Category Archives for "Ethics"

Aug 28

Knowledgelink Podcast: A Warning to White-Collar Professionals

Criminal Justice , Ethics , Family Impact , Life after Prison

When it comes to ethics, what you don’t know can hurt you.

J. Kevin Foster

I was honored to sit down with Jon Tota, CEO of Knowledgelink, to talk about the common ethical traps that can bring people and companies down the wrong path, and how to prevent failures of integrity through training, seminars, and consulting.

In this episode of Learning Life with Jon Tota, hear about my journey of a real estate executive turned-convict turned-ethics expert, who formed a plan to end the slippery slope of bad ethical decisions in the business world during his 28 days in solitary confinement.

This is a great interview for those in the business world that are concerned about the pitfalls that everyday people can find themselves inadvertently in.

Aug 08

Why Facebook’s $5B Fine is No Surprise


As reported in Vanity Fair (May 2019), Mark Zuckerberg told a friend in an IM, “You can be unethical and still be legal that’s the way I live my life.”

With that being said, no one should be surprised that Facebook agreed to pay a $5B fine for violating multiple previous agreements with the FTC and users. Next to generating a return for shareholders, the most important role of the C-Suite is to create an ethical culture, the true essence of leadership.

A strong ethical culture is good for business, the customers, and employees. Is it no wonder that Facebook has reputational problems? How should the nearly 36,000 Facebook employees be expected to remain ethical in their jobs when their CEO thinks it is ok to be unethical?

Under the new agreement, Zuckerberg and other executives will be required to certify personally, subject to civil and CRIMINAL penalties, Facebook’s compliance program. The line between unethical and illegal is very thin. The penalties for being unethical or illegal can be devastating to the individual and the organization. (photo courtesy of Bon Appetite)

Jun 07

CEO Integrity Failure Stats


It may only seem that many C-Suite executives fail to set the ethical bar high enough or not at all, but we now have some confirming statistics. According to a May PwC Strategy& CEO Success study of the world's 2,500 largest companies, more CEOs lost their jobs in 2018 to ethical malfeasance (39%) than poor financial performance (35%) or struggles with their board (13%). The most cited reasons for ethical lapse dismissals are more transparency, zero tolerance by boards, #metoo movement, social media and the news media chasing sensational stories. CEO turnover in 2018 was the highest in the 19-year history of the study at 17.5%.

Cultivation of an ethical corporate culture is one of the most important roles of an executive.  Ethical leadership means leading by example.  The days of the boards giving its C-suite executives slack is over with.  Let's hope that executives learn from the mistakes of their predecessors and exercise ethical leadership.

May 02

Top Three Takeaways from the Pharmaceutical Compliance Congress 2019, Part III

Compliance , Ethics

This is Part III of a three-part series of the key takeaways from CBI’s 16th annual Pharmaceutical Compliance Congress was April 16th – April 18th

Takeaway #3 – Given all the legal action in the industry, large pharma companies fear the cost of non-compliance far more than the cost of their compliance and training.  Can the smaller companies keep up? 

The large pharma companies have a lot of money and resources for compliance and ethics training, but how effective are their compliance and training programs when they are playing whack-a-mole with government regulators worldwide.  The compliance programs are getting more sophisticated with the use of artificial intelligence, but the data can be overwhelming and requires detailed analysis.  These larger companies are willing and able to spend what it takes to limit their legal liability and reputational harm.

The smaller and medium size pharma companies seemed shell shocked at the conference about the risks they are facing.  Their companies appear unlikely to have the money for data mining and compliance software, but it seems doubtful that any government agency will give them a break when an allegation arises.  Given the costs to bring new drugs to market and the scarcity of capital, management has hard decisions to make about where to invest scarce cash.

What should pharmaceutical and life science companies do to reduce risk?

Government prosecutors and regulators will not be letting up their scrutiny in this industry, and these companies will require aggressive compliance oversight and training at all levels of the organization.  To limit risk, pharma companies must be looking at and analyzing the massive reams of data they are collecting, and assume that their data will be used against them.  AI might be a tool gaining more use in the industry, but nothing beats human action based on reasoned analysis.

We don’t know how many of the actions giving rise to the settlements mentioned above could have been avoided with more aggressive ethics and code of conduct training.  We do know that the SEC and DOJ consider ethics in the corporate culture when negotiating settlements.  Companies are well-served if they can prove that bad actors in their organization are outliers and ignored company training and guidelines.  Massive settlements are often the result of massive integrity failures.  Effective ethics training has a high ROI if just one ethics breach is avoided.  How will you prepare for a sudden revelation of a scandal in your organization?

May 01

Top Three Takeaways from the Pharmaceutical Compliance Congress 2019, Part II

Compliance , Ethics

This is Part II of a three-part series of the key takeaways from CBI’s 16th annual Pharmaceutical Compliance Congress was April 16th – April 18th

Takeaway #2 – Expect a lot of uncertainty in how the government investigates and pursues criminal and civil allegations of wrongdoing. 

The U.S Healthcare Fraud and Enforcement Panel featured two current Assistant U.S. Attorneys (AUSAs) and three former AUSAs currently representing pharma clients.  Notably, the current AUSAs were very straight about how they source leads for investigations including whistleblowers, self-reporting, data mining, investigative reporting and public statements from pharma companies. 

The former AUSAs were not shy about pushing back against, what they consider, the lack of consistent definition and enforcement of federal laws pertaining to the pharma industry.  They pointed out that there is very little consistency between the different U.S. Attorney offices about what conduct constitutes a violation of pharma-related statutes.   The current AUSAs said that if their offices believed it was a violation, they would pursue the case regardless of what other offices would do.  This lack of consistent application of the law is a significant risk for the pharma industry, and it is easy to understand the frustration that pharma executives and counsel experience.

The DOJ encourages companies to self-report violations, and the DOJ will seek actions against individuals for personal liability.  However, pharma companies question how much cooperation credit they will receive.  There seems to be no consistent pattern of relief.

Part III will follow tomorrow.

Apr 24

Top Three Takeaways from the Pharmaceutical Compliance Congress 2019, Part I

Compliance , Ethics

CBI’s 16th annual Pharmaceutical Compliance Congress was April 16th – April 18th.  I was honored to be the keynote speaker on the last day of the conference but attended many of the sessions.  As an ethics expert, I live and breathe ethics in Corporate America, so I am always looking at the current trends.  I’ve known that the pharma industry has unique challenges, but never realized the depth of compliance and ethics risk until this month.  The pharma industry continues to get hit on all sides from the alphabet soup of government agencies including the DOJ, SEC, FDA, HHS, FTC and all 50 state AG’s, not to mention regulators in other countries where they operate.

Take-Away #1 – Recent Pharma settlements are probably an indication of risks that are not going away anytime soon.

 According to Potomac River Partners “Year-in-Review” presentation that kicked off the conference, recent US federal civil and criminal settlements include False Claim Act (FCA) violations for DJO Global ($7.6M), Alere ($33.2M), Rotech ($10M), Pfizer ($23.9M), Jazz ($57M pending resolution), Lundbeck ($52.6M pending resolution), Angiodynamics ($12.5M), Actelion ($360M) and AmerisourceBergen ($625M).  Insys settled kickback allegations for $150M.  Clovis Oncology paid $20M to settle SEC allegations.   Olympus Medical paid $85M to settle Federal Drug and Cosmetic Act (FDCA) violations.  An FCPA settlement cost Sanofi $25M.  EV3 and Covidien paid a combined $30.9 million for FDCA and FCA violations.

Some states have already passed, or are considering, bills for drug price transparency, allowance of off-label promotion, and banning manufacturer co-pay assistance for opioids.

California passed a data privacy law, so look for other states to follow suit.  Other nations are already following the EU’s GDPR guidelines on data privacy.  This area will be ripe for future enforcement.

Product liability suits have hit AbbVie’s AndroGel and J&J’s talc powder.  Anti-opioid actions enjoy bipartisan support at the federal and state level.  Expect more litigation and legislative action to crank up this year and next for these issues.

All these actions indicate the pharma industry has on-going problems with off-label selling, kickbacks related to medical provider dinners, speaking fees and grants, market access and technical violations of various federal laws.  The personnel posing the greatest risks are domestic and foreign salespeople and third-parties hired outside the U.S.

Part II will follow tomorrow.

Nov 30

What is the Ethical Conversation du Jour? Sexual Harassment!


As a speaker on business ethics, I am often asked why successful executives risk so much by taking unethical actions.  The daily exposure of new sexual harassment offenders provides ample evidence of the consequences of bad behavior, which is almost always exposed. Sexual harassment is an ethics issue, and most companies address sexual harassment within the context of their company’s code of ethics.

We all know that sexual harassment is not a new phenomenon.  It seems that Harvey Weinstein’s abrasive and arrogant stance in the wake of the allegations against him awoke women’s “we’ve had enough, and we are not going to take it anymore” movement.  According to CBS News, as of October 24th, the #MeToo social media movement reached 85 countries and over 1.7 million tweets on Twitter.  And, Facebook alone had more than 12 million posts by 4.6 million users in one 24-hour period.  The conversation grows daily with new allegations!

Stories of sexual misconduct will be in the news for some time with Matt Lauer and Garrison Keilor being the latest casualties.  As business leaders, we have the responsibility to our fellow employees, shareholders, and families to search for clues of sexual misconduct before it is too late for those involved.

Some offenders such as Harvey Weinstein, Kevin Spacey, and others are accused of sexual assault, a criminal offense. Bill Cosby recently stood trial for sexual assault that resulted in a deadlocked jury.  Criminal charges are serious, and it is easy to see where sexual harassment could lead to sexual assault in today’s legal environment.

Sexual Misconduct as a Business Ethics Issue

Companies can limit their legal liability, if allegations arise, by assuring their harassment policies are up-to-date and enforced, having mandatory sexual harassment training for at least all managers, and taking harassment complaints seriously.  Management should facilitate a corporate culture where there is no toleration for inappropriate behavior, and all employees are appreciated and not objectified.  Ignoring complaints is no longer an option given the attention that sexual misconduct is receiving in the news.

Sexual harassment is a serious business ethics issue because the consequences of the harassment lead to a hostile work environment and are demeaning to its victims, typically a work associate of the offender.  Companies are not only embarrassed by the recent revelations, but they have been paying large sums to settle with victims.

A new Economist/YouGov survey of November 28, 2017, finds that 80% of Americans consider sexual harassment to be a serious or somewhat serious problem.  However, only 36% of the survey respondents say it is a serious or somewhat serious issue where they have worked.  Are American companies doing a better job of creating a safe working environment than those in industries getting the most attention now, primarily entertainment, media, and politics?  Perhaps, but 36% is still too high, and zero is probably not attainable.

Clues for Spotting Sexual Harassers

Ethics are an enigma to most people. I developed a set of E.T.H.I.C.S. Tools that provide clues on whether someone is in danger of slipping into unethical behavior such as sexual misconduct.

A good question to ask is, why would smart people, who know better, sexually harass another?  To answer that question, let’s examine three of my E.T.H.I.C.S. Tools.

 E = Exaggerated Ego

The ego’s feedback from its environment can have a significant impact on its beliefs.  For example, the “Hollywood casting couch” is a long-running euphemism for the acceptability of sexual harassment in the film industry.  Harvey Weinstein’s bad behavior was an open secret for decades.  Yet, no one complained until recently. Is it any wonder then, why so many entertainment and media personalities are accused of sexual misconduct?  Social acceptability provides positive feedback to the ego that its false sense of prestige is accepted.

Since most of the well-publicised complaints have been coming from media, entertainment, and politics, it may be that these egos are more likely to be out-of-control than the ego of an executive.

I am amazed how many of the accused are shocked that they are publicly outed for their bad behavior.  The accusations are a direct assault on their ego, and I have little doubt that they thought that either their sexual advances were welcome and consensual, or were acceptable.

S = Stinking Thinking 

Stinking thinking is that thinking which is dysfunctional to a rational connection to the moral universe, or excuses that one makes up to get its way.

The dysfunctional thinking of an exaggerated ego fills the head that it can do no wrong.  This belief is especially true for men in power positions, whether the person is a big fish in a big pond or a big fish in a little pond.  The big fish believe that they can use their power to take advantage of the little fish.  Beliefs are just thoughts that we keep on thinking.  Most of us would agree that it is wrong to take advantage of another human just because we can, but not so for someone who believes that others are there to serve him.

Given the film industry’s reputation for trading sex for jobs, a studio executive may think they are entitled to sexual favors in return for making a woman a star.  Or, the thinking may be that everyone is doing it, so why not me?  Harassers know their power so they may think that their harassment will be kept a secret since the victim would fear retribution from the harasser.

A business executive may think that they are too important to an organization for a company to terminate them for their sexual misconduct.  A former congressman once told me that Washington, D.C. has a culture of sexual promiscuity, so is it any surprise that a politician would think that his sexual advances are doing business as usual?

C = Consequences Not Considered

I am always amazed how very smart people, who would normally consider every risk in a business decision, fail to consider the consequences of their unethical actions. The consequences of sexual misconduct can be severe.

Matt Lauer reportedly had a contract with NBC News worth $25 million a year.  Bill O’Reilly earned $18.5 million a year with Fox News.  Not only is O’Reilly’s salary gone, but he reportedly paid out $32 million to one accuser, and Fox News paid out $13 million in settlements to other accusers over the years.  According to the New York Times, Harvey Weinstein has paid off accusers for decades.  Those payments are probably nothing compared to his loss in the value of Weinstein Company in the wake of the loss of its reputation and its, most likely, ability to continue in the film industry.

Sexual harassment settlements are costly in terms of money, but the loss of their career and relationships, and the public humiliation have a more enduring impact on an individual and their families.

If you are interested in learning more about my E.T.H.I.C.S. Tools for you and your company, please do not hesitate to contact me at 770-715-2095.

Sep 29

What are the Ethical Implications of the Equifax Data Breach?


How a company and its leadership adheres to its core principles and responsibilities during a crisis speaks volumes about its ethics. The Equifax data breach that exposed the personal data of about 143 million U.S. consumers is a crisis of epic proportions.

Equifax, like its two rivals, is the gateway to consumers’ access to financial credit. Equifax’s customers also include the users of this data to make credit decisions. If you had to boil down the two most core ethical principles that were required of Equifax given these unique roles, it should be integrity and security.

Ironically, Equifax updated and reissued its corporate code of ethics in July, about the same time it discovered the breach. Equifax’s code touts the importance of honesty and fair dealing in maintaining appropriate business relations, protecting the privacy and confidential information of others, advising employees to watch out for company property that is not secured, and prohibition of insider trading. Former Chairman and CEO, Richard F. Smith has an introductory message to the code discussing his commitment to the code and compliance.

So, how well did Equifax’s executives live up to its own code of ethics? Several things strike me about the ethics of Equifax’s handling of the situation.

Equifax had an ethical duty to its customers to maintain personal data with utmost security.

Equifax used an open-source software tool known as Apache Struts that supported Equifax’s online dispute portal web application. The company believes that the hackers gained access to its data through a vulnerability in Apache Struts. This vulnerability was known to Equifax since March 2017. The hackers gained access to Equifax’s data from May 13 through July 30th, when Equifax took down this web portal.

Why didn’t Equifax take down the web portal as soon as it knew the software was vulnerable, and not brought the portal back up until the security flaw was patched?

Companies lacking in internal controls tend to be more exposed to ethical failings than companies with strong internal controls. We normally think of accounting processes when we discuss a company’s internal controls, but its internal controls over its computer systems are equally important, especially for a company whose product is digitally maintained.

Equifax had an ethical duty to inform its customers of the breach as soon as the breach was discovered.

Equifax has not said why they waited until September 7th before announcing the cyber incident. Could it be that the hacking was too embarrassing for a proud company to announce, or was there another reason?

This delay deprived its customers the opportunity to take early actions to mitigate the potential damage from the exposure of their personal data. Credit freezing and monitoring could have started months ago.

The creditors and financial institutions that rely on Equifax were considering credit applications and approving loans for this period.  They were totally unaware that the applications they were processing could be fraudulent and contain personal information stolen from Equifax. These companies were unable to consider whether they required other forms of identification and information to verify that they were not processing credit applications for fraudsters.

Was it fair to these customers that Equifax did not tell them of the breach? What losses will result from this lag in reporting the breach?

Equifax executives who knew about the data breach had an ethical duty to inform all “covered insiders” not to sell any stock until the pending material information about the breach was made public.

The CFO and two other executives sold a combined $1.8 million in Equifax stock in the days following the company’s discovery of the breach. Equifax stated that these three executives did not know about the breach. Really … Why not?

Equifax’s ethics code requires that Human Resources, the Corporate Ethics Officer, or the Audit Committee of the Board of Directors be notified of any suspected fraud or theft of company assets. Given the size of the breach, were these people notified? Whether the answer is yes or no, why didn’t the CFO know?

We know that the Chairman and Chief Executive Officer, the Chief Information Officer and the Chief Security Officer knew about the breach.  All three have since left the company in the wake of the fallout. Certainly, other employees working in the offices of the three since-resigned executives had to know.  Did they follow Equifax’s ethics code reporting requirements, even if their bosses did not?

An SEC investigation into the stock sale is pending. These three executives will be incurring major legal bills, whether they are guilty of insider trading or not. They may be subject to criminal penalties, including incarceration. How fair and honest was it on the part of the executives in the know not to inform the other executives to hold off on any stock transactions?


Ethical conduct of companies and executives is a hot-button topic in corporate America precisely because ethical failures are commonplace. Equifax is one example of many. An ethics policy or code is only as good as the leadership implementing it. People are fallible and do things that others will simply say, “What were they thinking?”, when unethical conduct is exposed, as it almost always is.

Equifax’s problems could have been prevented if certain executives had followed the company’s code of ethics, their individual personal values and common sense. But, this is a prime example how a lapse in ethics can have a significant adverse impact on 143 million consumers and countless institutions that rely of quality credit information to conduct their business.