Page 1
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 0
Top 10 Ethics amp Compliance
Trends for 2019
Carrie Penman | Chief Compliance Officer amp SVP NAVEX GlobalKristy Grant-Hart | CEO Spark Compliance Consulting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 1wwwnavexglobalcom
2018 ndash A Quick Look at Last Yearrsquos Trends
Shift in Power of Voice in the Story of Harassment
The Glassdoor Effect When the Virality of Social Media Mixes with the Fragility of Trust
Moving from Vicious Compliance to a Culture of Compliance
Cyber Security Is Evolving amp so Is Compliancersquos Role in Prevention amp Mitigation
The New Voice of the Whistleblower
Managing Culture amp Free Speech in Polarizing Times
Data Privacy Has Become a Bigger Blip on the CCO Radar
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 2wwwnavexglobalcom
Agenda
1 Consumers not Regulators Are the New Enforcers of Global Business Practices
2 The Cost of Incivility in the Workplace
3 GDPR Enforcement and Regulation May Be Slow But Itrsquos Coming
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
5 Blurred Lines Between Protected Activity amp Corporate Governance
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
7 Third-Party Risk Is NOT Just About FCPA Anymore
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
9 MeToo From Hashtag to Movement to New Normal
10 Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 3wwwnavexglobalcom
Carrie PenmanChief Compliance Officer amp SVP NAVEX Global
Carrie oversees NAVEX Globalrsquos internal ethics and compliance activities In 2017 Carrie received the Ethics amp Compliance Initiative (ECI) Carol R Marshall Award for Innovation in Corporate Ethics for an extensive career contributing to the advancement of the ethics and compliance field worldwide Prior to joining NAVEX Global she served four years as deputy director of the Ethics and Compliance Officer Association (ECOA) Carrie was one of the earliest ethics officers in America
Presented By
Kristy Grant-HartCEO Spark Compliance Consulting
Kristy Grant-Hart is the author of ldquoHow to be a Wildly Effective Compliance Officerrdquo and CEO of Spark Compliance Consulting an international consulting group She is also a former adjunct professor at Delaware Law School Widener University teaching Global Compliance and Ethics Before launching Spark Compliance Ms Grant-Hart was the Chief Compliance Officer at United International Pictures the joint distribution company for Paramount Pictures and Universal Pictures in 65+ countries
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 4wwwnavexglobalcom
Trust amp Transparency
The Underlying Themes of the Top Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 5wwwnavexglobalcom
Trust amp Transparency Underlying Themes of Top Trends
bull ldquoBelief Economyrdquo
minus Employees consumers and public at large are the new arbiters of business success
bull Byproduct of Abuse of Privacy
minus NDA personal data management corporate cover-ups
bull Culture of Accountability
minus ldquoTrust but verifyrdquo is now ldquoverify then trustrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 6wwwnavexglobalcom
1 Consumers not Regulators Are the New Enforcers of Global Business Practices
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 7wwwnavexglobalcom
New Enforcers of Global Business Practices
bull The Social Economy
Social networks catalyst for amplifying consumer sentiment
bull Consumer Sentiment
minus Sales intertwined with politics ethics and corporate representatives
bull Consumer as Enforcer
minus Modern Slavery Act
minus Regulatory compliance simple appeasing stakeholders hard
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 8wwwnavexglobalcom
New Enforcers of Global Business Practices (Cont)
bull ldquoA World of Distrustrdquo
Global trust index at ldquodistrusterrdquo level
bull Regaining Trust Uphill Battle
minus Global financial crisis resulted in a fundamental breakdown in consumer faith
bull Personal Digital amp Data Security
minus GDPR
minus Cambridge Analytica
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 9wwwnavexglobalcom
Key Steps for Organizations
bull Aggressively Avoid Lip-Service
Recalibrate business model against an ethical yardstick
bull Align Leadership
minus Policies incentives and accolades should reinforce ethical mission
minus Do not over-promise and under-deliver
bull Follow the Money
minus ldquoBelief economyrdquo is rewarding ethical business practices and authentic brands
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 10wwwnavexglobalcom
Key Steps for Organizations
bull Be Clear amp Calm
Transparency resolves ethical breaches more quickly
Have well-defined response processes for responding to ethical breaches
bull Audaciously Live Your Standards
minus Donrsquot be shy about showcasing orgleadership commitment to ethics
minus Publicly raising ethical standards puts pressure on competitors and industry to follow suit
minus Regard it as a competitive advantage
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 11wwwnavexglobalcom
2 The Cost of Incivility in the Workplace
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 12wwwnavexglobalcom
The Cost of Incivility in the Workplacebull Cost of Incivility
minus Acceptance of rude abusive harassing and bullying behavior has been happening for decades
minus Decreased productivity loss of top talent decline in innovation increased sick time poor customer service serious compliance violations
bull Decrease in Ethical Agency
Only 22 believe integrity is the individualrsquos responsibility
Majority think integrity is the responsibility of management board HR compliance
bull Vicious Compliance
minus Organizational ownership of personal values is more expensiveless effective
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 13wwwnavexglobalcom
The Cost of Incivility in the Workplace
Source EY 15th Global Fraud Survey 2018
ldquohellipsignificantly more likely to act inappropriately including making cash payments to win or retain business These same
respondents are also more likely to extend the monthly reporting period or change assumptions that determine
valuations or reserves in order to meet financial targetsrdquo
Groups who did not believe integrity was an individualrsquos responsibility were
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 2
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 1wwwnavexglobalcom
2018 ndash A Quick Look at Last Yearrsquos Trends
Shift in Power of Voice in the Story of Harassment
The Glassdoor Effect When the Virality of Social Media Mixes with the Fragility of Trust
Moving from Vicious Compliance to a Culture of Compliance
Cyber Security Is Evolving amp so Is Compliancersquos Role in Prevention amp Mitigation
The New Voice of the Whistleblower
Managing Culture amp Free Speech in Polarizing Times
Data Privacy Has Become a Bigger Blip on the CCO Radar
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 2wwwnavexglobalcom
Agenda
1 Consumers not Regulators Are the New Enforcers of Global Business Practices
2 The Cost of Incivility in the Workplace
3 GDPR Enforcement and Regulation May Be Slow But Itrsquos Coming
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
5 Blurred Lines Between Protected Activity amp Corporate Governance
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
7 Third-Party Risk Is NOT Just About FCPA Anymore
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
9 MeToo From Hashtag to Movement to New Normal
10 Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 3wwwnavexglobalcom
Carrie PenmanChief Compliance Officer amp SVP NAVEX Global
Carrie oversees NAVEX Globalrsquos internal ethics and compliance activities In 2017 Carrie received the Ethics amp Compliance Initiative (ECI) Carol R Marshall Award for Innovation in Corporate Ethics for an extensive career contributing to the advancement of the ethics and compliance field worldwide Prior to joining NAVEX Global she served four years as deputy director of the Ethics and Compliance Officer Association (ECOA) Carrie was one of the earliest ethics officers in America
Presented By
Kristy Grant-HartCEO Spark Compliance Consulting
Kristy Grant-Hart is the author of ldquoHow to be a Wildly Effective Compliance Officerrdquo and CEO of Spark Compliance Consulting an international consulting group She is also a former adjunct professor at Delaware Law School Widener University teaching Global Compliance and Ethics Before launching Spark Compliance Ms Grant-Hart was the Chief Compliance Officer at United International Pictures the joint distribution company for Paramount Pictures and Universal Pictures in 65+ countries
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 4wwwnavexglobalcom
Trust amp Transparency
The Underlying Themes of the Top Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 5wwwnavexglobalcom
Trust amp Transparency Underlying Themes of Top Trends
bull ldquoBelief Economyrdquo
minus Employees consumers and public at large are the new arbiters of business success
bull Byproduct of Abuse of Privacy
minus NDA personal data management corporate cover-ups
bull Culture of Accountability
minus ldquoTrust but verifyrdquo is now ldquoverify then trustrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 6wwwnavexglobalcom
1 Consumers not Regulators Are the New Enforcers of Global Business Practices
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 7wwwnavexglobalcom
New Enforcers of Global Business Practices
bull The Social Economy
Social networks catalyst for amplifying consumer sentiment
bull Consumer Sentiment
minus Sales intertwined with politics ethics and corporate representatives
bull Consumer as Enforcer
minus Modern Slavery Act
minus Regulatory compliance simple appeasing stakeholders hard
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 8wwwnavexglobalcom
New Enforcers of Global Business Practices (Cont)
bull ldquoA World of Distrustrdquo
Global trust index at ldquodistrusterrdquo level
bull Regaining Trust Uphill Battle
minus Global financial crisis resulted in a fundamental breakdown in consumer faith
bull Personal Digital amp Data Security
minus GDPR
minus Cambridge Analytica
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 9wwwnavexglobalcom
Key Steps for Organizations
bull Aggressively Avoid Lip-Service
Recalibrate business model against an ethical yardstick
bull Align Leadership
minus Policies incentives and accolades should reinforce ethical mission
minus Do not over-promise and under-deliver
bull Follow the Money
minus ldquoBelief economyrdquo is rewarding ethical business practices and authentic brands
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 10wwwnavexglobalcom
Key Steps for Organizations
bull Be Clear amp Calm
Transparency resolves ethical breaches more quickly
Have well-defined response processes for responding to ethical breaches
bull Audaciously Live Your Standards
minus Donrsquot be shy about showcasing orgleadership commitment to ethics
minus Publicly raising ethical standards puts pressure on competitors and industry to follow suit
minus Regard it as a competitive advantage
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 11wwwnavexglobalcom
2 The Cost of Incivility in the Workplace
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 12wwwnavexglobalcom
The Cost of Incivility in the Workplacebull Cost of Incivility
minus Acceptance of rude abusive harassing and bullying behavior has been happening for decades
minus Decreased productivity loss of top talent decline in innovation increased sick time poor customer service serious compliance violations
bull Decrease in Ethical Agency
Only 22 believe integrity is the individualrsquos responsibility
Majority think integrity is the responsibility of management board HR compliance
bull Vicious Compliance
minus Organizational ownership of personal values is more expensiveless effective
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 13wwwnavexglobalcom
The Cost of Incivility in the Workplace
Source EY 15th Global Fraud Survey 2018
ldquohellipsignificantly more likely to act inappropriately including making cash payments to win or retain business These same
respondents are also more likely to extend the monthly reporting period or change assumptions that determine
valuations or reserves in order to meet financial targetsrdquo
Groups who did not believe integrity was an individualrsquos responsibility were
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 3
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 2wwwnavexglobalcom
Agenda
1 Consumers not Regulators Are the New Enforcers of Global Business Practices
2 The Cost of Incivility in the Workplace
3 GDPR Enforcement and Regulation May Be Slow But Itrsquos Coming
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
5 Blurred Lines Between Protected Activity amp Corporate Governance
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
7 Third-Party Risk Is NOT Just About FCPA Anymore
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
9 MeToo From Hashtag to Movement to New Normal
10 Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 3wwwnavexglobalcom
Carrie PenmanChief Compliance Officer amp SVP NAVEX Global
Carrie oversees NAVEX Globalrsquos internal ethics and compliance activities In 2017 Carrie received the Ethics amp Compliance Initiative (ECI) Carol R Marshall Award for Innovation in Corporate Ethics for an extensive career contributing to the advancement of the ethics and compliance field worldwide Prior to joining NAVEX Global she served four years as deputy director of the Ethics and Compliance Officer Association (ECOA) Carrie was one of the earliest ethics officers in America
Presented By
Kristy Grant-HartCEO Spark Compliance Consulting
Kristy Grant-Hart is the author of ldquoHow to be a Wildly Effective Compliance Officerrdquo and CEO of Spark Compliance Consulting an international consulting group She is also a former adjunct professor at Delaware Law School Widener University teaching Global Compliance and Ethics Before launching Spark Compliance Ms Grant-Hart was the Chief Compliance Officer at United International Pictures the joint distribution company for Paramount Pictures and Universal Pictures in 65+ countries
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 4wwwnavexglobalcom
Trust amp Transparency
The Underlying Themes of the Top Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 5wwwnavexglobalcom
Trust amp Transparency Underlying Themes of Top Trends
bull ldquoBelief Economyrdquo
minus Employees consumers and public at large are the new arbiters of business success
bull Byproduct of Abuse of Privacy
minus NDA personal data management corporate cover-ups
bull Culture of Accountability
minus ldquoTrust but verifyrdquo is now ldquoverify then trustrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 6wwwnavexglobalcom
1 Consumers not Regulators Are the New Enforcers of Global Business Practices
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 7wwwnavexglobalcom
New Enforcers of Global Business Practices
bull The Social Economy
Social networks catalyst for amplifying consumer sentiment
bull Consumer Sentiment
minus Sales intertwined with politics ethics and corporate representatives
bull Consumer as Enforcer
minus Modern Slavery Act
minus Regulatory compliance simple appeasing stakeholders hard
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 8wwwnavexglobalcom
New Enforcers of Global Business Practices (Cont)
bull ldquoA World of Distrustrdquo
Global trust index at ldquodistrusterrdquo level
bull Regaining Trust Uphill Battle
minus Global financial crisis resulted in a fundamental breakdown in consumer faith
bull Personal Digital amp Data Security
minus GDPR
minus Cambridge Analytica
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 9wwwnavexglobalcom
Key Steps for Organizations
bull Aggressively Avoid Lip-Service
Recalibrate business model against an ethical yardstick
bull Align Leadership
minus Policies incentives and accolades should reinforce ethical mission
minus Do not over-promise and under-deliver
bull Follow the Money
minus ldquoBelief economyrdquo is rewarding ethical business practices and authentic brands
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 10wwwnavexglobalcom
Key Steps for Organizations
bull Be Clear amp Calm
Transparency resolves ethical breaches more quickly
Have well-defined response processes for responding to ethical breaches
bull Audaciously Live Your Standards
minus Donrsquot be shy about showcasing orgleadership commitment to ethics
minus Publicly raising ethical standards puts pressure on competitors and industry to follow suit
minus Regard it as a competitive advantage
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 11wwwnavexglobalcom
2 The Cost of Incivility in the Workplace
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 12wwwnavexglobalcom
The Cost of Incivility in the Workplacebull Cost of Incivility
minus Acceptance of rude abusive harassing and bullying behavior has been happening for decades
minus Decreased productivity loss of top talent decline in innovation increased sick time poor customer service serious compliance violations
bull Decrease in Ethical Agency
Only 22 believe integrity is the individualrsquos responsibility
Majority think integrity is the responsibility of management board HR compliance
bull Vicious Compliance
minus Organizational ownership of personal values is more expensiveless effective
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 13wwwnavexglobalcom
The Cost of Incivility in the Workplace
Source EY 15th Global Fraud Survey 2018
ldquohellipsignificantly more likely to act inappropriately including making cash payments to win or retain business These same
respondents are also more likely to extend the monthly reporting period or change assumptions that determine
valuations or reserves in order to meet financial targetsrdquo
Groups who did not believe integrity was an individualrsquos responsibility were
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 4
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 3wwwnavexglobalcom
Carrie PenmanChief Compliance Officer amp SVP NAVEX Global
Carrie oversees NAVEX Globalrsquos internal ethics and compliance activities In 2017 Carrie received the Ethics amp Compliance Initiative (ECI) Carol R Marshall Award for Innovation in Corporate Ethics for an extensive career contributing to the advancement of the ethics and compliance field worldwide Prior to joining NAVEX Global she served four years as deputy director of the Ethics and Compliance Officer Association (ECOA) Carrie was one of the earliest ethics officers in America
Presented By
Kristy Grant-HartCEO Spark Compliance Consulting
Kristy Grant-Hart is the author of ldquoHow to be a Wildly Effective Compliance Officerrdquo and CEO of Spark Compliance Consulting an international consulting group She is also a former adjunct professor at Delaware Law School Widener University teaching Global Compliance and Ethics Before launching Spark Compliance Ms Grant-Hart was the Chief Compliance Officer at United International Pictures the joint distribution company for Paramount Pictures and Universal Pictures in 65+ countries
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 4wwwnavexglobalcom
Trust amp Transparency
The Underlying Themes of the Top Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 5wwwnavexglobalcom
Trust amp Transparency Underlying Themes of Top Trends
bull ldquoBelief Economyrdquo
minus Employees consumers and public at large are the new arbiters of business success
bull Byproduct of Abuse of Privacy
minus NDA personal data management corporate cover-ups
bull Culture of Accountability
minus ldquoTrust but verifyrdquo is now ldquoverify then trustrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 6wwwnavexglobalcom
1 Consumers not Regulators Are the New Enforcers of Global Business Practices
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 7wwwnavexglobalcom
New Enforcers of Global Business Practices
bull The Social Economy
Social networks catalyst for amplifying consumer sentiment
bull Consumer Sentiment
minus Sales intertwined with politics ethics and corporate representatives
bull Consumer as Enforcer
minus Modern Slavery Act
minus Regulatory compliance simple appeasing stakeholders hard
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 8wwwnavexglobalcom
New Enforcers of Global Business Practices (Cont)
bull ldquoA World of Distrustrdquo
Global trust index at ldquodistrusterrdquo level
bull Regaining Trust Uphill Battle
minus Global financial crisis resulted in a fundamental breakdown in consumer faith
bull Personal Digital amp Data Security
minus GDPR
minus Cambridge Analytica
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 9wwwnavexglobalcom
Key Steps for Organizations
bull Aggressively Avoid Lip-Service
Recalibrate business model against an ethical yardstick
bull Align Leadership
minus Policies incentives and accolades should reinforce ethical mission
minus Do not over-promise and under-deliver
bull Follow the Money
minus ldquoBelief economyrdquo is rewarding ethical business practices and authentic brands
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 10wwwnavexglobalcom
Key Steps for Organizations
bull Be Clear amp Calm
Transparency resolves ethical breaches more quickly
Have well-defined response processes for responding to ethical breaches
bull Audaciously Live Your Standards
minus Donrsquot be shy about showcasing orgleadership commitment to ethics
minus Publicly raising ethical standards puts pressure on competitors and industry to follow suit
minus Regard it as a competitive advantage
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 11wwwnavexglobalcom
2 The Cost of Incivility in the Workplace
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 12wwwnavexglobalcom
The Cost of Incivility in the Workplacebull Cost of Incivility
minus Acceptance of rude abusive harassing and bullying behavior has been happening for decades
minus Decreased productivity loss of top talent decline in innovation increased sick time poor customer service serious compliance violations
bull Decrease in Ethical Agency
Only 22 believe integrity is the individualrsquos responsibility
Majority think integrity is the responsibility of management board HR compliance
bull Vicious Compliance
minus Organizational ownership of personal values is more expensiveless effective
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 13wwwnavexglobalcom
The Cost of Incivility in the Workplace
Source EY 15th Global Fraud Survey 2018
ldquohellipsignificantly more likely to act inappropriately including making cash payments to win or retain business These same
respondents are also more likely to extend the monthly reporting period or change assumptions that determine
valuations or reserves in order to meet financial targetsrdquo
Groups who did not believe integrity was an individualrsquos responsibility were
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 5
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 4wwwnavexglobalcom
Trust amp Transparency
The Underlying Themes of the Top Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 5wwwnavexglobalcom
Trust amp Transparency Underlying Themes of Top Trends
bull ldquoBelief Economyrdquo
minus Employees consumers and public at large are the new arbiters of business success
bull Byproduct of Abuse of Privacy
minus NDA personal data management corporate cover-ups
bull Culture of Accountability
minus ldquoTrust but verifyrdquo is now ldquoverify then trustrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 6wwwnavexglobalcom
1 Consumers not Regulators Are the New Enforcers of Global Business Practices
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 7wwwnavexglobalcom
New Enforcers of Global Business Practices
bull The Social Economy
Social networks catalyst for amplifying consumer sentiment
bull Consumer Sentiment
minus Sales intertwined with politics ethics and corporate representatives
bull Consumer as Enforcer
minus Modern Slavery Act
minus Regulatory compliance simple appeasing stakeholders hard
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 8wwwnavexglobalcom
New Enforcers of Global Business Practices (Cont)
bull ldquoA World of Distrustrdquo
Global trust index at ldquodistrusterrdquo level
bull Regaining Trust Uphill Battle
minus Global financial crisis resulted in a fundamental breakdown in consumer faith
bull Personal Digital amp Data Security
minus GDPR
minus Cambridge Analytica
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 9wwwnavexglobalcom
Key Steps for Organizations
bull Aggressively Avoid Lip-Service
Recalibrate business model against an ethical yardstick
bull Align Leadership
minus Policies incentives and accolades should reinforce ethical mission
minus Do not over-promise and under-deliver
bull Follow the Money
minus ldquoBelief economyrdquo is rewarding ethical business practices and authentic brands
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 10wwwnavexglobalcom
Key Steps for Organizations
bull Be Clear amp Calm
Transparency resolves ethical breaches more quickly
Have well-defined response processes for responding to ethical breaches
bull Audaciously Live Your Standards
minus Donrsquot be shy about showcasing orgleadership commitment to ethics
minus Publicly raising ethical standards puts pressure on competitors and industry to follow suit
minus Regard it as a competitive advantage
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 11wwwnavexglobalcom
2 The Cost of Incivility in the Workplace
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 12wwwnavexglobalcom
The Cost of Incivility in the Workplacebull Cost of Incivility
minus Acceptance of rude abusive harassing and bullying behavior has been happening for decades
minus Decreased productivity loss of top talent decline in innovation increased sick time poor customer service serious compliance violations
bull Decrease in Ethical Agency
Only 22 believe integrity is the individualrsquos responsibility
Majority think integrity is the responsibility of management board HR compliance
bull Vicious Compliance
minus Organizational ownership of personal values is more expensiveless effective
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 13wwwnavexglobalcom
The Cost of Incivility in the Workplace
Source EY 15th Global Fraud Survey 2018
ldquohellipsignificantly more likely to act inappropriately including making cash payments to win or retain business These same
respondents are also more likely to extend the monthly reporting period or change assumptions that determine
valuations or reserves in order to meet financial targetsrdquo
Groups who did not believe integrity was an individualrsquos responsibility were
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 6
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 5wwwnavexglobalcom
Trust amp Transparency Underlying Themes of Top Trends
bull ldquoBelief Economyrdquo
minus Employees consumers and public at large are the new arbiters of business success
bull Byproduct of Abuse of Privacy
minus NDA personal data management corporate cover-ups
bull Culture of Accountability
minus ldquoTrust but verifyrdquo is now ldquoverify then trustrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 6wwwnavexglobalcom
1 Consumers not Regulators Are the New Enforcers of Global Business Practices
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 7wwwnavexglobalcom
New Enforcers of Global Business Practices
bull The Social Economy
Social networks catalyst for amplifying consumer sentiment
bull Consumer Sentiment
minus Sales intertwined with politics ethics and corporate representatives
bull Consumer as Enforcer
minus Modern Slavery Act
minus Regulatory compliance simple appeasing stakeholders hard
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 8wwwnavexglobalcom
New Enforcers of Global Business Practices (Cont)
bull ldquoA World of Distrustrdquo
Global trust index at ldquodistrusterrdquo level
bull Regaining Trust Uphill Battle
minus Global financial crisis resulted in a fundamental breakdown in consumer faith
bull Personal Digital amp Data Security
minus GDPR
minus Cambridge Analytica
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 9wwwnavexglobalcom
Key Steps for Organizations
bull Aggressively Avoid Lip-Service
Recalibrate business model against an ethical yardstick
bull Align Leadership
minus Policies incentives and accolades should reinforce ethical mission
minus Do not over-promise and under-deliver
bull Follow the Money
minus ldquoBelief economyrdquo is rewarding ethical business practices and authentic brands
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 10wwwnavexglobalcom
Key Steps for Organizations
bull Be Clear amp Calm
Transparency resolves ethical breaches more quickly
Have well-defined response processes for responding to ethical breaches
bull Audaciously Live Your Standards
minus Donrsquot be shy about showcasing orgleadership commitment to ethics
minus Publicly raising ethical standards puts pressure on competitors and industry to follow suit
minus Regard it as a competitive advantage
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 11wwwnavexglobalcom
2 The Cost of Incivility in the Workplace
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 12wwwnavexglobalcom
The Cost of Incivility in the Workplacebull Cost of Incivility
minus Acceptance of rude abusive harassing and bullying behavior has been happening for decades
minus Decreased productivity loss of top talent decline in innovation increased sick time poor customer service serious compliance violations
bull Decrease in Ethical Agency
Only 22 believe integrity is the individualrsquos responsibility
Majority think integrity is the responsibility of management board HR compliance
bull Vicious Compliance
minus Organizational ownership of personal values is more expensiveless effective
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 13wwwnavexglobalcom
The Cost of Incivility in the Workplace
Source EY 15th Global Fraud Survey 2018
ldquohellipsignificantly more likely to act inappropriately including making cash payments to win or retain business These same
respondents are also more likely to extend the monthly reporting period or change assumptions that determine
valuations or reserves in order to meet financial targetsrdquo
Groups who did not believe integrity was an individualrsquos responsibility were
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 7
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 6wwwnavexglobalcom
1 Consumers not Regulators Are the New Enforcers of Global Business Practices
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 7wwwnavexglobalcom
New Enforcers of Global Business Practices
bull The Social Economy
Social networks catalyst for amplifying consumer sentiment
bull Consumer Sentiment
minus Sales intertwined with politics ethics and corporate representatives
bull Consumer as Enforcer
minus Modern Slavery Act
minus Regulatory compliance simple appeasing stakeholders hard
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 8wwwnavexglobalcom
New Enforcers of Global Business Practices (Cont)
bull ldquoA World of Distrustrdquo
Global trust index at ldquodistrusterrdquo level
bull Regaining Trust Uphill Battle
minus Global financial crisis resulted in a fundamental breakdown in consumer faith
bull Personal Digital amp Data Security
minus GDPR
minus Cambridge Analytica
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 9wwwnavexglobalcom
Key Steps for Organizations
bull Aggressively Avoid Lip-Service
Recalibrate business model against an ethical yardstick
bull Align Leadership
minus Policies incentives and accolades should reinforce ethical mission
minus Do not over-promise and under-deliver
bull Follow the Money
minus ldquoBelief economyrdquo is rewarding ethical business practices and authentic brands
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 10wwwnavexglobalcom
Key Steps for Organizations
bull Be Clear amp Calm
Transparency resolves ethical breaches more quickly
Have well-defined response processes for responding to ethical breaches
bull Audaciously Live Your Standards
minus Donrsquot be shy about showcasing orgleadership commitment to ethics
minus Publicly raising ethical standards puts pressure on competitors and industry to follow suit
minus Regard it as a competitive advantage
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 11wwwnavexglobalcom
2 The Cost of Incivility in the Workplace
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 12wwwnavexglobalcom
The Cost of Incivility in the Workplacebull Cost of Incivility
minus Acceptance of rude abusive harassing and bullying behavior has been happening for decades
minus Decreased productivity loss of top talent decline in innovation increased sick time poor customer service serious compliance violations
bull Decrease in Ethical Agency
Only 22 believe integrity is the individualrsquos responsibility
Majority think integrity is the responsibility of management board HR compliance
bull Vicious Compliance
minus Organizational ownership of personal values is more expensiveless effective
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 13wwwnavexglobalcom
The Cost of Incivility in the Workplace
Source EY 15th Global Fraud Survey 2018
ldquohellipsignificantly more likely to act inappropriately including making cash payments to win or retain business These same
respondents are also more likely to extend the monthly reporting period or change assumptions that determine
valuations or reserves in order to meet financial targetsrdquo
Groups who did not believe integrity was an individualrsquos responsibility were
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 8
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 7wwwnavexglobalcom
New Enforcers of Global Business Practices
bull The Social Economy
Social networks catalyst for amplifying consumer sentiment
bull Consumer Sentiment
minus Sales intertwined with politics ethics and corporate representatives
bull Consumer as Enforcer
minus Modern Slavery Act
minus Regulatory compliance simple appeasing stakeholders hard
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 8wwwnavexglobalcom
New Enforcers of Global Business Practices (Cont)
bull ldquoA World of Distrustrdquo
Global trust index at ldquodistrusterrdquo level
bull Regaining Trust Uphill Battle
minus Global financial crisis resulted in a fundamental breakdown in consumer faith
bull Personal Digital amp Data Security
minus GDPR
minus Cambridge Analytica
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 9wwwnavexglobalcom
Key Steps for Organizations
bull Aggressively Avoid Lip-Service
Recalibrate business model against an ethical yardstick
bull Align Leadership
minus Policies incentives and accolades should reinforce ethical mission
minus Do not over-promise and under-deliver
bull Follow the Money
minus ldquoBelief economyrdquo is rewarding ethical business practices and authentic brands
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 10wwwnavexglobalcom
Key Steps for Organizations
bull Be Clear amp Calm
Transparency resolves ethical breaches more quickly
Have well-defined response processes for responding to ethical breaches
bull Audaciously Live Your Standards
minus Donrsquot be shy about showcasing orgleadership commitment to ethics
minus Publicly raising ethical standards puts pressure on competitors and industry to follow suit
minus Regard it as a competitive advantage
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 11wwwnavexglobalcom
2 The Cost of Incivility in the Workplace
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 12wwwnavexglobalcom
The Cost of Incivility in the Workplacebull Cost of Incivility
minus Acceptance of rude abusive harassing and bullying behavior has been happening for decades
minus Decreased productivity loss of top talent decline in innovation increased sick time poor customer service serious compliance violations
bull Decrease in Ethical Agency
Only 22 believe integrity is the individualrsquos responsibility
Majority think integrity is the responsibility of management board HR compliance
bull Vicious Compliance
minus Organizational ownership of personal values is more expensiveless effective
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 13wwwnavexglobalcom
The Cost of Incivility in the Workplace
Source EY 15th Global Fraud Survey 2018
ldquohellipsignificantly more likely to act inappropriately including making cash payments to win or retain business These same
respondents are also more likely to extend the monthly reporting period or change assumptions that determine
valuations or reserves in order to meet financial targetsrdquo
Groups who did not believe integrity was an individualrsquos responsibility were
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 9
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 8wwwnavexglobalcom
New Enforcers of Global Business Practices (Cont)
bull ldquoA World of Distrustrdquo
Global trust index at ldquodistrusterrdquo level
bull Regaining Trust Uphill Battle
minus Global financial crisis resulted in a fundamental breakdown in consumer faith
bull Personal Digital amp Data Security
minus GDPR
minus Cambridge Analytica
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 9wwwnavexglobalcom
Key Steps for Organizations
bull Aggressively Avoid Lip-Service
Recalibrate business model against an ethical yardstick
bull Align Leadership
minus Policies incentives and accolades should reinforce ethical mission
minus Do not over-promise and under-deliver
bull Follow the Money
minus ldquoBelief economyrdquo is rewarding ethical business practices and authentic brands
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 10wwwnavexglobalcom
Key Steps for Organizations
bull Be Clear amp Calm
Transparency resolves ethical breaches more quickly
Have well-defined response processes for responding to ethical breaches
bull Audaciously Live Your Standards
minus Donrsquot be shy about showcasing orgleadership commitment to ethics
minus Publicly raising ethical standards puts pressure on competitors and industry to follow suit
minus Regard it as a competitive advantage
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 11wwwnavexglobalcom
2 The Cost of Incivility in the Workplace
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 12wwwnavexglobalcom
The Cost of Incivility in the Workplacebull Cost of Incivility
minus Acceptance of rude abusive harassing and bullying behavior has been happening for decades
minus Decreased productivity loss of top talent decline in innovation increased sick time poor customer service serious compliance violations
bull Decrease in Ethical Agency
Only 22 believe integrity is the individualrsquos responsibility
Majority think integrity is the responsibility of management board HR compliance
bull Vicious Compliance
minus Organizational ownership of personal values is more expensiveless effective
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 13wwwnavexglobalcom
The Cost of Incivility in the Workplace
Source EY 15th Global Fraud Survey 2018
ldquohellipsignificantly more likely to act inappropriately including making cash payments to win or retain business These same
respondents are also more likely to extend the monthly reporting period or change assumptions that determine
valuations or reserves in order to meet financial targetsrdquo
Groups who did not believe integrity was an individualrsquos responsibility were
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 10
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 9wwwnavexglobalcom
Key Steps for Organizations
bull Aggressively Avoid Lip-Service
Recalibrate business model against an ethical yardstick
bull Align Leadership
minus Policies incentives and accolades should reinforce ethical mission
minus Do not over-promise and under-deliver
bull Follow the Money
minus ldquoBelief economyrdquo is rewarding ethical business practices and authentic brands
Source 2018 Edelman Trust Barometer
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 10wwwnavexglobalcom
Key Steps for Organizations
bull Be Clear amp Calm
Transparency resolves ethical breaches more quickly
Have well-defined response processes for responding to ethical breaches
bull Audaciously Live Your Standards
minus Donrsquot be shy about showcasing orgleadership commitment to ethics
minus Publicly raising ethical standards puts pressure on competitors and industry to follow suit
minus Regard it as a competitive advantage
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 11wwwnavexglobalcom
2 The Cost of Incivility in the Workplace
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 12wwwnavexglobalcom
The Cost of Incivility in the Workplacebull Cost of Incivility
minus Acceptance of rude abusive harassing and bullying behavior has been happening for decades
minus Decreased productivity loss of top talent decline in innovation increased sick time poor customer service serious compliance violations
bull Decrease in Ethical Agency
Only 22 believe integrity is the individualrsquos responsibility
Majority think integrity is the responsibility of management board HR compliance
bull Vicious Compliance
minus Organizational ownership of personal values is more expensiveless effective
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 13wwwnavexglobalcom
The Cost of Incivility in the Workplace
Source EY 15th Global Fraud Survey 2018
ldquohellipsignificantly more likely to act inappropriately including making cash payments to win or retain business These same
respondents are also more likely to extend the monthly reporting period or change assumptions that determine
valuations or reserves in order to meet financial targetsrdquo
Groups who did not believe integrity was an individualrsquos responsibility were
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 11
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 10wwwnavexglobalcom
Key Steps for Organizations
bull Be Clear amp Calm
Transparency resolves ethical breaches more quickly
Have well-defined response processes for responding to ethical breaches
bull Audaciously Live Your Standards
minus Donrsquot be shy about showcasing orgleadership commitment to ethics
minus Publicly raising ethical standards puts pressure on competitors and industry to follow suit
minus Regard it as a competitive advantage
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 11wwwnavexglobalcom
2 The Cost of Incivility in the Workplace
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 12wwwnavexglobalcom
The Cost of Incivility in the Workplacebull Cost of Incivility
minus Acceptance of rude abusive harassing and bullying behavior has been happening for decades
minus Decreased productivity loss of top talent decline in innovation increased sick time poor customer service serious compliance violations
bull Decrease in Ethical Agency
Only 22 believe integrity is the individualrsquos responsibility
Majority think integrity is the responsibility of management board HR compliance
bull Vicious Compliance
minus Organizational ownership of personal values is more expensiveless effective
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 13wwwnavexglobalcom
The Cost of Incivility in the Workplace
Source EY 15th Global Fraud Survey 2018
ldquohellipsignificantly more likely to act inappropriately including making cash payments to win or retain business These same
respondents are also more likely to extend the monthly reporting period or change assumptions that determine
valuations or reserves in order to meet financial targetsrdquo
Groups who did not believe integrity was an individualrsquos responsibility were
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 12
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 11wwwnavexglobalcom
2 The Cost of Incivility in the Workplace
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 12wwwnavexglobalcom
The Cost of Incivility in the Workplacebull Cost of Incivility
minus Acceptance of rude abusive harassing and bullying behavior has been happening for decades
minus Decreased productivity loss of top talent decline in innovation increased sick time poor customer service serious compliance violations
bull Decrease in Ethical Agency
Only 22 believe integrity is the individualrsquos responsibility
Majority think integrity is the responsibility of management board HR compliance
bull Vicious Compliance
minus Organizational ownership of personal values is more expensiveless effective
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 13wwwnavexglobalcom
The Cost of Incivility in the Workplace
Source EY 15th Global Fraud Survey 2018
ldquohellipsignificantly more likely to act inappropriately including making cash payments to win or retain business These same
respondents are also more likely to extend the monthly reporting period or change assumptions that determine
valuations or reserves in order to meet financial targetsrdquo
Groups who did not believe integrity was an individualrsquos responsibility were
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 13
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 12wwwnavexglobalcom
The Cost of Incivility in the Workplacebull Cost of Incivility
minus Acceptance of rude abusive harassing and bullying behavior has been happening for decades
minus Decreased productivity loss of top talent decline in innovation increased sick time poor customer service serious compliance violations
bull Decrease in Ethical Agency
Only 22 believe integrity is the individualrsquos responsibility
Majority think integrity is the responsibility of management board HR compliance
bull Vicious Compliance
minus Organizational ownership of personal values is more expensiveless effective
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 13wwwnavexglobalcom
The Cost of Incivility in the Workplace
Source EY 15th Global Fraud Survey 2018
ldquohellipsignificantly more likely to act inappropriately including making cash payments to win or retain business These same
respondents are also more likely to extend the monthly reporting period or change assumptions that determine
valuations or reserves in order to meet financial targetsrdquo
Groups who did not believe integrity was an individualrsquos responsibility were
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 14
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 13wwwnavexglobalcom
The Cost of Incivility in the Workplace
Source EY 15th Global Fraud Survey 2018
ldquohellipsignificantly more likely to act inappropriately including making cash payments to win or retain business These same
respondents are also more likely to extend the monthly reporting period or change assumptions that determine
valuations or reserves in order to meet financial targetsrdquo
Groups who did not believe integrity was an individualrsquos responsibility were
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 15
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 14wwwnavexglobalcom
Over-Abundance of HR-Related Reports
1 Employees have always framed these concerns as matters of respect and fair treatment
2 Employees dissatisfied with interpersonal experiences with others in the workplace are the majority of HL reports
3 HR-related reports comes with a significant amount of emotional weight
4 Investigating claims takes time and money68
68
69
69
70
70
71
71
72
72
73
2014 2015 2016 2017
Report of HR Diversity amp Workplace Respect
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 16
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 15wwwnavexglobalcom
Key Steps for Organizations bull Define amp Commit to Core Values
minus Hire and fire based on corporate values
minus Make civility a requisite professional qualification at all levels
minus Rethink the value placed on HR related reports
bull Provide Integrity amp Civility Training to Supervisors
minus Train on having hardcritical conversations in respectful ways
minus Understand how personal ethics are interpreted by employees
bull 360-Degree View of Managers
Gather feedback on managers from all levels of their orbit
Anonymous reviews can be key for honestaccurate evaluations
bull Be Present ndash Professionally Personally Emotionally Mentally Physically
minus Rampant tech usage can undermine general civility
minus Re-humanizing business can reinvigorate integrity and civility
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 17
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 16wwwnavexglobalcom
3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 18
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 17wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull Slow Rollout of GDPR Enforcement
minus Regulators may not have been as prepared as companies for May 25
bull Foreshadowing of Compliance Reporting in first ~30 Days
minus United Kingdom ndash 1124 GDPR violation complaints
minus Ireland ndash 547 breach notifications 386 complaints
minus France ndash 426 complaints
ldquoICO receiving more than 8000 such reports since
May 25rdquo
UK Information Commissioner Elizabeth DenhamAs of Dec 10 2018
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 19
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 18wwwnavexglobalcom
GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming
bull The Nature of Enforcement
minus euro400000 fine against hospital
minus Infringement of integrity and confidentiality
minus Excessive access to sensitive data
minus Feels more preventive than punitive
minus Embedding privacy by design is just as important as avoiding a data breach
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 20
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 19wwwnavexglobalcom
Key Steps for Organizations bull Know the Events that Start the Clock
minus Identify events that require immediate action
minus Be prepared to complete necessary actions within allotted timeframes
bull 72-hour disclosure window
bull 30-Day Subject Access Request response window
bull Understand
minus The type and location of your data
minus Your obligations under GDPR
minus Which vendors process your data and the clauses that must be included in processor contracts
minus Which cloud systems you use and the data security they employ
bull Prepare for new laws including California Consumer Privacy Act (2020)
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 21
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 20wwwnavexglobalcom
4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 22
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 21wwwnavexglobalcom
ROI of Compliance Program Hotline Reporting
bull New research provides statistical evidence for what many compliance professionals already believed to be true
bull Increased hotline usage correlates with
minus Greater profitability and workforce productivity as measured by Return on Assets (ROA)
minus Fewer material lawsuits brought against the company overall and lower settlement costs if a lawsuit does occur
minus Fewer external whistleblower reports to regulatory agencies and other authorities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 23
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 22wwwnavexglobalcom
Hotline Usage Associated with Fewer Lawsuits
bull Material Lawsuits decline as hotline usage increases
bull Larger firms benefit more from becoming a ldquopower userrdquo of their hotline
bull A one standard deviation increase in the use of an internal WB system is associated with 69 fewer material pending lawsuits and 204 less in aggregate settlement amounts
-110
-075
-040
-005
030
065
100
100
110
120
130
140
150
160
170
Low Medium HighD
emea
ned
Use
of
Whi
stle
blow
ing
Syst
em
Aver
age
of
Mat
eria
l Law
suits
Whistleblowing System Use and Material Lawsuits
LEGALt+1 to t+3USAGE
Chart3 Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
NAVEX Descr Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+31234501663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr (2) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685
Average of Material Lawsuits
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085
Average of Material Lawsuits
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2
ROA
NAVEX Descr (3) Whistleblowing System Use
and OSHA Reports
OSHAt+1 to t+3LowMediumHigh0128940101286666666666650100685USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+3LowMediumHigh1658185119619999999999991005085USAGELowMediumHigh-103423015090333333333331093000499999999997
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and ROA
ROALowMediumHigh84995000000000001E-311837666666666668E-227892E-2USAGELowMediumHigh-103423015090333333333331093000499999999997
ROA
Demeaned Use of
Whistleblowing System
NAVEX Descr__ChartUsageAssets Usage by Size (Assets $bn)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999
Demeaned Usage
Usage by Size (Assets in $bn) and
Litigation (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size (Assets in $bn) and
OSHA (t+1 to t+3)
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
Usage by Size (Assets in $bn) and ROA
Demeaned Usage
034611720000000001041233920000000002052043010000000001303036709999999992724370600000000328796972999999997292802831000000023582939379999999829093753400000001-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROA
-60650999999999997E-2-31608999999999998E-2-76350000000000003E-339156000000000003E-228538000000000001E-236477999999999997E-254934999999999998E-257286999999999998E-244892000000000001E-2
Demeaned Hotline Usage
ROA
NAVEX Descr__ChartUsageEmploy Usage by Size ( Employees)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488
Demeaned Usage
Usage by Size ( Emp) and Litigation (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488LEGALt+1 to t+3
064732000000000001069335999999999998067452999999999996151116000000000011135207198099999999999528810899999999999224461999999999981625
Demeaned Usage
of Material Lawsuites
Usage by Size ( Emp) and OSHA (t+1 to t+3)
Demeaned Usage
076670000000000005098109999999999997115009999999999996579900000000000362432999999999996634290000000000025153499999999999756993099999999998481295-1019230000000000133279999999999997E-2085382000000000002-09766200000000000403955199999999999810785899999999999-15882700000000001016908000000000001105488OSHAt+1 to t+3
32469999999999999E-255050000000000002E-232840000000000001E-272289999999999993E-269769999999999999E-287190000000000004E-2027245000000000003024789018059
Demeaned Usage
of OSHA Reports
NAVEX ROA Simple Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Simple (2) Whistleblowing System Use
and Material Lawsuits
USAGE12345-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999LEGALt+1 to t+312345-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
Average ROA
Demeaned Use of
Whistleblowing System
NAVEX ROA Complex USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
NAVEX Descr (4) Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+312345201556999999999991300813520509357499999999999710744199999999999USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
Whistleblowing System Use
and Material Lawsuits
LEGALt+1 to t+31234521441999999999999E-2-44429999999999999E-316537E-223418999999999999E-232364999999999998E-2USAGE12345-163287-043558999999999998020823068006999999999995117994
Quintile
Average of Material Lawsuits
Demeaned Use of
Whistleblowing System
USAGELOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-10216799999999999010042090195000000000003-10926800000000001039922000000000002109195-14736787029999999999996E-210065599999999999ROALOWMEDIUMHIGHLOWMEDIUMHIGHLOWMEDIUMHIGHSMALLSMALLSMALLMEDIUMMEDIUMMEDIUMLARGELARGELARGE-59816000000000001E-2-28531000000000001E-227980000000000001E-346628000000000003E-230956000000000001E-241846000000000001E-243323E-244578E-238977999999999999E-2
USAGE1 Quintile2 Quintile3 Quintile4 Quintile5 Quintile-163287-043558999999999998020823068006999999999995117994OSHAt+1 to t+31 Quintile2 Quintile3 Quintile4 Quintile5 Quintile01663699999999999991509999999999994E-201376999999999999974649999999999994E-2012672
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Nobs Assets ($mm) USAGE ROA $ Assets USAGE USAGE ROA USAGE USAGE ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL LOW 636 34612 -102 -0060 SMALL LOW -102 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL MEDIUM 637 41234 010 -0029 SMALL MEDIUM 010 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 SMALL HIGH 636 52043 090 0003 SMALL HIGH 090 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM LOW 636 303037 -109 0047 MEDIUM LOW -109 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM MEDIUM 637 272437 040 0031 MEDIUM MEDIUM 040 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 MEDIUM HIGH 636 287970 109 0042 MEDIUM HIGH 109 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE LOW 636 2928028 -147 0043 LARGE LOW -147 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE MEDIUM 637 3582939 009 0045 LARGE MEDIUM 009 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 LARGE HIGH 636 2909375 101 0039 LARGE HIGH 101 0039 All 5727 1156927 000 043 137 004 012 0018 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -102 -0060 -0044 1 -163 0021 LEGALt+1 OSHAt+1 2 010 -0029 -0013 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 090 0003 0017 3 021 0017 4 -109 0047 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 040 0031 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 109 0042 SMALL HIGH 638 115 085 022 067 001 003 -0008 -147367 0043 MEDIUM LOW 634 658 -098 048 151 002 007 0039 008703 0045 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 100656 0039 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA USAGE ROA 1 -163 0021 0008 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 0006 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 0017 3 021 0017 4 068 0023 0023 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Emp (000s) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 638 077 -102 023 065 000 003 -0060651 24 Compliance User SMALL 08 -102 Compliance User 065 Compliance User 003 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 27 Moderate User SMALL 10 003 Moderate User 069 Moderate User 006 SMALL HIGH 638 115 085 022 067 001 003 -0007635 32 Power User SMALL 12 085 Power User 067 Power User 003 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 133 Compliance User MEDIUM 66 -098 Compliance User 151 Compliance User 007 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 128 Moderate User MEDIUM 62 040 Moderate User 114 Moderate User 007 LARGE LOW 636 5154 -159 091 288 009 027 0054935 138 Power User MEDIUM 63 108 Power User 072 Power User 009 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 692 Compliance User LARGE 515 -159 Compliance User 288 Compliance User 027 All 5727 1985 000 043 137 004 012 0017861 737 Moderate User LARGE 570 017 Moderate User 224 Moderate User 025 708 Power User LARGE 481 105 Power User 163 Power User 018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA $ Assets USAGE Assets ($mm) USAGE SMALL LOW 636 34612 -102 019 058 000 002 -0059816 SMALL LOW 9671079 -073586 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 SMALL MEDIUM 10463027 012459 SMALL HIGH 636 52043 090 022 064 002 004 0002798 SMALL HIGH 11805909 069878 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM LOW 57312214 -10509 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 MEDIUM MEDIUM 56860544 014806 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 MEDIUM HIGH 58318638 080995 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 LARGE LOW 406915901 -092156 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE MEDIUM 454727145 011543 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 LARGE HIGH 361468643 079595 All 5727 1156927 000 043 137 004 012 0017861 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
demeaned Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 1 1145 -163 063 202 005 017 002 2 1146 -044 043 130 003 009 -000 3 1145 021 043 135 004 014 002 4 1146 068 031 094 003 007 002 5 1145 118 035 107 004 013 003 All 5727 000 043 137 004 012 002 Means by Usage within Employees tercile LEGALt+1 OSHAt+1 LEGALt+1 OSHAt+1 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA USAGE to t+3 to t+3 Assets ($mm) Assets ($bn) Demeaned Usage LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 638 077 -102 023 065 000 003 -0060651 34612 Compliance User SMALL 035 -102 Compliance User 065 Compliance User 003 -006 SMALL MEDIUM 639 098 003 026 069 001 006 -0031609 41234 Moderate User SMALL 041 010 Moderate User 069 Moderate User 006 -003 SMALL HIGH 638 115 085 022 067 001 003 -0007635 52043 Power User SMALL 052 090 Power User 067 Power User 003 -001 MEDIUM LOW 634 658 -098 048 151 002 007 0039156 MEDIUM MEDIUM 635 624 040 034 114 002 007 0028538 303037 Compliance User MEDIUM 303 -109 Compliance User 151 Compliance User 007 004 MEDIUM HIGH 634 634 108 025 072 003 009 0036478 272437 Moderate User MEDIUM 272 040 Moderate User 114 Moderate User 007 003 LARGE LOW 636 5154 -159 091 288 009 027 0054935 287970 Power User MEDIUM 288 109 Power User 072 Power User 009 004 LARGE MEDIUM 637 5699 017 068 224 009 025 0057287 LARGE HIGH 636 4813 105 051 163 006 018 0044892 2928028 Compliance User LARGE 2928 -147 Compliance User 288 Compliance User 027 005 All 5727 1985 000 043 137 004 012 0017861 3582939 Moderate User LARGE 3583 009 Moderate User 224 Moderate User 025 006 2909375 Power User LARGE 2909 101 Power User 163 Power User 018 004 158616521 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 SMALL LOW 636 34612 -102 019 058 000 002 -0059816 9671079 -073586 036271 134503 0010309 007059 007059 SMALL MEDIUM 637 41234 010 023 061 000 004 -0028531 10463027 012459 032646 086885 0023973 00625 00625 SMALL HIGH 636 52043 090 022 064 002 004 0002798 11805909 069878 022654 067249 0017065 005797 005797 MEDIUM LOW 636 303037 -109 046 140 003 010 0046628 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0030956 57312214 -10509 052308 165926 0053498 016495 016495 MEDIUM HIGH 636 287970 109 024 074 003 008 0041846 56860544 014806 037838 129121 0042345 012371 012371 LARGE LOW 636 2928028 -147 095 309 008 025 0043323 58318638 080995 038944 135577 0060403 016749 016749 LARGE MEDIUM 637 3582939 009 074 247 008 025 0044578 LARGE HIGH 636 2909375 101 055 175 006 020 0038978 406915901 -092156 12963 392164 0095023 030994 030994 All 5727 1156927 000 043 137 004 012 0017861 454727145 011543 086986 295028 0085443 027919 027919 361468643 079595 071812 207805 0078498 025 025 Means by Employees quintile LEGALt+1 OSHAt+1 Quintile Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 145 002 030 081 001 006 2 628 562 006 035 121 003 010 3 628 1267 004 053 171 004 012 4 628 2874 -006 061 190 005 017 5 627 9717 -006 104 330 012 038 All 3138 2912 -000 057 186 005 016 Means by Assets ($mm) quintile LEGALt+1 OSHAt+1 Quintile Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 1 627 54621 002 027 083 001 005 2 628 220334 003 033 101 002 010 3 628 546734 -003 047 166 005 014 4 628 1379930 001 066 212 005 018 5 627 5733372 -002 112 351 012 037 All 3138 1586165 -000 057 186 005 016
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 0021 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 -0004 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 0017 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 0023 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 0032 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Low -103 166 013 0008 LEGALt+1 OSHAt+1 Medium 015 120 010 0012 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA High 093 101 010 0028 SMALL LOW 638 077 -102 023 065 000 003 -0061 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Means by USAGE quintle LEGALt+1 OSHAt+1 Quintile Nobs USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA Quintile USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 Quintile USAGE OSHAt+1 to t+3 1 1145 -163 063 202 005 017 0021 1 1 -163 202 017 1 Quintile -163 017 2 1146 -044 043 130 003 009 -0004 2 2 -044 130 009 2 Quintile -044 009 3 1145 021 043 135 004 014 0017 3 3 021 135 014 3 Quintile 021 014 4 1146 068 031 094 003 007 0023 4 4 068 094 007 4 Quintile 068 007 5 1145 118 035 107 004 013 0032 5 5 118 107 013 5 Quintile 118 013 All 5727 000 043 137 004 012 0018 Means by Usage within Employees tercile USAGE ROA 1 -163 0021 LEGALt+1 OSHAt+1 2 -044 -0004 EMP USAGE Nobs Emp (000s) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA 3 021 0017 4 068 0023 SMALL LOW 638 077 -102 023 065 000 003 -0061 5 118 0032 SMALL MEDIUM 639 098 003 026 069 001 006 -0032 SMALL HIGH 638 115 085 022 067 001 003 -0008 MEDIUM LOW 634 658 -098 048 151 002 007 0039 MEDIUM MEDIUM 635 624 040 034 114 002 007 0029 MEDIUM HIGH 634 634 108 025 072 003 009 0036 LARGE LOW 636 5154 -159 091 288 009 027 0055 LARGE MEDIUM 637 5699 017 068 224 009 025 0057 LARGE HIGH 636 4813 105 051 163 006 018 0045 All 5727 1985 000 043 137 004 012 0018 Means by Usage within $ Assets tercile LEGALt+1 OSHAt+1 $ Assets USAGE Nobs Assets ($mm) USAGE LEGALt+1 to t+3 OSHAt+1 to t+3 ROA SMALL LOW 636 34612 -102 019 058 000 002 -0060 SMALL MEDIUM 637 41234 010 023 061 000 004 -0029 SMALL HIGH 636 52043 090 022 064 002 004 0003 MEDIUM LOW 636 303037 -109 046 140 003 010 0047 MEDIUM MEDIUM 637 272437 040 033 113 002 006 0031 MEDIUM HIGH 636 287970 109 024 074 003 008 0042 LARGE LOW 636 2928028 -147 095 309 008 025 0043 LARGE MEDIUM 637 3582939 009 074 247 008 025 0045 LARGE HIGH 636 2909375 101 055 175 006 020 0039 All 5727 1156927 000 043 137 004 012 0018
Page 24
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 23wwwnavexglobalcom
Key Steps for Organizations
bull Generate the Raw Material for Internal Reporting
minus The most important step is actually getting employee reports
minus Train employees on what needs to be reported and how to report
minus Train managers on how to properly receive and process reports
bull Focus on Compliance from the Start-up
minus Accelerated growth often comes at the expense of compliance and culture
minus Establish a culture of reporting from the start
minus Temper pressures for growth with realities of sustainable cultures
bull Educate the C-suite and the Board
minus Add new research data to your board reports
minus Show HR and legal colleagues the value of encouraging higher rates of internal reporting
minus Build new data into your story of effectiveness
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 25
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 24wwwnavexglobalcom
5 Blurred Lines Between Protected Activity amp Corporate Governance
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 26
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 25wwwnavexglobalcom
Blurred Lines Between Protected Activity amp Corporate Governance
bull Is someone a whistleblower when they raise concerns that are a part of their defined job responsibilities
bull Trend of CCOs COO and HR reps becoming external reporters against their companies
bull Are you ever legally allowed to step outside your role as an HR or compliance professional or are you able to engage in protected activity
bull No clarity from the courts
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 27
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 26wwwnavexglobalcom
Key Steps for Organizations
bull Apply extra sensitivity to employee complaints from HR Compliance Risk and Legal
minus Consult counsel before administering any adverse action
bull Take Every Concern Seriously
minus Even when protected activity is ambiguous all reports should be taken seriously
minus Ensure every investigation follows pre-planned and documented protocols
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 28
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 27wwwnavexglobalcom
Key Steps for Organizations
bull Offer Strong Reporting Mechanism
minus Complaints are best managed when multiple reporting channels are available
minus Accessible comfortable reporting channels empower all employees to raise issues
minus Reporting channels can document when organizations receive formal complaints
bull Prioritize Awareness
minus Effective policies ensure employees understand reporting expectations
minus Awareness campaigns communicate orgrsquos commitment to listening up
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 29
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 28wwwnavexglobalcom
6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 30
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 29wwwnavexglobalcom
Incentivizing Ethics
bull Employee grading programs are back in the news reviving the conversation around ethical incentives
minus Grading employees on ethical behavior
minus Linking the grade to bonus eligibility
bull Not a new topic but a heated topic
bull More and more companies will have to make a case one way or the other
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 31
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 30wwwnavexglobalcom
Incentivizing Ethics Pros amp Cons
Pros
minus Seems like common sense to reward ethics
minus Incentives drive human behavior
minus Signals corporate commitment to ethics and compliance
minus Stimulates discussion around corporate values and ethical behavior
minus Acts as reinforcement for awareness efforts
Cons
minus ldquoIf you have to be paid to be ethical yoursquore notrdquo
minus Implies itrsquos OK to be unethical you just wonrsquot get a bonus
minus Should be a basic condition of employment
minus Could suppress incident reporting for fear of hurting managerrsquos bonus eligibility
minus Legal implications if history of negative manager evaluations come to light
Source Trust Across Americarsquos Trust Council
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 32
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 31wwwnavexglobalcom
Incentivizing Ethics Measure Value not Tasks
bull Which Standards to Assess Ethics
minus Subjective value-based criteria
bull Hard to measure
bull Best for identifying extreme behaviors but harder for subtleties
bull Often result in inconsistencies or grade inflation to meet goals
minus Objective value-based criteria
bull Easier to measure (eg ldquoabove average scoresrdquo)
bull Understandable and achievable to employees
bull Align with compliance activities like completing training engagement surveys and attesting to policies
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 33
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 32wwwnavexglobalcom
Key Steps for Organizations
bull Review Existing Corporate Incentive Plans
minus Examine role-based incentives like sales goals revenue targets or conversion metrics
minus Do they promote aggressive or compromised performance methods
minus Talk to the Board about their responsibilities to ask hard questions about the financial targets
bull Consider Alternatives to Monetary Incentives
minus Feature employees on company website or newsletter Acknowledgement from the CEO or other leaders
minus Consider a company donation to a charity of the employeersquos choosing in the employeersquos name
bull Understand the Power of Promotions
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 34
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 33wwwnavexglobalcom
7 Third-Party Risk Is NOT Just About FCPA Anymore
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 35
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 34wwwnavexglobalcom
Third-Party Risk Is NOT Just About FCPA Anymore
bull Third-party risk no longer limited to wrath of DOJ or SFO
minus Reputation risk relating to third parties has increased exponentially
minus OFAC sanctions raise the bar
minus GDPR adds data privacy to the list of public trust demands
bull Third-party risk has broadened in three substantial ways
1 Expanded risk of prosecution for sanctions violations
2 Increased reputational risk of association with controversial companies and CEOs
3 Heightened risk of a data breach exposure
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 36
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 35wwwnavexglobalcom
Third-Party Risk is NOT Just About FCPA Anymore
bull Rising Risk of Working with Sanctioned Parties
minus OFAC fines $90K for failure to raise red flags through search software
minus Software needs to be supplemented by human oversight
bull Rising Reputational Risk of Association
minus Companies feeling pressure to react to political events
minus Any political stance will breed polarized responses
bull Rising Risk of Third Parties Holding Personal Data
minus EU data protection authorities now showing their teeth
minus California Consumer Privacy Act raises ante in US
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 37
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 36wwwnavexglobalcom
Key Steps for Organizations
bull Implement a Sanction Screening Protocol that Involves People
minus Optimize software to identify potentially problematic third parties accommodating fuzzy matches
minus Perform regular spot checks to stress test software
bull Have Back-up Plan for Critical Third Parties
bull Check Contracts with Companies with Personal Data
minus Ensure third parties are required to notify data breaches immediately
minus Put in safeguards requiring minimum levels of data security
minus Delete or amend data that is no longer activeaccurate
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 38
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 37wwwnavexglobalcom
8 Moving from Speculative to Realistic Conversations on Artificial Intelligence
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 39
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 38wwwnavexglobalcom
Realistic Conversations on Artificial Intelligencebull Donrsquot Succumb to Analysis Paralysis
bull Identify the Compliance Problems that AI Can Solve for Your Organization
minus Automating manual data entry
minus Filtering for errors or patterns
minus Continual monitoring of regularly updated lists
minus Predictive analytics
bull Some Areas to Consider for AI Applications
minus Keeping pace with regulatory changes with real-time notifications changes to policies and training updates
minus Monitoring third-party sanction screenings
minus Triggering preventive measure with predictive hotline analytics
minus Sending relevant compliance awareness materials based on travel reservations
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 40
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 39wwwnavexglobalcom
Realistic Conversations on Artificial Intelligence
bull Adopt Technology while Remaining an Employee Advocate
minus Compliance needs to consider the cultural implications of any new technology
bull Understand the Full Scope of Cognitive Computing
minus Errors like benefits can proliferate exponentially
minus Unconscious bias ban be built into ill-vetted AI solutions
bull Apply Human Expertise to Digital Solutions
minus Always remember best practices for risk mitigation change management and corporate culture
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 41
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 40wwwnavexglobalcom
Key Steps for Organizations
bull Create a Framework for Evaluating the ROI of Your Solution
minus Create roadmap for implementation that clearly outlines measures of success and timelines for adoption
minus Check three boxes in your AI framework 1 Real time 2 Reliable 3 Single source of truth
bull Strive for Digital Harmony
minus Integrate with existing solutions rather than bolt on to current tech stack
minus Create efficiencies not challenges for teams you work with
bull Make Sure ldquoGarbagerdquo Cannot Describe Any of Your Data
minus Thoroughly vet the data you are feeding into your AI solution
minus Monitor technology to ensure initial data assumptions prove correct
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 42
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 41wwwnavexglobalcom
9 MeToo From Hashtag to Movement to New Normal
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 43
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 42wwwnavexglobalcom
MeToo From Hashtag to Movement to New Normal
bull Sexual Harassment not Going Away
minus 2018 harassment complaints have gone up
minus Increased internal complaints
bull Action Is Being Taken
minus Removal of harassers ldquoWeinstein Clauserdquo banned NDAs
bull Not All Action Is Beneficial
minus Fueled by corporate damage control
minus Lack of understanding of root of problem
minus No enough to achieve real change
Image Source New York Times ldquoWe Asked 615 Men About How They Conduct Themselves at Workrdquo
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 44
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 43wwwnavexglobalcom
Two Foundational Elements for Change
1 Cultures of Understanding
minus Empathy for victims and their experiences
minus Does not isolate or exclude women from professional interactions
minus Eliminates retaliation and encourages an open culture
2 Transparency to Restore Trust
minus Find the right balance of transparency to protect confidentiality while disclosing progress to stakeholders
minus Remove any appearance of abuse of privacy or inaction
minus Be part of the solution or be part of the story
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 45
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 44wwwnavexglobalcom
Key Steps for Organizations
1 Decide who is in charge of complaint-handling before you get complaints
2 Provide bystander training and communications
3 Add a question to your engagement or compliance and ethics survey
4 Prepare metrics for the board
5 Review the new laws
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 46
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 45wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 47
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 46wwwnavexglobalcom
Old Compliance Lessons Apply to New Compliance Trends
bull Fundamentals Never Go out of Style
minus EampC will always be about shaping human behavior
minus Behavioral research has now helped develop behavioral ethics
bull Localizing Compliance Always Resonates Better
minus Consider regional hierarchical and departmental characteristics when deploying training policies and messaging
bull EampC Is Exciting amp Getting More So
minus Humor can be risky on sensitive subjects but interesting and engaging content should always be a goal
minus Compliance professionals are at the forefront of a constantly evolving and demanding industry ndash be open to new opportunities
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You Page 48
Copyright copy 2019 NAVEX Global Inc All Rights Reserved | Page 47wwwnavexglobalcom
Kristy Grant-Hart kgranthartsparkcompliancecom
Carrie Penmancpenmannavexglobalcom
Thank You
Top 10 Ethics amp Compliance Trends for 2019 2018 ndash A Quick Look at Last Yearrsquos Trends Agenda Presented By Trust amp Transparency Trust amp Transparency Underlying Themes of Top Trends 1 Consumers not Regulators Are the New Enforcers of Global Business Practices New Enforcers of Global Business Practices New Enforcers of Global Business Practices (Cont) Key Steps for Organizations Key Steps for Organizations 2 The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace The Cost of Incivility in the Workplace Over-Abundance of HR-Related Reports Key Steps for Organizations 3 GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming GDPR Enforcement amp Regulation May Be Slow But Itrsquos Coming Key Steps for Organizations 4 Groundbreaking Evidence on the ROI of Compliance Program Hotline Reporting ROI of Compliance Program Hotline Reporting Hotline Usage Associated with Fewer Lawsuits Key Steps for Organizations 5 Blurred Lines Between Protected Activity amp Corporate Governance Blurred Lines Between Protected Activity amp Corporate Governance Key Steps for Organizations Key Steps for Organizations 6 Incentivizing Ethics What Does the Future Hold for Paying for Ethical Behavior Incentivizing Ethics Incentivizing Ethics Pros amp Cons Incentivizing Ethics Measure Value not Tasks Key Steps for Organizations 7 Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk Is NOT Just About FCPA Anymore Third-Party Risk is NOT Just About FCPA Anymore Key Steps for Organizations 8 Moving from Speculative to Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Realistic Conversations on Artificial Intelligence Key Steps for Organizations 9 MeToo From Hashtag to Movement to New Normal MeToo From Hashtag to Movement to New Normal Two Foundational Elements for Change Key Steps for Organizations Old Compliance Lessons Apply to New Compliance Trends Old Compliance Lessons Apply to New Compliance Trends Thank You 
