Corporate Accountability

This article focuses on the different ways an organization can be held responsible for the activities which occur in daily operations. With scandals such as Enron in the early 2000s or the closing of Silicon Valley Bank in 2023, one would think that corporations would adhere to ethical standards. Scandals units, such as internal auditing, have been created, and the organization's initiatives with ethics and compliance directly report to the senior management team and the board of directors. Enterprise risk management addresses the risks and opportunities facing an organization by classifying objectives into four categories. Every business realizes that it will need to take some level of risk. Therefore, any approach to risk management should include competitive advantages. There will be a discussion of the role of whistleblowers as well as how regulations such as the False Claims Act, Sarbanes Oxley Act, and the Lloyd-La Follette Act have been implemented to encourage employees to report acts of misconduct.

Corporate accountability is a high priority in modern businesses due to the scandals that have occurred during the twenty-first century. Ward (n.d.) believes that some of the dysfunctional behavior that has been witnessed can be traced back to two sources:

  • The erroneous belief that a leader, or anyone for that matter, can "predict" and commit to delivering outcomes that they have little control over. This pressures leaders to take shortcuts and even "rig the results."
  • Tying salary and bonuses to performance, and using it to motivate performance, when performance is difficult, if not impossible, to accurately measure and assign cause and effect relationships to. This encourages people to "fudge the results," using whatever mechanisms are at their disposal to protect their personal interests (par. 3).

Board members are requiring senior management teams to provide more operational information. External and internal stakeholders are requiring more information. In order to have an effective accountability system in place, organizations must commit to improving and encouraging the use of communication processes and education programs.

"Changing to the new accountability requires a change in culture. It is possible to change an organizational culture, but it requires champions who have a lot of courage, patience and persistence" (Ward, n.d., p. 2). An example of such champions are whistleblowers. In addition, corporations must be committed to implementing systems that will act as a check-and-balance to ensure that the operations are being run properly. An attempt at addressing this scenario would be the implementation of an enterprise risk management system.

Whistleblowers

Given the competitiveness in the modern world, many people are tempted to go outside of the rules and regulations of society in order to get ahead. Although many would argue that traits such as honesty and credibility are valued, temptations have lured some to act irresponsibly. Actions such as cheating, stealing, lying, and bribing have become common in the workplace. Good moral values and actions are becoming the exception rather than the rule. How can the trend turn? Organizations must put policies in place that will encourage employees to do the right thing and inform the proper authorities when illegal actions and dishonesty take place.

Unfortunately, when employees step forward and alert the organization of wrongdoings, they are labeled whistleblowers, and negative labels are applied to them. Instead of being considered heroes for doing the right thing, they tend to be chastised, and some never fully recover from the experience. For many of these individuals, there is a loss of trust in fellow employees and the organizations in which they work.

For some, the earth moves when they discover that people in authority routinely lie and that those who work for them routinely cover it up. Once one knows this, a new realization of the business world is opened up and many become disillusioned (Alford, 2001, p. 52).

This can be a devastating moment for many. Everything that they have believed and trusted is turned upside down. In some cases, these employees may have been friends outside of the workplace with the culprits, which may place an additional burden on the potential whistleblower. It is unfortunate that society has come to a point where individuals with moral values and a sense of right and wrong are treated as outsiders of societal norms. Whistleblowers have been ostracized, reprimanded, forced to transfer, referred to receive psychiatric care, assigned to menial duties, dismissed, and blacklisted. There are reports of where they have been unable to seek employment at other companies because there is a fear that the same situation will occur. Organizations respond to whistleblowers with hostility and fear.

Enterprise Risk Management

With scandals such as Enron in the early 2000s, one would think that corporations would adhere to ethical standards. Unfortunately, many view companies such as Enron as the "ones that got caught," and changes have not occurred in the operations of some businesses because the issue has not been taken seriously. Multiple corporate scandals occurred in 2023 in both the tech and financial industries (Pandey, 2023). However, this trend is showing some signs of change. According to a survey conducted in January 2007 by the Risk Management Association (RMA), many organizations "are moving toward a fully integrated enterprise risk management approach where a myriad of risk types are measured and many of the processes automated and standardized" (p. 14).

There are many situations that can affect the future of a business. These situations can be positive or negative. Situations with negative impacts may be viewed as risks, whereas situations with positive impacts can be seen as opportunities. The overall objective of most businesses is to minimize risk and seize opportunities. Enterprise risk management addresses the risks and opportunities facing an organization by classifying objectives into four categories:

  • Strategic:"big picture" goals focused on supporting an organization's mission.
  • Operations: effective and efficient use of the organization's resources.
  • Reporting: reliability of reporting.
  • Compliance: compliance with laws and regulations.

Application

Whistleblowers

Federal Protection

The federal government and some states have passed legislation to protect employees who decide to become whistleblowers. According to Sheeder (2006), the federal False Claims Act provides protection for:

"Any employee who is discharged, demoted, suspended, threatened, harassed, or in any other manner discriminated in the terms and conditions of employment by his or her employment because of lawful acts done by the employee on behalf of the employee or others in furtherance of an action under this section (i.e. a whistleblower action) shall be entitled to all relief necessary to make the employee whole" (p. 39).

Many courts will provide protection when:

  • An employee becomes a participant in a "protected activity" (i.e., when an employee decides to confront an employer about illegal activities such as fraud).
  • The employer becomes aware of the "protected activity."
  • The employee is penalized as a result of coming forth about the "protected activity" (i.e., termination, harassment).

When it has been determined that an employee is a victim of retaliation, they may petition for:

  • Reinstatement with the same seniority that they would have had if the adverse action did not occur.
  • Two times back pay.
  • Interest on the back pay.
  • Special damages (i.e., compensation for emotional distress, recovery of litigation costs, and reasonable attorney's fees).
  • Any type of relief that will assist the employee in becoming a whole person again (Sheeder, 2006, p. 39-40).

An employee is entitled to all the relief listed above as well as any recovery obtained by the government based on the regulations of the False Claims Act. Given the financial penalties for acts of wrongdoing, employers are encouraged to monitor the activities of their organization so that these fines are not imposed.

Company-Drafted Whistleblower Policy

In order to avoid the costly expenses of these types of situations, many organizations are encouraged to draft policies that will assist employees in feeling comfortable about coming forward to advise the senior management team and the outside world of fraudulent behavior occurring in companies. Tennebaum provided four elements of a good whistleblower policy. The four elements are:

  • A policy that has a clear purpose and a statement of intent to protect whistleblowers to the fullest extent possible. The purpose may include creating an environment where the whistleblower can feel safe.
  • Guidelines that provide a detailed explanation of how the organization will attempt to protect the whistleblower.
  • Procedures on who, when, and how to contact the organization in order to report unethical and/or illegal behavior.
  • A statement declaring what the organization will do as a result of the whistleblowing activity (Associations Now, 2007, p. 12).

In addition, employers should be proactive and see if they can determine the types of behaviors or situations that encourage employees to participate in unethical behavior and the types of actions that encourage employees to step up and become whistleblowers. Sheeder (2006) identified six common ways companies have encouraged employees to become whistleblowers. In most cases, the lack of organizational support was enough for the employee to seek external assistance in correcting improper behavior. Each of the mentioned scenarios is based on a real-life case study.

Expect employees to participate in fraudulent conduct

There have been many situations where senior managers are the culprits. In an effort to improve the organization's image and financial records, some executives have encouraged and mandated employees to participate in unethical behavior. Excuses such as "it's really not hurting anyone," "we are getting what we deserve," "be a team player," and "this action offsets the system" have been used in order to justify the organization's behavior. When an employee refuses to play the game, they may be terminated, which forces the former employee to file a retaliation lawsuit.

Dismiss employee concerns or complaints

Some employees have attempted to alert the appropriate company officials only to find out their concerns have been ignored. Once they have worked through the appropriate channels within the organization, they may feel as though their only recourse is to go externally and hire an attorney to champion their cause.

Forget about a professional's ethical duty to report

Some employees may feel that they are obligated to report unethical practices to maintain the image of their profession. For example, a police officer may become aware of the fact that their partner is working with criminals. After attempting to reason with the partner, the police officer may feel a need to alert internal affairs to maintain a positive image of police officers of the community and protect the public from criminal activities.

Don't give "Public Duty" enough respect

There have been cases where an organization may be overbilling another entity, and the employee may not be able to support the deception. For example, some hospitals have been accused of overcharging Medicare programs. There may be an employee who believes that the process is unethical and innocent people may suffer as a result of the deceptive actions. Therefore, the employee feels obligated to turn the hospital into the proper authorities. The employee may believe that it is their civic and public duty to do so.

Fail to take prompt and proper corrective action

Many employees have followed the company's policy of reporting fraudulent activity only to find out that their good deed has been ignored. They believe their only alternative is to expose the situation externally since the system has failed internally.

Underestimate the perseverance of an employee

Some organizations wrongly assume that if they ignore the employee, the problem will go away. However, there are employees with a conscience, and they will pursue their cause until the problem has been resolved.

Government Legislation

Organizations need to realize that there are people who value their conscience over their job. The government recognized that big business may not always do the right thing. Therefore, it introduced and implemented some regulations to more easily allow employees to come forth. Examples of such legislation are:

False Claims Act

The False Claims Act is a qui tam provision that was enacted during Abraham Lincoln's tenure as president. The purpose of the legislation was to protect the government from the fraudulent suppliers of faulty war equipment during the Civil War. Revisions were made to the Act in 1943 and 1986. In 1986, there was a significant expansion of the rights of whistleblowers and their attorneys. The law allows individuals to file actions against federal contractors claiming fraud against the government. People filing under the Act may receive 15-25 percent of any recovered damages. In 2022, the Department of Justice collected $2.2 billion in settlement money from civil cases of fraud or false claims against the government (Department of Justice, 2023).

Sarbanes Oxley Act

This legislation was passed in 2002 with the purpose of encouraging employees to become effective corporate monitors and report misconduct and unethical behavior in corporations. The Act has two approaches that encourage employees to become corporate whistleblowers (Moberly, 2006). The first step is a clause that provides protection to whistleblowers from employer retaliation once they have disclosed improper behavior. The second step requires employers to provide employees with guidelines, policies, and procedures to report organizational misconduct within the organization.

Lloyd-La Follette Act

This Act was enacted in 1912 and was designed to protect American civil servants from retaliation. The purpose was to ensure the right of employees when they wanted to provide Congress, a committee, or individual congressman with information about fraud. The intent was to provide job protection rights to federal employees.

Viewpoint

Enterprise Risk Management (ERM)

By placing an organization's objectives into categories, one can focus on different aspects of enterprise risk management. Although the categories are different, they can overlap in terms of objectives. ERM is made up of eight interrelated components which define the manner in which a management team runs an organization and how the practices are processed (COSO, 2004). The components are:

  • Internal Environment. The internal environment is the tone and culture of an organization. It sets the bar for how risk is viewed by the organization and the employees. Organizations develop their philosophy, integrity standards, and ethical values on risk management.
  • Objective Setting. Although an organization may have objectives in place prior to the implementation of a risk management plan, the ERM process ensures that the established objectives are in alignment with the organization's mission and position on risk.
  • Event Identification. An organization must identify the internal and external events that may affect its ability to achieve goals, and the events have to be classified as risks or opportunities. Opportunities are shared with the management team to determine if they should be incorporated into the organization's goals and objectives.
  • Risk Assessment. Risks are assessed and evaluated on a regular basis so that the organization can analyze what type of impact each has on the entity.
  • Risk Response. The management team is responsible for selecting the appropriate action to risk events. Responses are based on an organization's risk tolerance and risk appetite.
  • Control Activities. Policies and procedures are put in place to ensure that risk responses are effectively implemented.
  • Information and Communication. Relevant information is identified and communicated in a timeframe that will allow employees to perform their responsibilities. The communication process should flow up, down, and across the organizational structure.
  • Monitoring. The ERM system is monitored and modified when appropriate. Monitoring is achieved through management interventions, separate evaluations, or a combination of both.

Ensuring ERM Success

If one wanted to determine the effectiveness of an organization's ERM, they would have to assess whether or not the eight components are working effectively. In order for the components to work effectively, material weaknesses must be eliminated, and the risk level has to be within the organization's risk appetite. In addition, the management team and board of directors must have an understanding of how the four categories of objectives are being achieved and know that the reporting process is reliable and addresses compliance with laws and regulations.

The senior management team could also implement a corporate risk policy in order to ensure that the ERM process is successful. Brown (n.d.) suggested a four-step process for this type of policy. The first step would be to identify the major risks faced by the organization. Once they have been identified, the next step would be to create an organizational approach to measure, monitor and control the risks. During the measuring phase, a value is assigned to each risk level, and it could be quantitative or qualitative. The next phase, monitoring, requires the organization to track changes in risk over a period of time. The final step, controlling, requires the risk level to be modified in order to be in compliance with the risk-taking appetite and policies set by the shareholders and board of directors. This framework is applied to each risk category. Brown (n.d.) provided a summary of eight types of risk that fall into four different categories (i.e., financial risk, operational risk, strategic risk, and hazard risk).

ors-bus-619-126418.jpg

Every business realizes that it will need to take some level of risk. Therefore, any approach to risk management should include competitive advantages. When reviewing the competitive advantage, it may be best to create a grid such as the one listed above in order to compare and contrast the different categories.

Conclusion

Given the competitiveness in the modern world, many people are tempted to go outside of the rules and regulations of society to get ahead. Although many would argue that traits such as honesty and credibility are valued, temptations have lured some to act irresponsibly. Actions such as cheating, stealing, lying, and bribing have become common in the workplace. Good moral values and actions are becoming the exception rather than the rule, but change is needed. Organizations must put policies in place that will encourage employees to do the right thing and inform the proper authorities when illegal actions and dishonesty take place.

Unfortunately, when employees step forward and alert the organization of wrongdoings, they are called whistleblowers, and negative labels are applied to them. Instead of being considered heroes for doing the right thing, they tend to be chastised, and some never fully recover from the experience. For many of these individuals, there is a loss of trust in fellow employees and the organizations in which they work.

With scandals such as Enron in the early 2000s and the collapse of Silicon Valley Bank in 2023, one would think that corporations would adhere to ethical standards. Unfortunately, many view these companies as the "ones that got caught," and clearly changes have not occurred in the operations of some businesses because the issue has not been taken seriously and continues to occur. There are signs the trend is slowly changing. According to a survey conducted in January 2007 by the Risk Management Association (AMA), many organizations "are moving toward a fully integrated enterprise risk management approach where a myriad of risk types are measured and many of the processes automated and standardized" (p. 14). Still, corporate scandals continued to occur in the twenty-first century.

As discussed, the senior management team could also implement a corporate risk policy in order to ensure that the ERM process is successful. Brown (n.d.) suggested a four-step process for this type of policy: identify the major risks faced by the organization, create an organizational approach to measure, monitor and control the risks, assign a value to each risk level, track changes in risk over a period of time, and modify the risk level in order to be in compliance with the risk-taking appetite and policies set by the shareholders and board of directors. This framework is applied to each risk category.

Terms & Concepts

Credit Risk: The risk of loss due to a debtor's non-payment of a loan or other line of credit.

Enron: An American energy company based in Houston, Texas. Before its bankruptcy in late 2001, Enron employed around 21,000 people and was one of the world's leading electricity, natural gas, pulp and paper, and communications companies, with claimed revenues of $111 billion in 2000. Enron was hailed by many, including labor and the workforce, as an overall great company, praised for its large long-term pensions, benefits for its workers, and extremely effective management until its exposure to corporate fraud.

Enterprise Risk Management: Methods and processes used to manage those risks, possible events, or circumstances that can have an influence on business enterprises. By identifying and proactively treating such potential effects, one protects the existence, the resources (human and capital), the products and services, or the customers of the enterprise as well as external effects on society, markets, and environments.

False Claims Act: A qui tam provision that was enacted during Abraham Lincoln's tenure as president. The purpose of the legislation is to protect the government from the fraudulent suppliers of faulty war equipment during the Civil War. Revisions were made to the Act in 1943 and 1986. In 1986, there was a significant expansion of the rights of whistleblowers and their attorneys.

Financial Risk: Any risk associated with money.

Internal Auditing: An independent and objective opinion to the accounting officer on risk management, control, and governance by measuring and evaluating their effectiveness in achieving the organization's agreed objectives.

Legal Risk: Government changes the law in a way that adversely affects an organization's position.

Liquidity Risk: Situations in which a party interested in trading an asset cannot do it because no one in the market wants to trade that asset.

Lloyd-La Follette Act: This Act was enacted in 1912 and was designed to protect American civil servants from retaliation.

Market Risk: The risk that the value of an investment will decrease due to moves in the market factors.

Operational Risk: The risk of loss resulting from inadequate or failed internal processes, people, and systems or from external events.

Sarbanes Oxley Act: Legislation passed in 2002 with the purpose of encouraging employees to become effective corporate monitors and report misconduct and unethical behavior in corporations.

Silicon Valley Bank: Bank which was forced to shutdown in 2023 due to poor tech investments in start-up companies and a run on the bank by depositors. The collapse led to the collapse of other banks as well.

Whistleblowers: An employee, former employee, or member of an organization, especially a business or government agency, who reports misconduct to people or entities that have the power and presumed willingness to take corrective action. Generally, the misconduct is a violation of law, rule, regulation, and/or a direct threat to public interest—fraud, health, safety violations, and corruption are just a few examples.

Bibliography

Alford, C. (2001). Whistleblowers: Broken lives and organizational power. Ithaca and London: Cornell University Press.

Brown, B. (n.d.) Step-by-step enterprise risk management. Risk Management Magazine. Retrieved May 14, 2007, from http://www.rmmag.com/MGTemplate.cfm

Civil division The False Claims Act. (2023, April 4). Department of Justice, Retrieved June 4, 2023, from https://www.justice.gov/civil/false-claims-act

Enterprise risk management -- Integrated framework: Executive summary. (2004, September). Committee of Sponsoring Organizations. Retrieved May 14, 2007, from http://www.coso.org/Publications/ERM/COSO%5FERM%5FExecutiveSummary.pdf

Lenn, L. E. (2013). Sarbanes-Oxley Act 2002 (SOX) -10 years later. Journal of Legal Issues & Cases in Business, 21-14. Retrieved November 24, 2013, from EBSCO Online Database Business Source Complete. http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=91096089&site=ehost-live

Mitra, S., Jaggi, B., & Hossain, M. (2013). internal control weaknesses and accounting conservatism: Evidence from the post -- Sarbanes -- Oxley period. Journal of Accounting, Auditing & Finance, 28(2), 152-191. Retrieved November 24, 2013, from EBSCO Online Database Business Source Complete. http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=87362140&site=ehost-live

Moberly, R. (2006). Sarbanes-Oxley's structural model to encourage corporate whistleblowers. Brigham Young University Law Review, 2006(5), 1107-1175. Retrieved June 6, 2007, from EBSCO Online Database Business Source Complete. http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=23715204&site=ehost-live

Pandey, K. (2023, Feb. 27). The high cost of unethical business: Top 4 biggest corporate scandals. Jumpstart Magazine. Retrieved June 4, 2023, from https://www.jumpstartmag.com/the-high-cost-of-unethical-business-top-4-biggest-corporate-scandals

Prawitt, D. F., Sharp, N. Y., & Wood, D. A. (2012). Internal audit outsourcing and the risk of misleading or fraudulent financial reporting: Did Sarbanes-Oxley get it wrong?. Contemporary Accounting Research, 29(4), 1109-1136. Retrieved November 24, 2013, from EBSCO Online Database Business Source Complete. http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=84385459&site=ehost-live

RMA announces results of enterprise risk management survey. (2007). Secured Lender, 63(1), 14. Retrieved May 14, 2007, from EBSCO Online Database Business Source Complete. http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=23789434&site=ehost-live

Sheeder, F. (2006). Whistleblowers are not born that way -- We create them through multiple system failures. Journal of Health Care Compliance, 8(4), 39-73. Retrieved June 6, 2007, from EBSCO Online Database Business Source Complete. http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=22337250&site=ehost-live

Velasquez, V. (2023). What happened to Silicon Valley Bank? Investopedia. Retrieved June 4, 2023, from https://www.investopedia.com/what-happened-to-silicon-valley-bank-7368676

Ward, B. (n.d.). The new accountability: Part 1. Retrieved November 21, 2007, from http://templates.haleymail.com/haley%5Ftemplates/index.smpl?art=2998&aid=242&database=company

Suggested Reading

Burrowes, A. & Sipple, S. (2007). Corporate accountability and continuing fraud. Chartered Accountants Journal, 86(10), 70-71. Retrieved November 27, 2007, from EBSCO Online Database Business Source Complete. http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=27464679&site=ehost-live

Kinnear, J. (2002). Corporate governance: A system for accountability. Directorship, 28(6), 9-15. Retrieved November 21, 2007, from EBSCO Online Database Business Source Complete. http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=6905680&site=ehost-live

Walker, D. (2003, January 24). GAO forum on governance and accountability: Challenges to restore public confidence in U.S. corporate governance and accountability systems: GAO-03-419SP. GAO Reports, 1-38. Retrieved November 21, 2007, from EBSCO Online Database Business Source Complete. http://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=18214483&site=ehost-live

Essay by Marie Gould

Marie Gould is an Associate Professor and the Faculty Chair of the Business Administration Department at Peirce College in Philadelphia, Pennsylvania. She teaches in the areas of management, entrepreneurship, and international business. Although Ms. Gould has spent her career in both academia and corporate, she enjoys helping people learn new things -- whether it's by teaching, developing or mentoring.