Corporate Crime in America: Strengthening the "Good Citizen" Corporation

(Excerpt)

Sharing "Best Practices" Information

Alan R. Yuspeh, Howrey & Simon

Anne L. Gill, General Attorney, Sprint

W. Michael Hoffman, Executive Director, Ethics Officers Association

Thomas Furtado, Corporate Ombudsman, United Technologies Corp.

Moderator: Donald A. Purdy, Jr., Chief Deputy General Counsel, U.S. Sentencing Commission

MR. PURDY: This is the panel on "Sharing 'Best Practices' Information." My name is Andy Purdy. I am the Chief Deputy General Counsel at the Commission. Our first speaker is Alan Yuspeh. He is a partner with the law firm of Howrey & Simon. He concentrates on government contract law. Perhaps most notably, Mr. Yuspeh is the coordinator of the Defense Industry Initiative on Business Ethics and Conduct. Mr. Yuspeh.

MR. YUSPEH: Andy, thank you very much. The Defense Industry Initiative on Business Ethics and Conduct is an outgrowth of the work of the Packard Commission in 1986. The Packard Commission was a blue ribbon commission on defense management chaired by a founder of the Hewlett Packard Corporation, David Packard, who was also a Deputy Secretary of Defense. This effort predated the sentencing guidelines for organizations by about five years.

The recommendations of David Packard and his commission were, essentially, that among other changes that were needed in the defense industry, there needed to be more corporate self-governance in the industry. Particularly, he called upon the industry to universally adopt codes of conduct, ethics training programs, hotlines, ombudsmen, and the like.

The industry decided to have a concrete reaction to those recommendations and the reaction was one that was basically led by Jack Welch, then and now the Chairman and Chief Executive Officer of General Electric. In response to these preliminary recommendations, Jack Welch convened a meeting of 17 CEOs of large defense contractors, and within a period of two days a document was drafted called the Defense Industry Initiative on Business Ethics and Conduct, to which the 17 companies became signatories.

This presentation is on the lessons learned from this industry initiative. It was initially decided that this effort should not be housed in some existing association, and I think the reason was two-fold.

One was that the way the defense industry is organized is basically by line of business, so you have the shipbuilders in one association, and the aviation or aeronautical companies in another, and so on. So one problem was how if you want something that's truly defense industry-wide, where do you put it?

The other thing was that this effort was supposed to be, and would become, so important and so significant that people did not want it to be subsidiary to other functions of an existing association. The concern was that if you have a trade association whose primary purpose is one perhaps of lobbying or affecting public policy, would self-governance be subsidiary to that? So the feeling was that the initiative should be a free-standing effort.

The Defense Industry Initiative (DII) principles require these things. They require that the signatories have a written code of conduct, that the code of conduct be distributed to all employees who are involved with government contracting, that there be some type of orientation for new employees with respect to the code, and that there also be training for all employees with respect to the code and other ethics and compliance-related principles.

The DII principles require that there be an internal reporting mechanism, hotline, ombudsman, help line, or concern line, that there be a system for making voluntary disclosures to the government. I might note here that the Department of Defense facilitated this requirement substantially, because shortly after the DII was off the ground, the Department of Defense Inspector General started a formal voluntary disclosure program in the Department of Defense, and the Department of Defense Inspector General, Eleanor Hill, will speak later in this program as will the head of that program, Bruce Drucker. So I will leave it to them to explain the details of the voluntary disclosure program.

The principles also required that the signatories attend best practices forums each year, and finally, that they participate in a public accountability process, and the public accountability process was very straightforward. There was a questionnaire of 20 questions which basically sought to determine that the signatories had met their obligations. The questions were questions like: "Do you have a code of conduct," "Do you have an internal reporting system," and the like. You would have those questions audited by your independent auditors and then submitted to an external internal body which would compile the results. That then became part of an annual report.

I might mention that the annual report has grown substantially. It is now about a 150-page document because it includes, among other things, about a 50-page description of the types of programs that DII signatories have implemented, and it also includes a listing of materials and an information clearinghouse.

In terms of the DII progress since 1986, today there are 55 signatories. Last year, there actually were 60 signatories, but as people know, one of the trends in the defense industry is toward merger. So Northrop and Grumman have merged. Lockheed and Martin have merged. Raytheon and E-Systems are merging, as are General Dynamics and Bath Iron Works. So the consequence of that is that the number has dropped from 60 to 55, really reflecting the merger trend of the industry.

This represents about 55 percent of all the prime contracts with the Department of Defense. It includes all of the ten largest defense contractors and 22 of the largest 25, so it really is the core of the defense industry.

The DII has had a modest governance structure since its inception. There is a steering committee, which is a CEO group of 12 companies. It was chaired initially by Ed Hood, who was a Vice Chairman of General Electric at the time. It has been chaired for the last five years by Joe Gorman, who is the CEO of TRW.

There is a working group which consists of representatives from the same companies. The interesting thing about the working group is it started out virtually as an all-lawyer group in 1986. It has evolved to where the majority of the representatives are no longer general counsels of their companies but are ethics directors of their companies.

The original chairman of the working group was the general counsel of Martin Marietta. The second chairman was the general counsel of Boeing. The current chairman is Carl Skooglund, who is the Vice President for Ethics at Texas Instruments and is also a Vice President of the Ethics Officers Organization.

The other part of this modest governance structure is that the decision was made early on that if we are going to have conferences, issue reports, do a public accountability process, and the like, we needed somebody on a day-to-day basis to do that, and so the position of DII Coordinator was created. The decision was also made that we wanted this to be a low-cost, non-bureaucratic organization, so they went to someone who was actually practicing in a law firm and would do this on a part-time basis, and I have had the privilege of serving in that role basically since the inception of the DII effort. The role is one, in effect, of serving as the executive director of an association, though the association is one with the very limited purposes I have described.

In terms of the DII activities, they consist of maintaining an information clearinghouse which now amounts to more than 700 items of policies, procedures, codes of conduct, ethics training materials, video tapes, and the like that are maintained in our offices. The annual report of the DII will show a full listing of those and these are all publicly available materials and we regard the clearinghouse as being publicly available. It consists of materials that have been voluntarily submitted by each of the 55 DII signatories.

We do have annual best practices forums which are meetings of a day and a half duration in June in Washington. Typical kinds of things that are done at these forums is that there may be demonstrations of new training materials or tools. Last year we had an interesting film festival for a morning in which four company training video tapes, segments of them, and four commercial training video tapes were shown and discussed.

We always have small group discussions, which people enjoy. We have roundtable discussions where we may bring in three or four CEOs or three or four ethics directors or three or four general counsels and put a lavaliere mike on them and put them around a coffee table and have a sort of informal discussion about things that are posed by a moderator.

We certainly look at different functions, such as the human resources function or labor relations or internal audit and how those tie in with the ethics and compliance effort. These companies have in common the fact that they have really one domestic customer, for the most part, the Defense Department, other than the fact that they are one another's customers because of prime and subcontractor relationships. So we obviously ask the customer (DOD), how are we doing, and we will ask the suspension and debarment authorities for the various military departments, perhaps the head of the Defense Contract Audit Agency or the head of the Defense Contract Management Command to come and be part of the panel and to say what's going well and where can improvements be made.

And finally, one of the important aspects of these best practices forums is that we have sought and obtained very conscientious participation from the Department of Defense, the Department of Justice, and the Sentencing Commission, not just as speakers but as participants. So last year, out of 200 attendees, we had about 25 government attendees who were very senior-level government officials who could participate in this and make a very significant kind of contribution.

The other programmatic efforts are that we have an ethics director workshop for one day each year. We have quarterly meetings of the ethics directors in the Southern California area because there's a large concentration there. We issue the annual report, which I mentioned, which describes these programs in some detail and reports the results of the public accountability process. We meet from time to time with senior officials of the Department of Defense to update them on what's happening in terms of self-governance in the defense industry. Occasionally, we will prepare some training materials and occasionally do some mail outs which will address various kinds of focus issues.

In terms of the accomplishments, I think the accomplishments are primarily that we take pride in the fact that there are robust, energetic, and particularly imaginative programs in these 55 companies. I think that you would be incredibly impressed to look through the clearinghouse at the enormous imagination that has been shown and what these companies have done.

I think another accomplishment is that we certainly have gotten positive feedback from the Department of Defense that they have seen dramatic improvements in the attitude and the quality of the relationship and particularly in the compliance of contractors that have participated in this. We have, as a practical matter, a much higher level of compliance than there may have been ten years ago.

The other thing we find is that there has been broad-based acceptance and excitement in companies, that there is increased morale in many companies as a result of these kinds of programs and I think there's a broad-based recognition that these are sound management practices.

I conclude with a quick list of the lessons learned from the DII experience, and I think there are primarily four. One lesson learned is that setting industry standards, at least in the case of the defense industry, has certainly, I think, raised where the industry would otherwise be. The record shows pretty conclusively, I believe, that as an industry group, the defense industry has the most energetic programs of industry in the United States.

That is not to say that there aren't many companies represented in this room and in other industries that don't have wonderful compliance programs or effective programs to prevent and detect violations or law or ethics programs or the like, but it is to say, I think fairly, that in terms of an overall industry effort where the core of the industry has pulled together and said, "We want to establish our standards at this level," that I think this is the only industry effort of this type and I think I can say fairly that the standards are higher than they would have been without this kind of collaborative effort.

The second lesson learned is that coming together in meetings like our best practices forum is enormously valuable and perhaps valuable beyond expectation. That is, as the defense budgets have fallen and as travel budgets in companies fall, I have thought for each of the last few years, well, we can probably take fewer hotel rooms and get a smaller room.

But the reality has been that we fill the room each year, that there is no sort of languishing of attention to this, and I think the reason is that people joining together for a day and a half each June have found that this is a time to sort of reaffirm the commitment to these basic kinds of principles and also to start to network again with people who have become very important professional colleagues.

A third lesson learned is that exchanging ideas is critically important and can be very, very helpful. And what we have found, interestingly, is that even though these companies may be intense competitors in the business world, that in terms of their ethics and compliance and commitments under this initiative, they have been as open as possible in sharing ideas with one another and in borrowing from one another in the most constructive and proper kinds of ways.

I think the fourth thing is we have learned lots of lessons about how these programs can be most effectively operated. I did prepare for you some materials that describe key requirements for success of these kinds of ethics and compliance programs, which really fall under the DII principles but are very similar to the kinds of programs contemplated in the sentencing guidelines. I think that you will find those to be sort of interesting kinds of things and a whole additional set of lessons learned about individual company efforts.

I would just say in conclusion that the defense industry very properly takes great pride in the accomplishments over the last ten years from the DII effort, and I think certainly believes that it could be a very effective model for other industries. Thank you.

TELECOMMUNICATIONS INDUSTRY PRACTICE FORUM

MR. PURDY: Anne Gill administers Sprint Corporation's ethics and compliance program. She has been active with a telecommunications industry group that meets to share compliance practices, so she can give you another perspective. Anne.

MS. GILL: All of you over 43 or so will appreciate the need for reading glasses. As Andy said, my name is Anne Gill and the reason I have been asked to speak with you today is that I was involved in creating Sprint's ethics and compliance program and for the last three years have regularly participated in a telecommunications industry group that meets regularly to benchmark compliance practice information. I hope knowledge of our forum is useful to you as you try to put what you learn here into effect in your own compliance programs.

Of course, the opinions I will share with you today are my own and not those of Sprint, of the Telecommunications Forum, or of the U.S. Sentencing Commission.

How do you discover that your company requires employees to personally report misconduct to their supervisors when most of the companies in your industry have established anonymous hotlines? How would you know that your company keeps no formal compliance statistics while most companies your size not only keep such statistics but report them annually and sometimes even quarterly to a board of directors committee?

As you heard this morning, failure to know those kinds of things can result in a much larger penalty if you ever find yourself in the misfortune of a criminal problem. One way is to spend your entire work life on the telephone with your colleagues, asking them how they are handling things that are important to you. Other ways include attending seminars that have industry practice breakout groups, sponsored compliance roundtables, or meetings of the ethics officers or ombudsmen associations.

Although all of these methods would be helpful, I have found personally that the most consistently reliable way to gather this type of information over time is to meet regularly with members of my industry for frank, open, and honest discussions about compliance issues that we all regularly face. I also believe that being aware of and able to adapt the best compliance practices of my industry and avoid the costly mistakes of others helped Sprint create a much better, a much more efficient and much less costly compliance program.

We all understand that industry meetings have inherent legal risk, and my group has handled these risks by including antitrust lawyers as member participants, requiring that compliance issues remain the sole focus of our business communications, and by maintaining minutes of all of our meetings.

Additionally, we are very careful, and you are hearing a lot about this lately and I find it personally very upsetting, but we are very careful to make sure that we share information about our respective compliance programs but never concertedly attempt to set industry practice. We accomplish this by reporting to each other what each company is doing in various compliance areas but never deciding as a group what we believe the answer should be to any particular compliance issue.

Assuming that you agree that your company could benefit from being part of an industry forum, let's look for a moment at the practical considerations surrounding forming such an organization. How big should the group be? The size of any group is an important factor in both its group dynamics and its success. My goal would be to reach a good balance between being small enough to build trust, and to be able to facilitate informal honest dialogue, and large enough to reasonably reflect industry practice.

My industry group includes a dozen or so major players in the local wire line communications industry and the representatives of each are committed to attending on a consistent basis. Who should participate in such a group? In my opinion, individuals responsible for the day-to-day hands-on administration of a company's compliance program are the best participants for this kind of group. This would include the organization's chief compliance lawyer, not its general counsel, and if there is one, the compliance program manager, not necessarily the chief ethics officer or the company ombudsman, unless in your particular company these are hands-on positions.

The intent would be two-fold. First, to have a working group composed of those people who most intimately are familiar with both the federal sentencing guidelines and with their company's program on a detailed level. Second, you would want them to have access to the highest policy-making executives in the company.

Our telecommunications group also decides whether or not to allow additional participants at any of these meetings, which would include compliance investigators, hotline administrators, conflict of interest auditors, human resources lawyers, and we generally do allow companies to bring these personnel and occasionally hold specific meetings for the chief compliance officer in the company. Those are separately-held meetings, not in the Telecommunications Forum itself.

What does it take to plan an industry practice meeting and how do you set the agenda? I would recommend establishing three primary goals to such a meeting. One, that the meeting be interesting, valuable enough to guarantee regular attendance, that all members actively participate, and that the meeting be easy to prepare for, to host, and to attend.

The Telecommunications Industry Forum rotates the responsibility for planning meetings, which usually last a day and a half and are held quarterly at the headquarters' city of the hosting organization. The hosting company is responsible for providing meeting rooms and enough coffee to keep us motivated, for taking suggestions from participants of topics, and for setting the agenda. The host company then assigns responsibility for each agenda topic to one of the member companies.

What do the meetings actually look like? Well, our meetings are very informal. There are no lectures, although occasionally we will bring someone in to talk on a particular topic, and at a typical meeting, the participant assigned an agenda topic will discuss what his or her company is doing in that agenda area, including any problems they have encountered, suggestions, warnings, tips, and words of wisdom.

We then go around the room and each company will note if it applies a different approach, has encountered a unique challenge, or has developed any specific tools that might benefit the group, such as database formats, check lists, surveys, and matrices, as well as video or computer training programs. Each company may then adapt these materials to their own company's individual needs, given its risks and its size and its politics and its structure and its corporate culture. As I mentioned earlier, in a concerted effort to avoid any appearance of setting industry practice, we never discuss how this topic should be handled.

I have now explained what my industry forum looks like and how it functions and the reasons that I think Sprint has benefited from being part of one. At this point, I'd like to take a quick opportunity to tell you why you personally might benefit from belonging to such a group.

In my experience with legal compliance programs, I find that most executives feel much more comfortable, especially if the program is a new one, if they understand what other companies are doing in similar areas. Executives will often choose to take an innovative step and lead the industry, but they always want to know if they're hanging out there alone.

No decision maker wants to discover that they just approved a program that appeared to them to be reasonable and innocuous, only to find out that not only was it extremely controversial but that no one in the industry had been willing to take such a step. No compliance manager with any sanity wants to be the person who neglected to mention those issues.

Belonging to an industry group provides a source of statistics and data and comfort. It's very helpful to be able to respond to questions regarding the cost and feasibility of a particular compliance approach by relating the specific experiences of your competitors. Moreover, collectively, members of your forum will have fielded almost every question and concern you're likely to encounter, and access to their successes and failures will allow you to be more knowledgeable, better prepared, and more confident than you could ever be otherwise.

In conclusion, I'd like to share with you three facts about compliance programs, and by facts, I have to tell you that's my definition for a fantastically accurate compliance truth.

Number one, you will never achieve a program which actually deters undesired employee behavior without the driving force coming from the highest levels of your organization, and if you don't have that, you will be somewhat akin to the internal affairs department of the LAPD.

The more aware you become of the prerequisites for a truly effective compliance program, the more you will focus your attention on issues you know you haven't yet addressed, and the harder it will be not to appear idealistic, and not to become frustrated and discouraged and the more stressful your job will become as a result.

Number three, the lower the understanding, demand, and commitment of senior management for an organization's compliance program, the more likely employees responsible for that program will be seen as lacking in good judgment and lacking in executive temperament and the higher, therefore, your personal level of risk within the organization.

With these facts in mind, the very best reason I can offer you for joining an industry practice forum is to provide yourself with a group of peers who share your understanding of the matrix in which you perform, who have good suggestions for handling political situations that arise, and who will bail you out with a prototype when the general counsel calls and says that he or she needs an insider trading compliance program or an environmental compliance program in time for next Monday's board meeting. Most important, such forums will focus your attention regularly on what you have accomplished and not on what you haven't accomplished.

MR. PURDY: Let me just follow up one point that Anne Gill made. Alan, you said that your organization attempts to set industry standards. Alan, to what extent do you think there are serious antitrust concerns here and how do you deal with them?

MR. YUSPEH: The industry standards that I was speaking about are essentially process standards, which frankly are very similar to your sentencing guidelines. They are processes such as having codes of conduct, training programs, new employee orientation, hotlines and ombudsmen and the like.

What we have not done, and thought it a bad idea to do, is to try to establish any kind of models. In fact, even on something like a code of conduct, we have left it to each of the signatories to develop their own codes and they all look quite different. In fact, I just got a new code from Rockwell the other day which I think is a superb 45-page book, but every one else's would look different than Rockwell's.

So the bottom line is that we have not established substantive standards nor substantive responses to problems. For example, some companies have more restrictive rules on gifts to government employees than federal law requires. But we would never push all signatories to do that and would think it improper to do so.

So that, essentially, is how I think the antitrust concerns have been observed so that we haven't crossed the line of improper areas.

ETHICS OFFICERS ASSOCIATION

MR. PURDY: Our next speaker will be Michael Hoffman. He is founding Executive Director of the Center for Business Ethics at Bentley College, and he is formerly Executive Director of the Ethics Officer Association, now on its Board of Directors. Mr. Hoffman.

MR. HOFFMAN: Thank you, Andy. The Ethics Officer Association (EOA) started in the summer of 1991. At least, the seeds of it were planted then, when about 40 to 45 ethics officers came to the Center for Business Ethics at Bentley College and began to meet each other, some of them for the first time. The day-and-a-half's very unstructured workshop was so successful that the ethics officers that were there said, "Let's keep this going."

So we had a planning committee meeting at Raytheon a couple of months later and then another planning committee meeting at Honeywell about six months after that. We became a chartered 501(c)(3) non-profit organization about a year after we started the planning. So the EOA is now about three years old. Could I have the first overhead, please?

The mission of the Ethics Officer Association is dedicated to promoting ethical business practices and serving as a forum for the exchange of information and strategies among individuals responsible for ethics programs. To be a member of the Ethics Officers Association - I will call it EOA for short - you have to be involved in some managerial responsibility for an ethics/compliance program in your organization. I will talk about membership in just a minute; the growth of the EOA has been quite dramatic.

Here is a list of services and projects. We have Sponsoring Partner Forums. There is a category in the Ethics Officer Association for a company to become a Sponsoring Partner Organization, and for just the Sponsoring Partner Organizations, there are special forums which are smaller than our general conferences.

We have had four Sponsoring Partner Forums. The first in 1992 and the second in 1993, both held at Raytheon outside of Boston. The third in 1994 held at Levi Strauss in San Francisco, and the fourth this past April at Sears in Chicago. We try to spread our forums around.

We also have conferences. We have had two general conferences so far. The first one in 1993 at the Center for Business Ethics at Bentley College, and the second one in 1994 in Dallas, hosted by Texas Instruments. Our next conference is going to be in Toronto in October, hosted by NORTEL. In 1994 in Dallas, we had about 165 registrants. We anticipate that the Toronto conference will be at close to 200.

Professional development courses (PDC) have just started within the Ethics Officer Association. Our first PDC course, jointly sponsored by the EOA and the Center for Business Ethics, is being held September 17 through September 22 at the Center for Business Ethics at Bentley College. We wanted to have 35 participants in this first executive development course. We have as of now 37. It is closed for September, but we will be offering another one in May of 1996. We already have a waiting list for the May PDC course.

The PDC course is called "Managing Ethics in Organizations," and has more than 25 faculty members. Seventeen or 18 of those faculty are experienced ethics officers from different companies, talking about different areas in that course.

These ethics officers are flying in from all over the country at their own expense because they feel that this executive development initiative for present and future ethics officers is extremely important. So we have people coming from all kinds of different corporations to participate, giving their time freely, to make this professional development program a success.

The EOA also plans to work with the Center for Business Ethics in a strategic alliance to continue to offer such professional development courses. This week-long intensive course will continue, but we will also have one-day intensive courses that will focus on a specific subject matter, exploring in more depth a particular area that the week-long course touched upon but couldn't deal with thoroughly.

The Ethics Officer Association hopes, within the next year or so, to be offering credentials for ethics officers. For example, if a person takes the week-long intensive course, and perhaps three one-day intensive courses, he or she would receive credentials for being an ethics officer from the EOA. The EOA intends to provide some professional credentialing for this very new profession.

The EOA is really very similar to the DII, which started in 1986. We started in 1991/92. One of the main differences is the fact that the EOA is open to corporations from all industries instead of just the defense industry, even though we have as many defense companies as members of the EOA.

In fact, just as a change of pace, I wonder if all the members of the EOA who are here today would stand up or those people who know that their corporations have a representative in the EOA. Would you stand up just for a couple of seconds?

That's a good representation of the EOA at this symposium. I'm pleased to see that all our panelists stood, too. So if you saw people stand and would like to know more about the EOA, please go up to them and ask them what they think of it. I think you will find that they are pleased with what they have been receiving from the services of the EOA.

There are some other EOA services, and I'll go quickly. There is resource assistance with the Ethics Officer Association. The Center for Business Ethics and the EOA maintain a very extensive research library at Bentley College. It is very similar, I suspect, to the DII's research library. We have both EOA company materials, approximately 1,500 to 2,000 books on business ethics, the best journals on business ethics are there, and many videos on business ethics.

We have networking assistance. Quite often, members will call EOA headquarters at the Center for Business Ethics to find out who to benchmark with in regard to a safe reporting system? Who can we benchmark with in terms of our training programs? And in addition to being able to come to the Center and look over the materials that are there, we can put people in touch with companies that have some of the best ethics programs in a particular area.

The growth of the EOA has been excellent. These numbers may not jump out at you right away, but for us, they're very exciting. As of today, we have 84 Sponsoring Partner corporations and 119 individual members. You can be an individual member (IM) even if your organization chooses not to become a Sponsoring Partner (SP), at least not initially. We have 119 in this category. So that puts us over 200 members, including SPs and IMs, in the EOA.

The EOA has numerous plans for future development. We now have a full-time Executive Director. I was more of a part-time Executive Director. Now I have been invited to join the Board of Directors. I think they didn't know what else to do with me, but I am honored.

I would like to introduce you to our new Executive Director, Ed Petry, who you will be hearing from after lunch. And the Chairman of our Board who has been the EOA President, Bill Redgate. Bill is Vice President of Business Practices at Dun & Bradstreet. Ed Petry is still a tenured faculty member at Bentley College and works with the Center for Business Ethics, but he will be the full-time Executive Director at the Center. A full-time Executive Director of the EOA is now needed because of its growth in membership and services.

The future development of the EOA certainly involves improving benefits and services for its members. It has now struck up a strategic alliance with the Center for Business Ethics. The Center is no longer just the administrative headquarters of the EOA, but it is also a strategic partner, an example of which is the professional development course being offered in September, which is jointly sponsored by EOA and CBE.

We are certainly going to continue the progress with the executive education program. We are also going to start carving inroads into the international arena. The EOA has already scheduled conference panels in Tokyo, Germany, and Great Britain, so that we can spread the EOA mission of building best-practice ethics and compliance programs abroad.

The final comment I will make is this. If anything distinguishes the EOA from other organizations it is stressing the importance of ethics/compliance programs not being just compliance driven. We feel that a truly successful compliance program must be value driven, integrity driven. There is too much to lose in an ethics/compliance program not stressing the good things that come about in raising the level of ethical awareness of all members of the company and in providing all employees with the tools to make intelligent ethical business decisions.

If anything could characterize the efforts of the EOA, it would be that out of that effort to raise the level of ethical awareness and to provide the educational tools for making intelligent ethical business decisions, a good compliance program will follow. Thank you.

OMBUDSMAN ASSOCIATION

MR. PURDY: Our next speaker is Thomas Furtado. He is the Corporate Ombudsman for United Technologies Corporation, and he is President of The Ombudsman Association.

MR. FURTADO: Thank you, Andy. This is sort of a blip in the schedule here because the ombudsman in many organizations doesn't exist and in some is a relatively new fixture. I represent The Ombudsman Association, which has about 230 members. What I would like to do today is give you a brief overview of why I think the ombudsman function has grown because of the sentencing guidelines, and why I think the ombudsman function helps greatly in meeting the requirements of the sentencing guidelines.

I have taken just a small portion of the sentencing guidelines text that relates to, in my opinion, why so many organizations in the last three or four years have appointed ombudsmen. In the last three or four years, there have been approximately 400 or 500 ombudspersons created in the United States, some of them in academic institutions, some in health care institutions, and a great many in corporations.

The underlined portion of this second slide is really the critical part of the sentence that relates to the value of the ombudsman, especially the words "within the organization without fear of retribution."

This text actually is one of the drivers in the minds of CEOs for thinking about an organizational ombudsman. Let me just explain briefly that word "organizational," because there are classical ombudspersons, and we have a number of them in the United States, who are generally appointed by a state or community legislature, and who have subpoena powers, investigative powers. They write formal reports and they actually represent the citizenry on behalf of those issues that they feel warrant investigation of the government.

An organizational ombudsman is totally different. We work within an organization or we contract with an organization to represent them. We are neutral. We stand between employees/employees and employees/management in dealing with issues that need to be resolved by both parties. We are also confidential, and I think that confidentiality is one of the major values that we bring to the sentencing guideline requirements.

The internal formal complaint handling system represents those people who have been charted by the organization to represent the company. It might be the legal department, it might be a compliance officer, it might be an EEO officer, other parts of the personnel department, security people.

The formal complaint organization has a charter to protect the company, and, in almost every instance that I have known, cannot and does not guarantee confidentiality, especially if someone brings to them a violation of many of the Title VII human resource issues, or government contractual issues, they cannot guarantee confidentiality. The result is that the company is put on notice when somebody comes to them and they must go forward. That is proper and it should be done that way.

However, people using the formal systems oftentimes have problems relating to the protection that they might have. In my experience, there have been three different groups that I can identify who relate to the formal system, either in terms of being comfortable with it and willing to use it, or being uncomfortable.

The first group consists of the people in the organization who have high trust and confidence. These are people who get up in the morning, get down on their knees and say, "Thank God I work for this company. It's such a wonderful place to work and there isn't anything I wouldn't bring to them in total confidence." I can count those people on the fingers of one or two hands because they are rare and most of their fellow employees would call them naive.

The second group consists of the people at the bottom of the spectrum who have no trust and no confidence in the organization and in the formal complaint handling system. These are people that generally are bitter. They are disillusioned. They have plateaued. They have worked for the company for many, many years without advancing. They see younger people coming in and getting ahead. They really don't like the company anymore, but they're vested, they've got a lot of time in, and so they stay.

These people don't trust anybody, and when they need to come forward or want to come forward, it's not always feasible or in their best interests to do so using the formal complaint handling system. So they look for another place to go, and even when they find that other place, they often report anonymously.

The third group represents most people in an organization and it's a swing group that can be as high as 80 percent. These people are ambivalent about whether they're going to use the formal complaint system, a compliance officer, a lawyer, an EEO officer, and they're ambivalent on the basis of two things.

Number one, what is the issue? I might go to my EEO officer and talk about diversity as a concept and ask for an explanation of what the company is doing to further diversify. I might not go to that same person to discuss sexual harassment that I have undergone. I might feel uncomfortable doing that. I might go to the benefits department to complain about a misreading of my statement that I received in the mail, but I might not go to the personnel department to complain that my manager is retaliating against me.

So people make judgments about whether they are going to use the formal system or not on the basis of how serious is the complaint. Secondly, they make judgments about the integrity of the system. I might go to the personnel department in plant A and feel very comfortable because the manager of that department has utmost integrity, has a staff that reflects that, and has a reputation over the past five years of never breaching confidence unless absolutely necessary, and I may feel very comfortable going to them.

In plant B, I could go to my personnel manager and talk in confidence about an issue and when I get back to my department my manager could call me in and say, I want to talk to you about what you just discussed with the personnel department.

So there is a reputation that precedes all of the departments that are in the formal system. That reputation covers the legal department, the compliance department, the security department, the EEO department, and people feel comfortable about using them on the basis of whether they have a reputation for integrity.

So we have these three groups. The value of the ombudsman, it seems to me, is that it is an additional service available to the organization that reaches those people who don't feel comfortable on certain issues, because the ombudsman can sometimes reach that low trust or ambivalent employee who doesn't want to come forward to the complaint handling system because they are afraid that the issue may go beyond their control.

Secondly, we get a low percentage of cases but we get a higher percentage of sticky issues, because the very nature of the confidentiality of the ombudsman means that people are more apt to bring serious issues forward. So although all systems get serious complaints, we get a higher percentage of them and therefore are able to surface to management complaints that don't show up any other way.

Thirdly, I think we meet the requirement in the sentencing guidelines of no retribution, because we keep no records beyond a certain amount of time. Mine is six months. Some ombudsmen keep no records at all. We do not release records and we are willing to go to court to fight against the release of those records and have done so.

How secure is the confidentiality of the ombudsman? First of all, it applies to the office and not the employee. It does not apply to the employee, because I cannot guarantee that an employee who comes to see me will not go out and talk about our conversation, but I can guarantee that I will not. So the confidentiality applies to the function.

Secondly, when can we break it? We will break confidentiality when there is a threat to life or a serious threat to property - no other time.

We have gone to court on this issue. United Technologies has gone to court to protect the confidentiality and privilege of our ombudsman office and we won. McDonnell Douglas has done the same. Upjohn has done the same. In fact, Upjohn is on a roll because they have won five cases in a row.

The ones that have been won, which are predominately the organizations that I mentioned, are cases where the judge saw in the spelling out of the program to the employees clear-cut language that said, this function is confidential. Where you spell it out, where employees come to the office knowing that confidentiality is an attribute of the function, they have upheld the privilege.

When they have not upheld the privilege is when the company never spelled out clearly that when you visited the function, the ombudsman office, there was confidentiality. So we have learned our lesson from that, and in the organization, The Ombudsman Association, we clearly tell our membership to be sure everybody in the company from the CEO on down understands the charter of confidentiality and neutrality.

I will just end by talking a bit about the relationship between the ombudsman office and the formal complaint system. It shouldn't be that we are an alternative, but in many companies we are portrayed that way. The big problem is often the way the program is launched - as a "perk" for employees and an alternative to the formal system. It's not an alternative. It is an addition. It is an attempt to catch those people who won't use the formal system.

The way to make it work is to build solid relationships with the people in the formal system that you have to deal with. I meet regularly with our Senior Vice President of Human Resources. I meet regularly and work closely with Pat Gnazzo, who is in this room today and who is our Vice President of Business Practices and Compliance. I think that when you do that, you make it work.

I will close by saying that the ombudsman function can also be a signal to employees of a value system. I was struck by Judge Conaboy's remarks this morning about values and Michael's reaffirmation of them a few minutes ago. Groucho Marx once said, "I have principles. If you don't like them, I have others."

Well, I think that often we find ourselves building compliance programs and business practice programs and ethics practice programs on the basis of threats, on the basis of government coddling or not coddling, on the basis of the fear that we have that we might find ourselves behind the eight-ball in the courts. We don't build those programs necessarily on value systems, and that's really where we have to start. Compliance programs do not work when we don't have a value system behind them.

One of the things the ombudsman function does show employees is that we are willing to go after those issues that don't come out in any other system because people are concerned or afraid. Thank you.

MR. PURDY: We have a question from Andy Apel with the Minnesota Association of Applied Corporate Ethics about the benefits of effective compliance programs compared to the potential harms of having information used against you, and it's in that general context that I wanted to direct the first question to Anne Gill: what are the political dangers of doing this work within a corporation and how you sell the top corporate officials on the importance of what you're trying to do?

MS. GILL: I'd say that, at least in my company, executives have ears and eyes. They read the newspaper. They watch the television. They are aware of what happens when there is a major meltdown in a company and they are very, very concerned about that. They also will have a staff of people who will be telling them to protect themselves and to keep everything confidential and not to write everything down, and it's always going to be a balancing act.

One of the things the sentencing guidelines have done is to really add a push towards a little more openness and a little less benefit in that kind of protection. I frankly am not sure exactly where that is going to go in that we don't have the kind of privileges in place now that would allow us to comfortably go forward and place your soul and all your documents in advance of being subpoenaed or in advance of any discovery, to do that safely.

I think the corporate community wants to be less concerned about protection and more concerned about really detecting and deterring - and I would have to add civil. We are primarily talking about criminal offenses here, but most of the companies I'm involved with have applied all of this to their civil issues, as well.

If I could do anything, it would be to get a little bit more privilege, which would allow you to make your case for the government but in a safer way.

MR. PURDY: Let me ask the question to Alan Yuspeh in this way. How important is it to have the top-level executives on board with the compliance plans, and what do you find through your organization are some of the more effective ways that top-level corporate officers can convey that support?

MR. YUSPEH: I think, as others have said, that it may be the single most important thing to the success of these programs, and I want to associate myself with Michael's comments, too, about values and integrity-based programs being sort of critical. But you can just think that if that message is to be conveyed, the message, in effect, that if there is ever a conflict between business pressures and standards, values, integrity, and often the requirements of law, that the company unequivocally expects the matter to be resolved in favor of complying with law and with corporate policy and with the values of the corporation and not giving in to whatever the business pressures may be.

I think it is only the most senior people in the corporation that can effectively send the message, and I think the way to do that, Andy, is to be willing to talk about it, that in some of our signatories, I have sometimes talked to chief executive officers where others in the company have said, you know, we never find that so-and-so ever talks about this and so we infer that it's not important to him.

So I think that people need to be not self-conscious about this, need to realize that it is a leadership message, just like you may have leadership messages about the need to stretch your goals, or things like that. You need to have leadership messages about ethics and about values and about the kind of things we're talking about today.

MR. PURDY: Michael Hoffman. To what extent do you feel that it's important that you have a high-level full-time official to direct the compliance efforts?

MR. HOFFMAN: That's very important. In fact, it seems to me that that has been part of the problem that corporations have faced over the last several years, in not having an ethics officer or a compliance officer that really, truly, had a kind of gadfly function within the organization, to make sure that they put into place appropriate training programs for employees, and an appropriate ethics office with proper staff and proper functioning to handle help lines and hotlines.

And I want to make a distinction there, because a safe reporting system is not just a hotline system where all of a sudden somebody calls in with a problem. By the way, down in such-and-such there is somebody doing something wrong. These reporting systems are for employees to get help in trying to understand how to make a decision about an ethically-sensitive situation.

The ethics officer serves as a kind of inspiration for keeping that ethics flame, and that flame of the corporate values, alive in the variety of functions that he or she does, but in overseeing training programs, handling the safe reporting system, making sure that the code of ethics is up to date and properly communicated, and making sure constantly that those values of the company are constantly communicated and that the employees have the proper tools to make important ethical business decisions in a variety of circumstances.

When you talk about a compliance program, it sounds like you are all of a sudden talking about some omniscient policeman who is sort of going to take care of all of the things that a corporation or individuals in a corporation might do wrong. Individuals make individual discretionary decisions every single day of their lives, and no policeman, no compliance program can make that go away. You have to give those people the proper tools and the proper awareness to make those individual decisions autonomously.

MR. PURDY: We have a question from the floor concerning confidentiality and your ability to sustain your confidentiality. One of our audience members says that he or she doesn't believe that this confidentiality is legally recognized, and they say, for example, if there is an environmental problem that's significant that comes through the ombudsman's office that the subpoena can reach that information.

I know we'll talk about this in greater length in the law enforcement panel later, but I wonder if you might, in 30 seconds or so, comment on that.

MR. FURTADO: Thirty seconds? Well, actually, the test of that has been made. I mean, there have been at least two dozen law cases in the last five years where sexual harassment issues, racial discrimination issues, environmental issues have been challenged in the courts as far as seeking information from the ombudsman's office.

In most of those cases, the privilege of the ombudsman has been upheld. It is very similar to the privilege that mediators have in the courts through shield laws. One of the things that we're looking for now is a shield law, to stop going through this process every time we have a case and to go after the same protection that the mediator has in mediation law.

If you take an environmental issue to a mediator who enjoys privilege through shield laws, that person is also not going to violate confidentiality unless given permission. Thank you.

Q. What specific precedent (case law and statute) exists to support the ombudsman privilege?

A. The effectiveness of organizational ombuds is attributed to their confidentiality and their neutrality. Ombuds practice strictly to the Code of Ethics and Standards of Practice adopted by The Ombudsman Association. The Ombuds practice assures organizations and their members of the promise of confidentiality. In fact, Ombuds believe that if it were known that confidential communications could be compelled in public arenas, then the Ombuds' ability to mediate disputes and help uncover problems concerning safety, health and environmental issues would be greatly diminished and the primary reasons for the existence of Ombuds would be eliminated.

Ombuds rely on a number of legal theories in their efforts to preserve and protect communications including, the Common Law privilege of confidential communications, state statues protecting confidential communications of labor mediators and other related neutrals, state constitutional provisions relating to rights of privacy, and the Administrative Dispute Resolution Act.

The Common Law privilege of confidential communication is recognized pursuant to Federal Rules of Evidence 501. In order to assert a privilege at common law, the courts have looked to the following: (1) the communication must be made in the belief that it will not be disclosed; (2) confidentiality must be essential to the maintenance of the relationship between the parties; (3) the relationship should be one that society considers worthy of being fostered; and (4) the injury to the relationship incurred by disclosure must be greater than the benefit gained in the correct disposal of litigation. See In re Doe, 711 F2d 1187, 1193, (2d Cir. 1983); Mattson v. Cuyuna Ore Co., 178 F Supp. 653, 654 n2 (D. Minn 1959).

The Administrative Dispute Resolution Act, enacted in 1989, was designed to streamline resolution proceedings through the use of alternative dispute resolution techniques instead of litigation. Congress provided a privilege of confidentiality for the neutral serving government agencies. Organizational Ombuds analogize to this legislation.

On September 8, 1995, Senator Grassley and Senator Levin introduce a Bill to reauthorize the expiring legislation. The Bill contemplates a modification designed to further enhance and preserve confidentiality to participating neutrals. Senator Grassley stated, "[T]he Bill addresses agency confidentiality concerns by exempting all dispute resolutions communications from Freedom of Information Act disclosure. Although these communications have always been confidential by implication, this amendment to the 1989 Act makes that confidentiality express and clear." (Congressional Record-Senate; September 8, 1995; S1224).

In two recently decided cases, trial courts directly addressed the issue of ombudsman privilege. In Jones v. McDonnell Douglas Corporation, Case No. 4:94-CV-355 (CEJ) (memorandum and order of 5/22/95 attached), the Court found pursuant to Rule 501 of the Federal Rules of Evidence that the four factors to support a privilege were present and that communication between the ombudsman and the parties was privileged and not subject to discovery. In Koslowksi v. The Upjohn Company, File No. 94-5431-NZ (opinion and order of 8/16/95 attached), the Court granted a protective order and found that "[t]o successfully assist employees and employers in the settlement of workplace differences, Ombuds must maintain a reputation for impartiality and the parties must feel free to talk without fear that the Ombuds may later disclose what transpired. If Ombuds were allowed or required to testify, not even the strictest adherence to purely factual matters would prevent evidence from seeming to favor one side or the other. The inevitable result would be that the usefulness of the Ombuds in settling future disputes would be seriously impaired, if not completely destroyed."

Further, in Kientzy v. McDonnell Douglas Corporation, 133 FRD 570 (E.D. Mo. 1991), the court found that "[t]he utility of the program and the office, in resolving disputes in this workplace and thus diminishing the need for more formal resolution procedures, is founded on the confidentiality of its communications to and from company officials and employees." Also, more recently, on March 14, 1995, in McMillan v. The Upjohn Company, Case 1:92:CV:826, the U.S. District Court, W. Dist. Michigan (order of 3/14/95 attached) found ". . . privilege of confidential communications under Federal Rule of Evidence 501 . . ." and also found that "policy interests favoring consideration of matters submitted to corporate ombudsman in confidence as privileged communications . . . ."

Although all the foregoing are non-binding decisions and none has been appealed, members of the Ombudsman Association and the Association itself would welcome the opportunity to bring the issues of ombudsman privilege before an appellate court.

On October 23, 1995, the California Court of Appeals granted a qualified privilege of confidentiality to ombuds on the basis of California's constitutional right to privacy. In the case of Garstang v. California Technical Institute, (Second Appellate District, Division Two, Case No: B088019), plaintiff Garstang sued the private educational institution for slander and intentional infliction of emotional distress. Plaintiff claims she was treated unfairly when certain rumors were circulated about her in the institution. Caltech's ombud, Helen Hasenfeld, conducted meetings to assist the parties to resolve the situation. However, the ombud was unable to satisfactorily resolve it and Garstand filed suit. During discovery, plaintiff sought to compel Hasenfeld to testify about the substance of the meetings.

In deciding the case, the court weighed competing public values ". . . there must be a careful balancing of the compelling public need for discovery against the fundamental right of privacy." The court also found that, "where the communications were tendered under a guaranty of confidentiality, they are thus manifestly within the Constitution's protected area of privacy."

California does not recognize a privilege unless codified by statute. However, after finding the right to privacy applicable, the Appellate Court also examined the facts in light of the four-prong common law analysis for privileges, set forth in Federal Rules of Evidence 501 and relied on Kientzy v. McDonnell Douglas, (1991) 133 F.R.D. 570. Garstang is the first appellate court in the country to recognize a privilege of confidentiality for organizational ombuds. The appellate court certified its opinion for publication.

Q. What is the typical background of individuals who serve as ombudsmen?

A. Organizational ombudspersons come from a number of backgrounds. A large number come from functions in the organization that deal with people issues, such as human resources, communications, and legal departments. Degrees and educational backgrounds come from all areas, mainly because the most important factors in choosing ombudspersons tend to be the personal qualities of the individual. A great deal of emphasis is put on the integrity and interpersonal skills of the prospective ombuds, since without these two qualities it is hard to imagine how one could be effective in the role. The choice, therefore, focuses less on academic background (this is not always true on campus) and more on the person. Some of the most effective ombudspersons have come from such departments as marketing, engineering, and manufacturing. Their success comes from their ability to deal with people and the reputation they enjoy in their organization for integrity and approachability. Today a number of clergy and psychologists serve as ombudspersons to both corporate and academic institutions.

Q. If the sentencing guidelines and DII disappeared, would your company's management continue to maintain an ombudsman function? To what extent does this reporting option diminish trust in the organization? To what extent does it build trust?

A. Since these are hypotheticals, one can only conjecture the answers. The first issue to be faced is whether a company's ethics program is value-based or compliance-based. Did the company put the ethics program in place because it wanted to do the right thing and to encourage its employees to help it be an ethical company? Or did it establish its program because it was concerned about it legal liabilities and potential fines and public embarrassment. If the program was started for the first reason, then it likely that the company would retain its compliance and ombudsman functions, regardless of the disappearance of DIE and the Sentencing Guidelines. If the program was started for the second reason, then it seems likely that ethics officers, compliance officers and ombudspersons alike would be hastily dispatched. The continuing growth of the ombuds function at United Technologies, and the support we enjoy from our Chief Executive Officer, not based on fear of liabilities but rooted in our values, leads me to feel comfortable with our situation.

The ombudsman function is not an alternative to the formal compliant-handling system. It is an additional place to go when people, for one reason or another, do not choose to use the system in place. Because it is an option, and because we encourage our people to use the formal system first, it is hard to see how it would diminish trust in the organization. One would be naive to believe that organizations do not have problems that at times inhibit people from coming forward with concerns. The record where ombuds exist says just the opposite. Management will to put in place a function that is neutral, confidential and independent to deal with these issues will be seen by most employees as open-minded, trusting, and willing to seek out the truth about how the company is run.

Q. Do you believe that there is a need to audit the ethics and compliance efforts of business organizations? If so, who should provide this audit?

A. Yes, I think audits of ethics and compliance efforts are important - if appropriate processes and instruments can be developed for such audits, and if information provided by such audits is properly communicated. I also think audits should be done both by the ethics office and audit departments and by an independent, objective body outside the organization. Without the independent audit the results may appear self-serving and also may be tainted by an insider perspective. Efforts have already been instituted internally and are being developed externally for such audits. But this is an area where much more important work needs to be done.

Q. How serious a problem is corporate crime among the Sponsoring Members of the Ethics Officer Association?