Webinar: Using Behavioral Science to Influence Human Behavior

Transcript for Using Behavioral Science to Influence Human Behavior

Gio Gallo: Hi, everybody, thanks for joining us today. We’re gonna give a few minutes for some people to trickle into the room. We’re really excited to present a really interesting and timely topic here. So get settled, get…you know, look for your chatbox on the side and get ready to see our awesome panel share some great insights for you today. We’ll just wait a minute or two and then we’ll get started.

All right, that should be enough, we’ll keep letting people in as we get started here. Hello, everybody, I’m Gio Gallo, co-CEO of ComplianceLine. I’m excited to welcome you to our webinar today. Our webinar today is What’s in Your Toolkit Using Behavioral Science to Influence Human Behavior. This is a really timely topic. This is top of mind for a lot of compliance and ethics leaders who are trying to take their programs from the efficiency focus of compliance 2.0 and move into the future of compliance 3.0, where we’re actually focused on the effectiveness and the difference that we can make.

You saw it come up in the DOJ guidelines, a lot of people are talking about how do you use your data to actually you know, get insights, and change behavior and decisions. And we have some excellent panelists for you today that are gonna help walk us through that. We have the inestimable Christian Hunt, CEO of Human Risk here. And the man who needs no introduction, Richard Bistrong CEO Frontline Anti-Bribery. And of course, I’m happy to welcome and introduce Nick Gallo, my co-CEO and chief servant here at ComplianceLine.

So I’m gonna go over just a couple of logistics and get us started here, and then I’ll drop off and let the real brains have the room. But just to get started here, please note that on your screen, you should see a dark section or a block on the side of your screen for a chat. And we wanna encourage you to be as interactive as possible. We’re gonna have people monitoring that chat, as you ask questions, or even make some comments to contribute to the discussion. We’ll be feeding those into the panels so they can kind of pick those up and either dig deeper, mention it, or respond to your question. So please use that chat now throughout the entire webinar, so that we can get a sense of what you’re interested in, and really make this as valuable as possible to you.

In addition to that… Can we hit the next slide? We’re doing a giveaway today. So we’re here to try to make your life and your profession more valuable. And as part of that, we’re gonna be doing a giveaway for these two books. These books have been recommended and they’ve been recommended by our panelists and are likely to come up in our conversation today. “Blind Spots” by Max Bazerman and Ann Tenbrunsel. You gotta be able to say it to get the book. And “Giving Voice to Values” by Mary Gentile. These are two awesome books, we highly recommend them. And we’re gonna be giving a few of these away.

If you wanna be entered into…everyone who attended is going to be entered into that drawing. If you wanna increase your chances of getting that then we’re gonna be increasing the chances of you winning that drawing if you put a comment or a question in the chat today. And then also, we’re gonna be sending out a follow-up email so you can get the slides, and you know, see if you need anything else. If you respond to that email with some feedback, we’re also gonna increase your chances of this giveaway. Just one other way that we wanna help you and your team be better and make the world a better workplace.

So with that, I think we have all the logistics covered. Please remember to jump in on the chat add your comments, add your questions, and I’m gonna leave you in very capable hands as Christian Richard, and Nick, help talk to us about behavioral science and influencing human behavior. Take it away, team.

Nick Gallo: Thank you, Gio, for that great introduction. Richard, Christian, welcome. I’ve been super pumped about this for the last week as it’s been getting closer. This is a topic that’s near and dear to my heart. You guys are two guys that I look up to a lot. I’ve learned a ton from over the last year as I’ve been following you around and so forth. And I’m ready to see the sparks fly. So maybe just a quick 30-second intro for anyone who has been living under a couple of rocks or maybe we have a Rip Van Winkle on the line. Maybe give us a little rundown of who you are Christian and how you got into this game. And same for you Please, Richard?

Christian Hunt: Sure. So I’m the founder of Human Risk, which is a company that helps organizations deploy behavioral science in the fields of compliance and ethics. I was formerly a UK financial services regulator, and then I shifted over to become a compliance and risk officer at UBS. And it was while I was working as a compliance and risk officer that I realized that compliance was the business of influencing human decision making. And that if we wanted to do that effectively, behavioral science was the best way to do that. So I set up a behavioral science function within UBS did that for about a year and then decided there was a big wide world out there that might benefit from this, so I did the same things I was doing internally at UBS externally with my clients.

Nick: Great, very good. Richard.

Richard Bistrong: Well, thank you, Nick, and to the entire ComplianceLine team. I’m so excited to join everyone here today. I’m Richard Bistrong the CEO of Frontline Anti-Bribery. My experience comes as a 20-year sales executive. The first half of my career was focused on the U.S. market. The second half was focused on the international market. So I spent a decade traveling all over the world an average of 250 days a year. I was overseas for part of that time I was living in the UK. And right about 2007 so to timestamp this a little bit, I became the target of a criminal investigation, with both respect to the U.S. authorities and violations of the FCPA, as well as UK authorities for violation of UK trade laws.

That led to an extended period of law enforcement cooperation. Some of that was covert cooperation, some of it was as a cooperating witness. It all ended up with me spending 14 and a half months in prison, returning home in December of 2013. And that’s where it started to get interesting. As I started looking into the field of compliance, anti-bribery compliance, and I saw a very robust, well-experienced, well-resourced discussion about ethics and compliance anti-bribery issues from the legal perspective. There was, you know, a robust forensic debate about it, there are plenty of sort of anti-bribery and compliance resources as well.

What I didn’t see, Nick, was anyone talking about what is it like to work in some high-risk volatile parts of the world tasked with aggressive commercial success. So in early 2014, I just started writing about what that was like and setting up a simple blog. And, you know, here we are in 2020 and I’ve had the pleasure of sharing this experience all over the world.

Nick: So I’m excited to get these different perspectives because you guys do have a ton of experience both, you know, kind of in-house and out-of-house. And just this diverse background I think is gonna lead to a lively discussion. So just to reiterate, what Gio was saying, please, bring up questions along the way. These are always best when it turns into a live discussion, these guys are great on their feet, so fire away.

So why don’t we just dive in, like the first thing I wanna kind of focus on is kind of where we were and where we are. You know, what is the kind of history of compliance from each of your perspectives, and what was kind of part and parcel of CNE in the early days that the new role is sort of elevated beyond? Christian, maybe want to start, please?

Christian: Yeah, so I think, you know, if you ask anyone what compliance is, you’ll get a response that sort of talks about rules and regulations. If you do ask about ethics is about doing the right thing. And so these pieces tend to be looked at from a sort of organizational perspective. And I think that approach of, you know, how do we handle these challenges and making sure the organization does the right thing, and make sure it complies with the rules is viewed as an organizational challenge. And so hence, we look and say, “What do we need to do to get the organization…?” Well, we need our people to do the right thing. And we will basically make sure that happens by using very traditional methods.

So we will put things in a policy, we’ll write big fat policies for people to comply with, we’ll have a load of rules, we’ll have some controls in place. And we will train people on those rules. And it’s a very theoretical perspective. And then we will hope that people do the thing that we need them to do. And what we had I think, in the past has been things that look really good on paper. So really big fat policies that cover every single permutation you can think of, they get added to each time a new issue arises. We have training programs where we make sure we take people through the minutiae of the regulation and thereby we tick the organizational box.

And so for me, that’s been the historic approach. Now, the challenge with that is we know that that doesn’t work. And we know very simply that people don’t always do the things we expect them to. People don’t always pay attention to training and people don’t always read policies. So what’s the solution to that? The answer is to start thinking about the target audience and their perspective from it. And that’s the big shift that we’ve seen I think as we’re moving from a world where it’s organizationally convenient, into one that says actually what I’m trying to control here is human beings rather than robots. And so what I need to do is I need to understand what that target audience does. And that’s the real shift that we’re seeing going on.

Nick: It’s not about the words on the page it’s about the behaviors that result from having read that page. That’s kind of your point.

Christian: Right. So I look at it and say compliance and ethics they are outcomes and not processes. And traditionally, what we did is we focused and highlighted the processes, look at all these policies, look at all these controls, look at all this training. We focused on the mechanics and the machinery rather than whether we’re getting the outcome that we wanted.

Nick: Right. What would you add to that, Richard, in terms of the kind of where we’ve been and kind of where we are, and what’s kind of encompassing CNE today, especially even over the last 10 years, you know?

Richard: So Nick it’s a great question. And, you know, I pick up the compliance screen circa 2014, as I was sharing, and what I first saw back then was, the field has sort of a criminal law lens on it. And most of the discussion was around, what do the regulators want? What do the regulators expect? So everything was focused on okay, here is what the laws are. And as we saw in 2014, there was more guidance, you know, UK had its own anti-bribery law. So everything was about sort of what binders do we need to have complete if we get a call?

And I remember one of the first panels I was on back in 2014. We were sitting with our co-panelists in a pre-planning session. And the moderator said, “Well, what does everyone wanna talk about?” And one of my co-panelists said, “I wanna talk about defensible compliance.” And he said, “Richard, what would you like to talk about?” And I said, “I’d like to talk about compliance that’s understood.” And just because it’s defensible, as Christian was saying, does that mean it’s going to give you the desired outcome? Just because it’s defensible does it mean that the workforce is embracing ethics and compliance as a partner to commercial success?

Now, we have seen an evolution and it’s definitely heading in the right direction since then. Where even the last iteration of the DOJ evaluation of corporate compliance programs, says are you considering the compliance implications of your incentives and reward systems, not only for your employees but for your third parties? So I think now the field is much more focused on how do we get the workforce inspired and engaged around these issues, not just thinking about what happens if we have to march into the regulators?

Nick: Yeah, and I mean, just think about just that whole defensibility argument. You know, that’s kind of like that fire insurance on your house, you hope that that policy clears. But what you really care about is your house never burning down. Of course, you want that safety net there. The same thing like, we want those right behaviors so that we never have to worry about defensibility. But if we’re focused only on that defensibility then we kind of lead…it leads to a lot of what we’re dealing with today.

And as you think about it’s kind of CNE today and you kind of contrast that, I always love to ask this question. But how do you contrast that with legal? You know, you alluded to it a little bit earlier, you know, Christian, but how do you think it differs from legal, and how do you think that that has changed over again, the last kind of 15 years or so years?

Christian: So, you know, what I think is really interesting is that we all sort of understand the basic concept of the law. And we need to have rules to make sure you know, that we don’t have societal outcomes that are undesirable. And that might be rules around competition, that might be rules around the sort of, you know, business practices, that might be rules around the outcomes of what you do. So we have these things in place. And we understand that intuitively, all of us have to comply with rules and regulations. In every single thing that we do there will be rules and regulations around it. So we understand the principle of those things.

And I think, you know, often what happens is people sort of look at it and say, well, we’ve gotta do these things, it’s a bit of a pain in the backside, but we’ll do that and then we’ll tick that box. And then we’ll kind of move on. And we’ll get on with the core business of making money, which is really what we’re here for. And I think the fascinating piece is actually when you start to understand and think about what the laws and rules are there for. They’re actually often there for very good reasons that are in the company’s interest to comply with.

And so I think when we can trust kind of ethics, which we sort of intuitively understand is, you know, behaving in the right way, doing the right thing when no one’s looking. We tend to think of that in one bucket. And we tend to think of the law, which is this thing that’s imposed by other people, it’s outrageous, it’s government, it’s overbearing, it’s all…you know. Whereas actually, there’s a big overlap between those two things because often the laws that we have in place, are designed to meet good societal outcomes. So they actually sit neatly in the ethics space.

Nick: Good point.

Christian: So I think this delineation starts to get really interesting because yes, there are laws that are incredibly painful that, you know, if we’re honest, aren’t particularly well thought out. And that do stand in the way of the businesses and they wouldn’t…they be able to do things differently if those laws didn’t exist. But I think this idea that they’re separate buckets is one that we need to be really wary of…for two reasons. One is it’s a misunderstanding of the topics. But the second thing is what we see with the law is it often follows ethics.

So we see terrible things happening think financial crisis of 2008 and we see people legislating for it afterwards. So actually, what we see in a lot of times is that the law catches up with ethics. So there is this interchangeability. So in other words, if you’re being ethical, and following those ethical things, you’re highly likely to be future-proofing your compliance and your legal program as well.

Nick: That’s a really important point. So I love how you said, you know, these walls between them are kind of silly to kind of impose, because one is many times in response to or is at least a derivative of right. I mean, you know, the insanity in the U.S. tax laws, for example, that’s just a bunch of sort of marginal decisions made to fix something that wasn’t considered by the previous thing you know what I’m saying? So to your point, it is coming from that. And I think imposing that distinction between these two realms, can lead to some sort of dichotomous thinking, that loses some of the essence that may overlap. What would you add to that, Richard?

Richard: Well, I think I’ll be the first to pivot to one of our books that we referenced which is, “Blind Spots” by Tenbrunsel and Bazerman. And what they share in their research, is that when we think of ethics and compliance as just policies, rules, and procedures, right, just the regulatory aspects of it, that instead of it helping and enhancing our decision making, it actually distorts it. Because when we look at compliance as just policies, rules, and procedures, we might think that if there’s not a rule governing a particular transaction or interaction, that it’s okay. And that’s where we end up with what Christian was sharing before we can end up with awful but lawful behavior.

And he’s absolutely right, we wanna be thinking about what the ethical dynamics are, and the ethical consequences of our conduct which might be tomorrow’s law, not today’s. So I think now, we’ve seen much more of an ethical component, and dynamic around compliance programs as look, we need to really be thinking about the spirit of these issues, not just what the regulators have to say about them.

Nick: Yeah, and you know, just to reiterate what you’re saying that can help kind of keep us ahead of the eight ball, because to Christian’s point, it takes the regulators some time to catch up to the new market dynamics, and so forth. We have a great question here. So can you share some best practices in behavioral science possibly what was done at UBS? And what kind of data insights are you taking into account? Now, don’t give away the secret recipe here Christian, you know as much as you’re comfortable with.

Christian: So the first thing that’s really important to understand is that compliance is the business of influencing human decision making. Because you can’t say to an organization, “Be compliant.” Inanimate objects tend not to respond to instructions. So what we’re doing there…and you know, we typically think about compliance as the discipline of making sure the company complies with the rules. But how do you actually do that? Well, the answer is you get the people within it to do the right thing. Whether that’s the right thing from an ethical perspective or the right thing from complying with the rules, and the organization will de facto become compliant itself.

So when you start to think about it in those terms, it then becomes critical that you look at the target audience. And you say to yourself, no, I have the right to force these people to do these things because we’re in charge we’re the company and we employ them. But actually to turn around and say, what is it that drives human decision making? Why do people do the things they do? You know, not to do the things that we want them to, or possibly do things that we don’t want them to. And you start looking at things from the audience’s perspective.

This is something that Richard and I in the videos and the work that we’ve done together really reflect upon, which is you need to think about your target audience. Not as forced buyers of your compliance training, forced followers of your procedure, but actually as autonomous sentient beings that will have a view on that. And you need to support them and help them and do that. And so many of the methods that historically we’ve seen…and so of it comes to compliance functions from regulators, you know, not to operate a kind of a North Korean model that says, I’m just gonna tell you what to do, and I’m gonna expect you to do it. That can work in certain instances but it doesn’t in others.

So the work I was doing at UBS really took me to identify things that I thought weren’t landing properly. And to recognize that often when compliance requirements don’t function the way you expect them to, that is not because you necessarily sitting on a bunch of people who are intentionally not doing what you want. Actually, there was something in your framework, your environment that is making that outcome happen. It might not be 100% your fault, but you will be contributing to that challenge. And so I look at this thing very much saying you need to put yourself in the shoes of the target audience.

Nick: I think when we can expand our view from just saying, hey, we need to write some rules on the wall…you know, on a piece of paper and put them on the wall and understand that our compliance programs, in general, are in themselves a rhetorical device. Well, now it makes a ton of sense to, of course, you have to consider the audience. And of course, you have to consider the pathos and you know, all these other components of our, you know, rhetorical appeals. In your experience, Richard, where have you seen it kind of fall flat?

Richard: Well, I think part of it is, you know, sure “just say no to bribery” makes for a great wall poster, okay but that doesn’t operationalize that integrity. And, you know, having spent 250 days a year overseas, you know, bribery in South America was much different than bribery in the Middle East. So part of it I think the challenge is, you know, as compliance leaders do you have a continual feedback loop with those who are in the middle of risk? Because from my perspective, who knows risk better than the people who are working in the middle of it every day.

And, you know, we often hear compliance leaders share, you know, “I have people on my teams telling me they don’t know what I’m up against.” And I always share, “That’s great news because if they say to you, ‘You don’t know what I’m up against,’ that’s a wonderful opportunity to say ‘Well, if you’ll tell me what you’re up against, then I can help you be both successful and safe.'”

So I think so much of this is about establishing a proactive feedback loop to where you’re getting the information, and you’re calibrating your programs, to the real-world risks that people face. Which pivots entirely to Mary Gentile’s work, which is if you know these risks are inevitable. And in certain parts of the world we know they are inevitable, why not talk about them in the safe zone, and have a discussion about what that’s likely to look like. So you can sort of, for lack of a better term game out is to respond before you might feel cornered in a certain situation.

Nick: Great point, this sort of this approach that sort of treats every risk as sort of as likely to succeed and sort of keeping them very sterilized examples. Just to your point doesn’t end up leading to the behavior change that we’re looking for. So we’ve been talking a lot about, you know, human behavior, and how we influence it. So let’s just kind of get down to this next sort of area of discussion. So from your perspective, Christian, like, what are we talking about human behavior? What are we talking about behavioral science? And how do we are at different stages…like what are the levers that are pulled at different sort of ages or different whatever, to influence that behavior?

Christian: So it’s probably helpful just for me to quickly explain what I mean by human risk. So it’s the name of my company, but it’s also the concept that I evolved when I was at UBS to really explain what I was…well the problem I was trying to solve. And we often think about human behavior in terms of action. So we talk about taking risk. And actually what my definition of human risk encompasses is a whole range of different things. And that is the risk of people doing things they shouldn’t. So acts of commission or not doing things they shouldn’t. And we often forget that you can cause risk by not doing something. So inaction can be just as risky if not more risky than action if the thing that you’re not doing is critical and very important. And so there’s that breadth of action and inaction.

But there’s also a concept of knowingly engaging human risk. And unknowingly, we can often not be fully aware of what we’re doing, and therefore cause risk through ignorance. It’s not even just a case of saying people willfully do something or accidentally do, they may not even realize that they’re doing it. And so my definition encompasses everything from very simple terms somebody actively setting out to commit fraud through to somebody that’s just a bit tired and has messed up and is an honest mistake. And that totality of human behavior is what we’re really looking to cause here.

So to answer your question, Nick around the different methods that we use. I kind of look at a life cycle that we all go through. And as we grow up, what we experience in life is different forms of control being exercised not only by our parents but also you can think teachers as well. And so as we’re very young we grow up and we live in a kind of compliancy world where we are literally…or a world of just orders where we’re just told what to do. Because kids don’t know any better, they have no sense of anything and so they just need to be told what to do. And that’s very simple and straightforward.

As we move on, we have then a more of a compliancy approach which is rules and regulations. So we set boundaries because the children that we’re trying to control have a bit more of a sense of what’s right and wrong. So they can read rules, and they can sort of understand them. As we then get older, we get into the field of economics, that’s where we have incentives and punishments, so bribery and punishment. And then finally, you get into sort of marketing world where you’re old enough to know better. And so what they do is they educate you, they do what the health campaigns do, which is let’s tell you how dangerous smoking is. A marketing-led approach to these things.

And what you discover as you think about those four stages is that actually, that is the typical toolkit that many organizations use. So there’ll be some situations where it is perfectly appropriate just to tell people to do something, and you don’t want them to deviate and they just need to follow your instructions. Working in a nuclear power station or in food hygiene would be good examples, no deviation, do what you’re told.

A kind of compliance approach is maybe where you need a little bit more latitude, where you have a set of rules and you just expect people to read them. Moving on, you know, some things need to be incentivized from an economic perspective, maybe a sales incentives would be a good example. But you also need to have a punishment to stop people doing bad things. And then you’ve got the kind of marketing thing which is we know that if you give people information they’ll do the right thing.

So those are four sort of stages that I look at. Now all of those are valid in certain circumstances. But often we don’t just think about when we’re deploying them, we just blindly go, we’ll just use this technique because we’ve always used it or because we have a right to use it. And where I’d like to take is to is out of those four buckets and into a world that says let’s think behaviorally. And let’s say to ourselves there are times when those buckets make sense to manage human risk. And there are times actually where we need to think behavior, we need to think much more about things from the perspective of the target audience. So how are they gonna feel about this? How is this experience that I’m putting them through gonna feel to them?

And that matters hugely, because if we are irritating people if we are patronizing them if we are wasting their time if they don’t understand why they’re doing something. Or to Richard’s point, before they go on a training course and it’s telling them things like bribery is bad, murder is bad, you know, helping old ladies cross the road is good, sort of, those are not the things that people need help with. They need help with really nitty-gritty, gray areas. We spend a lot of time dealing with the black and white, we should deal with the gray. Lots of things in there to a very open question I’ll come back to Richard to kind of make some sense.

Nick: Yeah, clean that up. Richard, can you? I’m kidding. What would you add to that?

Richard: It all has to align. And that’s I think the struggle that we’ve had and it doesn’t necessarily get easier virtually where, you know, we have the silo of business development, we have the silo of resource allocation. We have this, you know, the sort of business practice of these are our goals, these are our reward systems, and here’s where we are going to invest. And here’s when we are expecting a return. And the question is, is a risk assessor at the table to think about, well, what are… It’s like taking prescription medicine. You know you turn it on the side, it has the side effects.

Rewards and objectives all have side effects. And those are the behavioral side effects that Christian was talking about. So do we have people at the table whether…and we’re talking cross-functional here, not just from compliance, but HR, internal audit, finance? And is everyone thinking about the types of risks that can be born right at the conference table? And asking and challenging themselves do these business plans align with our values, our culture, and long-term sustainable business practices?

Like a quick example would be for most public companies rewards and objectives are set on a quarterly basis. And very often it’s a, you make your plan, you get your bonus, if you don’t make your plan, you don’t get your bonus. Well, if you’re at 99% of your plan and you’ve got 2 days left, what would you do to get that last 1%? Then there’s something called escalation of commitment, which has a lot of research behind it and demonstrates that the closer we are to success, to the finish line, the more risk we will take to get there. So are those the types of issues that are being considered when you’re developing…that’s what we call a cliff plan, right, you’re either gonna make it or you’re not.

Those are dangerous reward systems with significant behavioral implications. And are risk assessors there to make sure that everything is aligned so that the former Richard Bistrong’s out there, don’t feel that they are in the crosshairs of competing corporate objectives between the pressure to succeed and the pressure to comply. And thinking, well, it’s left for me as an individual to deconflict that, that ethical decision making is delegated to me as an individual.

Nick: And I’ve just been told, “Don’t steal.” I’ve just been told, “Don’t take a bribe,” right to Christian’s point. Somebody made this comment I think it’s phenomenal. “The secret sauce of this game is really about learning and mastering all the business processes on one sort of axis and the other axis, understanding all the incentive programs that go along with them.” Because to your point, Richard, if there’s all these cliff incentive programs out there, well, then guess what, at the end of the quarter, you probably have this outsized tail risk of something risky going on as people are, you know, kind of rolling the dice to see if they’re gonna get caught, you know, hitting that bonus.

As we’re talking about incentives, so I love the kind of idea that there are these different levers we can pull or different tools we can use to drive human behavior. I love kind of thinking about it as like a palette of colors we can paint a more beautiful picture if we can employ these colors in different scenarios and so forth. Versus the kind of just swinging a hammer around it every single nail of compliance that’s out there.

Let’s kind of cross the discussion between sort of incentive-based and sort of compliant behavior, and what are some of your thoughts about incentivizing compliance, and putting actual incentives around compliant behavior, or speaking up, or any of those other things? It’s something that’s starting to be talked about a little bit, but I’d love to hear kind of both, you know, your thoughts on it, and what some of the sort of second-order, you know, implications or negative externalities that could result from such a thing if it was done sort of in mass?

Christian: So I think there’s something really interesting there around incentives. Because whenever we use the word incentives, people think of pay and sort of financial reward loosely defined. Gee, if you think about every single thing that you are required to do by an organization, there will be some form of incentive or disincentive associated with that. So even just filling a form in has incentives and disincentives associated with it. What am I gonna get by filling this form in? How long is this gonna take me? All of these factors play in. And what we tend to do when we think about incentives is talk about the sort of incentives of you know, bonuses.

But actually, every single exercise becomes… So an attestation that you require your employees to give once a year has incentives associated with it. Now the incentive of filling the attestation is you will get to keep your job. But there are also incentives around…well, how are you incentivized to complete the exercise? What’s the quality of your compliance? Are you incentivized to complete it honestly? Or are you incentivized to complete it dishonestly?

And if we think about just that act of attestation… And many companies have these things as a way of ensuring, “How do we know everybody is complying with the rules? We’ll get them to sign a piece of paper that says they do.” That’s very legalistic thinking, which is if we need to fire this person, we’ve got a great list set on a piece of paper that they’re compliant and if they’re not, I got them. It’s kind of entrapment game.

Now we all intuitively know that when we get this thing to sign, but we’re sat there going right, I have to sign this piece of paper to keep my job. Or I could put my hand up and say that I don’t actually understand all the rules, and I haven’t complied with them. But that’s not an option we ever offer people. So the process that we ask people to go through for an annual attestation comes with these incentives and disincentives. And we’re hugely incentivized to sign it, we are hugely disincentivized in the way that I’ve just described it to be honest in that process. And so there’s a set of competing pieces.

So when we look at that exercise, it is the equivalent of when you download an app or something like iTunes, where you’re asked to agree to the terms and conditions. You click a box agreeing that you’ve read and understood the terms and conditions. Has anyone? Of course, they haven’t. Because part you can’t negotiate with Apple or the app, it’s a binary thing you accept it or you don’t accept it. We click through that. Now we know that people do that in that context. Same thing, by the way, if you rent a car, you will have signed a load of stuff that I guarantee the majority of people watching this will not have read. Why not? Because you just wanna get the car and you can’t stand there and argue with the people and say, “I’m not happy with that clause.” So it’s a sort of take it or leave it once you’ve decided you’re getting the car you’re gonna go for it.

It’s so in an employment situation. So when we think about incentives and exercise I think it’s really important to focus on individual things. And be looking at every single thing you’re asking people to do or telling them to do comes with these incentives and disincentives built-in. And as Richard points out, side effects are gonna be there all the time. So it’s not as if you can design something and say this is awesome because it’s 100% incentivized, it’s 100% disincentivized. There will be those things but there will be side effects of that as well.

So when we look at this particular process I don’t think this idea of incentives or disincentives is anything new it exists in all the things that we do at the moment. And so the idea of switching those things on…And you know, by implication, Nick, your question is, should we be giving people bonuses for being super compliant? That comes with some negative downsides. But those incentives and disincentives exist in the things we’re doing already.

Nick: Interesting. Interesting angle, anything you’d add to that, Richard?

Richard: I would agree with Christian that sometimes we just get so focused on the commercial aspect, the more obvious aspect of incentives. But I agree with Christian anything that has a deadline or anything where there’s pressure can have risk implications. But what I have seen, Nick is some very innovative approaches to this where look, this is not a one size fits all problem or solution. And I’ve seen some organizations in high-risk and volatile parts of the world, where we know there could be some obstacles to individual performance success, where they’re basing incentives, not on individual performance. What I call how I got paid, which is eat what you kill. But more toward how the corporation performs, or more around group performance as to promote more social thinking and not just sort of me, me, me thinking.

Other organizations have shared that in certain parts of the world, they are just going to cap what the at-risk part of the whole compensation plan is, and where someone’s compensation might be based more on a fixed rate than a variable rate. So there are a lot of innovative approaches to how you can build risk into how you reward people. But going to Christian’s point, so much of this is around, and what happens if there’s a failure, right? What happens if I don’t make my goals for two or three consecutive times? What the message that an organization delivers about those consequences will drive I think behaviorally what someone’s going to do to make sure that equation never happens.

Nick: Yeah, because they don’t wanna get bit by that snake three times because, you know, who knows at that point. And I think there’s also another bit of a risk, you know, you kind of brought up Christian, you know, that kind of…those click-through contracts that we get when we download a new iOS or something. And there’s kind of a subconscious…there’s a risk of the subconscious association between sort of that thing, and what we’re corporately teaching people. The people associated to that kind of a thing where you’re just automatically gonna check out from it. We’re always kind of going through this constant algorithm in our brain to say, do I need to pay attention to this? We already know all those to your point, those software contracts, you just click through them, those fall below that threshold.

So whatever we can do to separate that, whether it’s through examples, as Richard was saying, that really kind of meet people where they’re at and put things into their perspective. Now we can get down not only to just sort of the mental assent that okay, I understand that this is, you know, something I should listen to but down to the knowledge retention that’ll lead to that behavior change.

Great follow up question we just got from the audience. So I kind of love the voice of this. And you kind of touched on this actually, both of you kind of touched on it but maybe we can double click on it. Do we really need to drive expected behavior with incentives or can we influence the inner compass of employees through values, through trust in society, and other things like that?

Christian: So I would love to have a world where we didn’t need to do that. And you know, one of the interesting things when I was a regulator in the UK, I was…we’d get a bonus. Now, it wasn’t kind of sales type bonuses, but I got paid a bonus. I always thought that was a bit weird because I’m like I should wanna do the job. And it sort of didn’t change my behavior in any way, shape, or form, because one, the sums weren’t large enough. But two, I kind of thought, well, I’m here to do the right thing it’s not really gonna impact me either way. So there’s an interesting example I would argue probably the regulator should have shifted the model, but they wanted to have this bonus structure in place.

And as I look at, you know, how do we get people to do what we want them to do? One of the things is that we always go straight for financial, that is the kind of the go-to tool. You know, I will get someone to do something and I’ll just pay them money to make sure we get that outcome. What’s really interesting when you start to look at, you know, behavioral science research is that actually money sure it has an impact for obvious reasons. But actually, there are other tools that are much more powerful.

And a really interesting example I had when we were doing some compliance training at UBS, and we put it on as a game show. Now, I do have to caution people, just gamifying something that’s terrible, doesn’t make it suddenly fun, engaging, interesting. You have to have interesting content in the first place. So do be careful with that. But if you’ve got something interesting, you wanna gamify gamification is a really good way of engaging people making it fun. We all love playing games and being in competition. One of the challenges when you’re compliant, we had no budget whatsoever but of course, if people are playing a game, they wanna win prizes. So what can you offer as the prize?

So we went to the marketing department and said, “What useless stuff have you got leftover from conferences that you wanna get rid of that we could use as prices? And so we’ve got water bottles and towels and all kinds of things. And I have never seen a bunch of people compete so vigorously for this product that was utterly useless. That they could have got for themselves, either by going to the conference, or they probably had examples of at home. Or worst case could have gone to the marketing function to get. And they weren’t particularly high-quality items, but they were corporate branded. We created some value around that.

And what that interesting illustrates is that value is a matter of perception. And so one of the things that you can do is to firstly create value in things that might not have financial value. So praising people actually works really, really well. It’s very…we all love being publicly praised. That’s is pretty much costless. So Employee of the Month sounds like a little bit of a joke but actually works really effectively. That’s why you have in certain famous fast-food restaurants, people have stars to give them a sense of achievement. Now, those things don’t necessarily come with any monetary value.

So we as human beings crave things that we think are valuable. And our perception of value can often be changed and skewed. And that can play the same way for ethical behavior and doing the right thing. And very often we assume that doing the right thing is the baseline that actually people go well, that’s expected. That’s it. So what we’ll do is we’ll punish people to do the wrong thing. And everybody should just do…what we should be doing is going out there and praising people to get this right talking about that. Equally, we need to talk about when people make mistakes, highlight when people have made mistakes, and learn from it. You don’t wanna be highlighting bad mistakes, that you know, all of these things can contribute to that piece.

So value is a matter of perception. And you can see this when you see people squabbling and fighting over things that actually have very limited value because they have a sense of scarcity. People do incredible things to get things they perceive are valuables it’s naturally ingrained in us. The challenge, I think is to find things that don’t necessarily cost money, find those different leavers, and make those feel valued as a currency by people. And so if people feel like doing the right thing is rewarded, not necessarily financially, but in terms of the praise, they get the status that they get, that can be super powerful as well.

Nick: Yeah, that’s a great tactical kind of activity kind of an actionable piece of advice that we can bring some of that behavioral science into the game. Because you know, if you can tap into that endowment effect by printing something on a mug that says, “Hey, Acme, Co is ethical,” and you can get people to kind of engage at a deeper level that’s going to actually drive that behavior than that’s a home run. What would you add to that, Richard?

Richard: So there’s a very scary piece of research and we can make this available to everyone. It was co-authored by Harvard Business Professor Francesca, Gino. That demonstrates…It’s called self-serving altruism. And what the research demonstrates is when we think of our unethical conduct, as a win-win, that no one is getting hurt, we come to think of it as morally acceptable.

And when we look at… I’ll give you my own role for example. I sold armored vehicles and armored vests. These were products that were there to guard the welfare, the safety, and the health of an individual, right? Right, I’m not tampering with the quality of the product. So I might be thinking in certain parts of the world well, the end-user is getting a life-saving world-class product. I’m making my objectives, my incentives, my bonus, the company is getting this huge order. The channel partner, whether it’s a distributor or intermediary, they’re happy because they’re moving on to the next transaction. And maybe that poorly paid public official in some part of the world gets a little something to make ends meet.

So I was thinking of this whole enterprise sadly, an illusion that it was a win-win. What I wasn’t thinking about were the wider societal consequences of my conduct, and how even small bribery rob societies of good governance, economic development, and human rights. So I think we have to call things for what they are and to help educate the workforce as to, you know what, if you wanna keep your values strong, let’s remember, you know, we’re members of this corporation, but we’re also global citizens. And even small bribery, let’s call it for what we think it is, we think that’s a part of transnational crime and is that how you wanna think of yourself as a corporate citizen?

So I think that this research by Professor Gino should really be studied because if we’re not careful, people who are remotely supervised, working far away from home might think, “You know what, I’m taking a little shortcut here but I’m actually helping everyone out.” And that sort of win-win no one is getting hurt here, can be very dangerous in taking what could be a strong set of what Mary Gentile talks about our value, and purpose, and one small step at a time that can take us in a much different direction.

Nick: Yeah, because the human brain can rationalize a lot of stuff like the person in that scenario, they’re not losing sleep at night because they sort of, you know, were a bad global citizen. They’re thinking, “Man, this is for the greater good. I just perhaps saved somebody’s life, I put some more, you know, food in this person’s pocket.” And it’s this interesting…you know, you Christian, you were kind of talking about, you know, sins of omission, sins of commission, willful, accidental. This is one that’s kind of a willful, you know, commission that ends up just sort of evaporating away due to some kind of a rationalization. And so I love how we’re getting more kind of tactical and more kind of actionable in this last 15 minutes.

And I just think there’s so much that we as compliance folks can, you know, gain in terms of value just by empathizing. And to Richard’s point, you know, meeting people where they’re at, or putting ourselves in their shoes. And, you know, maybe that starts with conversations and understanding what their day to day is like on the front lines. But at some point, we need to be able to kind of transpose into their shoes to understand what risks they may be facing, and how those risks may be rationalized. Because at the end of the day, whatever is going on in somebody’s head, does not negate what’s actually being done in the real world, you know what I mean?

Christian: And I think what’s interesting is if you think about any time that we normally intervene to influence human behavior, whether that’s medicine, or whether that’s kind of advertising, or design, a lot of time and effort is spent to say does this actually works the way we think it works? So we don’t launch ad campaigns. We don’t launch products, we don’t launch medicines, without looking at it and saying does this do what we think is gonna do? We test these things out.

And yet, for some reason, when it comes to kind of compliance and ethics programs, we’ve never done that. We just literally go out with a theoretical model that says, I think this looks really good, I’ve only spent a ton of money either in terms of the design of the thing, but also in terms of the time we’re expecting people on the ground to spend doing this thing, without looking at the side effects. And what do people actually do with this? What does it actually feel like?

And if you think about it, in the context of you are investing money to influence people to change their behavior or to behave in a particular way. And yet, there’s no research and no effort done on looking at whether that’s effective or not. You would not get away with that, in any other context. Marketing, people wouldn’t be allowed to do it, designers wouldn’t be allowed to do it, pharmaceuticals, companies aren’t allowed to do it. And yet, for some reason, in the context of compliance and ethics, it’s perfectly okay to just have something that you roll out that looks really good on paper that ticks the box, and we kind of move on and we don’t look at that particular piece.

So we don’t assess how effective it is by thinking about what is it doing to our target audience? We look at it theoretically and we say, “Does this look good on paper?” Now I understand there’s regulatory pressure and we need to respond to regulators. But what’s really interesting is actually, if you go and talk to regulators and say, “We’ve looked at this, and actually, we thought this was super effective but we found a better way to do this because we’ve actually done some research,” they will generally go “That’s really interesting. Thank you for taking us so seriously.” We need to get into that mindset, that actually what we’re doing here is something that doesn’t come with any certain guarantees.

And to Richard’s point is if what I’m telling them is something that I’ve written down sitting in my office in New York, and I’ve got someone who’s sitting in the Middle East or someone who’s sitting in China, there is a high likelihood that the scenario that that person has…for a very good reason I’ve never been those countries never been there is going to come up with something that doesn’t land well on the ground. So we shouldn’t be surprised if we’re not running this thing thinking about the impact it’s gonna have on the target audience when things go wrong, because inevitably they will if you’re not putting yourself into that position.

Nick: Great.

Richard: I would just add to that. You know, one of I think the other misses here is the thinking that no news is good news. So, you know, if you have a team that’s working in what you know is a volatile and high-risk or in our current world and emerging risk environment, and you know that they’re struggling, and they’re not calling you, are you calling them? Because there’s another wonderful bit of research that demonstrates the more I’m calling you when there’s not a crisis at hand, and it doesn’t have to be…Christian and I talked about this quite often. It doesn’t always have to be a Zoom meeting, it doesn’t have to be a webinar, it could just be a phone call in the morning to say, “How are things going?”

And the more time that compliance and ethics leaders are reaching out, and you can’t call everyone, but you can call the people that you know are in tough situations, the more you’re reaching out to them when there’s not a crisis at hand. The more likelihood that they’re gonna pick up the phone and say, “Well, you know, what, I do have a bit of a dilemma right now and I could use your help.”

Nick: I mean, just getting those calls let you know that you’re in that position there, you’re not just sort of viewed as this check the box thing within your…this check the box appendage in your organization. In the last couple of minutes, I know we have a couple of things to talk about. I just got a bunch of really good questions kind of piled in. And I’d love to just, you know, maybe like lightning round, get you guys’ quick takes, you know, speak in tweets if you can. When a company is laying off people and the future of the company is at risk, how does the chief ethics and compliance officer get the CEO to spend time even if no money is needed to focus on all the ethical and integrity issues as a part of that process?

Christian: When everybody is under pressure, it is even more important that these things are looked at. So I think the simple message there is to say you have to find ways…and again, incentivizing the CEO. So when you think about the target audience as employees, think about the CEO as a target audience to persuade them as well. So what’s gonna activate, what’s gonna work in their brain?

Nick: Great. Go ahead, Richard.

Richard: I think with the workforce we might need to be virtually present with our business peers and the C suite, we might need to virtually intervene. And to give them an appreciation that when ethical expectations are coming out of the voice of business, not just out of the voice of legal and compliance, that they sound so much louder, because it’s through the corporate narrative, not just the compliance narrative. Then the C suite needs to appreciate that especially right now everyone is a risk assessor in the organization.

Nick: That’s right. That’s why we’re always talking about human as a sensor. That’s why we’re always talking about compliance is culture because it’s at some level helping to dictate or at least govern, or at least inform the behaviors that make up the sum total of the brand of that company, or the performance of that organization. So here’s a great one. This is kind of a COVID one, you know, we can’t get out of a webinar without talking about COVID. So I work in a hospital, the entire compliance department is now working from home, how do we keep compliance visible when we’re not there to bump into somebody in the hallway?

Christian: So we are all at home seeing how other organizations communicate with us. So the answer is have a look and see what other companies or organizations are effectively communicating with you in this environment. And I mean that very, very broadly. So think about companies like Peloton, think about how social media companies, think about how other people are engaging with you. Those techniques you can use in a compliance context, not necessarily the physical stuff they’re doing but actually, the ways that they communicate. So change it up, make it different, use techniques that work for other people.

Nick: Smart, very smart.

Richard: I think this is a time where we need to think about influencing and inspiring just as much as we think about implementing. And thinking that well, I can take what I was doing when we were in-person, and just switch that over to a digital mode that doesn’t work. And as Christian and I often talk about when we revise our former selves, is that when we’re in person, when we’re together, we’re actively engaged in whatever we’re talking about. Whether it’s training, whether it’s a launch meeting. Where virtually, it’s easy to default to just be passive to not be engaged to not be excited about it.

So as Christian said, there’s plenty of other examples outside the compliance field that we might think about is you know what, that’s really interesting it’s a time to experiment. But I think the most important thing get people involved.

Nick: What a phenomenal quote, we need to focus on influencing and inspiring versus only focus on implementing. If you’re focusing on influencing and inspiring, there’s a dance going on there. There’s a conversation going on there because I’m trying to affect the heart and mind. Whereas there’s sort of an impersonality or an impartiality even to like, kind of a…it’s dehumanized in a sense, I’m just gonna impose this thing, hey, here’s a policy follow this thing. Just expanding our view to this other dimension that, hey, you know, we’re not just recoding automatons, we’re talking to human beings, and we need to get their buy-in, for them to adhere or for them to change the behavior. It just adds a whole new set of not only challenges but opportunities for us to expand our impact.

All right, one last one here. I’m trying to pick I might have to flip a coin here because there’s a couple of good ones. Can human risk be minimized by asking the right questions in recruitment, i.e. testing your values or something, or it doesn’t need to come down to the environment itself in which the employees operate? It’s kind of an interesting nurture versus nature question, perhaps.

Christian: Both matter, right. So if you hire someone who is setting out to do wrong things they will go and do those wrong things. But the environment is hugely impactful. And I always think about it in terms of flowers and plants, right. If you have toxic soil, and you just put more and more plants they’re all gonna die. So you need to look at the environment as well. So both of those things matter, we often focus too much on that recruitment thing. If I let good people in I don’t need to worry about the environment. That is not true the environment is absolutely critical. Bad people always do bad things. But you can minimize that thing by looking after that environment because that will discourage them if everybody else is well behaved.

Nick: Great.

Richard: You can tweet out I agree with question in parentheses again.

Nick: All right, we got time for one more. All right, what are some ways to operationalize compliance at the employee level that isn’t so heavily reliant on policies? So I want people to be compliant I don’t want them to have to, you know, read a phone book of policies and memorize those things.

Christian: Plenty of behavioral science frameworks I could bore you with, I won’t. Instead what I’ll do is I’ll say look at companies that design products that you like using that are easy to use, that are simple to use, that don’t require you to read an instruction manual. Your iPhone comes with no instruction manual included because they’ve designed it in a way that means you don’t need one. So…

Nick: Exactly.

Christian: …think about policies and procedures the same way. How can you design a framework that means people don’t even need to look at those policies?

Nick: Amazing, great answer. Why don’t we switch back to these last couple of slides? Do you have anything to add on that, Richard?

Richard: No. And I think part of it is making sure that it’s coming out of the voice of business. Particularly in middle-level management, because those are the people that have the…they control the volume of getting the business done, and they control the volume of how business gets done. So if you had to focus on one particular part of the organization that can amplify, dilute, or distort ethics and compliance, is that mid-level management?

Nick: Yeah, we need that voice at the top, we need those people on the frontlines actually doing those things. But the bridge between those is those middle-level folks who are they bought in? Do they have the right incentives that they’re responding to, and so forth? Well, we have a couple of other questions that I’ll probably send around to you guys I’d love to just hear how you weigh in, you know, what you have to say on it.

But this was a phenomenal discussion. I love this topic. I love the picture that you kind of painted Christian. I mean, it’s kind of like imagine cooking a whole dinner and you’re not tasting any of the soup, you’re not tasting any of the sauce you’re just sending it out. You know, just because no one sent it back doesn’t mean that you just crushed that dinner, you know, I’m saying? So I love that kind of design element, that sort of testing before we go. Gio, welcome back good to see you.

Gio: Hi, everyone.

Nick: Here are a couple of resources we’re gonna be giving out. So please respond to those emails. These books are phenomenal. We have a QR code here so let’s do a little bit of behavioral science in action by clicking this thing or taking a picture of it. And moving on to that there are some really great resources here. And before we wrap up, I’d like to go to the next slide, please. Oh, no, no, it’s right here. Sorry, go back one more. Richard has this really awesome list of books that he’s done great reviews on. I would highly recommend you emailing Richard at richard@richardbistrong.com, he’s happy to share that.

If you’re looking for some stuff to read to get smarter to learn some of these added dimensions that you can bring into your own workplace, into your own compliance function, please reach out to Richard, I guarantee you will not be disappointed. And let’s go ahead and go to the next slide.

So here’s our compliance communication toolkit, you can click the link on top, we’re gonna be sending this around to anybody who’s interested. They’ll have live links on it so you can go ahead and check out that toolkit, a lot of great resources there. And you can also click this link below which again will be live to go ahead and sign up for this and be subscribed to all the new stuff that’s coming out.

Gio: Any parting words for us, Christian or Richard.

Christian: Thank you for listening. Feel free to connect on LinkedIn. We’re talking about human interactions and Richard and I both love interacting with people. So feel free to connect with both of us. I’ll speak on his behalf on that one. But thank you for listening and stay in touch.

Richard: Likewise, it’d be a pleasure to continue the conversation. Christian and I love talking about these issues from a former and current compliance Christian and a former commercial Richard and a current compliant, Richard. And there are so many different interesting things we can do and to continue the discussion on social media so it would be a pleasure to connect. And thanks to Nick and Gio and your team for hosting us here today it’s been a pleasure.

Nick: Absolutely. Thank you guys so much for coming. I love your work, Christian, I love your work, Richard. You know, as we get into this next phase of compliance, 3.0, where we’re talking about effectiveness, we gotta do something a little bit different. And what’s nice about the stuff we’re talking about, this is not crazy stuff. This is basic human things that we all, you know, know innately at some level that probably exists in a lot of our personal interactions and so forth, that we just need to make a couple of little tweaks, and we’re gonna see some real elevation of our compliance functions to really drive for that effectiveness and behavior change, which is what we’re all after, at the end of the day.

Gio: Yeah, it’s a great point, Nick, it is brain science but it’s not rocket science. And Christian and Richard, you guys both live this out, by the way you engage, the way you share your thought leadership, the way that you’re helping people. It’s the spirit of compliance that we all wanna be within our organization of, hey, we’re here to help everyone keep you safe and make you successful. And you both are a great model of that, and how you, you know, put this behavioral science to work. So thank you for contributing to our webinar today.

And I just wanna encourage everybody, if you’re ever on LinkedIn, or on Twitter, or you ever on a website or have a web browser, you gotta get with these guys because they make everyone around them smarter. And they can help you be better at serving your organization and achieving the mission as both compliance and ethics function in your entire company.

Thank you, everyone, for joining us today. Thank you for jumping in on the chat and sharing some questions with us and some comments. Remember, that’s gonna increase your chances to win one of those books in the drawing. And then you’re gonna see some email follow up from our team. So look there for some of these links and these slides so you can get some more learning from these gentlemen. And also replying to those emails and giving us some feedback on what you liked about this will also increase your chances of getting that free book and becoming more of the compliance 3.0 leader that we’re all trying to be. Thanks for joining us, everyone.

Nick: Bye everyone.

Richard: So long. Thanks, everyone.

Christian: Thanks.

Nick: Guys, see you.

Menu