compliantly and breach their integrity. It is in the minds of these individuals where all the crises previously mentioned converge. First, it must be said that a personal crisis is capable of precipating a multilevel crisis: People are currently preoccupied with thoughts that, as little as a year ago, would not have arisen in their worst nightmares: whether the despot Putin will use nuclear weapons (geopolitical crisis), whether we will be able to heat our apartment or suffer power outages (energy crisis), whether tap water will run out (environmental crisis) or whether inflation will continue to break new records each month (currency crisis). Accordingly, this multidimensional crisis can quickly result in a personal / mental crisis. If a person falls victim to this, the result can be a noticeable shift / redefinition of the value system. If we see ourselves at the mercy of existential dangers, we usually think more in terms of the immediate future, self-interest and quick profit, our own safety and security, our family and friends. In view of such catastrophes – presented by the media as real and impending – we humans may find ourselves more tempted to fix prices, offer/accept bribes and accept infringements in a way which would have been unthinkable in “times of peace”. At the same time, the legislator (see above) and the media only make matters worse for us by enacting chaotic and poorly thought-out laws or, in case of some media providers, spreading fake news. This is a highly dangerous and complex situation that undermines one of law’s essential functions, namely that of subjective acceptance. Compliance as a whole is not at all well served. Thus, the multidimensional crisis acts as a springboard to a personal crisis.

2.4. Crisis and integrity

This is not all, however. In recent years, we have managed to transition from compliance to integrity – or so many companies claim. Even more organizations are introducing Integrity Management Systems (IMS) besides the existing CMS. According to this concept (which will not be discussed in detail here), members of an organization should not only know and follow rules and regulations (i.e. compliance), but do so out of conviction (integrity). In other words: If rules are incorporated into one’s own value system, it is much more difficult to justify a potential breach of rules to oneself. This is precisely where the multidimensional crisis comes into play. With its diverse variations, it offers an inexhaustible source of self-justification. In appeased times, these are usually rejected as unfair, devious and wrong; in times of crisis, they may induce individuals to break the rules. The multidimensional crisis can have an adverse effect on the state of integrity and the effects will remain invisible for years or even forever. This is because they take place in the so-called “forum internum”: i.e., our invisible portfolio of values that determines how we behave (so-called “intrinsic values”).

3. Possible actions

This gives rise to the question how to rescue ethics, compliance and integrity from this multidimensional crisis. The answer is not easy one. However, a good starting point is offered by Georg-Wilhelm Exler, who once said “It is not the crisis that is the problem, but how we deal with it.” This quotation provides us with some important lessons in relation to organizational ethics, compliance and integrity, which are discussed in general terms below.

3.1. General remarks

Before focusing on the role the elements of a Compliance Management System play in a crisis and how they can be optimized, it is necessary to make some general remarks. First of all, it is important to convince top management and the governing body – if at all necessary – of the need for robust ethics, compliance and integrity and their constituent elements in a crisis. This will prevent the compliance dilemma referred to above from arising. Second, open and broad communication about the new and increased risks presented by the crisis is of considerable importance in creating the awareness needed to reinforce compliance culture. Third, integrity and ethics are becoming increasingly important and so should be made an integral pillar of the CMS (if not already the case). In times of multilevel crisis, integrity needs to be actively and sustainably promoted because (as discussed earlier), it becomes more vulnerable. Fourth, before targeting the compliance and integrity department as a source of potential savings in times of crisis, the leaders should consider the potential for integration within their organization (i.e., whether it is possible to combine the common elements of diverse management systems within an integrated governance structure). Fifth, the system evaluation (which is anchored in the CMS anyway), is of considerable importance. This should be carried out at appropriate intervals and in light of new compliance risks.

In a crisis, these special rules serve to reinforce a CMS and allow consideration of what roles the individual elements of this system play in times of crisis and how they could be adapted. For this purpose, the proven and widely-used management cycle of PDCA: i.e. Planning, Doing (Implementing), Checking (Evaluating) and Acting (Improving) can be used.

3.2. Planning – Especially compliance risk assessment

Compliance risk assessment (CRA) may not be new but it is rarely associated with crises. Although there are different models of compliance management, all of them are based on a risk-approach. In other words, it is primarily about identifying the compliance obligations that apply to the organization, evaluating the risks of their breach (non-compliance) and addressing those risks accordingly. In times of multidimensional crisis, CRA assumes particular and rapid importance for two crucial reasons.

First, the risk of non-compliance increases in times of crisis. This is related to several factors, but essentially to the influence of crises on integrity already mentioned (i.e., people in crisis may be more inclined to justify any non-compliance to themselves). However, beyond integrity, crises can also serve to increase risk: people simply do not know what rules apply to them because the legislature has reacted quickly, often with imperfect rules, and CRA has not been processed on time. If the members of an organization do not know what rules apply to them (e.g. due to delays in the CRA or communication of its results), they can hardly be expected to comply.

On the other hand, the multidimensional crisis can also generate completely new compliance risks. The best example of this are the various sanctions imposed on Russia by the European Union and other individual states in response to Russia’s war in the Ukraine. There have been several sanction packages so far, with the result that a whole group of companies (for whom this was not previously an issue), have a new source of compliance risks to contend with. These they have to identify, evaluate and adequately address. This shows that crisis situations can generate completely new compliance risks.

CRA is not the only issue that demands special attention in times of crisis during the first phase of CMS. Of course, further planning should react to the findings of both CRA and the crisis. In particular, compliance policy must be adjusted and the Code of Conduct as well as any other internal compliance regulations optimised and updated.

3.3 Implementation

The implementation (“Do”) phase must take a number of aspects affected by the crisis into account. First of all, it is crucial that the people in charge of compliance and integrity (i.e. the compliance and/ or integrity function) be appropriately trained and always up to date. If this is not the case, crisis management should be added to their knowledge and skills. However, the typical tools available (e.g. state-of-the-art digitalization tools), can also save costs without sacrificing the effectiveness of the entire system. During a crisis, appropriate communication and the active promotion of SpeakUp culture remains enormously important. Clearly, the members of an organization must have open and unrestricted access to appropriate reporting channels in order to be able to report out misbehavior quickly, effectively and (in particular) without fear of retaliation.

3.4. Audit and improvement (“Check & Act”)

Finally, the ongoing evaluation and improvement of the system is of crucial importance in times of multilevel crisis. However, these measures should not be limited to compliance management as a system. Its individual elements should also be evaluated for their effectiveness in light of the crisis and then directly improved. A crisis makes it even more imperative to have an effective, well thought-out and robust system of evaluation.

4. Conclusion

Economic, financial, energy and health crises are currently converging to create a multidimensional crisis – a mega-crisis – which negatively affects several areas. In terms of ethics, compliance and integrity this affects not only legislators but also organizations and their members. Legislators react with inadequate laws, companies cut corners and thus create a compliance dilemma. In times of crisis, people’s integrity can also suffer, further increasing the compliance risk. Compliance and integrity systems do not need to be reinvented, but they must be urgently evaluated and improved accordingly if they are to pass the stress test posed by the crises set to engulf us in 2023. As far as ethics, compliance and integrity is concerned, we are all responsible!

Mariola Lisewska and Axel Kravatzky

The Benefits of Using ISO 37000 to Establish an Integrated System of Governance for ESG

1. Introduction

“The verdict of the jury is in. We are on fast track to climate disaster…. high emitting governments and corporations are not just turning a blind eye – they are adding fuel to the flame!… Some governments are saying one thing, but doing another. Simply put, they are lying.”

António Guterres UN Secretary General (2022)2

Business recognized almost two decades ago the need to change priorities and introduce changes in corporate governance. In the past, the majority of organizations where focused mainly on generating profits. However, especially in recent times, it has become clear that objectives have to change. The viability of an organization is only possible if its social and environmental impact is constantly being analyzed and appropriate restorative action is implemented through governance. The acronym “ESG” means “E” for “environment” (as in the need to address “environmental” issues), “S” for “social” (i.e. analyzing the broad effects of actions taken by organizations on society, people and their everyday lives) and “G” for “governance” (i.e. embracing the category of decision-making processes by either private or public entities to ensure proper standards, provide protection, strengthening and restoring the “E” and “S”).

The world has reached a point in which essential questions need to be asked by institutions, businesses and organizations. What happens if we can’t protect natural resources and provide social standards for the world population? How can we help preserve precious, limited natural resources? In this article we consider how newly published ISO standards can be used to support organizations in establishing integrated governance systems that enable them to generate the benefits associated with ESG. While ESG standards and regulations are evolving rapidly across the world we argue that, when organizations focus on their purpose and derive a sustainable value generation model, they will be able to generate a competitive advantage and contribute to the long-term collective well-being that is necessary for our collective survival.

2. The emergence of ESG

While the current use of the term “ESG” is most closely linked with the investment industry, social, environmental and governance considerations and practices have evolved over time.

2.1 The establishment of the term “ESG”

The term “ESG” became visible in 2004 and 2006 and originated in an initiative to align the financial sector with the goal of creating a more sustainable future. Two reports are key to evolution of ESG as a term and concept. The United Nations Global Compact whitepaper “Who Cares Wins”, published in 2004, was the first to use the term (The Global Compact, 2004). This was followed by the United Nations Principles for Responsible Investing (UN PRI) in 2006, which provided a voluntary framework for responsible investment furthering the development of sustainable investment (PRI, 2021). The first report identified the following goals: stronger and more resilient financial markets, contribution to sustainable development, awareness and mutual understanding of involved stakeholders as well as improved trust in financial institutions3. The 2004 paper promoted a precautionary approach to environmental challenges, undertook initiatives to promote responsibility for environmental impact and encouraged the development and dissemination of environmentally-friendly technologies.

2.2 The evolution of ESG

While the two publications of 2004 and 2006 can be seen as the first to introduce the terminology and structure of ESG, all three dimensions were promoted in many initiatives before then.

“Socially conscious investors around 1990 were largely focused on topics such as human rights and pollution; the idea there could be a link between ESG and financial performance was just emerging.”4 That was also the time when the Domini 400 Social Index was created as the first of its kind to track sustainable investment practices (known today as “MSCI KLD”). Other earlier events of importance included the initiative in the United Nations Framework Convention on Climate Change to control environmental impacts across the globe, the Kyoto Protocol of 1997, which committed countries to reduce greenhouse gases (“GHG”), and the Global Compact Initiative itself in 2000.

Academia also did a lot of work in this area. One highlight is “Governing the Commons: The Evolution of Institutions for Collective Action (1990)”, by the political economist Elinor Ostrom, for which she won the Nobel Prize. In this book, Ostrom provided groundbreaking work on the institutional economics involved in the management of renewable natural resources (one of the most complex topics facing people around the world). Her analysis also formed part of the important topics representing the core problem of ESG, i.e. the political economy of institutions and decisions that contained “tragedies of the commons” and ways in which those tragedies could be overcome.

Most recently, the interest in ESG has evolved to address emerging global challenges including health care issues around the pandemic, climate change and human rights and social justice issues.

3. Company and societal benefits associated with ESG

At a fundamental level there is a very strong alignment between company and societal benefits from ESG. Unless companies are responsible stewards of the resources they employ to generate value and operate in a manner consistent with the expectations of the societies in which they operate, they cannot perform effectively over time. Experience has shown that greed coupled with the single-minded pursuit of profit is incompatible with a sustainable approach to business.

According to the European Commission (European Commission, 2019), the benefits to companies from non-financial, climate-related ESG disclosures include:

increased awareness and understanding of climate-related risks and opportunities within the company, better risk management and more informed decision-making and strategic planning;

a more diverse investor base and a potentially lower cost of capital, resulting e.g. from inclusion in actively managed investment portfolios and in sustainability-focused indices and from improved credit ratings for bond issuance and better credit worthiness assessments for bank loans;

Details

Pages
542
Publication Year
2023
ISBN (PDF)
9783631890264
ISBN (ePUB)
9783631890271
ISBN (MOBI)
9783631890288
ISBN (Hardcover)
9783631890257
DOI
10.3726/b20202
Language
English
Publication date
2023 (July)
Keywords
Compliance anti-corruption internal investigations whistleblowing digitalization
Published
Berlin, Bern, Bruxelles, New York, Oxford, Warszawa, Wien, 2023. 542 pp., 70 fig. b/w, 3 tables.

Biographical notes

Bartosz Makowicz (Volume editor)

Bartosz Makowicz is professor of law at the European University Viadrina Frankfurt (Oder), Germany. He is founder and director of Viadrina Compliance Center, a multidisciplinary and internationally recognized think tank of organizational governance, ethics, compliance & integrity.

Previous

Title: Yearbook 2023 for Global Ethics, Compliance & Integrity