7. Implications for Governance

The word "governance" refers to the ways an organization coordinates and controls the resources and actions of the various groups within it.

Unfortunately, for lack of understanding of the systemic forces at work in organizations, many people assume that control can only be accomplished by positioning one group to oversee another.

This approach is dangerous. It invariably separates authority from accountability, giving one group power over another group's line of business. Internal tensions are inevitable. But more serious problems also occur.

Those having authority without concomitant accountability often become tyrants, ruling whimsically with little regard for the challenges of running the business. Who's to control the controllers?

In other cases, those with authority get blamed for the misbehavior of the people they're supposed to control -- the "whipping boy" for others' mistakes. Why should others act responsibly when there's another group that's supposed to be in control and will take the blame?

On the other hand, those holding accountability but without matching authority become disempowered victims and scapegoats, unable to run their businesses as they see fit, demoralized and disenfranchised, and both unwilling and unable to lend their creative energy to improving the organization.

Three common examples of such problems are: when internal service providers are asked to control their customers; when executive committees are set up to oversee a function; and when an Audit function oversees its peers.

Staff Oversight

Often, corporate executives expect internal service organizations to perform a control function, giving staff the power to approve clients' purchase decisions or control clients' spending. For example, it's not uncommon to ask Corporate Finance to approve others' spending, and Corporate IT staff to judge and approve all requests for personal computers or for software packages.

Using staff to control their customers is absolutely counter to the BWB paradigm.

Whenever internal entrepreneurs judge or control their customers, two things happen:

1. Clients learn to see them as an obstacle, not an ally.

2. Staff lose sight of customer focus. They come to believe that they know what's best for the company, and learn to see clients as unruly renegades instead of as customers who pay their bills -- the opposite of an entrepreneurial, customer-focused service function.

This control-oriented relationship undermines the partnership that's built through respectful customer-supplier relations. Without a close working relationship, staff are unlikely to make significant contributions to clients' business strategies. In other words, using staff to control their clients undermines their primary mission of delivering products and services that add value to the business.

The BWB paradigm suggests an alternative. Corporate controls are exercised through line management, not through staff functions. Commands flow through the hierarchy where they carry legitimate authority, not laterally via staff.

For example, if you want to control IT spending, don't ask the IT department to filter clients' requests. Instead, give clients limited spending power and hold them to their budgets.

If you want to ensure that IT procurements follow standards, hold clients responsible for their purchase decisions and for gaining approval from their chain of command for any necessary variances.

Using the legitimate authority of the hierarchy to exercise control is far more effective. People listen to their bosses, though they may look for ways around peers who are impediments.

And, in the long run, it will give staff more, not less, influence. When internal entrepreneurs remain customer focused and earn market share by becoming the vendor of choice, they're better able to guide clients toward corporate standards and policies than they could picking fights with clients who have their own agendas.

Executive Steering Committees

Another common mechanism of governance is the executive steering committee: a team of executives formed to oversee a function.

Often, the purpose and boundaries of these committees are unclear. As a result, executive steering committees may disempower the organization's leadership, blunt the staff's entrepreneurial spirit, and create a bureaucratic obstacle to innovation.

It's not that executive committees are inherently bad. It's that committee oversight is bad.

Again, the right approach is control via the legitimate authority of the hierarchy.

A business within a business reports to a boss whose job is to evaluate and manage the department. Evaluations should be based on input from clients, subordinates, and internal suppliers -- as in 360-degree reviews. Evaluations can include both quantitative metrics (like market share and cost comparisons) and subjective assessments (like customer satisfaction).

Once performance-management processes are clearly established, the role of committees becomes clearer. The following types of committees might be useful to a business within a business:

• Board: An internal "board of directors" to help the business within a business succeed. Like any good corporate Board, they do not micromanage the executive, but instead add value by reviewing major strategic decisions and coaching the executive on key business and leadership issues.

• Purser: A committee that owns a "checkbook" of spending power, such as the portion of the department's budget designated for client-benefiting products and services. A purser committee represents the client community as a whole, and makes purchase decisions by setting priorities from among the requests of the many clients they represent.

  This keeps staff out of the conflict of interests that arises when they set their own priorities, i.e., make clients' purchase decisions for them.

  A purser committee manages a specific checkbook. It does not have the power to control other sales, eg, when a business unit uses its own budget to buy additional things from the department.

• Consortium: An identified set of clients who together purchase a specific product or service. Members must speak with one voice as if they were a single customer, sharing decision making, costs, and ownership of the results.

  A consortium is distinct from the market as a whole, which includes any and all clients and does not identify which clients will purchase a given product.

• User group: An association of people who use a given product or service. They meet to exchange information that will assist in their getting value from the product.

  A user group is distinct from a consortium in that each member of the user group can/did purchase the product independently; they do not share a single contract with the organization.

• Focus group: A team of people representing potential customers who share their values, opinions, and ideas to guide the research and product-development activities of the organization. They meet at the request of the organization, and answer questions provided by the organization. They do not make decisions for the organization.

• Professional community: If a function is decentralized, the set of executives who manage the various groups, or the set of managers of a specific sub-discipline. They meet to share their experiences, share research and product development, agree on standards and policies, and further the interests of the profession.

Many of the above types of committees may be helpful, and the same individuals may belong to multiple committees. However, it's essential that their purposes be kept distinct.

For example, a conflict of interests is created when a single committee attempts to be both a Board (helping the department succeed) and a Purser (demanding customers who want more for less).

Audit

While an internal market combined with the traditional functions of the management hierarchy provide most of the necessary controls, there are cases where an Audit function is warranted.

Audit is not the same as quality inspection. In the spirit of total quality management, quality inspection is the responsibility of every producing function. It should be done every day in the normal course of doing business, not occasionally by outsiders. Therefore, quality inspection is not an appropriate role for Auditors.

Rather, Audit performs checks to ensure that people are complying with rules and policies.

Since Audit is inherently disempowering, it should be used sparingly, only when other mechanisms of governance cannot work.

Specifically, Audit is needed when compliance depends strictly on honesty -- that is, where intrinsic checks and balances are inadequate or altogether missing. The following are examples of appropriate uses of an Audit function:

• Unchecked power: when people can use their position and power for personal gain.

  For example, an organization may audit the financial statements of its managers if people are in a position to embezzle money or extort personal concessions from vendors.

  As always, the most effective controls are systemic: checks and balances built into financial processes. If this isn't possible, then Audit is legitimately required.

• Missing metrics: when customers cannot perceive the quality of the products they buy until well after the purchase.

  For example, clients may not be able to know whether a technical product complies with standards.

  A legitimate role of Audit is to provide customers with the information they need to be smart buyers, but not to demand that customers always buy the highest quality (Rolls-Royce) solutions.

• Conflicting stakeholders: when customers' interests deviate from the interests of other stakeholders.

  For example, IT may be caught in a bind. Customers in specific business units want customized solutions, while shareholders want standardization and shared solutions to save money.

  The root cause of this predicament is a customer whose interests are not aligned with those of the shareholders. The right answer is to better align customers' metrics and rewards.

  For example, if business units paid the full cost of customization, and if the savings from sharing with peers accrued to their bottom lines, then they'd only buy unique solutions when the benefits of customization warranted the incremental costs.

  If alignment cannot be accomplished systemically, Audit may be used to examine customers' purchase decisions, but never to control internal service providers.

Unfortunately, Audit tends to be used too freely. Whenever control is an issue, some executives would rather appoint an Auditor than think through more appropriate systemic governance mechanisms. Consider the following cases where Audit is misused:

• Altruism: when people are expected to act against their own best interests.

  For example, managers may be expected to reduce costs, while their job grade and salary depend on the size of their empires.

  Audit is then used to force people to address objectives that are against their own best interests.

  Audit is rarely appropriate here. A far better answer is to align incentive systems such that serving one's customers is in one's own best interests.

• Unreasonable laws: when people are required to act against anyone's best interests.

  For example, regulations do not allow government employees to serve refreshments at their all-day meetings for fear that they will spend taxpayers' money on lavish meals. Instead, their meetings involve longer breaks so that people can go to a cafeteria, resulting in costly losses of productivity.

  A responsible manager may want to violate the rule and do what is, in fact, in the best interests of taxpayers. Therefore, Auditors are required to ensure that people follow unreasonable rules rather than do what they deem right.

  Unreasonable laws within corporations occur when bureaucrats attempt to micro-manage employees behaviors rather than regulate outcomes. A better approach is to manage people by results, and build the necessary metrics to track those results.

• Externalities: where some of the costs of a purchase are not borne by the customers who make (and benefit from) the purchase decision.

  In the environment, pollution is the result of the lack of any costs associated with using up clean air or water. Within corporations, an example is legal risk; a business unit may take unacceptable risks if the costs of litigation are born by the corporate legal department, not the business unit.

  The traditional response is regulation, enforced through Audit. This leads to a cat-and-mouse game where people are given incentives to push the limits of the regulations and get away with whatever they can.

  A better approach is to internalize those externalities. In the environmental example, this is done by charging corporations a fee for pollution. In the example of legal risk, business units should absorb the costs of any litigation resulting from their misbehavior.

  Of course, the most economic answer is not zero pollution, or zero legal risk. The costs of perfect compliance may far outweigh the risks of non-compliance. When controls are systemic, the market will automatically lead everyone to find the right balance.

When there are situations that legitimately require Auditors, the Audit function must be carefully chartered to avoid problems.

Audit should never be used to substitute for direction through line management. The order to comply with rules and policies must come through one's chain of command, as should the directive to cooperate with Auditors. Without such legitimacy, Auditors will have a difficult time doing their jobs and compliance will be minimal. Auditors check on compliance; they do not replace managers by setting objectives or giving orders.

Auditors report on compliance, but they do not diagnose the root causes of problems or recommend corrective actions. No matter how bright individual Auditors may be, they cannot hope to know a function as well as the many people who do the job day after day. Their suggestions may not be as good as solutions the group itself designs to address the issue.

Furthermore, if Auditors suggest solutions, they risk conflicts of interests. Their influential position makes it hard to do anything but follow their suggestions. Imagine an IRS agent suggesting a particular brand of accounting software!

Auditors may judge decisions made (or proposed) by others, for example, whether an investment in a line of business is wise. However, they must never make any business decisions for those they audit, such as how much a group should invest in a line of business. Doing so disempowers internal entrepreneurs, and unfairly imposes risks on them.

For example, in one state government, "performance audits" dictated how many people a group could hire for specific functions. These caps forced the group to reduce its quality of service and turn away valuable business. Of course, these consequences were blamed on the group, not on the Auditors.

In general, Auditors must not hold any authority over others or control others' activities. Doing so would disempower others and make it impossible to hold managers accountable for their own results. It's easy to image someone saying, "The Auditor made me do this; our poor performance is their fault."

A well-aligned organization built on the BWB paradigm systemically provides most of the needed controls. Audit is needed when information can only be produced by human inspections.

Appropriate Governance

Since governance means the mechanisms of coordination and control, there's no need to assume that people have to do it. With the exception of the management hierarchy, using people to coordinate and control others should be considered a governance mechanism of last resort.

The BWB paradigm suggests alternative forms of governance: the mechanisms of a market economy. When governance is systemic, it's comprehensive, detailed, ever-present, context-specific, flexible, and effective.