The three laws of organizational integrity

What if the expectations from employees could be summarized in three directives ? This article and video present a parallel between Isaac Asimov’s “three laws of robotics” and organizational integrity.

As all compliance professionals know, training employees on business integrity is not easy. Not because the theoretical message is complex: “thou shalt not bribe” (pretty simple). Rather because getting the message across in practical ways and making sure employees will know how to handle a dilemma (when they are faced with one) is a challenging task.

To help employees understand the practical implications of the rule, good codes of conduct use case studies (“What should Jenny do in such and such situations?”) or standard questions that employees should ask themselves when they are not sure what they should do (For example, “would you like to see your decision publicized on the front page of the Wall Street Journal?”).

I’d like to contribute to the profession’s reflection on how to get the message across by using a science fiction reference. Such a reference may be particularly effective in the technology sector, due to the large number of sci-fi geeks like myself in the employee population, but as some of these geeky references sometimes become part of the wider popular culture, I think it may be worth sharing with professionals of all industries.

The Star Wars saga holds a wealth of such references. As much as I like to think my role is preventing employees from being seduced by the “Dark Side of Business”, I would like to try a somewhat geekier—yet not totally obscure—reference to the classic science fiction universe created by author Isaac Asimov. More specifically, I enjoy making the parallel between the elementary commandments of business integrity and the three laws of robotics .

What are the three laws of robotics ? In reverse order, they are as follows:

Third law: A robot must protect its own existence as long as such protection does not conflict with the First or Second Laws.

Second law: A robot must obey the orders given to it by human beings except where such orders would conflict with the First Law.

First law: A robot may not injure a human being or, through inaction, allow a human being to come to harm.

I deliberately presented them in reverse order as it serves my analogy better. When applied to the organizational world, similar laws can be used to describe the relationships between the competing, sometimes conflicting, loyalties or allegiances that employees must manage in the pursuit of their professional objectives.

Third law: An employee must follow the instructions of his/her superior, as long as these instructions do not conflict with the First and Second laws.

The basic condition for an organization to function is for employees to take their primary directions from an immediate supervisor. Supervisors are presumably put in charge by the organization because they have the required competence and/or knowledge to translate the organization’s objectives into instructions for their direct reports. Managers are granted powers of direction and discipline by the organization specifically for the purpose of coordinating their team members’ work.

An organization would breakdown if every individual defined his/her own objectives and activities without coordinating with others. As a consequence, the directive role of managers is crucial for the organization to set and achieve its objectives.

From the individual’s perspective in day-to-day activities, the employees’ loyalty to their respective bosses must be their primary allegiance. Such allegiance speaks to our most atavistic, gregarious instincts and rarely needs to be taught. Yet, if it was a class, it would be taught under “Office politics 101.”

Ironically, in an organization in which both workers and managers are replaced by robots, this third law might be enough. But, in the context of human organizations, the third law alone relies too much on the integrity of the supervisors or managers, themselves human, hence fallible.

Second law: An employee must act in the interest of the organization he/she belongs to, as long as such actions do not conflict with the First law.

In modern organizations (as opposed to medieval/feudal ones) employees do not technically work for a manager. Rather, they work for an organization that also employs their manager.

Unless they are business owners, managers only exercise the power to promote or allocate bonus to their direct reports by delegation from the organization vis-à-vis which they have a fiduciary duty.

As a consequence, should the supervisor ask the employee to do something that goes against the organization’s goals or interest, the Second law should apply and the employee should refrain from following the supervisor’s instructions.

In absurdly extreme cases, the supremacy of the Second law over the Third is instinctively obvious. The finance director asking the account payable clerk to cut him/her a check is akin to the soccer coach telling his players to kick the ball into their own goal: everybody understands that this goes against the elementary interest of the team.

But just as Asimov’s robots can get confused when prioritizing the laws of robotics (as in the 1942 short story Runaround), confusion can arise in more subtle situations, such as when the employees are not properly “wired” by the organization.

For example, when a local general manager instructs the local financial controller to not report local performance accurately at Corporate level the conflict between the Third and the Second law may not be resolved in favor of the latter if the controller is not adequately trained to sort out this kind of dilemma.

Ensuring the effectiveness of such “wiring” is precisely the responsibility of the Ethics and Compliance professionals in an organization.

The Responsibility of Compliance

Codes of conduct, business integrity trainings and other awareness initiatives conducted by Compliance organizations aim to make it clear to employees what the best interests of the organization are by defining the rules applicable to the safeguarding of company assets and the accuracy of internal information reporting:

  • Company money should be spent in the pursuit of the Company’s objectives.
  • Financial information reported to management should be accurate enough to allow management to take appropriate business decisions.
Compliance professionals and organization executives in general have a responsibility, not only to ensure that the objectives are clearly defined, but to also align as many individual incentives as possible with the organization’s best interests, in order to limit frictions between the Third and Second laws (not to mention frictions between the employees’ personal interests and the Second law).

What happens when acting in the interest of the organization (i.e. abiding by the Second law) generates negative externalities? This leads us to the First law.

First law: An employee’s actions should be consistent with the interest of “society at large” (for lack of a better term) or "..."*

*fill the blank with whatever larger interest you consider as superior to the one of an organization: “the nation”, “humanity”, “the general public”, “the world”, “the environment”, etc...

Indeed, the First law sometimes needs to supersede the Second law, typical examples in the Compliance world being instances of:

  • bribery of a customer by a Company employee : the Company’s interest are served by the bribe, which will generate business for the Company, but the bribe is corrosive for the greater public.
  • anti-competitive behaviors which could enrich the cartel members at the expense of the consumers.
From a theoretical standpoint, the First law is where Professor Edward Freeman’s famous Stakeholder Theory as well as the principles of Corporate Social Responsibility come into play.

Aligning the interests of organizations with the interests of society at large is the responsibility of governments and is done through regulators and agencies. This is achieved by deterring organizations to act against society’s or the environment’s interests through enforcement actions and sanctions.

From within the organization, Compliance and Ethics professionals have a role to play: ensure that the alignment of the organization’s interests with the ones of society at large is duly reflected in the organization’s normative framework (Code of conduct, procedures, incentives, etc.).

The educational role of Compliance and Ethics professionals is crucial for employees to be able to distinguish and prioritize between the respective interests of the organization and “society at large”.

But the responsibility of Compliance and Ethics professionals is not limited to their own company. Just as the stakes of the First law exceed the strict perimeter of individual organizations, so should the educational efforts of Compliance and Ethics professionals. This is an exciting perspective for us all, as this means we have a role to play in educating the larger public not only of active professionals but also of future professionals, i.e. students. Let’s hope some form of the three laws will be one day be fully integrated in university curricula. This would be another great service rendered to mankind by Mr. Asimov and his robots…