Professional Documents
Culture Documents
2022-2023
INTRODUCTION ............................................................................................................................ 4
1
Célia Mohimont
2022-2023
PRINCIPLES ................................................................................................................................... 26
WHAT IS A CODE OF CONDUCT?......................................................................................................... 26
REVIEW THE CODE .......................................................................................................................... 26
SOME KEY PRINCIPLES ...................................................................................................................... 26
PREPARING A CODE OF CONDUCT ....................................................................................................... 27
DRAFTING YOUR CODE ..................................................................................................................... 27
EVERYONE GETS HIS CODE ................................................................................................................ 27
LAUNCH EVENT .............................................................................................................................. 27
CULTURE CHANGE ........................................................................................................................... 27
OTHER ASPECTS ............................................................................................................................. 28
WHAT ABOUT CONTRACTORS, AGENTS, SUPPLIERS, JOINT VENTURES,.. ........................................................ 28
JOINT VENTURES AND SUPPLIERS........................................................................................................ 28
WHAT WOULD YOU DO? .................................................................................................................. 28
INSURE YOU HAVE ROBUST PROCESS TO DEAL WITH QUESTIONS AND ISSUES .................................................. 28
2
Célia Mohimont
2022-2023
PROTECTING WHISTLEBLOWERS.......................................................................................................... 30
WHAT TO DO WITH WHISTLEBLOWERS CALLS ......................................................................................... 30
EFFECTIVE INVESTIGATIONS – THE ROI ................................................................................................ 30
GOALS OF AN INVESTIGATION ............................................................................................................ 30
UNDERSTANDING THE INVESTIGATOR’S ROLE ........................................................................................ 30
GATHER & EVALUATE INFORMATION ............................................................................................................. 30
STAGE 1: RECEIVING THE REPORT .................................................................................................................. 33
STAGE 2: PLANNING THE INVESTIGATION ........................................................................................................ 35
STAGE 3: CONDUCTING THE INTERVIEWS ........................................................................................................ 36
REPORTING AND DISCLOSURES ...................................................................................................................... 38
USING THE DATA FOR IMPROVING THE PROCESS ............................................................................................... 38
IS YOUR COMPANY HELPING ? ....................................................................................................................... 38
IMPLEMENT SYSTEM WHICH IS EASY TO USE ..................................................................................................... 39
INDIVIDUAL DIMENSION ............................................................................................................................... 39
ORGANIZATIONAL DIMENSION ...................................................................................................................... 39
LEGAL DIMENSION....................................................................................................................................... 39
OPEN YOUR WHISTLEBLOWING LINE TO EXTERNAL WORLD ? .............................................................................. 39
EXAMPLE ................................................................................................................................................... 40
SUPPLIERS ................................................................................................................................................. 40
3
Célia Mohimont
2022-2023
Introduction
Business Ethics is the study of business situations where issues of right and wrong are
addressed.
• Ethics: about values and beliefs that change throughout the world and evolve over
time.
• Compliance: based on norms and legislation.
• In management schools? Business has more and more power and influence in society.
Potential to contribute but also inflict harm. There is increasing demand from
stakeholders to take into account ethics and a lack of education in the matter.
• For corporations? They have to meet the shareholders and customers expectations
which is not solely maximizing their value anymore. Business ethics has 2 goals:
maximizing shareholder value + creating additional value, which will increase the
company’s reputation.
Citizens expectations
Citizen will cleam for certain issue. That’s means that customers have impact on corporation
and on public (law/politics).
Integrity
4
Célia Mohimont
2022-2023
• The concept of integrity has been derived from the Latin “integritas” (wholeness). It is
defined as consistency between beliefs, decisions and actions, and continued
adherence to values and principles.
• Integrity is often used in conjunction with ethics, suggesting that the values and
principles that are adhered to should be ethical values. Some of the values that are
often mentioned in this regard are honesty, openness, accountability and
trustworthiness.
• Organisational integrity refers to the ability of individual organisations to develop and
implement an integrity management framework, and for employees to act in
accordance with the values of the organisation.
5
Célia Mohimont
2022-2023
• Which ones if you decide to throw one person overboard? There are two young
parents with two children, an elderly couple, four middle ages singles (two women
and two men) and a single boy.
• Other solutions ?
Ethical leadership
• Ethical leadership is important for two main reasons. First, leaders have ethical
responsibilities because they have a special position in which they have a greater
opportunity to influence others and, therefore, outcomes in significant ways. Most
people would agree that all of us have a responsibility to behave ethically, but it is
clear that leaders are held to higher ethical standards than followers.
• Examples of formal and informal leaders from around the world include Nelson
Mandela, Mahatma Gandhi, Malala Yousafzai, Peng Liyuan (First Lady of China), Sheikh
Hasina Wajed (Prime Minister of Bangladesh), Yvon Chouinard (the founder of
Patagonia), Melinda Gates and Angelina Jolie. However, the impact of a leader is not
always positive, as illustrated by Hitler’s leadership of Nazi Germany. The impact of his
leadership was disastrous for millions of individuals and the world in general.
• On a smaller scale, even team leaders can have profound effects on their team
members and the organization. All leaders, no matter how many followers they have,
exert power. To exert power over other people carries an ethical responsibility
• What is regarded today as a ‘good leader’ is someone who effectively leads towards
ethical results and not someone who is simply good at leading (as many ill meaning
demagogues can be). It has been argued that this development emphasizes the strong
links between ethics and effective leadership (Ng and Feldman, 2015).
6
Célia Mohimont
2022-2023
A leadership issue
• More CEOs were forced out for ethical lapses in 2018 than poor financial performance
(Washington Post May 15th,2019)
• https://www.washingtonpost.com/business/2019/05/15/more-ceos-were-forced-out-
ethical-lapses-than-poorfinancialperformance/?amp;utm_term=.abd07245db93&dlbk
7
Célia Mohimont
2022-2023
• Thirty-nine percent of the 89 forced CEO departures in 2018 were due to ethical
misconduct, which the study defines as the removal of a CEO following a scandal or
improper conduct; examples include fraud, bribery, insider trading, environmental
disasters, inflated résumés or sexual indiscretions. Meanwhile, 35 percent of ousters
in 2018 were a result of poor financial performance and just 13 percent were because
of conflicts at the board level or with activist investors that weren’t about financial
performance but led to the CEO’s ouster.
• Compare that to a decade earlier, during the financial crisis in 2008, when 52 percent
of forced exits were tied to financial performance, 35 percent to board conflicts and
just 10 percent to misconduct.
Definitions
• Values = Characteristics of conduct that drive/motivate behaviour.
• Integrity = Living/acting on one’s values (i.e., “Walk your talk”)
• Principle = An action, statement, derived from one or more values, that distinguishes
right from wrong behaviour.
• Ethical Culture = When a community of persons actively works to achieve an
environment of mutual respect, and other ethical values, for all.
• Ethical issue = When one or more persons are affected by a situation in a way that
could cause benefit or harm to themselves or others.
• Difference between law and ethics: Law gets tim to get into legislation. Look the culture
and society where you live and pick things that are not yet in the form of legislation
(ethics).
• Ethics and legislation overlap more or less depending on the country (ex: Belgium, big
overlap whereas in the US not much legislation protects social rights, etc.) Sometimes a
practice can be legal but isn’t ethical. Legislation must evolve to compensate for these
gaps. Companies also have a bigger duty of transparency.
8
Célia Mohimont
2022-2023
10
Célia Mohimont
2022-2023
Some sectors have been particularly proactive in taking measures to encourage employees to
speak up.
In some of these sectors, the need to learn from mistakes is essential as safety issues may
lead to incidents or accidents with potentially disastrous consequences. To encourage
employees to speak up, the concept of just culture (culture where people are not afraid to
speak) has developed. This concept refers to an environment in which individuals are
encouraged to learn from their mistakes rather than being punished.
Just culture
Embracing a just culture does not mean that individuals are above the law: gross negligence,
wilful violations and destructive acts are not tolerated in a just culture.
The concept of a no-blame culture seeks to support employees that make mistakes in order
to create an organizational culture that encourages problem-solving, transparency and high
performance. If mistakes occur (rather than intentional violations), a root cause analysis is
done to determine all contributing factors and the blame is most often put on the process
rather than the individual employee. Thus, the organization can learn from mistakes and
there is higher employee loyalty.
11
Célia Mohimont
2022-2023
GSK
• What are the themes related to GSK?
• How does this relate to Risk management?
• How do you bridge Ethics and Risk Management?
12
Célia Mohimont
2022-2023
Risk management
Introduction
Regulator push
13
Célia Mohimont
2022-2023
- Direct access to the Board and top management: senior enough to access it and
the Board can’t escape to its responsibility regarding E&C.
14
Célia Mohimont
2022-2023
Internal audit
• = Assurance provider on design and operation of the system of internal controls
• Perform compliance audits (financial, strategic, technical and operational risks), key
role and interaction with the E&C function e.g., testing employee knowledge, checks
of business controls, self assurance processes
• Audits the Ethics and Compliance function
External audit
• Rely on the work done by assurance providers to assess the scope of their tests and
develop and prepatre their opinion.
• Ethics and Compliance is clearly on their radar screen
Vidéo sur FTX, Binance et Alameda, sur la cryptomonnaie.
As a E&C officer you want to put as many barriers as you can to avoid unethical behaviour.
With a good system, most of the incidents will be stopped at the first barrier. From time to
time, there is a failure in the system: supervisors are not well trained, the organization is not
well understood, the procedure is not clear, etc. But that failure should then be stopped at
the second or third barrier. As an E&C officer you need to think about those 3 things:
Organization, supervision, personnel and ask “How can I put the right organization in place?”
15
Célia Mohimont
2022-2023
→ You need to communicate and consult. When you do risk assessment on ethics,
it’s essential to meet the people in and out of the company and compile
information.
→ Monitoring and reviewing. A good risk assessment is something that you need to
review on a regular basis because risk is changing all the time.
1) Establish the context: what are the company’s objectives, risk appetite, key stakeholders,
key criteria, structure, governance?
2) Identify the risks: what can happen to the company on an ethical point of view? How can
it happen? Look for benchmarks within the same business, to see what happened.
3) Analyse the risks: What are the systems that the company has put in place? Control
systems, whistleblowing hotline. Then what is the likelihood of something unethical
happening? What is the impact on the company if this happens? (reputation, fine, value...)
4) Evaluate and rank the risks: Need to prioritize the risks in order to...
5) Treat the risks: How can I reduce this risk? What is the best response a company can have
to these risks? Act first in the field that is the riskiest.
16
Célia Mohimont
2022-2023
- Third line: The people who provide independent assurance to the Board and
senior management concerning the effectiveness of management of risks. You find
this role in: internal audit, ethics and compliance function. They provide assurance
to senior management and the Board over the first- and second-line efforts. It
reports to the Board and needs to have objectivity and independence.
• It is best that the 2 last functions are not done by the same people (segregation of
duty).
• Purpose of the three lines of defense model: The model brings clarity on roles and
duties, avoid gaps in coverage, no duplication of efforts and risks and controls more
effectively managed. Increases the probability of providing unbiased, good,
information to the Board of Directors about the significant risks and how management
respond to those risks.
• Role of the board and senior management:
1. Demonstrate commitment to integrity and ethical values.
2. Exercise oversight responsibility.
3. Establish structure, authority and responsibility
4. Demonstrate commitment to competence
5. Enforce accountability.
17
Célia Mohimont
2022-2023
Risk appetite ?
• The amount of risk an organisation accepts will vary from organisation to organisation.
As risk appetites vary from organisation to organisation so too can risk appetites vary
across business units and risk types.
• If properly articulated, it is key for the risk management strategy. A well-defined risk
appetite is reflective of the business, is documented, consider the resources required
to manage the risk, is reviewed periodically and has been approved by the Board.
Risks identification
• Assess risks from two perspectives: likelihood and impact
• On both a global and residual basis
• Employ a combination of qualitative and quantitative risk assessment methodologies
Risks measures
18
Célia Mohimont
2022-2023
Risk exposure
P(L) (Potential Loss) x S(L) (severity of potential loss) = R(E) (risk exposure)
P(L) x EF (exposure factor) = R(E)
• Is it possible to measure it for Ethics and Compliance issues?
• Is there some value to try to do it?
• What about low likelihood/high impact? Catastrophic events
Risk matrix
19
Célia Mohimont
2022-2023
Remember
• Risk assessed in the red area does not automatically mean that the Risk is
unacceptable, or Risk assessed in yellow that the risk is acceptable.
• Management needs to assess that all risk has been reduced to acceptable level.
• Pays attention to assessor’s « bias », avoid concensus, challenge findings
• Interview and involve senior management, but also specialists and operational people
• Validate the risk assessment with highest level of the organization
• Risk assessment is a tool and needs to be acted upon
• Make sure your record factual information (discoverable documents)
Risk sheet
• Good practice to produce a risk description for each of the risk recorded
• Typically following information will be made available:
• A description of the risk
• An evaluation of potential impact and likelihood
• Evolution of the risk for the company
• Risk owner
• Identification of existing controls already in place to mitigate the risk
• Actions still to be implemented to bring the risk to acceptable level (and timetable)
20
Célia Mohimont
2022-2023
• Indicators to monitor risk and effectiveness of the mitigation (including internal audit
ratings)
Umicore
G16 Risk Management
Taking calculated risks is an integral part of the development of any company. Umicore’s
Board of Directors is ultimately responsible for assessing the risk profile of the Company
within the context of the Company strategy and external factors such as market conditions,
competitor positioning, technology developments etc and ensuring that adequate processes
are in place to manage these risks. Umicore’s management is tasked with successfully
exploiting business opportunities whilst at the same time limiting possible business losses. In
order to achieve this, Umicore operates a comprehensive risk management system... “The
Umicore Way” and the “Code of Conduct” are the cornerstones of the Internal Control
environment
Reflecting
• Using the matrix, identify three key risks for your company
• Position them on the matrix
• Discuss it with other participants and agree final position
• What are the mitigation actions in place?
• What else would be required?
• Have you an owner of the risk?
Joint ventures
• Insure at Board level that Directors request adoption of a materially equivalent
programme
• Formally request E&C report to the Board, ask questions to leadership
• Record objections to proposals involving step out of formal E&C controls
• Ensure objections are formally recorded
• Report infringement to the shareholders
• Seek resolve E&C issues or consider divestment
• Ensure incidents are managed
Introducing ASML
ASML makes the machines for making chips (Integrated Circuits):
• Lithography is the critical tool for producing chips
• All of the world’s top chip makers are our customers
• Payroll: ~14,000 FTEs
2014 – Highlights :
• Record net sales of € 5,856 million, up 12% vs 2013
• Gross margin 44.3% vs 41.5% in 2013
• Net income € 1,197 million, up 18% vs 2013
• Basic EPS € 2.74, up 16% versus 2013
• Maintained our strong cash balance
• Returned € 968 million to shareholders through combined dividend and share
• buybacks
Founded in 1984 as a spin-off from Philips
A global presence
22
Célia Mohimont
2022-2023
23
Célia Mohimont
2022-2023
24
Célia Mohimont
2022-2023
A virtuous cycle
26
Célia Mohimont
2022-2023
Launch event
• Is it a major shift in Cultural approach of the company ? Is it new for some culture?
• « Tick the Box » or one of the few Group document
• Is the Senior management behind it or is it « lip services » •« Tone from the Top » and
« Walk the talk »
• Explain why we need a Code of Conduct to the organization
Culture change
• Prepare to deal with questions from staff, get feedback (e.g. from a pilot group of
readers)
• How will you increase staff awareness of the Code of Conduct (games, videos, mail,
line managers involvement,..)
• Worldwide launch event(s)
• Pay attention to the quality of the translations
• Position the Code to help staff to deal with dilemmas
27
Célia Mohimont
2022-2023
Other aspects
Having a Code of conduct also implies a duty to report unethical behaviours. An employee can
be considered complicit if he didn’t report something he witnessed. They need to raise
concerns in good faith knowing that there is a non retaliation policy, that the system is
trustworthy. A whistleblowing system can also be implemented. And it needs to state in the
Code that those who violate it will be subject to disciplinary actions.
Insure you have robust process to deal with questions and issues
• Response time and advice to queries
• Investigation framework
• Ethics committee with Mgt, Legal and HR to impose disciplinary sanctions (no
exceptions, privileges, …
• Learning mechanisms to improve E&C programme and report
28
Célia Mohimont
2022-2023
Module 3: Whistleblowing
The EU Whistleblowing Directive gets translated in Belgium legislation : it will be dealt with JB
during his presentation.
• Scope : group wide system or specific ones ?
• Purpose: additional system or main one?
• Why? : Share concerns , seek advice, report suspected violation versus company code
of conduct
• Product quality,.. ?
Is it good to know?
• Early report is better
• Affirmative duty to report or strong encouragement
• Gather centrally serious concerns from other sources ? •Public helpline and rewards ?
Anonymous reports?
• Open reports encouraged
• Consideration given to anonymous reporting – more difficult to check good faith,
gathering additional nformation, checking validity of the concern, fair play for
employees against which allegation are made
• However fear for personal safety, reputation, confidentiality
29
Célia Mohimont
2022-2023
Issue of Confidentiality
• Every reasonable effort
Need to know basis information but may frustrate line management
• Circumstances when company must disclose findings to government or senior
management
• Not possible to guarantee confidentiality in all circumstances
Protecting whistleblowers
• Policy should prohibit retaliation (against concers reported in good faith)
• Disciplinary actions taken if employees fail to abide by this rule
• But can take years, difficult to prove and sometimes process may be abusedby false
claims
Goals of an Investigation
• Determine the facts: no personal opinions or conclusions
• Treat all involved with respect •Comply with legal requirements
• Provide defense to legal claims •Support good workplace climate
• Protect the record
30
Célia Mohimont
2022-2023
31
Célia Mohimont
2022-2023
Triage Issues
• Safety: Is the health or safety of anyone put in jeopardy by this situation? • Company
Impact: Will this matter have an immediate impact on the
• company financially or from a brand perspective?
• Communications: Who needs to know about the matter or any part thereof? If
applicable, how quickly can you speak to the Complainant for an initial discussion and
to let them know you are taking their concerns seriously?
• Do you want an Attorney Client privilege?
Timing of the Investigation
• Investigations vary in complexity and the length of time to complete
• All investigations must be conducted promptly
• Promptness may be a mitigating factor
- in almost every level of government enforcement, and delay or indifference can be
seen as an aggravating factor
Proactive Strategies
• Confidentiality: What steps can be taken now to best limit the universe of people
involved to those who need to know?
• Evidence: Is there any evidence that needs immediate attention or would otherwise
be in danger of spoliation?
• Do not destroy evidence
32
Célia Mohimont
2022-2023
33
Célia Mohimont
2022-2023
34
Célia Mohimont
2022-2023
The Strategy
35
Célia Mohimont
2022-2023
36
Célia Mohimont
2022-2023
• Open-ended questions
• Objective
• Aim to learn all relevant evidence the witness has
• Encourage the witness to talk
• What? ? - Who ? - Where? - When ? - Why?
- Explain? - Describe? - Give me a list
2. Clarification Phase
• Now get clarification for details
- Who?
- What?
- Where?
- Why?
- Tell me in detail
3. Closing Off
37
Célia Mohimont
2022-2023
Calls for EU lobbying rules to be reformed grow as corruption scandal rocks Brussels - Bing
video
38
Célia Mohimont
2022-2023
Individual dimension
• A recent study (Heumann, et. al., 2013) develops five differentiating whistleblower
typologies, based on goals, motivations and context:
• The Altruist: The conscience of the organization
• The Avenger: Motivated by revenge or retribution
• Organization Man: Speaks up for the economic interests of the company
• The Alarmist: Notorious complainer, always looking for dire consequences, regardless
of validity
• The Bounty Hunter: Seeks to make money through qui tam suits
Organizational dimension
• Research has shown (Vadera, et. al., 2009) that the most important factors that
influence reporting intentions and behavior include:
• Leadership
• Perceived support
• Organizational justice
• Organizational culture
• Type of organization
• Risk of retaliation
Legal dimension
• Laws and rewards, like the SEC Whistleblower Program, can influence the
whistleblower’s behavior, the process, and organizations.
• In the financial sector, the number of whistleblower tips received by the SEC has
grown more than 20% since 2012. (SEC Annual Report, 2014)
39
Célia Mohimont
2022-2023
Example
“Total’s affiliates have handled grievances for a number of years but we formalized the
process in 2012 with a mechanism that provides dedicated communication channels –
allowing individuals or groups who are our neighbors to raise questions or concerns related to
our activities – and processes to ensure grievances are promptly and fairly dealt with. “We try
to adapt these channels to the local situation and generally offer several channels in a given
project or affiliate so that literacy or language barriers do not prevent a person from making
his or her grievances known. “
Total Human rights briefing paper July 2016
Suppliers
• Communication through Supplier code (simple summary)
• External web site
• Contracts
• Transparency
40