Principles-Based Regulation and Compliance: A Framework for Sustainable Integrity

Over the last decade, in unprecedented terms, the dramatic escalation and expansion of risk has complicated the global business environment. Both the speed of this transformation and the new categories of risk that have emerged threaten the durability of most global companies as well as their license to operate.
This post was published on the now-closed HuffPost Contributor platform. Contributors control their own work and posted freely to our site. If you need to flag this entry as abusive, send us an email.

Over the last decade, in unprecedented terms, the dramatic escalation and expansion of risk has complicated the global business environment. Both the speed of this transformation and the new categories of risk that have emerged threaten the durability of most global companies as well as their license to operate.

To remain competitive and even to survive in this complex and uncertain environment, pioneer thinking and innovation must go beyond product lines and services. They must encompass active evolution and management of the corporate social value proposition. They must engage the engineering and design of compliance systems that grow organically. Essentially, they also must deliver incentives for cultures to take root that are defined by their integrity. In a dynamic risk environment, this all forges a foundation of adaptability and enterprise.


As the global risk environment has grown increasingly complicated, so has the importance of corporate reputation as a strategic asset and strategic risk. Indeed, seven-of-eight global executives surveyed recently list reputation risk as the most important their companies face. Among the reputational risks identified, these rank as the top reputation risk drivers:

•Product/services (health/environmental, controversial products, global supply chain)
•Cyber and physical security.

Because most global companies concentrate on making their systems operate as efficiently and functional as possible, they can lack the agility and appropriate mindset to navigate and manage reputational risk and its underlying drivers with alacrity. Compounding the challenge can be corporate dependence on rules-based compliance systems to manage risk. These are situations in which agents are motivated by incentives that reflect legal, regulatory and political constraints rather than (and frequently at the expense of) moral and ethical imperatives. Professor Caroline Kaeb at the University Connecticut Business School concludes that rules-based compliance systems possess far greater hidden costs that prevent maximum compliance at a level of economic efficiency. In addition, rules-based systems often pose design challenges. Their rules are over- or under-inclusive. Therefore, they are unsustainable since global risk has become fragmented and increasingly qualitative, simultaneously.


A principles-based system provides corporate agents with flexibility in the decision-making process. This is based on trust induced only by corporate culture. Behavioral studies prove that monetary incentives in the form of rewards have only limited effect on inducing compliance. In fact, they can produce counterintuitive results as psychological regulators are offset. Nobel Prize-winning behavioral economist Daniel Kahneman has demonstrated that intrinsic motivation (driven by values) is more important in stirring behavior then extrinsic motivational factors.

Companies can draw upon intrinsic motivational forces of their corporate agents by structuring compliance standards and systems accordingly. By structuring regulation around core values, agents can gain incentives in a way that effectively induces social norms even in a corporate setting. Recognizing the organizational psychology of intra-firm dynamics, behavioral science provides well-established lessons that can give valuable guidance in designing compliance systems at the firm level.

Corporate Culture

Google's strategy offers a best practice. Google. Org - the tech company's corporate social responsibility, or CSR, function and philanthropic arm - integrates institutionally into the firm's core business. It leverages the tech company's core capabilities and competencies to innovate around social problems. This creates important synergies and provides a clinic at which employees can apply their skills to new problems and settings. This, in turn, spurs an innovation culture as a driving force for the company's general business success.

At the same time, this approach creates ownership in the firm's social norms among employees. It establishes a corporate culture of integrity that absorbs its corporate value of 'don't be evil' at all organizational levels. Google promotes an integrated organizational model that features shared appointments across different divisions of the company; i.e., the head of also heads up the company's business development division.

As illuminates, integrity-based principles cannot simply be siloed in a CSR function. They must party of the organizational echo system. This innovative culture of integrity proves pivotal to making a principles-based system work. A well-engrained culture of integrity offers the best insurance that individuals will make the right choice when faced with complex dilemmas in their day-to-day jobs.



Increasingly, nonmarket aspects of business - social justice, environmental matters, income equality and the like - have become key components for long-term business success. At the same time, these considerations make business increasingly relational rather than purely transactional.

"Integrity" has become the new catch phrase and the catalyst for compliance metrics for companies across different industry sectors. It enables elasticity in the decision-making process, essential for companies to respond to unexpected crises and regulatory developments on global production. Daimler has deployed a principles-based approach to compliance, integrating this mindset successfully into its organizational structures. The car manufacturing company has put into place a comprehensive compliance mandate that fuses law and integrity. According to the firm's mission statement for its internal legal and compliance function, the mandate encompasses legal affairs as well as "integrity," with "integrity as the mindset that extends beyond [legal] compliance." (The goal is to expand the existing compliance methodology into new areas of increasing importance to the firm's global operations such as soft risks, integrity and human rights.


Despite some previous compliance issues related to delays in product recalls, Toyota has found that its production system's root cause analysis framework delivers a sound example of an effective principles-based system. It illustrates vividly a critical dimension of a principles-based compliance system: refocusing on the individual in the organization's decision-making process. Recognizing that ineffective solutions often trace to the structural inability of workers to think outside the box in a rules-based system, Toyota instead uses a set of nested "why" questions to get to the "root cause" of quality and production issues. Using this governing principle is a "quality norm" for Toyota rather than a prescriptive rule to "ensure x, y, and z part is working." What might appear as nuance is instead a powerful driver of innovative problem-solving. Gone are the check-the-box solutions that, at best, can solve problems the firm already exist and without encouraging employees to look at the root causes behind issues at all stages of the production and managerial process.


General Motors

The recent compliance crisis surrounding GM's ignition-switch recall failure that led to multiple deaths underscores the implications from the organizational absence of a principles-based regulation culture. GM's internal handling of the situation is startling. It appears that:

1.GM knew of the defect for more than a decade.
2.Internal corporate documents show that engineers pointed out the safety concerns in product design reviews.
3.Legal counsel settled multiple cases in which the faulty ignition switch was the source of the litigation.

A Wall Street Journal commentator points to the root cause of this high-profile compliance failure as "a culture of silence at GM : 'See no evil, hear no evil, and speak no evil.'" GM's compliance system defied well-established behavioral insights by not relying on the individual as the agent for principles-based compliance and integrity, but rather ignoring and allegedly even silencing the individual in the organization. Thus, the company deprived itself of the regulatory power of its employees' intrinsic values and moral judgments that cannot only function as an early warning system for the organization, but also as an ethical compass in managerial decision making.

For GM, the consequences have been severe. Aside from considerable reputational damage, the company suffered a significant hit in its stock price related to the flood of recalls related to the incident. Several high-ranking officers, including GM's general counsel, have been the subject of criminal investigations by the Department of Justice. While ethics and integrity have broadly been perceived as worthwhile principles that have a "warm glow" feel to them, GM and its experience demonstrate that a harsh reality exists to falling short on these counts. It makes a sound organizational values system reinforced through responsible moral agents at all levels of the firm a matter of business success or failure.


The principles-based approach described in this White Paper can strengthen a company's expansion into the global economy. It harnesses the value of the behavioral concepts and standards borne from intrinsic human behavior, and it integrates them into a robust decision-making process. The best pathway toward business success is found in a clear understanding of the multidimensional character of rules, behavior and the ultimate prize: corporate integrity as a proxy for business success.

Popular in the Community


What's Hot