Managing Ethical Risks and Crises: Beyond Legal Compliance

doi:10.4236/blr.2010.11001

Paper Menu >>

Journal Menu >>

Beijing Law Review

2010. Vol.1, No.1, 1-6

Managing Ethical Risks and Crises: Beyond Legal Compliance

Diane Huberman Arnold1, Keith Arnold2, Vanessa J. Arnold3

1Department of Philosophy, Carleton University, Canada;

2Department of Philosophy, University of Ottawa, Canada;

3Emily Carr University of Art and Design, Canada.

Email: diane_hub ermanar nol d@ carlet on.ca

Received September 9th, 2010; revised Oc t ober 15th, 2010; accepted November 8th, 2010.

Recent interest in culture stems from its power to explain corporate and organizational failures. Such failures are

both internal and external: accounting fraud, management misconduct, harassment and bullying in the workplace,

racism, sexism, environmental issues, and health and safety concerns. Current theory holds that these failures are

to be explained partly by the particular, poor organizational culture and unhealthy climate, poor leadership, and

by the misdeeds of a few bad apples. When economic conditions are negative, organizations look to legislation,

regulations, and codes, to reform their culture, and manage the risks of organizational failure. Both the com-

pliance strategy, demanding obedience to laws, regulations and codes, and the integrity or values strategy, fo-

cusing on ethics training, education, tone at the top, and the hiring of employees with integrity and values, are

the mainstay of recent legislation and regulations in North America and the European Union. We criticize the re-

liance on legislation, regulations and codes, the focus of a compliance solution which we find inadequate, inef-

fective, and unenforceable. We suggest reliance on a front-end, proactive and preventive program of best, pre-

cautionary practices, will better meet the challenge, in prosperity or poverty, of setting corporate culture on the

right track.

Keywords: Organizational Behavior, Business Law, policy, ethics

Corporate Scandals

We live in an age when every corporate or organizational

misdeed, mischief or malfeasance is attributed to the culture of

the organization or corporation. Here is a sampling:

“Even the most upright people are apt to become dishonest,

and unmindful of civic responsibilities when placed in a typical

corporate environment.” (Wall Street Journal)

“A corporate culture blighted by infectious greed, is the

cause of the breakdown in confidence among investors.” (New

York Times)

“If this scandalous laxity had not existed, the hubris of

Enron’s managers would not have mattered. A culture of cor-

ruption cannot develop if tough watchdogs are in place.”

(Washington Post)

These claims that certain business cultures may produce or

foster bad behaviour and/or criminality, and overpower em-

ployees’ personal values, have served as the favored explana-

tion for many years, for the large corporate scandals that have

occurred. This explanation, that culture produces the problems,

is the foundation for recent developments in business law.

(Trevino, 2007； Ferrell et al., 2008) Recent legislation seeks to

punish bad corporate culture, seeks to restrict the harm which

organizations might cause, and aims to promote ethical beha-

viour.

These complex matters can be highlighted by literature.

Émile Zola offers a past but relevant way into these issues. La

Curée is Zola’s novel in the Rougon-Macquart series, about

greed, violence and corruption in business. The event which

takes place when the hounds are given the remains of the stag,

after the hunt. The title and setting are, unfortunately, accurate

and appropriate metaphors for our subject matter. The novel

concerns Baron Haussmann’s attempt to transform Paris from a

medieval city into a modern one, following the example of

London, in the 1860’s. In this redevelopment of Paris, there

were fortunes to be made, scruples to be overcome, and morals

to be discarded. Dummy credit lines were set up by unsavory

financiers. The price of land and housing was artificially in-

flated. As a result, millionaires were made, while thousands

were defrauded. (Zola 1874/1999)

Zola’s novel follows the grim profiteering and social success

of the corrupt Saccard family, as it makes its money in collu-

sion with corrupt government officials, by trampling over vic-

tims and their rights. In the Preface to this saga of bribery, cor-

ruption, and financial malfeasance, Zola asks and answers two

questions about the wrongdoing he describes:

Is the corruption caused by a society or culture that has gone

bad, and is rotten to the core?

Is the solution to this problem to reform society and business,

by new regulations and legislation?

Zola’s answer suggests that the corruption in business re-

quires more than a bad culture, to explain what happened. In his

claim to be writing a natural history, Zola stands firm in his

view that both bad apples and bad barrels, the evil people and

the corrupt culture, are necessary to explain what was rotten in

the with new legislation, will be required to reform it.

Corporate Culture

Zola did not distinguish the various kinds of scandal there

are, but, in essence, everything we have seen of recent business

scandals is in La Curée. There are internal problems – the fail-

D. H. ARN OLD ET AL.

ure of a rigid hierarchical organizational structure, fraud, bri-

bery, discrimination, corruption, cooking the books, kickbacks,

and extortion. There are external failures – harassment, vi-

olence, bullying, nepotism and cronyism, and health and safety

violations. Common risk factors appear -poor leadership, pres-

sure to compromise standards, greed, cutting corners, setting

unrealistic goals and overreaching expectations. (Crane & Mat-

ten, 2010)

The evidence for the negative impact of a bad culture is

overwhelming. Culture shapes workplace values, norms, poli-

cies and procedures. (McShane, 2001) Workplace behavior

varies greatly from personal behavior, from the toxic boss who

is still a wonderful spouse and parent, to the model employee at

work who is a monster at home. These multiple-selves pheno-

mena are inexplicable, unless we accept that organizational

culture exists and greatly impacts workplace actions. (Card,

2005) Firms in the same industry, whose corporate culture dif-

fers greatly, will see up to a thirty percent difference in perfor-

mance. Firms with similar cultures, which use different man-

agement strategies, will only see a five percent difference in

performance. Clearly, organizational culture has the larger im-

pact. (Shaw & Barry, 2007) It is the operating culture, what an

organization influence.

Zola wrote of the spreading of harm, of people who infect

others. He explained the impact of a bad culture with a parallel

to bad fruit, bruised, overheated and bacterially infected, which

extends the damage to the rest of the barrel’s contents. The bad

apples are those who will do harm to the organization, intend to

do harm, and whose own interests are their first, or only, prior-

ity. These are the toxic individuals whom Zola describes as

plague-carriers, who infect others. (Zola, 1877/2009) The ma-

jority is the mass of swayable employees, who can be turned,

and can tip the balance and change the culture for good or for

bad. The counter-belief is that with strong legislation, there is a

limit to the harm and influence of bad apples, rogue employees,

and toxic bosses within an organization. It is believed that car-

rots and sticks, mitigating and aggravating motivators, help

foster a good organizational culture. (Trevino & Nelson, 2007)

There are four different combinations possible, between good

and bad apples, and good and bad cultures. Only one of the four

has the ideal of good apples interacting with good cultures.

Legislation seeks to limit and influence the other three scena-

rios.

What goes wrong cannot be ignored. A bad culture will lose,

for the organization, their good employees, who cannot or will

not stand the pressure and discomfort of the unhealthy or toxic

workplace, leaving only the bad apples that will bring the place

down. Those who kept the values of the organization expensive;

losing good people costs even more money. Lack of loyalty and

commitment to the organization causes problems, and low mo-

rale costs even more. (Ferrell et al., 2008; Crane & Matten,

2010)

Established Strategies for Reforming

Organizations

There are three obvious options an organization at risk or in

crisis will have. The organization may perceive the risks and

vulnerabilities in functioning, and wish to reduce risk and pre-

vent harm. Alternatively, the organization may already have

suffered harm, and must adopt crisis management to prevent

further harm and rectify its mistakes. (Karakowsky et al., 2005)

Worst case scenario, the organization has already failed; it may

be broken, not able to function or fulfill its mandate, and must

transform or reform its culture. In all three cases, with varying

degrees of urgency, the organization must adopt strategies to

strengthen and repair its operating culture.

In the literature, there are three recognized strategies for re-

pairing a culture. This task has been called ‘managing ethics’,

though we prefer the later term ‘resilience management’, for

sustainable organizations. The first two strategies for this pur-

pose were described by Paine, who named them the compliance

program, and the values or integrity program. The third strate-

gy, which is a mixture of these two programs, which was de-

picted by Trevino as a more effective program, remains un-

named. (Paine, 1994; Trevino & Nelson, 2007) around the

world, relies on obedience to legislation, regulations, and en-

forcement of codes of ethics, and codes of conduct. These are

often part of a formal, legislated, ethics program or package for

an organization. The basis of this strategy is compliance with

the relevant legislation; the best known of which are in the U.S.

Compliance is legally mandated by the Federal Sentencing

Guidelines [1991], Sarbanes-Oxley [2002] and the Amend-

ments to the FS Guidelines [2004]. The U.K. and continental

Europe have similar systems in place. In Canada, there are

eighteen standards still to be introduced by the Ontario Securi-

ties Commission (OSC) which will do the same. By complying

with these, management can hope to detect mischief and bad

behaviour, punish violators, and divest them from the organiza-

tion.

The values or integrity program attempts to instill values into

the organization. It relies on careful testing and selection of

new employees, hired with values aligned to the espoused cul-

ture. It endorses employee training and education in ethics,

rewards programs, an ethics officer, and ethics champions. This

integrity strategy is based on the belief that values, commitment

and integrity should permeate the workplace, and should figure

in everyday decision-making, as well as in all policy making.

There is an attempt to establish an alignment between the es-

poused culture the organization claims to have, and the reality

of the operating culture of the organization, so there will be no

deviation.

The third program is a combination of these two strategies. It

adopts the force and strengths of the compliance program,

while recognizing that these techniques of the values or integr-

ity program increases its transformational effectiveness. This

third mixed strategy has been adopted by the U.S. as part of the

legal amendments to the Federal Sentencing Guidelines.

Strategic Evaluation

We look first at the compliance strategy, with the force of

law behind it. Compliance is now part of all government man-

dated ethics packages or programs. Each organization covered

must have a code or compliance standard, which is to be com-

municated, monitored and audited. There must be an ethics

officer, and/or an ethics committee, ready to adjudicate the

issues and specific cases, serving as the corporate legal con-

science. There are also strict governance requirements for the

Board of Directors. This is reinforced with a system of sanc-

D. H. ARN OLD ET AL.

tions for breaches, and whistle-blowing protection in place.

(Ferrell et al., 2008; Trevino & Nelson, 2007)

For any multi-national in the U.S., and for any other business

located outside but operating in the U.S., these organizations

are legally obliged, and have every incentive, to comply. Legal

punishment under the U.S. Federal Sentencing Guidelines for

unethical or illegal activity is mitigated or aggravated by how

duly diligent the organization is, in adhering to its ethical pro-

gram. However, an ethics program is an expensive undertaking

for organizations, particularly in monitoring legal compliance.

In cost saving measures, companies find ways to minimize or

skirt compliance. They search for loopholes, and put in place

the bare minimum they companies judge that the espoused

culture and codes are adequate protection. The real risks are

neither managed nor anticipated. For example, when multina-

tional Nortel’s stock was trading high, it paid lip service to

compliance, and abandoned the core of its ethics program, even

firing the ethics officer. Later, when Nortel was under legal

investigation for accounting fraud, and the stock price fell to

under a dollar, Nortel re-instituted an ethics program, with a

new ethics officer. It was not clear whether this was to appease

investigators, to show compliance, or merely designed to boost

the company image. In any event, it did not save the company.

(Ho, 2005)

Paine herself evinced similar skepticism concerning the effi-

cacy of the compliance strategy alone. Evidence suggests that

this compliance strategy is only a short-term strategy, good for

crisis management, but not for long term cultural change. While

it is less costly for organizations to implement a basic com-

pliance strategy, by writing a code and ordering everyone in the

corporation to obey it, the newer versions of compliance are

more complicated, and thus more expensive undertakings.

(Paine, 1994)

Basic compliance programs bow to the lowest common de-

nominator; they are minimalist. They may function well at rid-

ding an organization of bad apples, because they are designed

to punish regulatory violations and ethical breaches of set stan-

dards. But programs lapse, or loopholes are found, unless more

than basic compliance is activated. Evidence indicates that

compliance has marginal effect on the corporate culture. (Paine,

1994; Weaver et al., 1999) In the vast in place, while bad beha-

viour continues -and at the same rate.

This proves that a legal compliance program cannot serve to

protect an organization against bad behaviour, nor promote

good behaviour in an organization. Some of the most legislated

and highly regulated organizations exhibit continuing ethical

lapses. Recently, we have the example of BP and the harm it

has caused to the environment, and the Gulf Coast states in the

U.S. (McKay & Huberman Arnold, 2010) Para-military police

forces around the world, are also organizations with questiona-

ble cultures, and repeated, and marked, ethical failures. (Hu-

berman Arnold & Arnold, 2010) Ethics is not part of their cul-

ture, though regulations and legislation are.

We turn to the second strategy, the integrity or values pro-

gram. This strategy is important since most multi-nationals and

large organizations, while legally mandated to employ the

compliance strategy, need to do more than the minimal legally

required. Studies make clear that if efficacy were the criterion

of strategy choice, the integrity or values strategy would be

chosen. Evaluation of the integrity or values strategy alleges

that it works better, to ethicalize an organization, especially in

the long term. (Weaver et al., 1999) It is claimed to be the more

effective way to manage ethics, helping to prevent crises, and to

inculcate ethics throughout the organization. (Paine, 1994)

The integrity strategy is used more, and works best, in small

and medium-size organizations, where it is actually possible to

hold shared values, a shared concern for ethics, and a shared

culture. In larger organizations, without the values strategy falls

short. When a crisis is at hand, waiting “six to fifteen years” for

a culture shift to be accomplished, is not feasible. (Trevino &

Nelson, 2007)

Paine herself case-studied three businesses of various sizes,

which she claimed had already successfully integrated the inte-

grity strategy. They were Martin Marietta, a U.S. defense con-

tractor with sixty thousand employees, Novacare, a U.S. health

service provider, and Wetherill Associates, a U.S. automobile

electrical parts supplier. The last was the smallest, with only

350 employees. (Paine, 1994) With a view to seeing how well

the strategy works and how long its good effects last, we re-

searched the progress of these cited companies in the last fif-

teen years.

Martin Marietta was involved in scandals in the 1970s and

the 1980s. In 1995 it merged with Lockheed, to form Lockheed

Martin, with 135,000 employees. Since that time, it has not

ceased to be involved in scandals across North America and

Asia, accused of fraud, bribery, corruption, war profiteering. It

has paid many millions of dollars in fines to the U.S. govern-

ment, among other stakeholders. A current Google search for

scandals involving Lockheed Martin draws an astounding

103,000 item long list. It is therefore not a good example of

integrity at work.

Novacare Inc., when Paine looked at it, was a medium-sized

health care and rehabilitation company, run under the vision of

its CEO, Foster, who was later criticized for making deals that

benefited himself more than any other stakeholders, and for

holding stock valued at over thirty million dollars. Novacare

trouble. Its income dropped dramatically with the reduced gov-

ernment payments for seniors’ rehab, from Medicare. Health-

South was, of course, later involved in scandals of fraud, ac-

counting and bribery scandals, focusing on its president Ri-

chard Scrushy. Select Medical Corp became the parent compa-

ny of Novacare, when it acquired that part of HealthSouth, in

the wake of the scandals. Novecare has doubled in size, become

the largest provider of rehabilitation services in the U.S., and

focuses on profits, growth, and the number one spot in the in-

dustry. While there is still the same discussion of cutting out

the “mom and pop” rehab centers from the inception of Nova-

care through its implosion in the ‘90s, to its present state, there

is no talk about workplace values or integrity. It is not a good

example of integrity at work, and it was not sustainable.

Research reveals that Wetherill has expanded triple-fold with

a thousand employees, and globalized. It is still privately

owned, and has bought and taken over other businesses. It has

outsourced much of its electronic work to Thailand. These

electronic factories in Thailand are under investigation for

health and safety violations, and human rights abuses, but

nothing yet has been connected back to Wetherill. Wetherill has

been cited by labor organizations for costing jobs, closing

American factories, and for outsourcing work offshore. This

again is a questionable paradigm for the integrity or values

strateg y.

From Paine’s own three cases, it is clear that reliance on the

D. H. ARN OLD ET AL.

integrity strategy to manage ethics risks and crises, has many

pitfalls. Ironically, a problem that the integrity or values strate-

gy faces, is that there is nothing that wholly voluntary, and

lacking any compliance mechanisms, will fail.

There are other concerns in relying exclusively on the integr-

ity program. In large corporations, where most ethical malfeas-

ance is found, values are not much discussed. CEOs of large

organizations are skeptical, and power and distance means val-

ues and ethics are seen as too touchy-feely or metro-sexual for

‘real’ businessmen to be concerned with, or to be comfortable

discussing. (Quinn, 1997; Vyakarnam, 1997)

The Third Strategy

These difficulties have been recognized, and have prodded

attempts to fuse the two strategies together, for managing risks

and crises. What is achieved is a third, mixed or combined

strategy. Under the most recent U.S. Federal Sentencing Guide-

lines Amendments, the integrity strategy, added to compliance,

is now also required by law, to bolster a corporate culture that

encourages legal and ethical behaviour.

These Federal Sentencing Guidelines amendments of April

2004 list a number of requirements. Companies are to promote

an organizational culture that encourages ethical conduct, in

that (a) the ethics programs must be effective, in promoting a

culture that encourages a commitment to compliance with the

law; (b) they must draft compliance policies which deal with

harassment, discrimination, etc; (c) they must motivate em-

ployees to comply, by providing incentives; (d) they have a

duty to introduce ethics programs which prevent and detect

violations of the law; and (e) small to medium businesses are

now also compliance programs, as well as an active integrity

strategy with ethics training, and whistle-blower protection, to

aid in decision-making. (Trevino & Nelson, 2007)

The aim of the amendments and the original legislation is the

promotion of a legal and an ethical organizational culture, and

the prevention of wrongdoing and criminality. Although it does

make more sense to take a two-pronged approach and combine

the two strategies to gain the advantages of both, the effective-

ness of this dual application is still in question. Trevino and

Nelson (2007) give two examples of companies successfully

using the third combined strategy – Merck and American Ex-

press.

Research shows that neither company has a noteworthy legal

or ethical record. While American Express has been implicated

in, and disciplined for, several scandals, including financial

services scandal, taking government bailout funds in the recent

recession, stock manipulation, a large fine for gender and age

discrimination, and a vendetta and smear campaign against an

international banking rival, (Rocco, 1992; Associated Press,

200 a) its lapses pale when compared to Merck.

Merck is one of the largest pharmaceutical companies in the

world, and in recent years has been charged with massive ethi-

cal misconduct, including medical fraud, accounting scandals,

ghostwriting of pharma journals and phony drug study reports,

cover-ups of health and safety with Fosomax, Vytorin, and

customers. (Associated Press, 2004b; Corporate Narc, 2010)

Failure to Promote and Prevent

The combined strategy promises more effectiveness than it

can deliver. Legislation can never protect in advance, as it looks

to the past, and serves best to punish after the fact. In reality,

most wrongdoing is not prosecuted, and of the few cases that

are taken up, fewer still end successfully. It is said that for

every business crime prosecuted, there are ten reported, and

forty unreported. (Soifer, 1997) Small businesses are rarely, if

ever, charged. The hope of the mixed strategy is that it will

deter or prevent unethical actions, but the risks of being caught

are slight, and the rate of exposed malfeasance has remained

constant over the years. If, however, the aim of the legislation is

for organizations to want to behave ethically, to live up to their

social and ethical responsibilities, then, the “law is the last

resort”. (Soifer, 1997)

U.S. Government fines have increased over the past twenty

years for criminal unethical business conduct, from an average

of $200,000 to an average of $2 million. Taking into account

the fluctuation of businesses coming into and going out of ex-

istence, and the normal growth of the number of businesses

over time, and factoring in economic ups and downs, the sur-

prising truth is that the rates of criminal and unethical beha-

viour in business have remained constant. There are no sharp

increases or declines, just a steady state. About 10 – 12 % year.

(Ferrell et al., 2008)

This implies that the three major strategies used to reform

organizational culture, have had limited effect. Companies still

tend to misbehave, especially in the downturns of economic

cycles. Mathematically, this strongly signals that there is a

normal distribution, a classic bell curve of ethical and unethical

behaviour, where the ethical tail and the unethical tail remain

constant and fixed, at about ten to fifteen percent each, and the

majority of corporate and business behaviour falls in the middle.

If more is at stake, if bottom line, or jobs, or contracts are on

the line, ethics takes second place, or lower. The curve is

skewed. Enron and Nortel are poster corporations for this.

Applying the Pareto Principle to this situation, it follows that

eighty to eighty-five percent of unethical business behaviour is

committed by fifteen to twenty percent of corporations, and

these are mostly large organizations, with more than 2,500

employees. Not surprisingly, the majority of employees of large

organizations believe their bosses or leaders are not honest, do

not have high personal integrity, and they would not feel com-

fortable reporting workplace misconduct to them. (Berman,

2000) The same results are obtained from “What the Bagel Man

Saw”; large organizations are more unethical than small ones.

(Levitt & Dubner, 2005) Investigation of the established strate-

gies shows no magic bullet that will transform a failing organi-

zation into an ethical one.

Crisis Management

In the search for new and effective strategies, a theoretical

distinction must be made between front end strategies and back

end strategies. This uses the image of a boat, to explain what is

meant by front end strategies and back end strategies. The usual

set of strategies, the back end strategies, are needed for a

boat/organization that runs into trouble. Organizations need

ways to back out of that trouble, trying to fix whatever has gone

wrong, whether the crisis is internal or external. However, none

of this will prevent harm coming to the boat. Nothing to avoid

the risk or to improve the capacities or capabilities of the or-

D. H. ARN OLD ET AL.

ganization for dealing with potential or imminent harm is of-

fered.

Back end strategies like compliance, then, are reactive and

have limited effect. They typically operate ex post facto. Like

the law, they are designed to deal with the past, with what has

already happened. Our laws show what decisions, activities and

outcomes we disapprove of, and what is punishable. (Soifer,

1997) Legislation, regulations, and codes cannot reach the goals

of prevention and protection to which the U.S. Federal Sen-

tencing laws are directed .

There are other reasons why these back end strategies come

up short. There are risks and harm, damage to stakeholders and

people’s lives, which are so harmful and so enormous that they

can never be repaired or reformed; they are unfixable. Punish-

ing Merck does not heal heart attacks or bring back the dead.

Punishing Madoff does not repay his victims or redress the

harm done.

Secondly, no part of compliance deals with the known risks

or impediments to an ethical organizational culture -rogue em-

ployees, toxic standards, and no recognition of internal resis-

tance or criticism. (Karakowsky et al., 2005; Ferrell et al., 2008;

Crane & Matten, 2010) Back end strategies cannot prevent any

of these, nor protect and organization from their risks, even

backed by the force of the law.

Back end strategies cannot make people ethical, nor can they

make organizations ethical. The ethical programs which are at

the center of the Federal Sentencing Guidelines, and Sar-

banes-Oxley, etc. have these goals, but do not provide the me-

thods to reach them. They cannot close gaps they do not recog-

nize. Compliance strategies, as back end strategies, cannot suc-

ceed in ethicalizing an organization, or positively impacting an

organizational culture. There is no example of an organization

that has been able to turn itself around, to transform its culture,

using back end strategies.

Front End Strategies and Risk Management

Front end strategies are designed to operate ex ante, as a risk

management technique. They are designed to protect, proac-

tively, organizations from future wrongdoing and potential

harm, to prevent future criminality and abuse, and to promote

good behaviour and an ethical culture. In order to do this, front

end strategies must protect organizations from their particular

risks or vulnerabilities, which vary by industry and organization.

(Walker, 2007) Such strategies must promote ethical behaviour

by identifying any gaps there are, and impediments that exist,

which served in the past to prevent the organization from fulfil-

ling its social and ethical responsibilities, and its mandate.

(Marcinow, 1996) Applied Ethics, in June 2010, suggested that

there were three things an organization should do, to handle

crises and catastrophes. (1) Where there is a high risk of moral

hazard – usually shown by past events – adopt a precautionary

principle. (2) Engage in communications and exchanges of

ideas between the organization and all its stakeholders. (3) Ac-

cept preventive measures from regulators. (Markkula, 2010)

Regulatory oversight only helps only if it stands in defense

of the stakeholders, and not the vested interests of the organiza-

tion. It is clear in the case of Merck that this did not happen.

The Federal Drug Agency (FDA) exhibited no oversight, and

asked the pharmaceutical companies to regulate themselves, by

writing their own regulations. (Corporate Narc, 2010) Similar

practice is observable with BP offshore oil drilling and the col-

lusion of the Federal Mineral Management Service, which

asked BP to investigate itself and write its own oversight study

reports. (Efstathiou, 2010)

Gap Analysis

Front end strategies, like the precautionary principle, make

use of gap analyses. A gap analysis is an assessment which

identifies what it takes, to move from one position to another.

One kind of gap analysis is a vulnerability or risk analysis. For

example, it is the kind involved in environmental protection,

where potential hazards and threats to the environment are

identified and assessed. Gap analysis here delineates ways to

reduce or eliminate the risks.

A second useful type of gap analysis is an impediment anal-

ysis. Here, an organization audits its actual social and ethical

performance, sets goals and desirable standards, and then iden-

tifies any impediments which prevent or might prevent the

organization from reaching its ethical potential. (Walker, 2007)

The list of impediments and vulnerabilities is open ended. It

is useful, nevertheless, to identify some best precautionary

practices in management, which serve to close the gap on iden-

tifiable risks, and eliminate impediments to better behaviour.

One important precautionary practice in risk management for

larger organizations is thinking small, using small scale struc-

turing. UPS, for example, has been reorganized to resemble a

group of family firms, with a flatter structure, each with its own

independence, and autonomy in decision-making. This illu-

strates the strategy of dividing up a large business into a series

of small businesses, to get the advantages of both structures.

There are, then, within each individual self-regulated unit,

greater chances for organizing and monitoring their own beha-

vior and decision-makin g, but all units work toward the same

goals and with the same purpose. (Putnam & Feldstein, 2003)

Another precautionary practice involves partnering with civil

society, to share policies, standards, and regulations. Civil so-

ciety consists of nongovernmental organizations, not-for -profit

organizations, interest or advocacy groups, volunteer and activ-

ist groups, religious groups, and local community groups. In the

U.S., there are nearly two million such groups, and in Canada,

nearly two hundred thousand. These two countries top the list

in numbers of environmental issues, to fair trade concerns, to

human rights protection. (Crane & Matten, 2010)

Such groups serve as proxy stakeholders, Markkula’s second

point. They speak for and protect those without power or im-

pact; they give voice to the voiceless. Such groups partnering

with corporations assist in drafting laws and regulations, which

identify case specific and industry-wide vulnerabilities, and

formulate solutions. Civil society groups have been called ‘the

new regulators’, in that they exert public pressure through

demonstrations, pickets, publications, and the media, and this

pressure is very effective in transforming organizational culture.

(Brugmann & Prahalad, 2007)

A third best practice, most contentious in the corporate world,

is that of transparency. It is precautionary, preventive, and is

open to stakeholders and regulators, so ensures all three Mark-

kula points. Transparency, and its connection to honesty and

rationality, opens up decision-making within an organization,

D. H. ARN OLD ET AL.

making people and the organization accountable. (Paine et al.,

2005) A lack of transparency, the refusal to be transparent in an

organization, blocks scrutiny of decisions and actions. Lack of

transparency gives rise to distrust, and to the belief that there

must be something wrong that needs to be covered up or denied,

from hidden agendas to unacknowledged goals. Hiding behind

claims of privacy and confidentiality undermines accountability,

and any claims to honesty, equity, and due process. (Woods &

Goss, 2009; London Times, 2010)

Trust, honesty and equity are communitarian values. Mutual

communitarian trust is the basis of organizational behaviour.

Trust allows organizations to deal with each other, without

constant recourse to violence or the law. Business benefits, as

does the entire community. (Sen, 2007) Front end precautionary

strategies promote good behaviour, as they build or rebuild,

trust.

References

Associated Press editorial (2004a). American Express Faces Discipli-

nary Action.

Associated Press editorial (2004b). Report: Vioxx linked to thousands

of deaths.

Berman, Dennis, ed. 2000. Small virtues: entrepreneurs are more ethi-

cal. Business Week’s Frontier.

Brugmann, Jeb and C.K. Prahalad. (2007). Co-creating business’s new

social compact, Harvard Business Review.

Card, Claudia. (2005). The atrocity paradigm: A theory of evil. New

York: Oxford,

Corporate Narc. (2010). Merck Accounting Scandal, accessed.

Crane, Andrew & Dirk Matten. (2010). Business ethics: managing

citizenship and sustainability in the age of globalization. Oxford:

Oxford.

Efstathious Jr., Jim. (2010). Drilling regulators banned by U.S. from

dealing wit h friends, relatives. Bloomberg News.

Ferrell, O.C., John Fraedrich & Linda Ferrell. (2008). Business Ethics:

Ethical Decision Making and Cases. 6th ed., Boston: Houghton Mif-

flin.

Ho, Vanessa. (2005). Cautious Optimism Greets Nortel’s Appointment

of Ethics Chief. ITWorldCanada.com, Jan. 16,

Huberman Arnold, Diane & Keith Arnold. (2010)Broken Organiza-

tions.

Kar akowsky, Len, Archie B., Carroll & Ann K. (2005). Buchholtz,

Business and Society: Ethics and Stakeholder Management. Toronto:

Nelson-Thomson.

Levitt, Steven D. & Stephen J. (2005). Dubner. Freakonomics. New

York: Harper Collins.

London Times. (2010). Editorial. Private Life. Public Good.

Marcinow, Diane M. (1996). The paradox of ethical resistance: why do

individuals frequently encounter retaliation for ‘doing the right thing’?

Proceedings of the Fifth Conflict Resolution Symposium. Ottawa:

Carleton University. 64-81.

Markkula. (2010). Center For Applied Ethics, Managing Risk Ethically

podcast.

McKay, Ruth & Diane Huberman Arnold. (2010). Sustainable Enter-

prise: Crisis Management and Culture Transformation.

McShane, Steven L. (2001). Canadian Organizational Behaviour, 4th ed.

Toronto: McGraw-Hill Ryerson.

Paine, Lynn S. (1994). Managing for organizational integrity. Harvard

Business Review. 17-106.

Paine, Lynn S., Rohit Deshpande, Joshua D. Margolis & Kim Eric

Bettcher. (2005). Up to code: Does your company’s conduct meet

world-Class standards? Harvard Business Review. pp. 122-135.

Putnam, Robert D. & Lewis M. Feldstein. (2003). Better Together:

Restoring the American Community. New York: Simon and Schus-

ter.

Quinn, John. J. (1997). Personal ethics and business ethics: The ethical

attitudes of owner/managers of small bu siness. Journal of Business

Ethics. 16(2). 119-127.

Rocco, Fiammetta. (1992). American express: Vendetta against bank-

ing rival. The Economist.

Sen, Amartya. (2007). Markets and the role of ethics in capitalism.

Moral Issues in Business, 10th edition. William H. Shaw and Vincent

Barry, eds. Belmont, CA: Thomson Wadsworth.

Shaw, William H. & Vincent Barry. (2007). Moral Issues in Business,

10th ed. Belmont, CA: Thomson Wadsworth.

Soifer, Eldon. (1997). Ethical Issues: Perspectives for Canada, 2nd ed.,

Peterborough, Ontario: Broadview.

Trevino, L. K. & Katherine A. Nelson. (2007) Managing Business

Ethics, 4th ed. Hoboken, NJ: Wiley.

Vyakarnam, S., Ba i le y, A. , Mye rs , A. & D. Burnett. (1997). Towards

an understanding of ethical behavior in small firms. Journal Of

Business Ethics. 16(15), 1625-36.

Walker, David. (2007). Counter-Terrorism Strategy. London: Charity

Commission.

Weaver, Gary R., Linda Klebe Trevino & Philip L. Cochran. (1999).

Corporate ethics programs as control systems: Influences of execu-

tive commitment and environmental factors. Academy of Manage-

ment Journal。 42(1). 41-57.

Woods, Richard & Richard Goss. (2009). The bullying of common

sense. Sunday Times.

Zola, Émile. La Curée. (1874) Paris: Gallimard Folio Classique, ed.

Henri Mitterand, 1999.

Zola, Émile. L’Assommoir. (1877) translated by Robert Lethbridge and

Margaret Mauldon. New York: Oxford World’s Classics, 2009.