The "Code of Business Conduct and Ethics of UBS" sets out the principles and practices that UBS expects all of its employees and directors to follow unreservedly both in letter and in spirit. The principles and standards set out in the code should characterize all of UBS' business activities and all its dealings with the firm's stakeholders including clients, colleagues, shareholders, regulators and business partners. It is the basis for all UBS policies, guidelines and statements relating to each of the firm's employees' personal commitment to appropriate and responsible corporate behavior.
Higher standards are the foundation for long term, mutually rewarding relationships. These three values shape the behavior of everyone at UBS as they work to reach our firm's vision.
Despite UBS' corporate statements and corresponding values of truth, clarity and performance, a financial scandal broke there earlier this month involving a rogue trader, Kweku Adoboli, who allegedly cost the bank $2.3 billion in unauthorized deals.
Within days of the discovery of Adoboli's actions, he apologized profusely. And in a gesture of penance, UBS CEO Oswald Grubel announced his resignation Sept. 24. New York Times financial reporter James Stewart wrote an article the day before titled "Common Sense: At UBS, It's the Culture That's Rogue" (http://www.nytimes.com/2011/09/24/business/global/at-ubs-its-the-culture-thats-rogue.html) rather than simply the acts of a renegade staffer.
He pointed to a series of misdeeds preceding this most recent outrage. His important point is that something beyond regulation and processes led to this disaster. Apparently organizational codes and commitments which included "we always act fairly and abide by the law [truth] and we will perform to the highest professional standards [performance]" proved inadequate to prevent this financial debacle.
When acts like this occur, resulting autopsies typically lead to the same post-mortem findings. Leaders failed to set the right tone, those below them got a message that differed from those contained in stated values, processes, applicable regulations and training.
They acted accordingly. Catastrophe resulted. In fact, in the aftermath of such blatantly avoidable foul-ups, can you recall a single instance when outside analysts concluded that systems and processes had not been put in place, when complaint procedures had not been implemented or learning had not been delivered?
I can't. It's the failure to act in line with all of these safeguards that's the issue.
Compliance measures are intended to prevent or surface problems like this; when they nevertheless arise—it's typically because of lapses in the "intangibles" of leadership, culture and accountability. Yet in setting up their compliance plans and systems, organizations act as if a lack of knowledge and process are the key problems they must address. They're not.
In fact, Stewart noted:
"The problems at UBS aren't inadequate risk controls, which Mr. Adoboli brazenly circumvented, or a lack of regulations, which didn't stop other UBS executives from skirting the law. The problem the board faces is whether the UBS culture, to the extent it had one, was one of personal greed."
Regulations like the U.S. Federal Sentencing Guidelines stress the importance of leadership and culture. All too often those are viewed as "soft skill" subjects and relegated to secondary importance.
Instead, when the issue is learning on compliance and related topics, the trend, in many organizations, is to focus on reaching everyone with as much information, in essence raw knowledge about law and processes as possible, and then verifying that everyone has taken a required course on these topics by a required deadline.
All the facts aren't yet in regarding the UBS disaster. But does anyone really think that Adoboli didn't know what he was doing was wrong?
If so, rather than releasing a quick apology, he likely would have said, "I didn't know this was wrong—why didn't someone tell me. I didn't know where to go to deal with this issue."
Generally, following similar catastrophes involving massive and repeated rule violations, individuals either admit they made an error, though that's rare, or try to pin the blame on someone else. Rarely do they say "I didn't understand that my actions weren't right."
So what do most organizational learning and communication initiatives on compliance topics actually do? In my view, apart from helping to build an after-the-fact defense, they instill a false sense of organizational security, sort of like those airline announcements telling us how to use our inflatable cushions and life vests if our flight goes plunging into the ocean.
Worse yet, launching salvos of monotonous corporate content to large audiences obscures simple messages about telling the truth, getting help and welcoming questions. Those are the keys to finding out about and correcting serious issues before they cause irreparable harm. In a torrent of information, they just get lost.
Yes, we need to give people basic information about rules and procedures, but without emphasizing the link between actions, business outcomes, values and key behaviors, we're really checking a box—an all-too-frequent approach to compliance training. I say it's time to chuck that box.
Instead let's make leaders accountable themselves for delivering vital messages in their own voices—not just once a year but as part of their ongoing professional responsibilities to lead and mentor. Systems, processes and more formalized learning via classroom, desktop, tablet and e-learning are critical.
But they should augment rather than replace or minimize individual leader responsibility for communicating and living by basic values like UBS' truth, clarity and performance.