What does it really mean to “do the right thing” in the world of global business, where rules change from country to country, commercial pressures are intense, and competition demands immediate results? According to Richard Bistrong, CEO of Front-Line Anti-Bribery LLC and an internationally recognized author and speaker on business ethics, today’s real ethical risk doesn’t always come from a deliberate intent to break the law but from something more subtle: the illusion of acting for the greater good and benefiting the company.
“The problem isn’t just people who break the rules for personal gain,” Bistrong explains to ComplianceDesign.it. “Many of the risky behaviors I see in companies today come from people who truly believe they’re doing the right thing for the organization. And that’s much more dangerous, because it makes it harder to recognize and address. It’s a mentality more than a distorted goal.”
His is a rare perspective: after being convicted for international bribery offenses during his career in global sales, Bistrong chose to turn his experience into a path of reform. Today, he helps companies navigate the real-world dynamics of ethics and compliance.
“The slogan ‘Do the right thing’ looks great on an office poster,” he says. “But what does it really mean when you’re in South America, the Gulf, or Central Asia under pressure to close a deal? Companies have to help people navigate complexity. It’s not enough to just say: do the right thing. It’s not a one-size-fits-all problem or solution.”
The Paradox of the “Slippery Slope”
One of Bistrong’s core concepts is the slippery slope — the gradual normalization of riskier decisions. “The first time you take a shortcut, you might justify it with urgency or pressure. If nothing happens and no one stops or questions you, you might just do it again based on the prior bad decision. And if we are not careful, eventually it becomes your normal.”
This progressive self-excusing mechanism is particularly insidious because traditional control systems rarely catch it. “The real danger isn’t just the infraction itself but the lack of dialogue around it. If there’s no space to stop, think, and ask: ‘Wait a minute, I’m not sure about this situation, are we still on the right path?’ then the risk becomes systemic.” Bistrong addresses how we need to create the space to take an “ethical speed bump,” even after we have made a bad decision — or especially after we have made a bad decision.
He is quite passionate about the dynamic of how “the slippery slope does not have to be one, if we can create and foster an environment where people are comfortable raising concerns because they feel like they will be heard and not judged.”
The Pivotal Role of Middle Management
If corporate leaders declare aspirational values and principles while compliance functions write policies and codes of conduct, what structures connect the two? For Bistrong, the answer is clear: middle management. “Front-line managers are the hinge between strategy and operations. They’re the first point of contact for teams. When someone has a doubt, they don’t call the Chief Compliance Officer. They call their direct supervisor for direction.”
That’s why, he insists, this layer of management is where the most critical training should take place. “Managers need to be able to recognize ambiguous situations, face them, and help their teams to manage and navigate them. But they also need to be equipped to do so: they need tools, time, and support.” Otherwise, the risk is, as Bistrong shares, the hazards of the “frozen middle,” where tone at the top gets diluted or discarded in favor of what teams might think of as the “needs of business growth,” even at the risk of a policy shortcut. “If middle management isn’t engaged, ethics and compliance initiatives might be perceived as the responsibility of support functions, as opposed to part of the corporate narrative — as through the voice of business and ethical role modeling. And when both compliance and commercial messages are aligned, no one will feel, as Bistrong once did, ‘caught between competing corporate narratives between the pressure to succeed and the pressure to comply.’”
Listen Before You Talk: Proactive Feedback
For Bistrong, a culture of integrity is built not just on rules and controls but on listening and proximity. “We need a proactive feedback loop — a cycle of continuous listening and dialogue. We can’t wait for people to come to us to report a problem. We should proactively and intentionally communicate by asking open-ended questions such as ‘How can we better help you? Are there any emerging risks that we need to consider? Are there any ethical challenges that we can help you navigate?’”
A reactive approach, he argues, no longer works. “When people feel there’s no one willing to listen, they stop talking. And when silence becomes the norm, risks increase.” That’s when we end up with what Bistrong describes as “open secrets” — the things that everyone seems to know about, yet no one is speaking about or raising the issue(s).
That’s why the very idea of speaking up needs to be rethought. “Today we often say: if you see something, say something. But why would someone speak up if they don’t trust that they’ll be heard or protected?” And why is all the pressure on the person to speak? “For example, we can have open-door policies and strong speak-up messages, but how are we empowering people to feel safe and comfortable walking through that door and to feel safe sharing concerns?”
Bistrong often cites Megan Reitz’s and John Higgins’ book Speak Out, Listen Up: “It’s not just about giving people a whistleblowing or speak-up hotline. It’s about being willing to listen and to solicit feedback, even when it’s uncomfortable. And that takes courage and discipline.” We need to create that safe space.
Navigating the Gray: Compliance’s New Mission
Another common mistake, according to Bistrong, is thinking of compliance as a binary system: legal on one side, illegal on the other. But the real world is full of gray zones. “Not everything is clear. There are contexts and situations where rules and circumstances are ambiguous, or where certain interactions blur the line between what’s permissible and what’s a violation.”
That’s where the true value of compliance lies, as Bistrong shares in his client work, reminding teams that ethics and compliance teams are “not there to make decisions for people but to help them make better choices and more informed decisions. That’s why we need to explain why the rules exist, not just the policy on its own. A procedure perceived as not relevant or fit-for-purpose for someone’s work and role is a procedure destined to fail.” After all, as he concludes, “this isn’t about policies and procedures — it’s also about people, communities, and society at large.” If we want ethical decision-making, “we need structures to support those outcomes, so that doing the ‘right thing’ becomes a natural, embraced, and welcome part of work. When that happens, ethics and compliance teams are viewed as a partner to sustainable success, not as preventing success,” as Bistrong once viewed them.
Yet as he shared with us, “This is a journey, not a destination. To say I/we are 100% ethical is itself unethical. We need to appreciate that we all make mistakes, and if we surface them instead of burying them, we all benefit from those mistakes, making it much less likely we will make them again! I like the direction we are heading and how commercial and compliance leaders are working together so no one feels like they are alone when facing an ethical dilemma!”