Sometimes our experiences provide important lessons that we can apply in our current job.

As a federal prosecutor in the District of Columbia, criminologists were pushing the “broken windows” theory of law enforcement: that serious crimes were more likely to occur in areas where minor crimes (petty misdemeanors) were ignored or not enforced.  It is a theory that then-Mayor Rudy Giuliani put into practice in New York City and was successful in reducing overall crime.

The logic behind the theory makes sense – law less behavior is more likely to occur in areas where law enforcement has a lower profile.  Many cities replicated this theory, some with success and some not so successful.

Fast forward to the corporate setting and FCPA compliance, and there is a lesson to be learned here as well.  Chief Compliance Officers are often responsible for enforcing the company’s code of conduct.  A potential violation of the code is not always a violation of federal, state or local law.

Hopefully, you can see where I am going with this analogy.  Code violations may not be viewed as “serious” in a company but the impact of a culture where code violations are not investigated or where weak enforcement measures are imposed may create a breeding ground for more serious violations.

That is not to say that all code violations should be treated equally.  For the sake of argument, consider an employee who has violated the code on entertainment issues on four separate occasions.  His supervisor defends him each time by pointing to his excellent sales record, his importance to the company’s bottom line, and minimizes his conduct.   His violations are relatively minor, but repetitive, and colleagues know that he fails to follow the code.

When asked this hypothetical I usually get a question back – how was the employee treated on the first three violations – and the answer is that he was eventually given a written reprimand.

The question now is should the company fire the employee (assuming the facts are accurate and the expenditures modest)?

You would be surprised at the different answers that people provide.  One thing is clear – there is no legal violation but the employee repeatedly violates the code and specific controls.

Is this a case where the employee should be fired?  What about the bottom line?  If he is retained and punished, how should he be punished?  Will this lead to an environment that will breed more serious violations, especially by those who are perceived as significant producers and important to the company’s bottom line?

The answers to these questions are important.  The principle of consistency is important here.  But just being consistent does not mean that a company can be consistently wrong if the punishment meted out does not fit the crime and does not promote an ethical culture.  Balancing these considerations is difficult for some, but not so difficult for others.