You’d be surprised just how different codes of ethics are across the insurance sector. Not only do they come in all shapes and sizes, but some firms who you’d expect to have a top notch code turn out to have long neglected it. One or two insurers don’t even have one. What this points to is a wide range of approaches to managing ethics. That’s fine, so long as insurers know how effective their particular approach is in relation to the ethical challenges facing their firm and the sector.
A couple of years ago, I reviewed the codes of ethics of several insurers active in the UK sector. My report on what I found can be downloaded here. Feel free to use it as a benchmark when looking at your own code. If you’d like to read about the key themes that I saw emerging from that review, read these three posts (post 1, post 2 and post 3).
In some jurisdictions, what you put in your code of ethics really does matter. US insurers expect to have their code gone through with a fine toothcomb, should the Department of Justice or the Securities and Exchange Commission visit with questions.
Here in the UK, the regulator does not spell out their expectations with the same detail as their US counterparts. Nevertheless, the regulator will undoubtedly use a code of conduct/code of ethics to assess a firm on issues such as ethical culture, purpose, speaking up and leadership.
So, how good is your code of ethics, or code of conduct, however you describe it? One quick way to answer this is to check when it was last reviewed. If that was before January 2018, then, to be honest, you just don’t know how good your code is. And if your firm has been making some big strategic moves recently, I would move that date forward to September 2019.
Is your Code Good Enough?
To help you answer that question ‘is my code good enough’, I’ve put together the following list of questions you should be asking of your code and firm. It’s drawn from my own checklist (which is longer still) and has helped several insurers find those particular aspects of their code that needed to be addressed. So, here goes…
- How easily can employees access the code?
- How accessible is it in terms of the way in which it is written?
- What languages is the code available in? Does that reflect your employee base?
- Is there a communications plan for bringing the code to employees’ attention?
- Does your firm ask employees to confirm their understanding of the code? How often?
- Is the code accessible to the public? And how easily can it be found?
- Does your firm track how accessible employees find the code to be?
- Is it held in a machine readable format?
- How many pages and words long is the code?
Leadership and Culture
- Does the code articulate and explain the firm’s purpose?
- Does the code communicate the firm’s ethical values? Have any business values been included?
- Is it clear in the code who has ownership of it?
- Does the code carry a statement by the CEO?
- Does the code make clear to whom is it applicable? And what exceptions are mentioned?
- Does the code encourage employees and others to raise questions and concerns? And is it clear how they can do this?
- Does the code explain how it is supported by other policies and programmes? And is the code clear on where those other policies can be found?
- Does it explain the firm’s arrangements for speaking up? And does it reference anonymous reporting, non-retaliation and investigations?
- Does the code reference what training is available in the issues covered by the code?
The Code Content
- Does the code refer to the firm’s more significant ethical risks?
- Does the code support those references with information about how they are to be handled?
- Is the code written in the first, second or third person?
- What level of subordination is used in the code’s wording?
- What keywords occur in the wording, and do these relate to risks, and do they make sense to readers?
- How local is the code? Are the boundaries clear?
Compliance with the Code
- Does the code reference how performance against the code is monitored?
- Does the code spell out the consequences of non-compliance with the code? And how seriously is this expressed?
- Does the code reference how non-compliance is recorded and reviewed?
- Is the code clear on how waivers of compliance with the code are managed?
Keeping the Code Relevant
- When was the code last reviewed? And is this clear in the code itself?
- Does the code reference how revisions are approved?
There are a fair number of questions here, but they shouldn’t take long to run through for a typical code. What is then required is a lot of judgement, about the scope, depth and reasonableness of what you’ve found. And those judgements need to be made in the context of what your firm is doing, planning to do, and may have thrust upon it.
The Question that Rules Them All
Let’s end by stepping back for a minute. The one question that overrides all of the ones above is this one: what is my code there for? And after running through the thirty or so questions above, what you should then ask yourself is: does the code deliver that?
There are firms who ask themselves those two questions (what’s it for and is it being delivered), but then struggle. Some are nervous about putting too much weight behind a code of ethics, even when speaking openly about rebuilding trust in their sector. Some worry about giving others a rod to beat them with, yet put professionalism at the centre of their brand.
Sure, codes of ethics need a bit of work to keep relevant and fresh, but they give back too. Remember that research I’ve mentioned, about the contribution they can make to building a culture of innovation within an insurance firm.
I expect codes of ethics to vary across the sector, but be uniform on commitment and delivery of results. Now is the time, more than any other, when your firm needs its code of ethics to capable of supporting its response to the ethical challenges facing the sector.