I stay out of debates about the nature of compliance and how a compliance program should function, except in cases where the argument is related to how we communicate our compliance messages to employees. One such debate was framed nicely in the latest issue of Compliance & Ethics Professional, SCCE’s magazine.
On the one hand, in his Letter from the CEO, Roy Snell issues yet another call for the Compliance function to stay out of the Corporate Social Responsibility (CSR) business. “Solving the world’s [social ethics] problems will do nothing to prevent the next Enron, WorldCom, Siemens or Penn State problems,” he says. When Compliance professionals focus their attentions on political or social ethics issues, Roy says, we may be, “. . .forsaking business ethics for a good cause (world ethics), but we are still forsaking business ethics.” No surprise there; he’s made this argument frequently. His clearest statement of this position can be found on his blog.
What’s interesting is that in this same issue, Steve Priest interviews Chris Fox, VP of CSR at Hanesbrands, Inc., in a piece specifically arguing that “compliance and corporate responsibility belong together.” Steve starts by saying that “15 years ago [he] predicted that ethics, compliance, and corporate responsibility would converge,” and ends expressing appreciation for the work that Hanesbrands has done to further this integration.
15 years ago I, too, predicted that Compliance and CSR would merge and, in fact, my quixotic, activist-minded self argued that this was the desired outcome. I now believe I was wrong on both counts.
What I know now, that I did not sufficiently appreciate then, is that not only is the business of managing compliance risk monumentally challenging, but that communicating about those risks in a manner that keeps employees from violating a (sometimes extremely complex) maze of laws and regulations can often require more time, energy, focus, and stamina than even many purely compliance-focused professionals have available. Communicating legal, regulatory, and policy expectations in a truly effective manner is something that many compliance officers are only just now getting a handle on. The last thing they need is to have to figure out how to add compelling communications about social and political ethics on top of those compliance issues in a way that doesn’t completely muddle up the message.
To be clear: Do I think that CSR is important? Yes, hugely. Do I think that communicating the company’s commitment to always “doing the right thing” – beyond compliance with the law – is important? Yes, absolutely. Do I think that CSR professionals and compliance professionals should work together to ensure that they are communicating the same overarching values to employees? Yes, of course.
However, while I am not necessarily saying I believe that Hanesbrands should not be integrating compliance and CSR (sounds like it’s working there), I do think that to hold up the Hanesbrands approach as an example for other compliance professionals to follow is a mistake. Not only do CSR and compliance often have inherently conflicting objectives, but attempting to stir together compliance and CSR communications will almost certainly dilute and confuse both kinds of messages without immense time, money, and effort. And confused compliance communication is not something that any company can afford.