The FCPA Blog recently published a useful roundup of enforcement actions taken under the U.S. Foreign Corrupt Practices Act during 2011. It’s a fascinating window into the topic of law-breaking involving corporations.
For businesses, following the law doesn’t exhaust ethical responsibilities, but it’s an awfully good start. Most of us probably think following the law is the absolute minimally-decent behaviour for business. You absolutely must follow the law, and a business certainly shouldn’t be praised for achieving that basic minimum, right? But in fact, it’s not always so easy for companies to follow the law.
Part of the problem is that “the law” is not a simple, straightforward thing. Particular laws can be vague or ambiguous. And what counts as legal cannot always just be looked up, in part because so much depends on prosecutorial discretion. Many people have commented on the difficulty of knowing, in advance, what sorts of behaviours prosecutors are going to decide to take a swing at, whether in applying the Foreign Corrupt Practices Act or deciding when CEOs have neglected their duties to shareholders.
The other problem has to do with scale. If you operate a business with 100,000 employees, there’s a pretty high likelihood at any given moment that, despite your best efforts, one of those employees is doing something either illegal or in a legal grey zone. Compare how likely it is to achieve a zero crime rate in a town of 100,000 citizens. Of course, the citizens of a town aren’t part of an authority hierarchy the way that employees of a corporation are, but still you see the problems that come with scale.
(Also compare this to the FDA’s food contaminant standards. The fact that there’s an allowable number of rodent hairs for a jar of peanut butter may be disgusting, but it shouldn’t be surprising: it is inconceivable that there could be a large-scale food-production system with zero contaminants.)
Another factor is the number and complexity of laws and regulations. For you and me, the legal rules to follow in our everyday lives are few and simple, and minimally disruptive: don’t kill, don’t steal, etc. Not so for many companies. Companies in some industries are subject to perhaps hundreds or thousands of separate legal requirements. Note, for instance, that the full text of the Dodd–Frank Wall Street Reform and Consumer Protection Act is over 2,000 pages long.
A final factor worth pointing out is the apparently-criminogenic nature of corporate workplaces. For a range of reasons much more complex than is commonly acknowledged, people seem more willing to break the law at work than they are at home. Among the likely factors are competitive zeal, the desire for career advancement, tunnel vision, and group-think.
The net result of all these factors is that, for a big company, consistently complying with the law is actually a significant achievement. Getting employees consistently to follow the law is in fact a fundamental managerial challenge. The U.S. Federal sentencing guidelines reward companies for even attempting to do a competent job of implementing an ethics and compliance program.
But compliance with the law is unlikely to win a company kudos from very many observers, focused as they are on the “above-and-beyond” stuff normally associated with Corporate Social Responsibility. However, when a particular behaviour is so incredibly difficult and important, what on earth could possibly be more deserving of praise?