by Alden G Lank DBA and FFI Fellow, and Robert R. Patterson MBA, AIFA
Read the business section of any metropolitan newspaper, the Wall Street Journal, The Economist, or Financial Times and the chances are there will be headlines of yet another corporate scandal: board members or top management being jailed and millions of dollars of fines having to be paid with earnings and share prices taking a beating, not to mention the reputation of the company. Think Wells Fargo Bank or Volkswagen or Equifax or Enron to name just four. How could this happen when it has been shown repeatedly that unethical and/or illegal decisions potentially have huge long-lasting negative consequences for the firm? And what role, if any, did the Boards of Directors, the top corporate governance body, have in these scandals? Fair questions.
Charting the ethical course is no sinecure. In many cases deciding what is legal or illegal is easier than deciding what is ethical or unethical. Why? Because many Boards have lawyers as members or have access to the V.P.-Legal or outside counsel. Very few if any can confer with an internal or external ethicist. If the company is operating in various countries, the job is even more arduous.
As fiduciaries, it is the job of the Board to ensure that Codes of Conduct exist for the company as a whole and for the Board itself that indicate what behavior is unacceptable and to see that the Codes are enforced. One company we know requires that each manager “sign-off” each year on its Code of Ethics. One very interesting approach was regularly preached to management, main and subsidiary Board members by the CEO of a large multinational from a Nordic country which had an impeccable record of ethical and legal behavior world-wide. He called it the “the TV Test.” Here it is: “If you are wondering if a given action you are about to take is ethical and legal, assume the following: You will have to defend it publicly on TV in the home country, the country of the subsidiary and significant third countries where we do business. If you can justify it in these three venues, it is highly probable it is ethical and legal.“ He added whimsically: “If all else fails, ask yourself: ‘Would my mother approve?’”
In the absence of parental guidance, what to do? For fiduciaries of retirement assets and eleemosynary funds, there is already a set of global fiduciary practices developed by Fi360 and the Centre for Fiduciary Excellence. However, there are no such global standards for boards and trustees in the cybersecurity domain. There are plenty of technical guidelines but none that offer the level of sophistication offered by Fi360.
Using a form of Artificial Intelligence (AI) known as Bayesian Networks, Diogenes is in the process of developing a set of best practices based on the Fi360 model. CyberSec will be the first Software as a Service (SaaS) to support board members and their advisors in their broader fiduciary role of governing cybersecurity.
CyberSec will reflect our core tenets of honor, truth, and transparency. Not only are such ethics-based tenets good business practices, but they also fit well with the Social and Governance aspects of ESG.