Beijing Law Review
2010. Vol.1, No.1, 1-6
Copyright © 2010 SciRes.
Managing Ethical Risks and Crises: Beyond Legal Compliance
Diane Huberman Arnold1, Keith Arnold2, Vanessa J. Arnold3
1Department of Philosophy, Carleton University, Canada;
2Department of Philosophy, University of Ottawa, Canada;
3Emily Carr University of Art and Design, Canada.
Email: diane_hub ermanar nol d@ carlet
Received September 9th, 2010; revised Oc t ober 15th, 2010; accepted November 8th, 2010.
Recent interest in culture stems from its power to explain corporate and organizational failures. Such failures are
both internal and external: accounting fraud, management misconduct, harassment and bullying in the workplace,
racism, sexism, environmental issues, and health and safety concerns. Current theory holds that these failures are
to be explained partly by the particular, poor organizational culture and unhealthy climate, poor leadership, and
by the misdeeds of a few bad apples. When economic conditions are negative, organizations look to legislation,
regulations, and codes, to reform their culture, and manage the risks of organizational failure. Both the com-
pliance strategy, demanding obedience to laws, regulations and codes, and the integrity or values strategy, fo-
cusing on ethics training, education, tone at the top, and the hiring of employees with integrity and values, are
the mainstay of recent legislation and regulations in North America and the European Union. We criticize the re-
liance on legislation, regulations and codes, the focus of a compliance solution which we find inadequate, inef-
fective, and unenforceable. We suggest reliance on a front-end, proactive and preventive program of best, pre-
cautionary practices, will better meet the challenge, in prosperity or poverty, of setting corporate culture on the
right track.
Keywords: Organizational Behavior, Business Law, policy, ethics
Corporate Scandals
We live in an age when every corporate or organizational
misdeed, mischief or malfeasance is attributed to the culture of
the organization or corporation. Here is a sampling:
“Even the most upright people are apt to become dishonest,
and unmindful of civic responsibilities when placed in a typical
corporate environment.” (Wall Street Journal)
“A corporate culture blighted by infectious greed, is the
cause of the breakdown in confidence among investors.” (New
York Times)
“If this scandalous laxity had not existed, the hubris of
Enron’s managers would not have mattered. A culture of cor-
ruption cannot develop if tough watchdogs are in place.”
(Washington Post)
These claims that certain business cultures may produce or
foster bad behaviour and/or criminality, and overpower em-
ployees’ personal values, have served as the favored explana-
tion for many years, for the large corporate scandals that have
occurred. This explanation, that culture produces the problems,
is the foundation for recent developments in business law.
(Trevino, 2007 Ferrell et al., 2008) Recent legislation seeks to
punish bad corporate culture, seeks to restrict the harm which
organizations might cause, and aims to promote ethical beha-
These complex matters can be highlighted by literature.
Émile Zola offers a past but relevant way into these issues. La
Curée is Zola’s novel in the Rougon-Macquart series, about
greed, violence and corruption in business. The event which
takes place when the hounds are given the remains of the stag,
after the hunt. The title and setting are, unfortunately, accurate
and appropriate metaphors for our subject matter. The novel
concerns Baron Haussmann’s attempt to transform Paris from a
medieval city into a modern one, following the example of
London, in the 1860’s. In this redevelopment of Paris, there
were fortunes to be made, scruples to be overcome, and morals
to be discarded. Dummy credit lines were set up by unsavory
financiers. The price of land and housing was artificially in-
flated. As a result, millionaires were made, while thousands
were defrauded. (Zola 1874/1999)
Zola’s novel follows the grim profiteering and social success
of the corrupt Saccard family, as it makes its money in collu-
sion with corrupt government officials, by trampling over vic-
tims and their rights. In the Preface to this saga of bribery, cor-
ruption, and financial malfeasance, Zola asks and answers two
questions about the wrongdoing he describes:
Is the corruption caused by a society or culture that has gone
bad, and is rotten to the core?
Is the solution to this problem to reform society and business,
by new regulations and legislation?
Zola’s answer suggests that the corruption in business re-
quires more than a bad culture, to explain what happened. In his
claim to be writing a natural history, Zola stands firm in his
view that both bad apples and bad barrels, the evil people and
the corrupt culture, are necessary to explain what was rotten in
the with new legislation, will be required to reform it.
Corporate Culture
Zola did not distinguish the various kinds of scandal there
are, but, in essence, everything we have seen of recent business
scandals is in La Curée. There are internal problems the fail-
ure of a rigid hierarchical organizational structure, fraud, bri-
bery, discrimination, corruption, cooking the books, kickbacks,
and extortion. There are external failures harassment, vi-
olence, bullying, nepotism and cronyism, and health and safety
violations. Common risk factors appear -poor leadership, pres-
sure to compromise standards, greed, cutting corners, setting
unrealistic goals and overreaching expectations. (Crane & Mat-
ten, 2010)
The evidence for the negative impact of a bad culture is
overwhelming. Culture shapes workplace values, norms, poli-
cies and procedures. (McShane, 2001) Workplace behavior
varies greatly from personal behavior, from the toxic boss who
is still a wonderful spouse and parent, to the model employee at
work who is a monster at home. These multiple-selves pheno-
mena are inexplicable, unless we accept that organizational
culture exists and greatly impacts workplace actions. (Card,
2005) Firms in the same industry, whose corporate culture dif-
fers greatly, will see up to a thirty percent difference in perfor-
mance. Firms with similar cultures, which use different man-
agement strategies, will only see a five percent difference in
performance. Clearly, organizational culture has the larger im-
pact. (Shaw & Barry, 2007) It is the operating culture, what an
organization influence.
Zola wrote of the spreading of harm, of people who infect
others. He explained the impact of a bad culture with a parallel
to bad fruit, bruised, overheated and bacterially infected, which
extends the damage to the rest of the barrel’s contents. The bad
apples are those who will do harm to the organization, intend to
do harm, and whose own interests are their first, or only, prior-
ity. These are the toxic individuals whom Zola describes as
plague-carriers, who infect others. (Zola, 1877/2009) The ma-
jority is the mass of swayable employees, who can be turned,
and can tip the balance and change the culture for good or for
bad. The counter-belief is that with strong legislation, there is a
limit to the harm and influence of bad apples, rogue employees,
and toxic bosses within an organization. It is believed that car-
rots and sticks, mitigating and aggravating motivators, help
foster a good organizational culture. (Trevino & Nelson, 2007)
There are four different combinations possible, between good
and bad apples, and good and bad cultures. Only one of the four
has the ideal of good apples interacting with good cultures.
Legislation seeks to limit and influence the other three scena-
What goes wrong cannot be ignored. A bad culture will lose,
for the organization, their good employees, who cannot or will
not stand the pressure and discomfort of the unhealthy or toxic
workplace, leaving only the bad apples that will bring the place
down. Those who kept the values of the organization expensive;
losing good people costs even more money. Lack of loyalty and
commitment to the organization causes problems, and low mo-
rale costs even more. (Ferrell et al., 2008; Crane & Matten,
Established Strategies for Reforming
There are three obvious options an organization at risk or in
crisis will have. The organization may perceive the risks and
vulnerabilities in functioning, and wish to reduce risk and pre-
vent harm. Alternatively, the organization may already have
suffered harm, and must adopt crisis management to prevent
further harm and rectify its mistakes. (Karakowsky et al., 2005)
Worst case scenario, the organization has already failed; it may
be broken, not able to function or fulfill its mandate, and must
transform or reform its culture. In all three cases, with varying
degrees of urgency, the organization must adopt strategies to
strengthen and repair its operating culture.
In the literature, there are three recognized strategies for re-
pairing a culture. This task has been called ‘managing ethics’,
though we prefer the later term ‘resilience management’, for
sustainable organizations. The first two strategies for this pur-
pose were described by Paine, who named them the compliance
program, and the values or integrity program. The third strate-
gy, which is a mixture of these two programs, which was de-
picted by Trevino as a more effective program, remains un-
named. (Paine, 1994; Trevino & Nelson, 2007) around the
world, relies on obedience to legislation, regulations, and en-
forcement of codes of ethics, and codes of conduct. These are
often part of a formal, legislated, ethics program or package for
an organization. The basis of this strategy is compliance with
the relevant legislation; the best known of which are in the U.S.
Compliance is legally mandated by the Federal Sentencing
Guidelines [1991], Sarbanes-Oxley [2002] and the Amend-
ments to the FS Guidelines [2004]. The U.K. and continental
Europe have similar systems in place. In Canada, there are
eighteen standards still to be introduced by the Ontario Securi-
ties Commission (OSC) which will do the same. By complying
with these, management can hope to detect mischief and bad
behaviour, punish violators, and divest them from the organiza-
The values or integrity program attempts to instill values into
the organization. It relies on careful testing and selection of
new employees, hired with values aligned to the espoused cul-
ture. It endorses employee training and education in ethics,
rewards programs, an ethics officer, and ethics champions. This
integrity strategy is based on the belief that values, commitment
and integrity should permeate the workplace, and should figure
in everyday decision-making, as well as in all policy making.
There is an attempt to establish an alignment between the es-
poused culture the organization claims to have, and the reality
of the operating culture of the organization, so there will be no
The third program is a combination of these two strategies. It
adopts the force and strengths of the compliance program,
while recognizing that these techniques of the values or integr-
ity program increases its transformational effectiveness. This
third mixed strategy has been adopted by the U.S. as part of the
legal amendments to the Federal Sentencing Guidelines.
Strategic Evaluation
We look first at the compliance strategy, with the force of
law behind it. Compliance is now part of all government man-
dated ethics packages or programs. Each organization covered
must have a code or compliance standard, which is to be com-
municated, monitored and audited. There must be an ethics
officer, and/or an ethics committee, ready to adjudicate the
issues and specific cases, serving as the corporate legal con-
science. There are also strict governance requirements for the
Board of Directors. This is reinforced with a system of sanc-
tions for breaches, and whistle-blowing protection in place.
(Ferrell et al., 2008; Trevino & Nelson, 2007)
For any multi-national in the U.S., and for any other business
located outside but operating in the U.S., these organizations
are legally obliged, and have every incentive, to comply. Legal
punishment under the U.S. Federal Sentencing Guidelines for
unethical or illegal activity is mitigated or aggravated by how
duly diligent the organization is, in adhering to its ethical pro-
gram. However, an ethics program is an expensive undertaking
for organizations, particularly in monitoring legal compliance.
In cost saving measures, companies find ways to minimize or
skirt compliance. They search for loopholes, and put in place
the bare minimum they companies judge that the espoused
culture and codes are adequate protection. The real risks are
neither managed nor anticipated. For example, when multina-
tional Nortel’s stock was trading high, it paid lip service to
compliance, and abandoned the core of its ethics program, even
firing the ethics officer. Later, when Nortel was under legal
investigation for accounting fraud, and the stock price fell to
under a dollar, Nortel re-instituted an ethics program, with a
new ethics officer. It was not clear whether this was to appease
investigators, to show compliance, or merely designed to boost
the company image. In any event, it did not save the company.
(Ho, 2005)
Paine herself evinced similar skepticism concerning the effi-
cacy of the compliance strategy alone. Evidence suggests that
this compliance strategy is only a short-term strategy, good for
crisis management, but not for long term cultural change. While
it is less costly for organizations to implement a basic com-
pliance strategy, by writing a code and ordering everyone in the
corporation to obey it, the newer versions of compliance are
more complicated, and thus more expensive undertakings.
(Paine, 1994)
Basic compliance programs bow to the lowest common de-
nominator; they are minimalist. They may function well at rid-
ding an organization of bad apples, because they are designed
to punish regulatory violations and ethical breaches of set stan-
dards. But programs lapse, or loopholes are found, unless more
than basic compliance is activated. Evidence indicates that
compliance has marginal effect on the corporate culture. (Paine,
1994; Weaver et al., 1999) In the vast in place, while bad beha-
viour continues -and at the same rate.
This proves that a legal compliance program cannot serve to
protect an organization against bad behaviour, nor promote
good behaviour in an organization. Some of the most legislated
and highly regulated organizations exhibit continuing ethical
lapses. Recently, we have the example of BP and the harm it
has caused to the environment, and the Gulf Coast states in the
U.S. (McKay & Huberman Arnold, 2010) Para-military police
forces around the world, are also organizations with questiona-
ble cultures, and repeated, and marked, ethical failures. (Hu-
berman Arnold & Arnold, 2010) Ethics is not part of their cul-
ture, though regulations and legislation are.
We turn to the second strategy, the integrity or values pro-
gram. This strategy is important since most multi-nationals and
large organizations, while legally mandated to employ the
compliance strategy, need to do more than the minimal legally
required. Studies make clear that if efficacy were the criterion
of strategy choice, the integrity or values strategy would be
chosen. Evaluation of the integrity or values strategy alleges
that it works better, to ethicalize an organization, especially in
the long term. (Weaver et al., 1999) It is claimed to be the more
effective way to manage ethics, helping to prevent crises, and to
inculcate ethics throughout the organization. (Paine, 1994)
The integrity strategy is used more, and works best, in small
and medium-size organizations, where it is actually possible to
hold shared values, a shared concern for ethics, and a shared
culture. In larger organizations, without the values strategy falls
short. When a crisis is at hand, waiting “six to fifteen years” for
a culture shift to be accomplished, is not feasible. (Trevino &
Nelson, 2007)
Paine herself case-studied three businesses of various sizes,
which she claimed had already successfully integrated the inte-
grity strategy. They were Martin Marietta, a U.S. defense con-
tractor with sixty thousand employees, Novacare, a U.S. health
service provider, and Wetherill Associates, a U.S. automobile
electrical parts supplier. The last was the smallest, with only
350 employees. (Paine, 1994) With a view to seeing how well
the strategy works and how long its good effects last, we re-
searched the progress of these cited companies in the last fif-
teen years.
Martin Marietta was involved in scandals in the 1970s and
the 1980s. In 1995 it merged with Lockheed, to form Lockheed
Martin, with 135,000 employees. Since that time, it has not
ceased to be involved in scandals across North America and
Asia, accused of fraud, bribery, corruption, war profiteering. It
has paid many millions of dollars in fines to the U.S. govern-
ment, among other stakeholders. A current Google search for
scandals involving Lockheed Martin draws an astounding
103,000 item long list. It is therefore not a good example of
integrity at work.
Novacare Inc., when Paine looked at it, was a medium-sized
health care and rehabilitation company, run under the vision of
its CEO, Foster, who was later criticized for making deals that
benefited himself more than any other stakeholders, and for
holding stock valued at over thirty million dollars. Novacare
trouble. Its income dropped dramatically with the reduced gov-
ernment payments for seniors’ rehab, from Medicare. Health-
South was, of course, later involved in scandals of fraud, ac-
counting and bribery scandals, focusing on its president Ri-
chard Scrushy. Select Medical Corp became the parent compa-
ny of Novacare, when it acquired that part of HealthSouth, in
the wake of the scandals. Novecare has doubled in size, become
the largest provider of rehabilitation services in the U.S., and
focuses on profits, growth, and the number one spot in the in-
dustry. While there is still the same discussion of cutting out
the “mom and pop” rehab centers from the inception of Nova-
care through its implosion in the ‘90s, to its present state, there
is no talk about workplace values or integrity. It is not a good
example of integrity at work, and it was not sustainable.
Research reveals that Wetherill has expanded triple-fold with
a thousand employees, and globalized. It is still privately
owned, and has bought and taken over other businesses. It has
outsourced much of its electronic work to Thailand. These
electronic factories in Thailand are under investigation for
health and safety violations, and human rights abuses, but
nothing yet has been connected back to Wetherill. Wetherill has
been cited by labor organizations for costing jobs, closing
American factories, and for outsourcing work offshore. This
again is a questionable paradigm for the integrity or values
strateg y.
From Paine’s own three cases, it is clear that reliance on the
integrity strategy to manage ethics risks and crises, has many
pitfalls. Ironically, a problem that the integrity or values strate-
gy faces, is that there is nothing that wholly voluntary, and
lacking any compliance mechanisms, will fail.
There are other concerns in relying exclusively on the integr-
ity program. In large corporations, where most ethical malfeas-
ance is found, values are not much discussed. CEOs of large
organizations are skeptical, and power and distance means val-
ues and ethics are seen as too touchy-feely or metro-sexual for
‘real’ businessmen to be concerned with, or to be comfortable
discussing. (Quinn, 1997; Vyakarnam, 1997)
The Third Strategy
These difficulties have been recognized, and have prodded
attempts to fuse the two strategies together, for managing risks
and crises. What is achieved is a third, mixed or combined
strategy. Under the most recent U.S. Federal Sentencing Guide-
lines Amendments, the integrity strategy, added to compliance,
is now also required by law, to bolster a corporate culture that
encourages legal and ethical behaviour.
These Federal Sentencing Guidelines amendments of April
2004 list a number of requirements. Companies are to promote
an organizational culture that encourages ethical conduct, in
that (a) the ethics programs must be effective, in promoting a
culture that encourages a commitment to compliance with the
law; (b) they must draft compliance policies which deal with
harassment, discrimination, etc; (c) they must motivate em-
ployees to comply, by providing incentives; (d) they have a
duty to introduce ethics programs which prevent and detect
violations of the law; and (e) small to medium businesses are
now also compliance programs, as well as an active integrity
strategy with ethics training, and whistle-blower protection, to
aid in decision-making. (Trevino & Nelson, 2007)
The aim of the amendments and the original legislation is the
promotion of a legal and an ethical organizational culture, and
the prevention of wrongdoing and criminality. Although it does
make more sense to take a two-pronged approach and combine
the two strategies to gain the advantages of both, the effective-
ness of this dual application is still in question. Trevino and
Nelson (2007) give two examples of companies successfully
using the third combined strategy Merck and American Ex-
Research shows that neither company has a noteworthy legal
or ethical record. While American Express has been implicated
in, and disciplined for, several scandals, including financial
services scandal, taking government bailout funds in the recent
recession, stock manipulation, a large fine for gender and age
discrimination, and a vendetta and smear campaign against an
international banking rival, (Rocco, 1992; Associated Press,
200 a) its lapses pale when compared to Merck.
Merck is one of the largest pharmaceutical companies in the
world, and in recent years has been charged with massive ethi-
cal misconduct, including medical fraud, accounting scandals,
ghostwriting of pharma journals and phony drug study reports,
cover-ups of health and safety with Fosomax, Vytorin, and
customers. (Associated Press, 2004b; Corporate Narc, 2010)
Failure to Promote and Prevent
The combined strategy promises more effectiveness than it
can deliver. Legislation can never protect in advance, as it looks
to the past, and serves best to punish after the fact. In reality,
most wrongdoing is not prosecuted, and of the few cases that
are taken up, fewer still end successfully. It is said that for
every business crime prosecuted, there are ten reported, and
forty unreported. (Soifer, 1997) Small businesses are rarely, if
ever, charged. The hope of the mixed strategy is that it will
deter or prevent unethical actions, but the risks of being caught
are slight, and the rate of exposed malfeasance has remained
constant over the years. If, however, the aim of the legislation is
for organizations to want to behave ethically, to live up to their
social and ethical responsibilities, then, the “law is the last
resort”. (Soifer, 1997)
U.S. Government fines have increased over the past twenty
years for criminal unethical business conduct, from an average
of $200,000 to an average of $2 million. Taking into account
the fluctuation of businesses coming into and going out of ex-
istence, and the normal growth of the number of businesses
over time, and factoring in economic ups and downs, the sur-
prising truth is that the rates of criminal and unethical beha-
viour in business have remained constant. There are no sharp
increases or declines, just a steady state. About 10 12 % year.
(Ferrell et al., 2008)
This implies that the three major strategies used to reform
organizational culture, have had limited effect. Companies still
tend to misbehave, especially in the downturns of economic
cycles. Mathematically, this strongly signals that there is a
normal distribution, a classic bell curve of ethical and unethical
behaviour, where the ethical tail and the unethical tail remain
constant and fixed, at about ten to fifteen percent each, and the
majority of corporate and business behaviour falls in the middle.
If more is at stake, if bottom line, or jobs, or contracts are on
the line, ethics takes second place, or lower. The curve is
skewed. Enron and Nortel are poster corporations for this.
Applying the Pareto Principle to this situation, it follows that
eighty to eighty-five percent of unethical business behaviour is
committed by fifteen to twenty percent of corporations, and
these are mostly large organizations, with more than 2,500
employees. Not surprisingly, the majority of employees of large
organizations believe their bosses or leaders are not honest, do
not have high personal integrity, and they would not feel com-
fortable reporting workplace misconduct to them. (Berman,
2000) The same results are obtained from “What the Bagel Man
Saw”; large organizations are more unethical than small ones.
(Levitt & Dubner, 2005) Investigation of the established strate-
gies shows no magic bullet that will transform a failing organi-
zation into an ethical one.
Crisis Management
In the search for new and effective strategies, a theoretical
distinction must be made between front end strategies and back
end strategies. This uses the image of a boat, to explain what is
meant by front end strategies and back end strategies. The usual
set of strategies, the back end strategies, are needed for a
boat/organization that runs into trouble. Organizations need
ways to back out of that trouble, trying to fix whatever has gone
wrong, whether the crisis is internal or external. However, none
of this will prevent harm coming to the boat. Nothing to avoid
the risk or to improve the capacities or capabilities of the or-
ganization for dealing with potential or imminent harm is of-
Back end strategies like compliance, then, are reactive and
have limited effect. They typically operate ex post facto. Like
the law, they are designed to deal with the past, with what has
already happened. Our laws show what decisions, activities and
outcomes we disapprove of, and what is punishable. (Soifer,
1997) Legislation, regulations, and codes cannot reach the goals
of prevention and protection to which the U.S. Federal Sen-
tencing laws are directed .
There are other reasons why these back end strategies come
up short. There are risks and harm, damage to stakeholders and
people’s lives, which are so harmful and so enormous that they
can never be repaired or reformed; they are unfixable. Punish-
ing Merck does not heal heart attacks or bring back the dead.
Punishing Madoff does not repay his victims or redress the
harm done.
Secondly, no part of compliance deals with the known risks
or impediments to an ethical organizational culture -rogue em-
ployees, toxic standards, and no recognition of internal resis-
tance or criticism. (Karakowsky et al., 2005; Ferrell et al., 2008;
Crane & Matten, 2010) Back end strategies cannot prevent any
of these, nor protect and organization from their risks, even
backed by the force of the law.
Back end strategies cannot make people ethical, nor can they
make organizations ethical. The ethical programs which are at
the center of the Federal Sentencing Guidelines, and Sar-
banes-Oxley, etc. have these goals, but do not provide the me-
thods to reach them. They cannot close gaps they do not recog-
nize. Compliance strategies, as back end strategies, cannot suc-
ceed in ethicalizing an organization, or positively impacting an
organizational culture. There is no example of an organization
that has been able to turn itself around, to transform its culture,
using back end strategies.
Front End Strategies and Risk Management
Front end strategies are designed to operate ex ante, as a risk
management technique. They are designed to protect, proac-
tively, organizations from future wrongdoing and potential
harm, to prevent future criminality and abuse, and to promote
good behaviour and an ethical culture. In order to do this, front
end strategies must protect organizations from their particular
risks or vulnerabilities, which vary by industry and organization.
(Walker, 2007) Such strategies must promote ethical behaviour
by identifying any gaps there are, and impediments that exist,
which served in the past to prevent the organization from fulfil-
ling its social and ethical responsibilities, and its mandate.
(Marcinow, 1996) Applied Ethics, in June 2010, suggested that
there were three things an organization should do, to handle
crises and catastrophes. (1) Where there is a high risk of moral
hazard usually shown by past events adopt a precautionary
principle. (2) Engage in communications and exchanges of
ideas between the organization and all its stakeholders. (3) Ac-
cept preventive measures from regulators. (Markkula, 2010)
Regulatory oversight only helps only if it stands in defense
of the stakeholders, and not the vested interests of the organiza-
tion. It is clear in the case of Merck that this did not happen.
The Federal Drug Agency (FDA) exhibited no oversight, and
asked the pharmaceutical companies to regulate themselves, by
writing their own regulations. (Corporate Narc, 2010) Similar
practice is observable with BP offshore oil drilling and the col-
lusion of the Federal Mineral Management Service, which
asked BP to investigate itself and write its own oversight study
reports. (Efstathiou, 2010)
Gap Analysis
Front end strategies, like the precautionary principle, make
use of gap analyses. A gap analysis is an assessment which
identifies what it takes, to move from one position to another.
One kind of gap analysis is a vulnerability or risk analysis. For
example, it is the kind involved in environmental protection,
where potential hazards and threats to the environment are
identified and assessed. Gap analysis here delineates ways to
reduce or eliminate the risks.
A second useful type of gap analysis is an impediment anal-
ysis. Here, an organization audits its actual social and ethical
performance, sets goals and desirable standards, and then iden-
tifies any impediments which prevent or might prevent the
organization from reaching its ethical potential. (Walker, 2007)
The list of impediments and vulnerabilities is open ended. It
is useful, nevertheless, to identify some best precautionary
practices in management, which serve to close the gap on iden-
tifiable risks, and eliminate impediments to better behaviour.
One important precautionary practice in risk management for
larger organizations is thinking small, using small scale struc-
turing. UPS, for example, has been reorganized to resemble a
group of family firms, with a flatter structure, each with its own
independence, and autonomy in decision-making. This illu-
strates the strategy of dividing up a large business into a series
of small businesses, to get the advantages of both structures.
There are, then, within each individual self-regulated unit,
greater chances for organizing and monitoring their own beha-
vior and decision-makin g, but all units work toward the same
goals and with the same purpose. (Putnam & Feldstein, 2003)
Another precautionary practice involves partnering with civil
society, to share policies, standards, and regulations. Civil so-
ciety consists of nongovernmental organizations, not-for -profit
organizations, interest or advocacy groups, volunteer and activ-
ist groups, religious groups, and local community groups. In the
U.S., there are nearly two million such groups, and in Canada,
nearly two hundred thousand. These two countries top the list
in numbers of environmental issues, to fair trade concerns, to
human rights protection. (Crane & Matten, 2010)
Such groups serve as proxy stakeholders, Markkula’s second
point. They speak for and protect those without power or im-
pact; they give voice to the voiceless. Such groups partnering
with corporations assist in drafting laws and regulations, which
identify case specific and industry-wide vulnerabilities, and
formulate solutions. Civil society groups have been called ‘the
new regulators’, in that they exert public pressure through
demonstrations, pickets, publications, and the media, and this
pressure is very effective in transforming organizational culture.
(Brugmann & Prahalad, 2007)
A third best practice, most contentious in the corporate world,
is that of transparency. It is precautionary, preventive, and is
open to stakeholders and regulators, so ensures all three Mark-
kula points. Transparency, and its connection to honesty and
rationality, opens up decision-making within an organization,
making people and the organization accountable. (Paine et al.,
2005) A lack of transparency, the refusal to be transparent in an
organization, blocks scrutiny of decisions and actions. Lack of
transparency gives rise to distrust, and to the belief that there
must be something wrong that needs to be covered up or denied,
from hidden agendas to unacknowledged goals. Hiding behind
claims of privacy and confidentiality undermines accountability,
and any claims to honesty, equity, and due process. (Woods &
Goss, 2009; London Times, 2010)
Trust, honesty and equity are communitarian values. Mutual
communitarian trust is the basis of organizational behaviour.
Trust allows organizations to deal with each other, without
constant recourse to violence or the law. Business benefits, as
does the entire community. (Sen, 2007) Front end precautionary
strategies promote good behaviour, as they build or rebuild,
Associated Press editorial (2004a). American Express Faces Discipli-
nary Action.
Associated Press editorial (2004b). Report: Vioxx linked to thousands
of deaths.
Berman, Dennis, ed. 2000. Small virtues: entrepreneurs are more ethi-
cal. Business Week’s Frontier.
Brugmann, Jeb and C.K. Prahalad. (2007). Co-creating business’s new
social compact, Harvard Business Review.
Card, Claudia. (2005). The atrocity paradigm: A theory of evil. New
York: Oxford,
Corporate Narc. (2010). Merck Accounting Scandal, accessed.
Crane, Andrew & Dirk Matten. (2010). Business ethics: managing
citizenship and sustainability in the age of globalization. Oxford:
Efstathious Jr., Jim. (2010). Drilling regulators banned by U.S. from
dealing wit h friends, relatives. Bloomberg News.
Ferrell, O.C., John Fraedrich & Linda Ferrell. (2008). Business Ethics:
Ethical Decision Making and Cases. 6th ed., Boston: Houghton Mif-
Ho, Vanessa. (2005). Cautious Optimism Greets Nortel’s Appointment
of Ethics Chief., Jan. 16,
Huberman Arnold, Diane & Keith Arnold. (2010)Broken Organiza-
Kar akowsky, Len, Archie B., Carroll & Ann K. (2005). Buchholtz,
Business and Society: Ethics and Stakeholder Management. Toronto:
Levitt, Steven D. & Stephen J. (2005). Dubner. Freakonomics. New
York: Harper Collins.
London Times. (2010). Editorial. Private Life. Public Good.
Marcinow, Diane M. (1996). The paradox of ethical resistance: why do
individuals frequently encounter retaliation for ‘doing the right thing’?
Proceedings of the Fifth Conflict Resolution Symposium. Ottawa:
Carleton University. 64-81.
Markkula. (2010). Center For Applied Ethics, Managing Risk Ethically
McKay, Ruth & Diane Huberman Arnold. (2010). Sustainable Enter-
prise: Crisis Management and Culture Transformation.
McShane, Steven L. (2001). Canadian Organizational Behaviour, 4th ed.
Toronto: McGraw-Hill Ryerson.
Paine, Lynn S. (1994). Managing for organizational integrity. Harvard
Business Review. 17-106.
Paine, Lynn S., Rohit Deshpande, Joshua D. Margolis & Kim Eric
Bettcher. (2005). Up to code: Does your company’s conduct meet
world-Class standards? Harvard Business Review. pp. 122-135.
Putnam, Robert D. & Lewis M. Feldstein. (2003). Better Together:
Restoring the American Community. New York: Simon and Schus-
Quinn, John. J. (1997). Personal ethics and business ethics: The ethical
attitudes of owner/managers of small bu siness. Journal of Business
Ethics. 16(2). 119-127.
Rocco, Fiammetta. (1992). American express: Vendetta against bank-
ing rival. The Economist.
Sen, Amartya. (2007). Markets and the role of ethics in capitalism.
Moral Issues in Business, 10th edition. William H. Shaw and Vincent
Barry, eds. Belmont, CA: Thomson Wadsworth.
Shaw, William H. & Vincent Barry. (2007). Moral Issues in Business,
10th ed. Belmont, CA: Thomson Wadsworth.
Soifer, Eldon. (1997). Ethical Issues: Perspectives for Canada, 2nd ed.,
Peterborough, Ontario: Broadview.
Trevino, L. K. & Katherine A. Nelson. (2007) Managing Business
Ethics, 4th ed. Hoboken, NJ: Wiley.
Vyakarnam, S., Ba i le y, A. , Mye rs , A. & D. Burnett. (1997). Towards
an understanding of ethical behavior in small firms. Journal Of
Business Ethics. 16(15), 1625-36.
Walker, David. (2007). Counter-Terrorism Strategy. London: Charity
Weaver, Gary R., Linda Klebe Trevino & Philip L. Cochran. (1999).
Corporate ethics programs as control systems: Influences of execu-
tive commitment and environmental factors. Academy of Manage-
ment Journal 42(1). 41-57.
Woods, Richard & Richard Goss. (2009). The bullying of common
sense. Sunday Times.
Zola, Émile. La Curée. (1874) Paris: Gallimard Folio Classique, ed.
Henri Mitterand, 1999.
Zola, Émile. L’Assommoir. (1877) translated by Robert Lethbridge and
Margaret Mauldon. New York: Oxford World’s Classics, 2009.