Your Quick Guide To Managing Ethics & Compliance

Following my assassination of DD a few weeks back, a bit more.
I promise I’ll stop next week and get back to something fun, like investigations!

An Australian company spotted significant delays and costs associated with onboarding contract workers in healthcare facilities. Every time they moved, the workers needed to submit a heft of paperwork (credentials, criminal record checks, attestations, etc.). Those accrediting the data were federal or state-level agencies. Could the workers not use a virtual “passport,” with all this data kept updated, to hand over to a new employer? Yes, it turned out.

Could we do something similar? I’ve yet to meet any organisation that is happy with third-party management. Expensive (but not always revealing) due diligence follows lengthy questionnaires. Then there’s the pesky issue of monitoring. For the vendor, we have the complete checklists providing much of the same information with increasing instances of ridiculousness – like a solo practitioner who was asked to provide a diversity policy before submitting a proposal.

I have so many problems with the current approach.

🚦 It’s driven by regulatory ass-covering, not risk.

🚦 The fixation on having policies, not implementation.

🚦 A one-size-fits-none approach to questionnaires.

🚦 DD reports filled with vagaries and no context.

🚦 The absence of nuance to “red flags.”

Image 1

Some legislation – like the UK’s Modern Slavery Act – includes guidance suggesting larger organisations ease the burden on smaller ones by agreeing on things like “mutually recognised audits.” Might we do likewise with questionnaires and disclosure?

I appreciate this would need industry-level adaptation – healthcare risks differ widely from extractives – but would it not make it quicker for all parties?

For the more programmatic elements – having the right licenses, disclosing directors and ultimate beneficial owners, etc. – would the passport concept work? The compiler of the passport would, I’m guessing, need to have professional expertise (legal, notary, etc.), but could it work? One to think on, perhaps…

Need more?

Book a (free) strategy session, get new articles, and other content designed to be useful and fun.

Your Quick Guide To Managing Ethics & Compliance

Be the first to know

Subscribe to receive a weekly newsletter with trends, news, and hacks for all things risk. PLUS, behavioural science, investigations, human risk, and alternate perspectives.