The September resignation of Volkswagen’s CEO shows how hard it is to run an organisation from an ethical perspective.
With a multinational company as large as Volkswagen (the company was ranked eighth largest in the world in 2014) it is inherently tough to keep an eye over every single aspect of the business. It is therefore seemingly impossible that a senior Volkswagen executive could have known everything about the engine emissions testing process.
But should that mean that the company gets a free pass? No. Just because a company is large and has thousands of employees does not mean there is an excuse when integrity issues arise. There is no doubt that identifying issues becomes more difficult as a company gets larger, but this just means those companies need to do more to counteract the risk.
There are questions to be asked about the culture of the company: Is there a culture of speaking up? Do people feel comfortable raising their concerns that the company may be doing something illegal or unethical? At Volkswagen, like at most companies, nearly all employees would probably say that their company has a great culture in this respect. However, measuring that culture is much harder. It would be interesting to see statistics on speak-up rates and which issues are raised.
Some companies think that having an ethics hotline means that every issue embedded in a product or service will come to the surface and face an investigation; however, having an ethics hotline is just one tiny piece of an overall culture of speaking up. Statistics show that a hotline is rarely the place where issues are uncovered; the vast majority of misconduct is identified through people reporting the issues with management and internal audits. These figures show that, while there should be a focus on having people ‘speak up’, there should also be a strong focus on looking into the company and its operations and actually asking questions about which risks lie hidden ‘under the carpet’ – or inside the engine, as the case may be.
To ask questions and find risks takes real expertise, which, frankly, not many people possess. It requires people to be able to possess a range of skills – part business knowledge and part investigative. It also requires great tenacity and the ability to seriously consider whether someone is telling the truth. They usually need to continue digging for some time. Of course, in a very large field of enquiry, they also need to know where to start.
The following are a few ideas on how to approach the task.
Leave no stone unturned
There is an old saying that some rocks on the beach can only be seen when the tide goes out, and overturning those rocks can actually identify quite a lot of information. A good compliance officer waits for the tide to go out and looks at the rocks, picks them up and examines them. There is occasionally a tendency to ignore the rocks and/or step around them, but this should not be an option. Examining the rocks can be done progressively over time, but you should always be thinking about where the next rock will appear. When it does, examine it.
Investigate at the top of the market, not the bottom
When restructuring a business, you should begin when it is at the top of its market, not at the bottom. At the top you have strong revenue, more profits and a growing market share. This is when you should change the business and position it for further growth. Likewise, when you are looking for compliance issues within your company you should always search for them when things are going well. If you do uncover something, the effect on the business is likely to be smaller and will get washed away with the euphoria involving the business growth.
Know where to look
It is important to know your company inside out. You need to be very perceptive. At Volkswagen, you would assume that the company connects with officials from testing agencies and government departments in each country every time a new vehicle is released. Given this interaction with officials, a prudent compliance officer would have been talking to the engineers and been aware of how the tests were conducted. They would, of course, be looking out for any potential corruption, misrepresentation or trickery. One would hope that the compliance officer associated with the process would understand the cars, engines and testing procedures, and might have been able to ask enough questions to uncover the secret. Due to the sheer complexity of the engines, it might have been hard for them to see the issues for themselves, but it should be fairly reasonable to expect that they could have identified the issues by looking at the tests during and after.
Presumably there was someone at Volkswagen who watched the market and competitors, and would have known that a few years ago there was a cohort of companies involved in cheating inspections of diesel truck engines. One would have hoped that, upon learning about that issue, the person would have asked the engineering teams to demonstrate and certify that there were no similar issues in Volkswagen products. With a strong focus on the actual evidence, this approach may have identified issues much faster. Likewise, there seemed to be other complaints against the company from industry groups or those mentioned in the press. Again, an astute compliance officer would have taken those things seriously and investigated them. An investigation should have come to the point that we have now reached: public acknowledgement of a major problem. Most people don’t just make up stories and circulate them. Where there is smoke there is usually fire – it just takes tenacity to push through the smoke to locate it.
Utilise your network
It is important for a compliance officer to know of whom to ask questions, to have a great network, and to have good relationships across the company. This means they need to be a likeable person, someone that can strike up a conversation in any setting who has been at the company for some time. Questions must be direct and aimed at getting to the truth. The compliance teams should ask about things they already know from the press and other places, and ask many questions in different formats multiple times to the same and different people. They should ask questions that may not include an obvious specific reference to a possible issue, but where the answer may give rise to other issues.
There will be many people within the company that know what is going on throughout the business and the industry; a compliance officer needs to find these people and get to know them. This should not be intended as a false friendship that is only there to illicit information – it should be a genuine attempt to build networks that they can use to learn more about the company. They can then use that knowledge to strengthen the compliance infrastructure.