Institute of Internal Auditors

Richard Arthurs, CPA, CMA, MBA, CIA, CFE, CRMA, QIALPartner, National Leader Governance and Risk ManagementRichard.arthurs@mnp.ca587-583-9155

What Canadian Leaders need to know about

Ethics to avoid costly issues in the future

5th Largest Accounting Firm in Canada

Wide Range of Risk and Advisory Services• Governance & Risk Services• Technology Risk Services Governance & Risk Management Operational Effectiveness

Technology RiskBusiness Resilience

Forensics & Enterprise Security

• Governance Effectiveness• Risk Oversight• ERM Framework & Program

Implementation• ERM Maturity Assessment• Risk Assessment & Mitigation

• Organizational Structure & Governance• Business Process & Control

Improvement• People & Technology Effectiveness• Lean Six Sigma

• IT Strategy & Governance • Information Security & Privacy• Technology Controls Assurance• IT Project Risk Management• Third Party Reporting• Data Analytics

• Business Continuity Planning• Crisis Management & Communications• IT Disaster Recovery• Emergency Preparedness & Response• Scenario & Simulation Testing• Critical Infrastructure Protection• Supply Chain Risk

• Anti-Fraud Program• Whistleblower Hotline• Forensic Investigation• Enterprise Security Management• Threat Vulnerability Risk Assessment

About MNP

3

Benefits of a Strong Ethical Culture• Minimize Board and Executive Liability• Avoid Material Legal Investigations and Fines• Attract and Retain High Quality & Very Ethical Leaders• Optimize Internal Transparency and Productivity• Secure Intellectual Property and Private Information• Ensure the Integrity of Financial Reporting • Maintain A Strong Public Reputation

• Avoid Material Destruction in Shareholder Value

4

5

Tone From the Top is Critical

6

Example of a Corporate Ethics Slogan

Always do the right thing!Ethical decision-making starts with good judgment and common sense. Before taking action in a situation ask yourself:

7

• Is anyone’s life, health, safety, or the environment endangered by this action? • Is it legal?• Does it feel fair and honest?• Does it compromise trust or integrity? • Could I justify it to the public?• What would I tell my close friend to do in a similar situation?

8

Who provides the most fraud tips?

9

10

Source of tips

©2012 Association of Certified Fraud Examiners, Inc.

Ethics insight:

Good governance and trust takes time to build and seconds to destroy

11

12

Ethics insight:

Our partners can enhance or damage our reputation

13

Who is behind the largest frauds in Canada?

14

Managers?

Employees?

15

Loss by position type in Canada

©2012 Association of Certified Fraud Examiners, Inc.

Common Areas of a Code of Conduct

Company assets

16

Respect and integrity

Transparency and Proactive Disclosure

Conflict of interest

Information and Influence

Respect and integrity

• Discrimination• Harassment• Violence• Health and safety• Environment

17

Common terms in a code:

• Always identify concerns to your manager• Proactively communicate unsafe working conditions• Watch for insufficient personal protective equipment• Be aware of standard emergency procedures • Respect all warnings regarding health and safety • Do not assume someone else will address the issue

18

Respect and integrity

OK

Common terms in a code:

• Threats, intimidation or other violence• Jokes or comments

– related to race, ethnicity, religion, sex, age, physical appearance or disability

• Inappropriate physical contact or relations• Work while impaired by alcohol or drugs

19

Respect and integrity

NOT OK

Case study

The angry managerYour manager meets you in his office. He closes the door and proceeds to explain to you how the latest project you were involved with went off course. Most of the problems weren’t directly related to you, but he is very unhappy about it, talks loudly, bangs on his desk and is quickly losing his temper.

20

Respect and integrity

Case study

A. Yes, it’s perfectly healthy to blow off some steam once in a while.B. Yes, as long as he doesn’t swear or hit you physically.C. No, he should be angry at the project manager, not you.D. No, any form of violence is unacceptable.

21

Respect and Integrity

The Angry ManagerIs this behavior acceptable?

22

Transparency and Proactive Disclosure

• Anti-trust & competition laws• Offers, promises and gifts• Political contributions and

lobbying• Trade controls and boycotts• Partnerships

23

Common terms in a code:

• Always seek advice if asked to do something excessive• Immediately report any corruption concerns • Ask your manager for advice when giving or accepting gifts• Report any gift or hospitality you give or receive• Decline politely any offer not in line with our practices• Proactively communicate our policies to vendors

24

Transparency & Proactive Disclosure

OK

Common terms in a code

• Offer gifts to a government official or his/her family• Give or receive a bribe or kickback• Accept a gift in cash or cash equivalents• Accept offers of sponsored travel• Make political contributions on behalf of the company• Make a payment that appears suspicious

25

NOT OK

Transparency & Proactive Disclosure

Case study

VegasA supplier with whom you have been working with for more than three years offers an all expense paid trip for you and your spouse to visit Vegas. This supplier will make a presentation to you while you are there. There is no expectation that you need to do anything else in return for this trip.

26

Transparency & Proactive Disclosure

Case Study

A. Yes, since the supplier made it clear that he doesn’t expect any business in return.

B. Yes, as long as it does not include family members.C. No, this trip is too expensive.D. No, you can only attend this if you make the presentation.

27

VegasCan you accept the trip?

Transparency & Proactive Disclosure

Conflict of interest

• Secondary employment• Outside business activity• Personal relationships

28

Common terms in a code:

• Gain approval for other employment relationships• Advise your supervisor or manager of

– any outside activities, financial interests, or relationships that may either involve you in a conflict of interest or the appearance of one

• Obtain approval before accepting – an officer or director position with another company or organization

• Excuse yourself from decisions with potential conflict of interest

29

Conflict of Interest

OK

Common terms in a code:

• No pre-approval for conflict of interest external roles• Use your role at work for inappropriate gain• Use insider information for personal benefit• Hire, promote or supervise a close relative

30

Conflict of Interest

NOT OK

Case study

The new supplierThe company is looking to hire for a high level management position. No suitable candidates have as yet been found and you have been asked to engage an executive search firm to help find the right person. Your spouse is a partner at an executive search firm which has experience recruiting for very similar positions to that which the company is trying to fill. All things considered, hiring your spouses firm would benefit both parties.

31

Conflict of interest

Case study

A. Yes, your spouse’s firm can make an honest offer as much as the next person.

B. Yes, as long as the company knows that it’s your spouse’s firm and the necessary safeguards are implemented.

C. No, except if someone else negotiates the deal for you.D. No, if you hire your spouse’s firm, you would indirectly be both

employee and supplier.

32

Conflict of Interest

The New SupplierCan AltaLink engage the services of your spouse’s firm?

33

Company assets

• Information technology assets• Personal usage

34

Common Terms in a code:

• Prevent waste, loss, damage, misuse, theft or misappropriation of assets• Ensure third parties follow established guidelines• Prevent non-authorized personnel from accessing work facilities• Protect buildings, storage areas, vehicles and equipment• Ensure hardware, software and data for which you are responsible are

appropriately safeguarded

Company Assets

OK

• Permit unauthorized entry to a work facility• Duplicate keys without appropriate authorization• Do something that may pose a security threat • Use work equipment for non-work business• Exchange material prohibited by the law or that is offensive

Company Assets

NOT OK

Common terms in a code:

Case study

Using PC to pay billsComing to work this morning you realize you have not yet paid a number of your monthly household bills. At lunch time you stay at your desk and use your office computer to access your various accounts on the internet and take care of the various payments. After about 15 minutes you are all done and ready to resume your work at the end of your lunch break.

37Company Assets

Case study

A. Yes, but you must do it on your own time.B. Yes, as long as it is not excessive.C. No, company equipment may only be used for work.D. No, except for an emergency authorized by your boss.

38

Company Assets

Using PC to Pay BillsIs it allowed to use office equipment for personal reasons?

39

Running a Business on the Side

Information and Influence

• Confidentiality• Accounting practices and record maintenance• Communications• Intellectual property• Information systems• Insider trading• FCPA & UK Anti-Bribery Act

40

Common terms in a code:

• Treat all work data as confidential• Optimize integrity of all formal records and documentation• Retain documents in accordance with laws and policy• Return all confidential data if you leave work• Be cautious when communicating with family and friends• Be careful when making statements at external events• Immediately report the loss or theft of work information

41

Information & Influence

OK

Common terms in a code:

• Delete documents that must be retained• Use software or hardware without authorization• Use documents and materials not produced internally• Use non-work confidential information without authorization• Disclose information to the public without approval• Use confidential information for insider trading

42

Information & Influence

NOT OK

Case study

The investmentYou are working on a proposal for what could be one of the company’s biggest projects to date, significantly increasing revenues. The deal is not final yet but you and your team are confident that it will go through. Naturally, you talked to your wife about the project, giving her an overview without telling her all the details. Tonight, she says that she called a broker and bought 200 shares of the company’s parent, hoping that share value will eventually benefit from the upcoming projects.

43

Information & Influence

Case study

A. Yes, she can do whatever she wants with her money.B. Yes, although nobody can guarantee the value of the

shares will increase.C. No, this is insider trading and this is illegal.D. No, you need to gain prior approval from HR.

44

Information & Influence

The InvestmentCan your wife buy shares on the basis of what you told her?

45

FCPA Case

1-800 ethics hotlines

• Report any issue • Secure reporting system operated by an independent third party

service provider• Anonymous reporting• Protect the “whistle blower” to enable proactive detection of

issues

46

Promote Using HR for…

• Performance or relationship issues, drug & alcohol use, reputational issues, management expectations, accepting/reviewing gifts, working with partners, activities unrelated to work, secondary employment relationships and directorships

47

Reporting and investigation

A violation of any of the sections of your Code may result in further sanctions or criminal prosecution.

48

Reporting and investigation

A violation of your Code may be reported via any of the follow resources:• Our immediate supervisor• Corporate contacts from the Legal, Human Resources

and Internal Audit departments• Ethics and Compliance hotline

49

Example of a Corporate Ethics Slogan

Always do the right thing!Ethical decision-making starts with good judgment and common sense. Before taking action in a situation ask yourself:

50

• Is anyone’s life, health, safety, or the environment endangered by this action? • Is it legal?• Does it feel fair and honest?• Does it compromise trust or integrity? • Could I justify it to the public?• What would I tell my close friend to do in a similar situation?

Benefits of a Strong Ethical Culture• Minimize Board and Executive Liability• Avoid Material Legal Investigations and Fines• Attract and Retain High Quality & Very Ethical Leaders• Optimize Internal Transparency and Productivity• Secure Intellectual Property and Private Information• Ensure the Integrity of Financial Reporting • Maintain A Strong Public Reputation

• Avoid Material Destruction in Shareholder Value

51

Ethics: Key Success Factors

• Consistent Tone from the Top• Train All New Employees on Code / Annual Certification• Establish an Ethics Hot Line or Confidential Web Portal• Ask Partners and Vendors to Comply with Code• Develop an Ethics Committee (Legal, HR, & IA)• Professional & Consistent Investigation Process & Decisions• Prosecute All Material Criminal Activity• Encourage Proactive Disclosure and Transparency• Take All Reasonable Efforts to Prevent Ethical Issues

52

Thank You & Questions!

53

• Richard Arthurs, CPA, CMA, MBA, CIA, CFE, CRMA, QIAL• Partner, National Leader Governance and Risk Management• Richard.arthurs@mnp.ca• 587-583-9155