One of the compliance professional’s most important roles is helping define laws that are vague or grey. I would love to have been in the room at Enron, WorldCom, Penn State University, or Walmart when they discovered a major issue but chose not to do anything. I think the common assumption that these people were bad is wrong. I think many of these people are very good people. What I believe happened is that they sat around a table and discussed the law and the facts of their particular case. Rather than narrow the grey area, they broadened “their definition” of a law until the problem they found… was not a problem. Everyone in the room was eager to buy the very broad definition of the law so they would not have to throw themselves on their sword.
When people sit in a room, especially under stress, after finding a potential problem, they tend to try to broaden the definition of the law rather than narrow it. The problem is that they should have probably tried to narrow the grey areas of the law rather than broaden them. They should have talked about the spirit of the law to help narrow the definition. They should discuss what it would look like in the local newspaper to narrow it. They should talk about their principles and ethical culture to try to narrow it.
This is all very subjective. Some would say that it’s best to broaden the grey area to defend their actions. That may be true, but I think we have overshot our goal. Yes, there is a time to define a law as broadly as we can. However, given the fact that business reputation is at a very low point because of mistakes that were made, we probably need to be more careful. I am sure that some people who justified doing nothing when the problem was found (by increasing the grey area) would like to take it back. Those people are now dealing with the mistake and paying a much larger fine because they knew about the problem years before and did nothing about it. It looked like they covered it up. I would be more supportive of broadening the grey area if it worked more often. But it is failing frequently. We need to listen to the compliance officer who should help leadership define the grey area in such a way that we don’t have to deal with a much bigger problem later.