Embed Size (px)
Citation preview
CORPORATE GOVERNANCE,
COMPLIANCE AND
CODE OF CONDUCT STUDY 2013
UNITED KINGDOM
About The Red Flag Group
The Red Flag Group is one of the world’s leading independent corporate governance
and compliance firms, providing thought leadership around compliance to Fortune 1000
companies. Our main goals include helping companies develop and maintain efficient
and effective governance and compliance programmes in emerging markets, as well as
providing professional due diligence services to companies around the world. Our
technology solutions are leading edge – providing practical web-based solutions to
manage compliance risks globally. For more information, go to www.redflaggroup.com.
Contents
Introduction ............................................................................................ 5
Methodology .......................................................................................... 6
Overall approach to corporate governance and compliance ...................... 6
Analysis of publicly-available codes of conduct ....................................... 7
PART A – Study of projected attitude towards compliance ...................... 8
Overview ............................................................................................... 8
Findings .............................................................................................. 11
Code of conduct or similar products .................................................... 11
Chief compliance officer and compliance committee .............................. 11
Reporting of corporate social responsibility, anti-corruption and compliance
issues in publications ......................................................................... 12
Whistleblower policy .......................................................................... 14
PART B – Examination of publicly-available codes of conduct ............... 15
Overview ............................................................................................. 16
Findings .............................................................................................. 18
Public accessibility ............................................................................ 18
Commitment, values and themes ........................................................ 19
Leadership commitment .................................................................... 19
Target audience suitability ................................................................. 20
Readability and tone ......................................................................... 21
Structure, presentation and style ........................................................ 22
Stakeholder identification ................................................................... 23
Explanation of company interests ........................................................ 24
Non-retaliation commitment ............................................................... 24
Country culture suitability .................................................................. 25
Comprehension aids .......................................................................... 26
Risk topics ....................................................................................... 27
Conflicts of interest ........................................................................... 28
Board structure ................................................................................ 28
Board behaviour ............................................................................... 29
Committees ..................................................................................... 30
Acknowledgement of receipt ............................................................... 31
Disclaimers and reminders ................................................................. 31
Applicability ..................................................................................... 32
Law and legislation ........................................................................... 33
Corporate citizenship ......................................................................... 33
Workplace and employment values ..................................................... 34
Frequent review of code .................................................................... 35
Awareness and promotion .................................................................. 36
Company relations with business or government entities ....................... 37
Introduction
As the seemingly never-ending wave of corporate scandals hits markets all across the
world, the focus on corporate governance and compliance of companies has never been
stronger. In response, companies are now finding it increasingly challenging to obtain
the trust and confidence of stakeholders without demonstrating to those stakeholders
that efforts are being made to manage business ethics and integrity. What has also
become apparent is that if companies fail to properly implement a sound system of
corporate governance and compliance controls they can pay serious penalties for their
negligence, regardless of whatever rich history, prestigious brand or celebrated
reputation these companies may have.
In June 2012 it was stunningly revealed that the traders from leading banks had been
regularly manipulating the London Interbank Offered Rate (LIBOR), which served as the
anchor for financial contracts accumulatively worth trillions of dollars. The LIBOR is
supposed to be an average interest rate of the major banks, but employees of these
banks had been submitting fabricated interest estimates. Traders from the same banks
then profited from the colluded manipulations. This is beyond trading on insider
information as the information itself was fictitiously made up by the trader. There is no
doubt conflicts of interest existed as the group of banks and individuals stood to directly
benefit or lose from the estimates they posted, and the lack of systems and controls to
prevent such conflicts allowed to the scandal to go on.
The past year has been difficult for United Kingdom companies. There has been a
constant struggle to recover public confidence after cases were uncovered of trade
sanction violations, money laundering, consumers being deceived into purchasing
unwanted services, and other corrupt and fraudulent practices occurring. These cases
expose the weak corporate governance and compliance framework of some of the
largest companies in the world and highlight the dire consequences that may follow as a
result. In order to regain the trust of investors and other stakeholders, companies must
prove that the business is built upon a strong foundation of ethics, compliance and
corporate governance.
The Red Flag Group previously conducted studies on Hong Kong-listed companies and
Singapore-listed companies, and both studies found that the general approaches towards
corporate governance and compliance were not proportionate to the maturity of the
markets. Companies in both markets showed reluctance in disclosing information on the
strategies and actions they had taken to mitigate compliance risks. In particular, the
majority of companies in these regions opted to only publish codes of conduct or
equivalent documents internally, despite the fact that external stakeholders are equally
concerned with the key principles a company uses to give it direction and to manage its
priorities. As both of the previous studies were conducted on companies listed in Asia,
this study serves as an analysis of their European counterparts.
With its long history – dating back to the time when brokers traded in coffee houses in
the 17th century – the London Stock Exchange (LSE) is one of the oldest in the world,
and lists many top-tier companies. In light of events such as the LIBOR scandal, and
with a view of looking beyond Asian companies, The Red Flag Group carried out this
study to appraise the approach of LSE companies in managing corporate governance and
compliance, with a focus on the codes of conduct adopted by these companies. The
result of this study diverges significantly from our previous studies and substantiates
that comprehensive compliance programmes could be efficiently and effectively
implemented and promoted by companies from all industries.
Methodology
The sample group of this study comprised of the 100 largest companies listed on the
London Stock Exchange in terms of market capitalisation. Incidentally, these companies
are also constituents of the FTSE100 index, and the sample group was therefore
extracted from the September 2012 list of constituent companies. Market capitalisation
figures, last updated in November 2012, were gathered for each of the 100 companies
and the companies were subsequently listed from largest to smallest.
The study is divided into two parts:
A. An analysis of overall approaches to corporate governance and compliance
B. An analysis of the codes of conduct that were publicly available.
Overall approach to corporate governance and compliance
All 100 companies in our sample group were assessed according to their publicly-
projected approach to governance and compliance. The assessment was based on eight
different categories:
1. Whether a code of conduct (or similar document) existed and was available to the
public
2. Whether the company identified its chief compliance officer (or similar position), and
if so, whether that person’s roles and functions were clearly explained
3. Whether the company had a compliance committee (or similar oversight group) that
was devoted to the review and improvement of their firm’s approach to compliance
4. The efforts of the company to publicise its corporate social responsibility, anti-
corruption practices and compliance
5. Whether the company had a publicly-available report specifically addressing
compliance-related matters
6. Whether the company exhibited any form of whistleblower policy or policies on
openness and transparency
7. The level of attention paid to compliance issues in the company’s annual report
8. The overall approach of the company to ethics, compliance and good governance
based on viewing all publicly-available material collectively.
In each of these categories the companies were given a score from 0 to 4, based on a
clear set of guidelines and instructions. The maximum possible score was 32. Each score
sheet contained comments on how the final score for each category was derived, and all
were reviewed independently for consistency.
Analysis of publicly-available codes of conduct
For each of the codes of conduct that were publicly available, further analysis was
conducted based on the extent of which the following criteria were satisfied:
Public accessibility
Commitment, values and themes
Leadership commitment
Target audience suitability
Readability and tone
Structure, presentation and style
Stakeholder identification
Explanation of company interests
Non-retaliation commitment
Country culture suitability
Comprehension aids
Risk topics
Conflicts of interest policies
Board structure explanation
Board behaviour requirements
Committees
Acknowledgement of receipt
Disclaimers and reminders
Applicability
Law and legislation
Corporate citizenship
Workplace and employment values
Frequent review
Awareness and promotion
Company relations with business or government entities.
The set of criteria was developed based on guidelines and papers produced by various
international organisations and industry bodies (including, but not limited to, the OECD
Principles on Corporate Governance, the International Federation of Accountants
guidelines on developing an effective code of conduct and the Hong Kong ICAC Good
Governance and Internal Control guide), as well as our own expertise and experience in
advising clients on developing these documents. As such, these are elements that should
be well considered when designing a comprehensive code of conduct.
Just as with the overall approach assessment, each criterion was also scored on a zero-
to-four scale, with a maximum possible score of 100.
The scope of both the overall compliance and code of conduct research covered only
information that was publicly available, and implications cannot be drawn to suggest that
companies examined did not have a comprehensive compliance programme. Rather, it
can merely be inferred that if these programmes were in place there was no public
disclosure to a broader group of stakeholders. Provided that corporate governance and
compliance are areas of concern for a wide range of stakeholders, whatever programme
is in place should be made as open and transparent as possible. With this in mind, the
approach of only considering and analysing publicly-available information and policies
was deliberately adopted.
PART A – Study of projected attitude towards compliance
Overview
It was found there is an observable difference in the performance of companies
headquartered in the United Kingdom and those headquartered elsewhere (for the purpose
of this report classified as “foreign” companies), as shown in Figure 1. While UK-based
companies scored a much higher average of 18.3 out of 32, the average score of foreign
companies is 12.3 out of 32. The company which scored highest, with 29 out of 32, is also
based in the United Kingdom. This variance appears to indicate that UK-based companies
are responding faster to the tightening regulatory environment in the region and are
making more preparations in anticipation of intensifying focus in corporate governance and
compliance.
Figure 1: Compliance scores by country
Another trend observed is that the largest 50 companies had consistently better
performance, as shown in Figure 2. These companies scored an average of 20.4 out of 32,
while the smallest 50 companies had an average score of 16 out of 32. This finding is
consistent with our previous studies, in which large companies (in terms of their market
capitalisation) were found to have scored better. These companies generally have a wider
stakeholder base and are often closely scrutinised, with the companies that endure the test
of the public prevailing and attracting more investors. This means there is both greater
pressure and greater incentive for these companies to consistently keep check of their
actions. Although the smaller 50 companies averaged a lower score, their performance is
still satisfactory and signals that even companies that are under less pressure and that
have fewer resources are investing to manage compliance risks. This observation is
encouraging as it shows that regardless of size, companies in the United Kingdom do see
compliance and governance as important aspects of doing business.
29 28
18.3
12.3
6 7
0
5
10
15
20
25
30
35
UK Foreign
Highest Score
Average Score
Lowest Score
Figure 2: Compliance scores by market capitalisation
Finally, Figure 3 illustrates the average performance amongst the different sectors and it
was found that the healthcare sector performed exceptionally well. In addition to having
the highest average score of all the sectors, the two highest scoring companies also
belonged to the healthcare sector. On the other hand, the financial services and property
sectors, which together account for 15 percent of the sample group, trailed behind with
noticeably lower average scores of 12.1 out of 32 and 12.3 out of 32 respectively. As these
two sectors face higher risks due to the large volumes of monetary transactions involved it
is worrying to find that their overall approaches to corporate governance and compliance
are not on par with other sectors.
Figure 3: Average compliance scores by sector
29 29
20.4
16
9
6
0
5
10
15
20
25
30
35
Largest 50 Companies Smallest 50 Companies
Highest Score
Average Score
Lowest Score
27.3
23.3 21.6 21.5 21.4
20.5 19.3
18.1 18.0 18.0 16.8 16.2 16.0 15.5
12.3 12.1
0.0
5.0
10.0
15.0
20.0
25.0
30.0
The average score for each criterion, depicted in Figure 4, shows that although LSE
companies generally performed more than satisfactorily in this study, with many criteria
averaging a score of 2 or higher, there are still areas where improvements need to be
made. Further analysis on how the companies performed will be discussed in the sections
below.
Figure 4: Average score for each criterion
2.9
1.2
2.6
3.3
0.7
3.1
2.1 2.3
0
1
2
3
4
Findings
Code of conduct or similar products
A code of conduct is an integral part of a company’s compliance programme as it helps
communicate to employees and external stakeholders the core values and high standards
of integrity and ethics that form the foundation of the business.
An encouraging finding of this study is the fact that 79 of the 100 companies in the sample
group made their codes of conduct (or similar documents) publicly available, as shown in
Figure 5. This result differed significantly from our previous studies on Hong Kong and
Singapore, where companies rarely recognised the importance and value in publicly
disclosing their codes. In addition to being publicly available, companies also had to ensure
ease of access to the document in order to receive full marks in this criterion. Figure 5 also
shows that 56 out of the 100 companies that were examined received full marks, indicating
that over half of the companies were enthusiastic about divulging their efforts in improving
corporate behaviour to the public. One of the companies received a score of 2 out of 4
despite not having a publicly-available code of conduct as it instead offered a number of
separate policies of the types that are typically incorporated in a code of conduct.
The second part of this study will analyse these codes of conduct in more detail.
Figure 5: Code of conduct score distribution
Chief compliance officer and compliance committee
As shown in Figure 6, over 70 percent of the subject companies were reluctant to identify
their chief compliance officer (or equivalent position). In a comprehensive compliance
programme it is important for companies to clearly identify the individual who is
responsible for the overall implementation of the programme. This helps promote the fact
that not only is a company willing to invest the time and resources of its top-level
personnel to ensure compliance and ethical conduct, but it is also willing to identify these
individuals so that employees and other stakeholders may contact them if any concerns
regarding the practices of the company arise.
0
10
20
30
40
50
60
0 1 2 3 4
17
3 9
15
56
Nu
mb
er
of
com
pan
ies
Score out of 4
Figure 6 also shows that almost 90 percent of the subject companies received a score of
2 out of 4 or above in the compliance committee criterion. Although it may appear that LSE
companies have scored quite well with regards to having a committee overseeing
compliance, it was found that companies often allocated compliance responsibilities to
committees that actually have other purposes as their primary duties. A common example
is for a company to allocate the responsibility of overseeing compliance matters to its audit
committee, which is primarily responsible for ensuring financial integrity. Some companies
had two or more committees responsible for various compliance-related duties, and this
could lead to less coordinated and less symmetric strategies.
Ideally, companies should have a separate committee that is dedicated to overseeing
compliance matters. Setting strategies and implementing policies to ensure compliance and
ethical conduct throughout the various levels of the company can be a demanding
responsibility, and it is therefore not practical to have the committee that is responsible for
overseeing compliance to also be responsible for other major corporate functions, such as
auditing.
Figure 6: Chief compliance officer score distribution
Reporting of corporate social responsibility, anti-corruption and compliance issues
in publications
As presented in Figure 7, companies performed well when it came to disclosing
information on corporate social responsibility, corruption and compliance issues. Companies
typically dedicated a substantial section of the company website, or even a separate
website, to address their social responsibilities. In addition, many companies also offered
corporate social responsibility reports or similar publications to further divulge information
in this area. Companies that achieved the maximum score in this criterion had public
reports which offered plenty of information outlining their strategies and approaches
towards compliance and preventing corruption, as well as material regarding their social
initiatives.
0
5
10
15
20
25
30
35
40
45
0 1 2 3 4
31
43
10 9 7
0
12
35 35
18
Nu
mb
er
of
com
pan
ies
Score out of 4
Chief Compliance Officer
Committee
Figure 7: CSR score distribution
Figure 8 reveals that LSE companies generally performed unsatisfactorily in the criterion
on compliance reports, and had average performance regarding the amount of compliance-
related information that was included in their annual reports.
These results indicate that companies tend to include compliance issues in their corporate
social responsibility or sustainability reports, rather than publishing a standalone
compliance report. Ideally, compliance reports should be a separate document that
describes the current risk environment and the necessary actions to mitigate recognised
risks.
Another observation is that company annual reports tended to only cover a small number
of compliance issues, many of which were required to be included by laws or regulations. In
higher-scoring examples, companies covered extra key compliance issues in annual reports
in a way that shareholders and other stakeholders could easily learn of these matters when
browsing the reports. Examples of what some better performing companies covered in their
annual reports include the progress of company-wide rollout of compliance policies, reports
received through whistleblowing processes, and statistics regarding code of conduct
training.
It is important for companies to realise that disclosing information regarding compliance
and anti-corruption actions is just as important as publicising efforts in addressing social
responsibilities. By releasing more detailed information on the progress of implementing
compliance and anti-corruption strategies, companies can demonstrate that they are
actively pursuing the goal of operating ethically and with integrity.
0
10
20
30
40
50
60
0 1 2 3 4
0 3
19 27
51
Nu
mb
er
of
com
pan
ies
Score out of 4
Figure 8: Compliance report and annual report score distribution
Whistleblower policy
As presented in Figure 9, a majority of the companies had a satisfactory whistleblower
policy in place. It is important for companies to have a direct channel available for all
employees, and possibly even external stakeholders, to report suspected improper
behaviour. This allows the board of directors and senior management to be alerted of
actual or potential improprieties at a primitive stage so that swift action can be taken to
mitigate or eliminate further damage. As such, this finding is reassuring.
Figure 9: Whistleblower policy score distribution
54
25 16 5
0 3
24
41
22
10 0
10
20
30
40
50
60
70
0 1 2 3 4
Nu
mb
er
of
com
pan
ies
Score out of 4
Compliance Report
Annual Report
1%
13%
18%
8%
60%
0
1
2
3
4
Score out of 4
PART B – Examination of publicly-available codes of conduct
As mentioned in Part A of this study, almost 80 percent of the sample group made their
codes of conduct publicly available. This suggests that companies are recognising the
idea that a code of conduct is both an internal and external medium to communicate
the core values and standards that guide the company, and thereby add value to the
business.
In our previous studies, the small sample of publicly-available codes of conduct gathered
from Hong Kong-listed and Singapore-listed companies limited the ability to extract a
true cross section of the quality of the codes adopted by companies. In this study,
however, we were able to look at a more substantial number of codes of conduct, which
gave a more accurate representation of areas where codes were generally well-written,
as well as enabling us to compile a list of common inadequacies that companies should
avoid.
Overview
An analysis of how LSE companies performed in each criterion will be discussed later on
in further detail; however, some general trends are identified and summarised below.
When the subject companies are divided into quadrants according to market
capitalisation, as shown in Figure 10, a clear downward trend in average scores can be
observed. This does not come as a surprise, as larger companies tend to have a more
complex organisational structure spanning many different countries and regions. A more
comprehensive and detailed code is therefore necessary to ensure that all aspects of a
business operate according to a uniform standard of integrity and ethics. On the other
hand, smaller companies should also ensure that their codes of conduct provide proper
guidance in all key risk areas. A well-designed code is important for businesses of any
size as it serves to protect the company from unnecessary liabilities and risks.
Figure 10: Total score
The average scores for each criterion are illustrated in Figure 11. These scores give a
general idea of the areas where LSE companies are excelling, such as the public
availability and target audience criteria. Conversely, this figure also makes apparent that
there are certain areas companies should work to improve so as to perfect their codes.
56.2
48.9 42.7 40.8
0
10
20
30
40
50
60
70
80
90
Largest 25Companies
Second Largest 25Companies
Third Largest 25Companies
Smallest 25Companies
Sco
re o
ut
of
10
0
Highest Score
Average Score
Lowest Score
Figure 11: Average score for each criterion
3.6
2.9
2.5
3.1
2.7 2.9
2.2 2.2
2.6
1
1.6
2.9
1.7
0.9 1 0.9
0.4
2 2.2
0.8
2.1
3
0.8
0.6
1.7
0
1
2
3
4
Ave
rage
sco
re o
ut
of
4
Criteria
Findings
Public accessibility
Public availability demonstrates the willingness of a company to share its ethos and
philosophy and is also an indicator of a company’s penchant for transparency. There is
often a belief that the code of conduct is a document for employees only (as was the
case with companies in Hong Kong and Singapore). That belief is, however, untrue:
codes of conduct are also a great medium for companies to tell customers and
stakeholders about the guidelines and controls that they have in place to mitigate
governance and compliance risks in different facets of their business. The correct
approach is therefore to publicly offer the code of conduct and ensure that those
interested in obtaining information on the company can locate it with ease.
This is an area LSE companies excelled in: Figure 12 shows that 71 percent of the
companies received a full score, with the average score being 3.6 out of 4. In most
cases, codes of conduct could be easily found and were logically placed in the relevant
sections of the companies’ websites. A number of companies even went a step further,
promoting their codes by displaying them in prominent positions of their websites. This is
a very good practice as it indicates that a company recognises its code as one of its most
important publications.
Actively inviting the public to view the code of conduct is one of the most positive ways
for companies to communicate to the public that they are confident in the way they
operate, significantly boosting public confidence in the integrity of the business.
Figure 12: Public availability score distribution
0% 1%
9%
19%
71%
0
1
2
3
4
Score out of 4
Commitment, values and themes
Statements exemplifying a company’s values, principles and themes set the tone of a
code in that it is about adhering to higher values and standards and going above and
beyond simply complying with laws and regulations.
This was another well-performed criterion, in which almost half of the codes of conduct
scored full marks (as depicted in Figure 13). A message highlighting core company
values can often be found in the codes of LSE companies, and this helps to emphasise a
company’s non-compromising commitment to business ethics.
On the contrary, a minority of the subject companies did not include any statements of
company commitment and values, resulting in a lack of direction for those codes. One
example was an international media and education company. The lack of a statement of
commitment and values drastically weakened the impact of their code, as establishing
the underlying purpose of producing such a document helps to express to employees the
extent to which they are expected to comply with their code and the resulting benefits of
complying with the code.
Figure 13: Commitment, values and themes score distribution
Leadership commitment
Associating a code of conduct with a senior officer is a way of impressing upon
employees that an organisation is serious about adherence to its values. This can greatly
strengthen the impact of a code, especially when a prominent figure within an
organisation demonstrates their unconditional support of their company’s code through a
charismatic and personal message to readers.
Polarised performance was observed in this area and, as depicted in Figure 14, around
half of the companies included an effective address from a senior officer in their codes to
demonstrate the personal commitment of a senior executive. However, a third of the
companies studied completely overlooked this element and failed to exemplify the
dedication of top management.
8 3
15 17
36
0
5
10
15
20
25
30
35
40
0 1 2 3 4
Nu
mb
er o
f co
mp
anie
s
Score out of 4
Figure 14: Leadership commitment score distribution
During the course of this study it was found that a number of addresses by chief officers
contained very similar content, such as stating that the code was “not meant to be an
exhaustive list” or urging employees to “make use of company whistleblowing
procedures”. Generalised, uniform and non-specific statements can significantly
undermine the perception of senior executive commitment to the cause and negate the
impact of the code of conduct. A better approach would be to have senior officers
express their own views in their own language regarding the approach of the company
towards ethics and compliance. This can convey a more genuine message, and a
passionate statement is more likely to influence the attitudes of employees.
Target audience suitability
The audience that is required to absorb and acknowledge the content of a code of
conduct must be properly addressed, and a code should be tailored as such. The
content, style and focus of the code should revolve around the characteristics of this
target audience.
LSE companies performed well in this aspect. As shown in Figure 15, a large number of
companies received full scores for clearly listing all the different target groups that
should read the code.
In addition to internal audiences (such as employees, directors and officers), a number
of companies also targeted vendors and suppliers as audiences that should read their
codes and adhere to similar ethical principles. This is a good practice that all
organisations should adopt. One of the main findings of our studies of Hong Kong and
Singapore companies is that there is a general misconception amongst them that codes
of conduct should only be distributed internally. In fact, by identifying other external
stakeholders as target audiences, companies are expanding the scope of their codes and
0
5
10
15
20
25
30
35
40
45
0 1 2 3 4
23
5 4 5
42
Nu
mb
er
of
com
pan
ies
Score out of 4
in turn magnifying the impacts. For example, an integrated energy company identified
contractors, suppliers and joint-venture partners as audiences of its code and
encouraged these parties to uphold its principles. This effectively leveraged the
resources and efforts put into writing the code to communicate the expected level of
ethics and professionalism and reinforce supply chain integrity.
Figure 15: Target audience suitability score distribution
Readability and tone
Simple language should be used, avoiding complex legal jargon, as a wide audience will
be reading a code. A language and style reflecting the type of industry a company
operates in and the type of employee it wishes to retain should be adopted. Essentially,
a code of conduct should be written in language that can be easily understood by all
audiences and, just as importantly, it should address elements that are unique to the
organisation so that employees can better relate the principles of the code to everyday
work.
Figure 16 reveals that over half of the companies received only a moderate score of
2 out of 4. Of all the codes analysed in this study, most were written in language that
would be easily understood by its target audience; however the latter area of including
content that is tailored specifically for the organisation was where LSE companies tended
to fall short.
A generic tone and style impairs the practical value of the code as it creates a gap
between the concepts outlined in the code and the everyday work of employees. In the
ideal situation, efforts should be made to ensure that the principles of the code are
consistently linked with the actual operations of the company. For example, an
independent oil and gas exploration and production company included many work-
related scenarios in its code of conduct, allowing employees to firmly grasp how the
seemingly foreign concepts affect their daily operations.
0
5
10
15
20
25
30
35
40
45
0 1 2 3 4
3 8
12 13
43
Nu
mb
er
of
com
pan
ies
Score out of 4
Figure 16: Readability and tone score distribution
Structure, presentation and style
In similar ways to how readability and tone affect the impact of the code, how the code
is presented and whether it is visually appealing are also factors to consider. As shown in
Figure 17, companies performed well in this area, with the majority scoring 3 out of 4
or higher. Most of the codes examined were presented in an appealing and well-
structured format to facilitate easy referencing by employees.
The essence of having a well-structured code that is clear and concise is to ensure that
employees at every level of the company will be able to understand and obtain guidance.
With this in mind, companies should show that they have catered to employees that are
from non-English speaking regions and have published their codes in other languages
relevant to the geographic span of the company. This element is becoming increasingly
significant as multinational companies continue to explore opportunities in developing
regions.
When assessing companies on this criterion it was examined whether each company had
offered its code of conduct in a sufficient number of languages such that it could be
effectively communicated to all the different regions in which the company operates. As
such, it is not expected for companies to publish their codes in every existing language,
and is unnecessary so long as all employees are able to read and understand the code.
For example, an aerospace and defence company was given a full score for offering its
code in English, Arabic and Spanish, which sufficiently caters to employees from the five
countries where it mainly operates.
0
10
20
30
40
50
0 1 2 3 4
1 1
42
10
25
Nu
mb
er
of
com
pan
ies
Score out of 4
Figure 17: Structure, presentation and style score distribution
Stakeholder identification
Identifying the stakeholders of a company is important as it illustrates where priorities lie
regarding the strategy and decision-making of a company. A balanced approach should be
taken in the addressing of internal and external stakeholders; neither should be overlooked.
As shown in Figure 18, performance was mixed in the area of identifying of
stakeholders. While some companies clearly identified and addressed all of their
key stakeholders, other companies were not as clear, and some codes only identified a
certain group as stakeholders whilst ignoring other relevant parties. This is a shortfall for
organisations as it portrays a narrow-sighted approach.
As an effective guide, a code of conduct should acknowledge all key stakeholder groups and
describe how they may be affected by the actions of the company so that employees are clear
on how to lighten or eliminate any negative impact while maintaining positive relationships.
Figure 18: Stakeholder identification score distribution
0 4
14
45
16
0
5
10
15
20
25
30
35
40
45
50
0 1 2 3 4
Nu
mb
er o
f co
mp
anie
s
Score out of 4
0
5
10
15
20
25
0 1 2 3 4
16 12
15 15
21
Nu
mb
er
of
com
pan
ies
Score out of 4
Explanation of company interests
Companies should clearly state what interests they value most and, in turn, a code of
conduct must direct employees on what considerations should take priority when they
are making decisions. This helps to eliminate any doubt employees may have as they will
be clearly informed of the priorities of the company.
As illustrated in Figure 19, performance of LSE companies in the criterion of identifying
key interests was mixed. Nearly half of the companies scored 3 to 4 in this criterion for
clearly identifying and defining key interests and assets, such as intellectual property or
confidential information. In contrast, the other half of the subject companies were vague
in pointing out what employees should protect, and some were unable to clearly define
what may be categorised as key assets or property.
Figure 19: Explanation of company interests score distribution
Non-retaliation commitment
Companies should promote a culture where employees are not punished or victimised for
legitimately speaking out on matters that could be damaging to their organisation. In
addition to removing any restrictions that may potentially discourage timely reporting of
potential misconduct, companies should also promote and encourage the use of
whistleblowing channels, since there may be a tendency for employees to avoid issues
and suppress their suspicions.
Figure 20 illustrates that this was a criterion in which companies performed well, with
the majority of companies scoring 3 out of 4 or higher. While most codes examined
mentioned that those who raised concerns would be protected from detriments, some
codes were phrased in a less assuring way than others. For example, some companies
only offered protection on the condition that the employee satisfied certain criteria, such
as offering concrete evidence. This sets an unreasonable constraint on employees as it
basically imposes a burden of proof on individuals to establish that a misappropriation
has occurred, and ultimately acts as a deterrent to provide valuable information. Not all
companies purposefully encouraged the utilisation of the whistleblowing procedures.
0
5
10
15
20
25
0 1 2 3 4
17
11
17
9
25
Nu
mb
er
of
com
pan
ies
Score out of 4
Companies should actively promote the use of whistleblowing mechanisms so as to
detect any actual or suspected improprieties or wrongdoings at an early stage, before
serious damage is caused. The whistleblowing mechanism of a company is one of the
main lines of defence and can be very effective if properly implemented and employees
are strongly encouraged to voice whatever concerns they may have regarding breaches.
Figure 20: Non-retaliation commitment score distribution
Country culture suitability
For multinational corporations or companies with business presences in more than one
location, codes of conduct should be tailored according to the specific natures of the local
cultures in order to maintain impact; even if company principles are well communicated,
employees may still find it difficult to handle situations when there are differing values
and expectations.
Figure 21 illustrates the fact that over half of the companies failed to acknowledge
differing business cultures amongst the various regions where they conduct business,
and therefore they did not receive any score in this criterion.
When offering guidance to employees, companies should address differences and provide
appropriate education on the matter so that employees can better grasp how they
should handle delicate situations. A good example could be found in the code of a global
resource company where employees are reminded that priority lies in the company
requirements regarding gifts, hospitality and entertainment but that employees should
take caution to prevent offending those with a different cultural background. Some
potential methods of handling cultural differences are provided in the code, for example,
employees are suggested to clearly articulate company requirements during the start of
the business relationship to avoid any future discomfiture on both sides. Furthermore,
employees are required to participate in cross-cultural training before being assigned to
a different country.
0
5
10
15
20
25
30
35
0 1 2 3 4
8 6
16
31
18
Nu
mb
er
of
com
pan
ies
Score out of 4
Figure 21: Country culture suitability score distribution
Comprehension aids
Comprehension aids significantly assist to emphasise key points and foster better
understanding of issues. When designing codes of conduct, companies should adopt
appropriate methods to ensure employees can fully understand some of the more
complicated topics. While providing detailed information is important, absorbing of
concepts may be enhanced if examples, scenarios, and questions and answers are
provided to stimulate thinking.
As depicted in Figure 22, performance in this area was generally weak – almost half of
the codes analysed failed to satisfy this criterion and therefore received no score. These
codes did not feature elements to assist the reader in absorbing the content and relating
it to what they do on a daily basis.
Despite the majority of codes lacking comprehension aids, around a quarter of the
companies did receive a full score in this criterion. A good example is a major media
company which included question and answer sections throughout its code to help the
reader apply the principles within to real-life situations. This company also provided
definitions for key terms for areas where clarification may have been needed. This
helped to achieve a balance between facilitating understanding and making sure crucial
principles (which may be more complex) were explained.
42
13 11 10 3
0
5
10
15
20
25
30
35
40
45
0 1 2 3 4
Nu
mb
er o
f co
mp
anie
s
Score out of 4
Figure 22: Comprehension aids score distribution
Risk topics
A code of conduct must exemplify key risks to which a company is exposed, thereby
better transmitting the salient aspects of the company’s overall business conduct. The
obligation is on companies to provide sufficient guidance to employees. Risk areas
should be adequately discussed, such that employees understand where risks lay and
are provided with appropriate guidance on how they should mitigate those risks.
As shown in Figure 23, this was a well performed criterion, with almost half of the
companies receiving a full score for covering all relevant key risk areas, such as the
protection of confidential information, prevention of bribery and ensuring fair
competition. Companies that failed to fully satisfy this criterion either overlooked some
key risk areas or only skimmed through the topic without sufficient elaboration.
Figure 23: Risk topics score distribution
0
5
10
15
20
25
30
35
40
0 1 2 3 4
39
6 5 8
21
Nu
mb
er
of
cco
mp
anie
s
Score out of 4
1%
18%
23%
9%
49% 0
1
2
3
4
Score out of 4
Conflicts of interest
Conflicts of interest can be a complex topic and some employees may not fully
understand what might constitute a conflict of interest in the context of their role. With
this in mind, conflicts of interest should be extensively discussed in the code of conduct
as they may occur in many different areas of a business and there may be situations
that are ambiguous for employees. It is equally important for companies to put emphasis
on the disastrous consequences that may result if even a perceived conflict arises as this
helps to accentuate the gravity of the topic.
Figure 24 shows that performance in the area of conflicts of interest is only average –
almost 75 percent of the companies scored 2 out of 4 or lower. One of the companies
that received a full score in this criterion is an oil and gas company which not only
clearly stated the harm of the appearance of a conflict but also provided theoretical and
real-life examples to show when conflicts may arise during the course of employees’
everyday activities. In addition, a set of guiding questions were provided for employees
to aid them when facing ambiguous situations, and guidelines were included in the code
to provide a set of minimum standards to further ensure correct behaviour. This code of
conduct is an excellent example of the extent to which conflicts of interest should be
discussed in a code.
Figure 24: Conflicts of interest score distribution
Board structure
It is vital for a code of conduct to offer information regarding the over-arching roles and
duties of the CEO, chairman and directors to exemplify how top-level leadership will
coordinate the governance programme and how stakeholder interests will be prioritised.
The code of conduct should clearly communicate that the board has oversight of the
company compliance programme to exemplify the solemnity of the compliance
programme and commitment of those at the very top.
As presented in Figure 25, the majority of the companies failed to explain the role and
responsibilities of the board of directors and did not receive any marks in this criterion.
0
5
10
15
20
25
30
0 1 2 3 4
18 14
27
12 8 N
um
be
r o
f co
mp
anie
s
Score out of 4
Despite the overall unsatisfactory performance, some good examples were observed. In
one instance, a leading power systems provider clearly stated in its code that its ethics
committee provided governance and board-level oversight of ethics within the company.
Another example could be found in the code of a multinational consumer goods company
where it was stated that the board was responsible for ensuring the principles outlined in
the code were applied throughout the company.
Figure 25: Board structure score distribution
Board behaviour
A code of conduct should demonstrate that everyone within the company must adhere to
its principles. In order for good business practices to be implemented on a company-
wide basis, the example must be set by those in charge.
As shown in Figure 26, performance in this criterion was once again poor, with
75 percent of the companies receiving scores of 0 to 1 for failing to explain the
commitment of the board and how the directors were governed. This finding indicates
that a majority of companies are not taking the opportunity to demonstrate the
commitment of top management to amplify impact of their codes of conduct and
compliance programmes. Moreover, not enough emphasis is put into equal applicability
of the codes, as many companies fail to show that the leaders of the company are also
strictly bound by company principles.
Different methods of conveying the message of board commitment and senior
management applicability are observed from some of the better performing examples.
For example, the code of an oilfield services provider included an introduction signed by
the group chief executive on behalf of the whole board which stated that the board was
ultimately responsible for all ethics and compliance matters and would not allow the
compromising of business integrity. Another example was the code of an international
mining group, which clearly mentioned that it applied to the directors of the company
equally as much as it applied to the employees.
62% 13%
7%
9% 9%
0
1
2
3
4
Score out of 4
Figure 26: Board behaviour score distribution
Committees
In an organisation, particularly a large and diverse one, there will be a number of
different areas for which people are responsible. The code of conduct needs to recognise
this as a means of bringing awareness to crucial functions in the business. In addition to
a high-level oversight committee, large and complex organisations should also have
smaller committees with members from different levels of the company responsible for
examining how the company-wide strategies could be implemented in a regional,
departmental or functional context.
As shown in Figure 27, this was another underperformed criterion and a majority of
companies received no marks as they failed to mention which committees within their
company were responsible for compliance functions. A multinational consumer goods
company stood out in this category as it mentioned in the code of conduct that there
were a number of different committees – including a Corporate Code Committee,
Corporate Responsibility and Reputation Committee and Regional Code Committees –
that were collectively responsible for coordinating and implementing the ethics and
compliance programme of the company.
Figure 27: Committees score distribution
52%
23%
11%
4% 10%
0
1
2
3
4
Score out of 4
51%
23%
16%
8%
2%
0
1
2
3
4
Score out of 4
Acknowledgement of receipt
Having a well-written code of conduct is a major step in any compliance programme,
however it is just as important to be able to effectively communicate the code so that all
within the organisation understand and comply with it. This element is imperative as it
shows that the relevant individual or organisation has reviewed and understood the code
of conduct.
The results depicted in Figure 28 show that 84 percent of the companies did not include
any form of an acknowledgement of receipt in their codes. The inclusion of an
acknowledgement of receipt may be as simple as having a page at the end of the code
requiring employees to certify that they have read and understood the code and agree to
comply with it. This will have a significant effect in facilitating implementation. A Mexican
mining company did exceptionally well in this criterion: a letter of compliance was
attached to its code, and employees are required to submit this letter annually to certify
they have observed and complied with the code. This requirement of a formal annual
certification helps employees recognise the changing expectations as the company
evolves and ensures they are refreshed on key principles.
Figure 28: Acknowledgement of receipt score distribution
Disclaimers and reminders
References should be made in a code of conduct to other policies of the company – such
as those relating to IT or accounting – so that there is a complete coverage of the
responsibilities of employees, rather than just overarching statements.
As shown in Figure 29, performance in this criterion is satisfactory and most companies
highlighted that their code of conduct is not an exhaustive list but merely a basis that
sets the minimum expected standard. This is an important idea as employees should
understand that the code does not provide definite guidance and primarily functions to
assist them in making ethical and proper decisions. Most of the companies also
mentioned in their codes that there are other more detailed policies that employees
84%
5% 1% 4%
6%
0
1
2
3
4
Score out of 4
should refer to for further information, and in some better codes these policies were
specified so that employees may easily search for further advice.
It should be noted that only a small number of companies made it clear that adherence
to the principles of the code of conduct form a condition of employment. In fact, this is a
vital element since it establishes the connection between compliance with the code to
the company expectation of employees.
Figure 29: Disclaimers and reminders score distribution
Applicability
As illustrated in Figure 30, companies generally demonstrated that they understood the
importance of identifying those that should adhere to their codes of conduct. It should be
made very clear whom a code is applicable to so any potential doubt is eliminated. An
ideal code should cite other codes which have been specifically developed for various
sections of the company, and this was the case in the higher-scoring codes. Referring to
the codes of specific individual sections allowed relevant individuals and parties to
understand their additional responsibilities.
Figure 30: Applicability score distribution
0
5
10
15
20
25
30
35
40
45
0 1 2 3 4
9 8
43
13 6
Nu
mb
er
of
com
pan
ies
Score out of 4
8 9
28 26
8
0
5
10
15
20
25
30
0 1 2 3 4
Nu
mb
er
of
com
pan
ies
Score out of 4
Law and legislation
A code of conduct should cite the most-salient legislative instruments, particularly for
key risk areas, so that there is a clearer understanding of the application of the laws and
the consequences for breaching the code. Since a code of conduct should help guide
relevant individuals and parties when making decisions, it is fitting for references to key
legislative instruments to be incorporated to provide a legal context for key risk areas.
This is especially true if the risks involve criminal legal liabilities for the individual or the
organisation.
Figure 31 shows that a majority of the companies did not address any legislative
instruments in their code. The code of conduct of an international electricity and gas
company stood out in this criterion as it cited the UK Data Protection Act, the UK Bribery
Act and the US Foreign Corrupt Practices Act to illustrate the serious legal consequences
that may follow should there be a violation of the code. Citing relevant legislative
instruments and explaining their significance in a practical sense also helps to define the
responsibilities of the company from a legal perspective.
Figure 31: Law and legislation score distribution
Corporate citizenship
An ideal code of conduct should address the responsibilities of the organisation in a
broader social context to expand upon the statement of values and add credibility to the
company’s public image. Having a reference to social impact also helps to contextualise
the potential effect of a breach of the principles of the code extending beyond employee
or company interest.
As illustrated in Figure 32, performances of the companies varied greatly in the area of
addressing corporate citizenship, and there is a rather equal distribution of all the
different scores. This indicates that while some companies recognise their broader social
responsibilities as part of their overall conduct, others view them as separate matters.
0
5
10
15
20
25
30
35
40
45
50
0 1 2 3 4
49
13 5 5 7
Nu
mb
er
of
com
pan
ies
Score out of 4
One example that stood out is the code of a leading retailer, which not only
acknowledged the retailer’s responsibilities towards sustainability, environmental
protection and community support, but also included a section summarising the policies
and principles of the company in influencing suppliers to do the same. This is a very
positive step and will definitely enhance the public image of the company as it shows
that the company is going further than managing its own conduct and is working to
ensure business ethics in the whole of its supply chain. Consumers will also be more
willing to support the company if they feel assured the products are produced in a
responsible and ethical way. This example shows that operating responsibly could also
directly add value to the business.
Figure 32: Corporate citizenship score distribution
Workplace and employment values
A code of conduct should not only address how external stakeholders are treated but
also how employees treat each other. This is an important element of a code of conduct,
especially in regions where social standards can differ. Since most of the companies in
this study are large multinational organisations that have operations in regions where
cultures may be very different, it is especially important for these companies to establish
the requirement of equal treatment and respect for human rights and to promote an
organisational culture based on respect.
Figure 33 shows that companies performed very well in this criterion, with over half of
the companies receiving a full score. Most companies were clear in their codes of
conduct regarding the expected behaviour by which employees should treat each other,
and it was often clearly established that harassment, discrimination and other offensive
behaviour would not be tolerated. Most codes also encouraged employees to treat each
other with trust and respect, and another common feature was an emphasis on a merit-
based, equal opportunity approach towards hiring, selecting and promoting.
0
5
10
15
20
25
0 1 2 3 4
18
10
18
12
21
Nu
mb
er
of
com
pan
ies
Score out of 4
Figure 33: Workplace and employment values score distribution
Frequent review of code
An organisation should strive for continual improvement and their codes of conduct
should accommodate changes in the market and the regions in which the company has a
presence as well as new elements of the business. As the business and the market grow
and develop new risks will need to be identified or some risk areas may become more
pronounced than before. Compounded by the development of legislations, it is not hard
to understand the importance of regularly revising a code of conduct. With such a
rapidly-changing risk environment and a general shift of focus towards doing business in
developing regions where a higher demand for risk controls may be necessitated,
companies should never be complacent with their codes of conduct, regardless of how
well written and comprehensive they may currently be.
As shown in Figure 34, a large number of companies did not have a process in place to
regularly review and update their codes of conduct. The code of conduct of a leading
natural resources group is updated on an annual basis and the last update date is cited
on the current version. This is a great practice as it allows the audience of the code to
have an idea on how relevant the current code is and whether recent changes in the risk
environment or developments in the laws have been taken into account. The code of a
leading international security solutions group even provided a document history which
included the dates when the code was updated and a brief summary of what was
changed or added. Furthermore, the document history also contained a date on which
the current version will expire and the code must be updated. This is another good
practice as it clearly shows the reader that the company actively assesses its risks and
updates company principles and policies to accommodate for these changing risks.
0
5
10
15
20
25
30
35
40
45
0 1 2 3 4
7 7 11 11
43
Nu
mb
er
of
com
pan
ies
Score out of 4
Figure 34: Frequent review of code score distribution
Awareness and promotion
Employees should be encouraged to promote and discuss their company’s code of
conduct and the key issues addressed within with new and existing staff. The code
should communicate the message that everyone within the organisation is responsible
for raising awareness of its content.
Figure 35 shows that this was a criterion in which most companies failed to
acknowledge, and only three companies received a full score. One of the companies that
scored 4 out of 4 is a water and sewage company that encouraged employees to consult
with one another when they had concerns or uncertainty regarding the code. This
promotion of discussion is enormously beneficial to facilitating learning and applying of
the principles of the code since it is more likely for employees to talk about areas that
relate to their work. The uncertainty of one member of staff can thus help clarify the
application of a principle for other colleagues. This is also an effective way of morphing
the company culture to be more focused on ethics and integrity.
Figure 35: Awareness and promotion score distribution
53%
25%
15%
3%
4%
0
1
2
3
4
Score out of 4
63%
21%
8% 4% 4%
0
1
2
3
4
Score out of 4
Company relations with business or government entities
Company representatives are often required to meet with new third parties and a code
must stipulate the manner in which this is done. This element is crucial in demonstrating
to a wider audience the standard of conduct and the culture that should be exhibited
with all external bodies.
As depicted in Figure 36, LSE companies showed mixed performances in addressing the
expected conduct in which company relationships with government entities should be
maintained.
Often, the codes of conduct of companies would address the expected manner by which
suppliers and business partners should be engaged while overlooking the relationship
with the government entities. In reality, businesses may often find themselves
interacting with public bodies on issues such as licensing, the awarding of contracts, or
requests for information. It is therefore also necessary for companies to provide
guidance on how these entities should be engaged.
One of the few companies to receive a full score was a leading engineering, project
management and consultancy company which emphasised high ethical standards in
engaging government entities and fair dealings with business partners to inspire trust
and loyalty. Although the sections of a code relating to this area need not be very
lengthy, expressing these expectations will help employees understand that integrity and
proper conduct is of top priority, irrespective of the status of the other party. Without
such guidance, employees may make the wrong decision, especially when under
immense pressure of losing business.
Figure 36: Company relations with business or government score distribution
0
5
10
15
20
25
0 1 2 3 4
15
21 22
13
8 Nu
mb
er
of
com
pan
ies
Score out of 4
![Aris Governance Risk Compliance[1]](https://img.pdfslide.us/doc/110x75/5525e85b4a79599d488b4dd2/aris-governance-risk-compliance1.jpg)
