"Self-regulation" increasingly rings like a mantra in business. Just think of topics in the news over the past couple of months, such as the Italian fashion industry's move toward self-regulation to discourage the hiring of dangerously thin models. Or the Group of 7 nations' call for the $1.4 trillion hedge fund industry to police itself with voluntary standards and codes.
Codes of conduct and self-regulation programs are growing in popularity, but are these initiatives just window dressing to appease critics and deter regulation? Or do they actually set the bar high and meet it? These are important questions to explore, according to Michael Toffel, a professor in the Technology and Operations Management Unit of Harvard Business School. Toffel has conducted extensive research and recently co-organized a conference at Harvard Business School to address these issues at a sophisticated level.
As Toffel sees it, there are four angles: how the rules are designed, who adopts them, whether and how compliance is monitored, and whether these rules actually achieve what they purport to achieve. Most studies that have examined industry-initiated programs have found that, at the time of adoption, participants are no better than others. Little evidence suggests that adopting such programs leads participants to improve faster, says Toffel. Government-initiated programs, however, show more mixed results.
Toffel met with HBS Working Knowledge to discuss the trends.
Martha Lagace: What should managers know most about self-regulation?
Michael Toffel: A growing number of firms are expressing concern about the societal aspects of industrial activities. In the 1990s, most were focused on the activities within their own factory gates. Now, many are shifting their focus upstream toward their suppliers' production processes—whether it be their pollution emissions, the human rights of their workers, or the pay and safety conditions under which their workers operate. Wal-Mart's recent initiatives that have been so widely reported are the latest example in this trend. To try to manage this issue, managers at buyers and suppliers are faced with hundreds of different supply chain programs—from labeling schemes like Fair Trade and organics, to industry association programs like Responsible Care and Sustainable Slopes, to a variety of programs developed by non-governmental organizations (NGOs).
At first, companies that adopted these programs were viewed as taking a fairly substantive step, and initial academic research studies focused on identifying why companies were adopting them. I and some other researchers are now focusing on whether adopting these programs makes any difference. For example, are participants in these programs actually better at managing these tough issues? If so, is that because of who adopts them, or because these programs actually help them improve?
Consider the hundreds of codes of conduct that have been developed. The vast majority of these are self-declared programs: You claim to have adopted it, and so you have. Even fairly famous codes are structured this way, including the CERES Principles and the United Nations Global Compact. A decade ago, self-declaring that your firm has adopted such a code may have convinced many stakeholders that your firm is taking the issue seriously. But my sense is that merely adopting a code is becoming increasingly suspect. Codes are an important start, but if there's no robust verification mechanism, a company may actually find itself in a riskier position, because now it may be confronted with accusations that it claimed to do something but then failed to deliver on it. This charge is called greenwashing when the claims are related to the environment, but similar charges are also being levied at firms that adopt codes of conduct for a range of other issues—including child labor, bonded labor, and wages—when their doing so seems like more of a marketing ploy than a substantive effort to address the underlying problems.
Very few of these programs require third-party verification. But I suspect that to really deliver on the promise of these programs, third-party verification will become increasingly important. In some ways it seems obvious, but verification requirements can be enormously complicated to implement and it can dramatically increase the cost of adoption.
Q: How do self-regulation programs affect managers as opposed to consumers?
A: Many more of these programs are targeted at business customers than at end consumers. There are some that consumers are increasingly seeing, like Fair Trade coffee or "sustainably harvested" labels for seafood. In handmade rugs you can find a number of labeling schemes like Rugmark, but it's still quite a small minority of your purchases; and at least in the U.S. the average consumer is pretty unaware of these programs. Companies that want to differentiate themselves in this way need to figure out how to do so. If it involves a cost premium, how can that be translated into a price premium?
[While voluntary programs] are not legally required, there are a lot of coercive pressures that encourage firms to adopt.
In the forest industry there is now a plethora of codes. The industry code has, not surprisingly, been critiqued as being more lax than codes created by NGOs. Similarly, in international apparel supply chains, the industry-backed codes seem to be less stringent than NGO-backed codes. And so it is challenging for consumers and even company procurement managers to untangle all of this. And that's among the common codes of conduct: There are plenty of companies that have their own proprietary codes of conduct.
These problems go both ways. It's not just difficult and confusing for company buyers and consumers, it's also difficult and confusing for suppliers. Just from a cost efficiency perspective, suppliers would like to have one common code to meet. But there's been enormously difficulty even within particular industries—forget about across industries—in agreeing on what is appropriate. I don't think it's because they don't want to; it's because they have different values, which in the end come down to details: What is child labor? What types of factory jobs, if any, are appropriate for children? At what age can workers do which activities? What is a living wage, and how does that vary by country and by urban or rural setting? These are questions for which we just don't have good answers yet. So it is not surprising that firms might disagree with each other, and with the NGOs who are pressing these issues.
Q: Do firms compete on their programs?
A: Except for niche firms, few companies brag about the conditions under which their products are made. Interestingly, many of the brands that were once targets of activists are now leaders in this field. But my sense is that they're worried that bragging about what they're doing will invite more targeting. And I think this concern is well founded, which unfortunately leaves consumers in the dark about many of the innovative programs that companies have deployed to address these concerns. Ironically, while branded firms are almost always targeted by activists for these issues, many of these firms have responded by implementing some management practices—certainly with some being more sophisticated than others.
We're at a point where it's quite likely to be the no-name brands that are the ones that ought to evoke more concern.
Q: You co-organized a conference at Harvard Business School on self-regulation. What were the highlights?
A: The conference, which I co-organized with Andrew King (Dartmouth), Michael Lenox (Duke), and Tim Simcoe (U Toronto), focused on opportunities for self-regulation, spanning issues from labor to quality, technology, and innovation. Some of this research focuses on firms working together to address collective action problems: cases where firms would benefit through coordination, but where it would be costly to them unless a significant number of players got involved. Classic examples of such industry coordination that resulted in their developing self-regulation programs were sparked by crises, including the chemical industry after the Bhopal accident and the nuclear power industry after the Three Mile Island incident.
We also examined new forms of collaboration, including open source software and user-based product innovation that firms commercialize. We also had sessions that described how firms get together and coordinate to create technology standards. When do we see firms banding together to form a single coordination body, or splitting into several competing bodies? If they split, who is likely to win? You can think about this in terms of technology standards, and those lessons are likely to have insight for creating standards in other domains like labor and environment. For instance, we learned how networks of firms have developed self-regulation initiatives to improve the quality of wine grapes in Argentina and salmon in Chile.
Q: What do you see happening in supply chain regulation based on your own research?
A: I am looking at a variety of industry self-regulation programs that firms are implementing, often in response to pressures from upstream in the supply chain. I'm particularly interested in certified process standards. For example, ISO 14001 is focused on environmental management, and ISO 9000 on quality management. Social Accountability (SA) 8000 focuses on labor management. (ISO is the International Organization for Standardization.) Standards form a common technological language between suppliers and customers. These standards are primarily business-to-business programs that can be certified by independent agents, similar to how external financial auditors certify a company's financial accounts. They all address production process issues that are not embedded in the product. When you look at a rug, for example, you can't tell whether bonded or child labor were used to create it.
Most of these programs have been initiated by industry associations, standards bodies like ISO, or NGOs. Even government is getting engaged. Adoption of these programs varies from just a handful of firms to hundreds of thousands in the case of the ISO 9000 quality management standard. Yet surprising little research has identified which of these programs legitimately differentiate adopters from non-adopters in terms of what the standard is purported to do.
Take ISO 9000. A few researchers have looked to see whether firms that adopt it have subsequently seen increased revenues or share prices. But there's almost no research that examines whether this quality standard actually helps firms improve quality. Quality is difficult to measure within a firm, much less across firms, plants, and industries, so perhaps it's not too surprising that the research hasn't been conducted yet. And that hasn't stopped a half million organizations around the world from adopting it.
Q: What do you think about voluntary programs?
A: One thing that people increasingly realize is that some of these so-called voluntary programs are actually not very voluntary. While they are not legally required, there are a lot of coercive pressures that encourage firms to adopt. As I mentioned earlier, a leading reason why firms adopt ISO 9000 or ISO 14000, for example, is because their customers or potential customers require it of them. So these programs are rippling through supply chains through perceived buyer preferences and in some cases, buyer mandates.
In my dissertation work, I looked at the ISO 14001 Environmental Management System standard, one of the few programs that requires third-party verification for companies to become certified. You would think that third-party verification might make a difference, since you can't just say you have adopted the standard. My preliminary results show that at the time of certification, those who get certified are actually better in terms of environmental performance than companies that haven't adopted this standard. And I find some evidence that they subsequently improve faster as well. It's not conclusive proof that third-party certification is what's making the difference, but it's consistent with that story. My working paper, "Resolving Information Asymmetries in Markets: The Role of Certified Management Programs," describes this research.
Q: What are you working on next?
A: I'm working with David Levine (UC Berkeley) to examine how companies' adoption of the ISO 9000 quality standard affects workers. ISO 9000 was drafted to be widely applicable. It applies to factories, drycleaners, consultants, all types of organizations. Questions we're asking include: Does adopting ISO 9000 increase the skills of workers because they are better able to identify and solve quality issues, or does it reduce worker skills because firms are routinizing their tacit knowledge and tasks? In the same study, we also look at whether the quality management practices implemented in conjunction with ISO 9000 have spillover effects on how they address worker safety. For example, a robust process to investigate defects has many similarities to a robust process to investigate accidents and near-misses. And both quality and safety management involve performing tasks according to specifications.
Another study looks at the world of socially responsible investments (SRI). One way that funds like the Domini or Calvin Funds are assembled is by assessing companies in terms of their social performance and corporate social responsibility efforts. The funds try to screen out the bad companies and invest in the good ones. If CSR efforts are supposed to enhance financial performance, as many claim they do, what that implies is that CSR efforts must first lead to corporate social performance, which in turn then leads to superior financial returns. For example, firms that have better environmental management practices ought to have better environmental performance in terms of fewer spills, regulatory penalties, and distractions from regulatory enforcement activities. And it's those win-win opportunities that then could lead to financial returns. But there has been very little work to see whether the SRI ratings, which are measures of that first piece, CSR practices, actually do predict corporate social performance. And that's the question my study, coauthored with David Levine (UC Berkeley) and Ronnie Chatterji (Duke), is striving to answer.
A third study looks at self-policing. The U.S. Environmental Protection Agency (EPA) launched its Audit Policy a decade ago in an attempt to encourage firms to better monitor their own compliance through internal compliance auditing. If the firm self-discloses a regulatory violation, the EPA waives the punitive portion of the penalty. But a condition of giving this waiver is that the firm has to not only fix the problem that led to the compliance violation, but also conduct ongoing internal auditing. It is in the regulator's interest to get firms to better monitor their own compliance. Jodi Short (UC Berkeley) and I wrote a paper that looks at what leads firms to participate and self-disclose. The finding: Firms that are under heightened scrutiny are more likely to participate.
In a second paper on self-policing, we are now looking at what happens after firms self-disclose. We speculate that two things may happen: Self-disclosing firms' compliance records may actually improve because of the internal auditing they're conducting, and regulators may reduce their scrutiny over self-disclosing firms if they are convinced that such firms are in fact credible partners in striving to remain in compliance. And so we're looking at whether plants get fewer inspections after they self-disclose, and whether these inspections are less likely to yield violations. So far we are finding some evidence of each of these effects: yes, there is an inspection holiday, and yes, there is some improvement in their compliance records.