Recently, the FCPA Blog featured the Novartis anti-bribery policy as part of its respective benchmark series. The design and implementation of an effective anti-bribery policy is undoubtedly one of the pillars of every serious compliance program — but it should not be seen as the only one. Rather, it should be considered an important part of an innovative and people-centered approach towards an integrated ethics, risk management and compliance ecosystem.
First, the anti-bribery policy should be clearly linked to the code of ethics of the corporation. The code of ethics is ultimately the “moral constitution” of every organization, and its principles and commitments should cover the purpose and risks of the respective corporation. At Novartis, anti-corruption is one of 22 commitments outlined in our Code of Ethics, which was co-created through crowdsourcing with thousands of our associates in 2020.
Second, as behavioral science, data science and decision science give us the unique opportunity to anticipate and address the true drivers of human behaviors, a code of ethics should address both the visible and invisible part of ethics in order to support associates to do what is right in their everyday context. The visible part is the code itself, which provides a clear signal to the organization and to the stakeholders about the organization’s ethical commitments, including anti-bribery. To ensure the code is not just words on a page, it should be supported by tools and resources to empower associates and teams to make more ethical decisions and raise awareness of potential biases.
The invisible part of ethics is shaped by our work environment and culture. It is about our sense of fairness and feeling psychologically safe to speak up, for example in the case a possible act of bribery is observed. Here, we need to especially equip middle management with ethical dilemma stories and a toolkit to facilitate conversations to create an open culture where people feel safe to speak up, bearing in mind local and relevant contexts.
Third, is culture. Yes, training is important and companies now provide compliance training in different and far more engaging ways than years ago. But the need to talk about ethics, and of course anti-bribery, should start earlier — as early as during the recruitment process. It sends a very powerful message about the value of integrity if we include ethical dilemma situations when interviewing applicants.
Fourth, it is all about measurement. How compliance maturity can be measured (or rather why this is allegedly not possible) has been discussed in our community for the past decade. To make this clear, this is not about counting cases of individual misconduct — which unfortunately will always occur in organizations despite robust compliance programs (another lesson learned from behavioral science). This is about measurable progress on assurance levels and the company culture based on hard data, which companies are constantly gathering in all relevant dimensions of a compliance program, including culture measurement surveys.
Ultimately, robust anti-bribery policies are, and will always be, needed in organizations. By comparing and sharing, we learn from each other — but we should be wary of looking at these policies in isolation. Anti-bribery policies are an important part of the compliance landscape, and provide most meaning when considered as part of a comprehensive ethics agenda.