“It’s the front-line people who know what’s going on, not the people with their feet up on the desks in their offices”. So writes Alan Weiss, the clearest thinker on professional services delivery I’ve ever met.
Yet, in the context of critical enterprise risk management, the odds are against one employee’s knowledge of incipient legal or regulatory danger coming to the attention of someone positioned to effectively nip that danger in the bud. Unless that one employee is either relatively senior, or visits with one of the company’s lawyers by happenstance.
This Matters to Your Business
With the early-stage legal and regulatory dangers that mutated into the Boeing 737 Max crashes, the General Motors ignition switch tragedy, and the Blue Bell Creamery listeria outbreaks, it was, as Alan Weiss would have put it, “the front-line people” who knew about those hazards well before any customer died. It was not the corporate law function (see post).
In each case, test pilots and software engineers (Boeing), parts managers (General Motors), and machine operators in production plants (Blue Bell Creamery) possessed direct, tangible knowledge of red-flag compliance failures that posed substantial safety questions. Yet, also in each case, Boeing’s, General Motors’, and Blue Bell Creameries’ corporate law functions failed to make themselves aware of these early-stage warnings. Let alone to anticipate, plan against likely contingencies, and give their C-suites and boards ample warning of what might be coming.
So, in each case, because in-house counsel and law firms were blindsided, their C-suites and boards were also blindsided.
Much of the evidence pointing to a possible compliance failure resides with those front-line people. They lack easy and routine access to in-house counsel or law firm attorneys. They work in silos distinct from them.
And those front-line people are numerous. Sufficiently numerous that neither in-house counsel and nor law firm attorneys can efficiently make phone calls or send emails asking if they see anything that’s fishy. Company-wide, managed compliance requires disciplined systems and processes designed to tap the collective awareness of such a fragmented group on a regular basis.
It’s no mystery, then, that general counsels and their outside attorneys invoke an “ignorance defense” when legal or regulatory catastrophe strikes.
What those numerous front-line employees know about early-stage legal and regulatory dangers needs to be scaled within an enterprise-wide compliance effort. That scaling is what management systems and processes are good at. And what general counsels’ and other lawyers’ ad hoc interventions are bad at.