Today we continue our celebration and exploration of the original trilogy of Star Wars movies with a look at Episode VI. Return of the Jedi. In this final movie from the original three, the good guys win in the end after overcoming incredible odds, largely from the effective training of Luke as a Jedi Master. Many fans and critics panned it for including the incredibly cute and furry Ewoks on the moon named Endor as a part of the storyline. Many thought one very tall Wookie was enough cuteness for the series. Yet the Ewoks did provide the setup to one of the movies best lines. The Ewoks thought one of Luke’s robots, C-3PO, was a god. Solo asked him to demonstrate some ‘god-like’ powers to which C- 3PO replied, “It is against my programming to impersonate a deity.”

This movie’s big reveal was that Luke and Princess Leia were twins and that she was now free to unabashedly pursue bad boy Han Solo. While Episode VI was the lowest grossing film of the original three, coming in at only $572MM worldwide, it was still a great ride and visually stunning. George Lucas’ in-house organ, Industrial Light & Magic (ILM), certainly earned their title for their special effects in the movie. The Sarlacc battle sequence was great, the speeder bike chase on the Endor moon was way cool and the space battle between Rebel and Imperial pilots was a great ride. At the Academy Awards ceremony for movies of that year, Richard Edlund, Dennis Muren, Ken Ralston, and Phil Tippett, all from ILM, received the Special Achievement Award for Visual Effects Oscar award.

I thought about this entry in the Star Wars oeuvre in the context of compliance training. One of the key changes from the Department of Justice articled in the 2017 Evaluation of Corporate Compliance Programs was the change in training. The DOJ wants both targeted and effective training. This means you must be able to demonstrate how your training has been received and utilized by your employee base.

I have adapted an approach first articulated by Joel Smith to help determine compliance training effectiveness.

1.What you want to measure. Before you ever train an employee, you should have a goal in mind. What actions do you want employees to take? What risks do you want them to avoid? In compliance, you want them to avoid non-ethical and non-compliant actions that would lead to compliance violations. The goal is to train employees to follow your Code of Conduct and your compliance program policies and procedures so you avoid liability related to actions.

  1. What is employee engagement?The next step is to get a sense of whether employees feel that the training you provided is relevant and targeted to their job. If it’s not targeted, employees will likely not be committed to changing risky behavior. You can get data on employee engagement through a quick post-training survey, which will help you isolate and qualify the training benefit.
  2. Did employees actually learn anything?A critical part of any employee training is the assessment. If you want to understand the “benefit” of training employees, you must know whether they actually learned anything during training. You can collect this data in a number of ways, but for compliance training, the best way is to measure pre-and post-training understanding over time. Basically, each time you train an employee, measure comprehension both before and after training.
  3. Are employees applying your training?You need to conduct a survey to determine employee application and their implementation of the training topics. To do so, you must conduct employee surveys to understand whether they ceased engaging in certain risky behaviors or better yet understand how to conduct themselves in certain risky situations. These surveys can provide a good sense of whether the training has been effective.

At the end of the final episode of the first trilogy, Luke see the specters of Anakin Skywalker, Yoda and Obi Wan Kinobi in front of him. This movie also demonstrates that his training to become a Jedi master is complete. Moving forward he will be a Master to other Jedi.

What is the message of compliance inside of a corporation and how it is distributed? In a compliance program, the largest portion of your consumers/customers are your employees. Social media presents some excellent mechanisms to communicate the message of compliance going forward. Many of the applications that we use in our personal communication are free or available at very low cost. So why not take advantage of them and use those same communication tools in your internal compliance marketing efforts going forward?

There is much to be learned by the CCO and compliance practitioner from the disciplines of marketing and social media. These concepts are useful to companies in getting their sales pitches out and can be of great help to you in collaborating and marketing throughout your company. These are only some of the tools that you can incorporate into your compliance program going forward and are a different way to think about who your customers are and how you are reaching them with your message of doing compliance.

Three key takeaways:

  1. Let your employees know what you stand for.
  2. Celebrate not only successes but even employees’ efforts.
  3. Give employees a tool kit for compliance using social media.

In honor of David Prowse, the original actor portraying Darth Vader, I am running a podcast series this week on the intersection of compliance and Star Wars. Second in our series on compliance through the lens of Star Wars is Episode V – The Empire Strikes Back, which is my personal favorite of the original three movies. The film begins with a cool battle on the ice planet of Hoth and has some great HR lessons as Darth Vader executes officers for work place failures; demonstrates some dangers involving ineffective training for Luke Skywalker on the tropical plant of Dagobah, where he travels to learn under the Jedi master Yoda who utters the immortal line “Try not! Do, or do not. There is no try”; and ends in Cloud City, a floating gas mining colony in the skies of the planet Bespin run by Han Solo’s old buddy, Lando Calrissian. It also has one of the greatest movie lines of all-time, thundered by Darth Vader to Luke Skywalker, near the end of the film. Today, we consider it for the continued issue of due diligence.

Solo and Calrissian go way back and Solo trusts him. Of course, Solo won his starship, the Millennium Falcon, in a card game from Calrrisian but it was never clear just how legit the card had been. Unfortunately for Solo, he was followed to the Cloud City by bounty hunter Boba Fett who alerts the Empire to Solo’s location. Solo’s friendship with Calrrisian is sorely tested when Vader and his Imperial Troops arrive, take Solo, Chewbacca and Princess Leia prisoner and torture them to entice Luke to come to save his friends. During the climactic battle between Luke Skywalker and Darth Vader, there is the BIG REVEAL where Vadar utters the immortal line, “I AM YOUR FATHER”.

I thought about these last two points, in the context of knowing who you are doing business with under the FCPA or UK Bribery Act. I once heard a company President say he did not need to perform due diligence because he looked a man in the eyes and that was enough to know if he was honest. (I should add, this President also evaluated the strength of a handshake as an additional level of due diligence.) Hopefully we have moved past this level of sophistication for due diligence and its evaluation thereof.

One of the areas I still receive questions about are the different levels of due diligence. I break due diligence down into three stages: Level I, Level II and Level III.

Level I-consists of checking individual names and company names through several hundred Global Watch lists comprised of anti-money laundering (AML), anti-bribery, sanctions lists, coupled with other financial corruption and criminal databases. 

Level II-encompasses supplementing Level I due diligence with a deeper screening of international media, typically the major newspapers and periodicals from all countries plus detailed Internet searches. 

Level III-it is an in-country ‘boots-on-the-ground’ investigation and is designed to supply your company “with a comprehensive analysis of all available public records data supplemented with detailed field intelligence to identify known and more importantly unknown conditions.

Now imagine if Luke had performed a more robust level of due diligence on Darth Vadar? Would he have been able to find out Darth Vadar was his father? Perhaps not but then again, we might not have heard that seminal line “I AM YOUR FATHER”.

In this month’s offering of 31 Days to a More Effective Compliance Program, you will learn about training and communication techniques that the CCO can use to provide not only a well-rounded role as a CCO but also facilitate a much more holistic approach to compliance in your organization. Best of all the techniques, discussed are largely available to you at little to no cost. There are things that you can do both in your method of running the CCO positions and innovations that you can bring to the compliance function in your organization.

A 360-degree view of compliance is an effort to incorporate your compliance identity into a holistic approach so that compliance is in touch with, and visible to, your employees at all times. It is about creating a distinctive brand philosophy of compliance which is centered on the customers of your compliance program (i.e., your employees). It helps to anticipate all the aspects of your employees needs around compliance especially when compliance is either perceived as new, something that comes out of the home office or as the Land of No. It gives you the opportunity to build a new brand image for your compliance program.

The objective is to build trust for the 360-degree process by determining if the goal was achieved. You can utilize surveys or focus groups to assess the impact on your target audience. Focusing on your customers of compliance allows you to identify gaps and improve the communication process for your compliance program.

Three key takeaways:

  1. Remember the definition of 360-degrees of compliance communications. It is an effort that moves the compliance identity into a holistic approach, so compliance is in touch and visible to your employees at all times.
  2. What is your objective? What are you trying to do with your 360-degrees view of compliance communications and how are you using that mechanism to deliver the objective your compliance program desires?
  3. You need to evaluate if the message has been delivered, has it been heard and is it being implemented?

The week of Thanksgiving is the time of our annual trip to the most beautiful and unique city on earth-Venice, Italy. With travel to Italy shut down this year due to Covid-19, I am visiting Venice virtually and mining this rich city for compliance lessons. This episode concludes my podcast series on how the city of Venice informs your internal reporting system.

The symbol of Venice is the Lion of St. Mark. The use of this symbol led to the maxim ‘straight from the lion’s mouth’. This adage came about because the Republic of Venice had its own hotline system where citizens could report misconduct. A citizen could write down his concern on paper and literally put the message into the mouth of statues of lion heads placed around the City. This system was originally set up to be anonymous but later changed to require that a citizen had to write his name down when submitting a message.

So, once again, using Venice as inspiration for a compliance topic, today I would like to review some best practices regarding an internal reporting system.

Get the word out. Allocate a portion of your time and budget to promoting the internal reporting system through multiple channels. Deliver in-person presentations where possible. Do not think of the promotional initiative as a one-time effort. It is important to remind employees regularly, through in-person communications, via e-mail, or through intranets, newsletters, and so on, that this resource is available to them.

Train all your employees. Getting employees to use the internal reporting system is one half of the challenge; ensuring they use it properly is the other half. This is where training becomes essential. Make sure people understand what types of activities or observations are appropriate for reporting and which are not. Company leaders also need to understand the role the hotline plays in the organizational culture, and the importance of their visible support for this compliance initiative.

Take a look at the data. Use the data derived from or through the internal reporting system to identify unexpected trends or issues. Isolate the data by location and department to identify micro-trends that could indicate problems within a subset of your corporate culture. Analyzing the data can help you stay a step ahead of emerging issues.

Response is critical to fairness in the system. Seeing a internal reporting system in action in this way can go a long way toward dispelling employee fears of being ostracized or experiencing retaliation because if they see that their concerns are heard clearly and addressed fairly, they will learn to view the hotline as a valuable conduit. If your compliance group responds promptly and appropriately to hotline complaints, you can ensure robust participation and ongoing success.

As podcast series on compliance lessons from Venice draws to an end, I am reminded how much the western world has to thank the Republic of Venice. From the forms of republican democracy that the US Founding Fathers drew from to helping to establish a world-wide trade and banking system which still reverberates today. But, if you look closer, ancient Venice had many good government techniques which also still inform the modern world. Straight from the lion’s mouth to your company’s internal reporting system is just one of them.

Check out my podcast on this topic by clicking here.