One of the things we’ve heard other companies doing and we’re doing it, and we’re getting some good engagement on this, is sharing kind of ripped from the headlines. So we are taking actual investigations where we’ve seen misconduct and sanitizing the fact patterns, so we’re not outing a particular team or a particular person – but making it clear this happened at our company, this is wrong, this is why it’s wrong, these people got fired or these people got sanctioned, this is what we’ve done to fix it. We’re getting buy-in and a lot of positive reactions from the business who actually likes that. And the last thing I’d say on that is we will send out those communications not from me as the head of ethics compliance – we’ll ask business leaders to actually send out those communications. We have found that it is more effective, more impactful and frankly those communications are read more carefully if a message like that is being sent by the guy or woman who signs their paycheck, who is responsible for their bonus and their review, rather than some guy like me in Washington who’s the ethics guy. It sends a good tone at the middle where it’s the manager, the business leader who’s sending that ethics message rather than me.
We talked a little bit about training and how important that is to your program. Obviously, when you’re thinking about a global ethics and compliance program, you’re talking about a lot of different laws, a lot of complex issues, whether it’s privacy, anti-corruption, accounting treatment, revenue recognition, a whole host of cybersecurity, a whole host of issues that could have not only a variety of different laws in the United States, but also multiply that by the number of countries you’re operating in. How is it you’re able to effectively communicate those complex, sometimes contradictory, laws and concepts to a broad group of employees around the world?
So, and not every company does it this way – the way we do it is as follows. We have very little mandatory training. To my knowledge, we only have two trainings for the whole company that are mandatory, required, every employee from the most senior to the most junior, and including board members, have to take. One is SPC, the standards of business conduct, our code of ethics – every employee has to take that once a year. And the other is cybersecurity, cyber training. There is a lot of other training at the company and that is targeted for particular teams. So the public sector team has to take separate public sector training. People who do particular work in the global trade space may have to take particular global trade training and on and on and on. But the only required training we have is our SPC annually and our cyber training. And when you look at our SPC training, our code, once a year, we have boiled that down to about an hour. One thing we’ve done in the last couple of years which, I think, has been a nice move is instead of having one training that everyone has to take that frankly used to be, like, an hour and a half, now we’ve boiled it down to three different modules. Depending on the kind of employee profile you have, if you are more back office, finance, you may have a training that focuses more on books and records and financial issues. If you have more of a job that’s more sales and external facing, you may have more of a training that has a higher emphasis on the FCPA. Everyone takes the main areas, but we will modulate a bit to your particular profile. But we take the approach that if it’s an employee’s time, it’s valuable. We’re not bombarding them with a ton of required mandatory training. And in terms of the mandatory training, we try to make it very risk-based. We try to focus it on what is the kind of risk that this particular employee is most likely going to face? Trying to target it to that employee’s profile and making the mandatory training pretty specific and targeted. Having said that, we have a lot of other training that, again, is situational, is regional – it’s run more by country counsel, local counsel with support from ECO, my team, but it really is much more situational.