Richard Bistrong: Who’s gaming your compliance program?

Instead of completing compliance training modules on their own, three Credit Suisse bankers had their administrative assistants do the work for them.

The admins logged in with their boss’s credentials and completed two modules — “Understanding Money Laundering, Terrorist Financing, Sanctions and Corruption” and “Global Records Management.”

Wall Street’s independent regulator, FINRA, found out about the cheating and ordered all three bankers to give back part of their 2015 bonuses.

That reminded me . . . . .

Ten years ago, while I was cooperating with the FBI and using a computer the FBI was monitoring, several agents and intermediaries sent me due-diligence self-assessments to complete on their behalf. The self assessments were part of the vetting process for a well-known multinational.

One thing I noticed right away, other than my being an unlikely candidate then to complete an anti-bribery self-assessment, was that the requests came from agents where English was a second language, and yet all of the self-assessments were in English.

Of course, agents who send self-assessments to someone else to complete probably aren’t “best in class” in terms of ethics and compliance. And while I declined to complete the assessments, some of those agents were successfully on-boarded. 

In another example, a few years ago, I was chatting on the phone with a good friend who worked then for a global bank. In the background, I heard “FCPA” and I asked what that was about. He said he was going through his annual anti-bribery training.

I said, “Hey, your best friend got locked up for breaking that law. How about ending our call, paying attention, and let’s talk later.”

When I posted the Credit Suisse article on LinkedIn, Marc Leu, a compliance and risk management executive, asked: “Is it because of the culture, because they don’t care, or is it because it is the same training they have been doing for the last three years and the content does not address the real questions, nor does it give useful answers, re how to deal with difficult situations.”

Those are great questions. How do we engage a globally disbursed workforce with effective training that’s  tailored to someone’s role and knowledge base?

As my three examples show, how do we even know (or how can we know) that people are using and completing the modules on their own?

The solution is often a combination of multiple platforms and training content, where face-to-face instruction is combined and complemented with e-learning programs, video and other material.

I often hear compliance leaders say, “It’s good to change things up.” That’s true. Different compliance perspectives can spark the “difficult discussions” I often talk about. That’s why it’s healthy to use multiple tools that don’t stop at a desk-top, lap-top or smart device. Creating an interactive experience across numerous platforms makes things more memorable and easier to share and retain.

On-line training and self-assessments have value and can be an important part of training and on-boarding. But when they stand alone — separate from more adaptive education and deep-dive due-diligence solutions — they easily be discarded, diluted, and gamed by the people who need them the most. Worse, as the three examples demonstrate, standing alone, they can lead to a false and dangerous sense of complacency that “all is ok” when those responses are collected, aggregated and even scrutinized.

____

Richard Bistrong is a contributing editor of the FCPA Blog and CEO of Front-Line Anti-Bribery LLC. In 2010 he pleaded guilty to a conspiracy to violate the FCPA and served fourteen-and-a-half months at a U.S. federal prison camp. He was named to Compliance Week’s list of Top Minds in 2017 and was one of Ethisphere’s 100 Most Influential in Business Ethics in 2015. 

His popular real-life compliance training video, Behind the Bribe, produced in cooperation with Mastercard, was released in 2017.

To request a demo of the full eleven-minute video or a licensing fee schedule, please click here.