Measuring Compliance – Assessing Corporate Crime and Misconduct Prevention by Mellissa Rorie and Benjamin Van Rooij is a newly published edited volume that delves into the problematic concerns that transpire when measuring corporate compliance. The authors denote that without proper measurement, it is impossible to evaluate and identify what regulatory enforcement practices are efficacious. This book aims to provide practitioners and academics with a detailed, comprehensive account of the mechanisms and approaches necessary to evaluate corporate compliance critically and empirically. The need to assess such programs is posterior to the push by prosecutors and regulatory agencies for organizations to adopt and implement compliance programs to remain in accordance with the law. Typically, companies receive benefits from adopting compliance programs such as leniency in sentencing if prosecuted for a crime, less regulatory oversight and inspections, and securing a place on prestigious lists such as the New York Stock Exchange. Nevertheless, critics have been fast to demur the rapid growth of compliance management. Several have warned that companies only adopt compliance programs superficially as a form of “window-dressing” (Rooij & Rorie, 2022). Thereby, the rapid growth of compliance programs and criticisms derived from their use underscore the necessity to measure corporate compliance and evaluate such programs’ ramifications.

The book begins by discussing the trade-offs involved in employing different quantitative and qualitative approaches when measuring corporate compliance (Rooij & Rorie, 2022). The first chapter offers a detailed assessment of the disparate research avenues and how each is suited for different study approaches. Additionally, the authors highlight four core challenges associated with measuring corporate compliance that is referenced throughout the book: “conceptual challenges, the difficulty of measuring the dark figure of non-compliance, challenges in establishing the causal relationships between compliance strategies and behavior, and challenges of using other people’s data” (Rooij & Rorie, 2022, p. 6). The meaning one assigns to corporate compliance is often ambiguous and contingent upon the researcher’s position. Additionally, the “dark figure” produces a peril for researchers when assessing corporate compliance, meaning that the measurement of corporate deviance misses a lot of crime that occurs (Rooij & Rorie, 2022). Third, the authors signify that the most commonly used methods do not warrant researchers the ability to establish causality, signifying that correlation does not equate to causation. The fourth challenge identified in the reading is that too many measurements are employed to measure corporate compliance. Therefore, studies rely on different definitions of compliance, different research methods, and different populations of study. Thus, making it incredibly difficult to understand what the literature is designating. Although these challenges appear intractable, the edited volume’s primary contribution is to offer academics and practitioners the necessary methods to assuage such obstacles. Table 1.1 (p. 8) provides a snapshot of the methods covered in the remainder of the volume, as well as the strengths and weaknesses associated with each method.

The volume proceeds to examine how compliance programs are employed and measured by legal and regulatory agencies. Within this section, the author specifies that goals relating to unique outcomes of compliance programs such as prevention, detection, and remediation of misconduct are documented. Yet, none of the evaluations actually measure corporate compliance programs against these outcomes. Chen begins the chapter by reviewing a brief history of the regulations, guidelines, and laws that govern corporate activity—highlighting that the United States has paved the way for federal agencies to oversee corporate industries. The chapter discusses the passage of the Sherman Act of 1890 and The Clayton Act Antitrust Act of 1890. Scandals continued to burgeon despite these legal developments and several groundbreaking judicial decisions attempting to curtail corporate misconduct. In response, Congress passed the Sarbanes-Oxley Act (SOX) in 2002, which required that corporations espouse codes of ethics, establish the Public Company Accounting Oversight Board, enhance reporting requirements, and define codes of conduct for securities analysts (Chen, 2022). Decades of increasing regulations and prosecutions have driven measurable growth, yet there remains a paradox in measuring such advancements.

The edited volume then shifts gears and elaborates on the concept of “governance turn.” This concept insinuates that although states have typically occupied a key role in regulating corporate activity, this responsibility has increasingly been allocated to an assortment of private actors. Thereby illustrating that regulation is no longer performed by a single entity but takes on various forms, in which no one actor is responsible for compliance. State actors have now taken a more indirect role in compliance where their primary position is coordinating and facilitating governance. Ultimately, Wingerde and Bisschop (2022) suggest that the “governance turn” has led to substantially more regulation than deregulation, which has emanated the concept of “regulatory capitalism.” The authors also call attention to a research quandary that has stemmed from the “governance turn,” that is, public authorities are increasingly dependent on information derived from private actors to establish the extent of compliance. Additionally, all actors involved in the process may diverge considerably in operationalizing, monitoring, and measuring compliance. The authors illustrate this by discussing the voluntary sustainability standards and the global anti-money laundering regime (AML regime). The section concludes by underscoring that regulatory agents are increasingly being forced to rely upon information from a wide variety of public and private actors whom all have unique understandings of compliance, making it onerous to verify the surfeit of data provided by a plethora of actors.

Subsequently, the work calls attention to the Department of Justice’s (DOJ) newly published document “Evaluation of Corporate Compliance Programs” (US Department of Justice, Criminal Division, 2019). The document poses a hundred questions that prosecutors must consider when conducting a criminal investigation of a company. The guidance expounds that “compliance programs should be risk-focused endeavors, tailored based on internal risk assessments….” (Haugh, 2022, p. 72). Thereby suggesting that compliance programs should be individually tailored to a company’s distinctive attributes and risk assessment. Despite the DOJ’s guidance, the vast majority of compliance programs are indistinguishable from one another, therefore, identifying the conventional violations of employees. The uniformity approach implies that compliance violations resemble a defined statistical concept: “the normal distribution.” Todd Haugh, author, and contributor to the volume, contends that the normal distribution assumption is flawed. Compliance violations do not adhere to a normal distribution but are subject to power-law dynamics driven by relational networks within a form. Therefore, contending that a “one shoe-fit-all approach” is deficient in abating corporate misconduct.

After fully gauging the attributes of corporate compliance programs and impediments that confront researchers when measuring their use, the edited volume embarks on the onerous task of identifying research methodologies that can be employed to overcome the obstacles researchers encounter. This section begins by detailing the unique benefits of adopting a survey approach. Survey questionnaires give a voice to people within an organization that can articulate their experiences with compliance management—suggesting that an organization can better identify misconduct and impede it prior to its occurrence. Rorie also identifies the components of factorial surveys, which employ vignettes to determine the underlying principles behind human intentions, attitudes, decisions, and judgments while also overcoming the limitations of traditional self-report survey instruments. The subsequent research methodology approach reviewed in the edited volume is the use of randomized experiments. A randomized experiment is typically considered by scholars as the “gold standard” and can be employed to establish a causal relationship among variables. The text implies that experimental methods are best suited for evaluating the efficiency of programs or policy modifications. Several scholarly examples of randomized experiments are provided. Despite randomized experiments being considered the “golden standard,” Rorie asserts that they are not appropriate for every research inquiry, such as for research examining people’s opinions, experiences, and interactions or when ethical considerations are present.

Next, the book discusses how practitioners and scholars can employ available corporate compliance data to improve employee behavior. Collecting metrics from a company allows researchers to examine what employees actually do, regardless of the ethics they say they adhere to. In essence, this approach is no different than how companies evaluate other business practices yet generates a conceivable avenue that enables companies to test variables and determine whether desired results are achieved over a prolonged period. The volume also calls attention to how compliance analytics can empower compliance teams to better draw insights from large amounts of data and identify heightened risk assessments. Compliance analytics, although in early development, have the potential to address resource limitations and isolate the highest risks by identifying rule-based flags and outliers. Several case studies are also introduced throughout the volume. An entire section, for instance, is allocated to instructing researchers on how to measure compliance with environmental regulations. Lastly, the book demonstrates how one can use outcomes to measure aggregate-level compliance. One of the primary purposes of measuring aggregate compliance is to determine the extent to which the entire regulatory system operates. Thus, researchers measure outcomes instead of measuring individual-level data, allowing them to distinguish areas where the system is failing.

After fully elaborating on the available quantitative techniques employed to measure corporate compliance, the edited volume shifts and initiates the exploration of qualitative research approaches. The authors argue that measuring compliance must include an understanding of the why and how. With the use of qualitative methods, such as interviews, focus groups, and ethnographies, these questions become tractable, enabling researchers to gain a deeper awareness of compliance behavior. The work specifies that interviews should be utilized more in this area of research precisely because they allow the researcher to acquire insights and perspectives on sensitive topics of compliance that are often not captured with other methods. Although the strengths of interviews are articulated within the work, several weaknesses are also underscored. Interviews, for instance, take a lot of time, resources, and cooperation to complete. Additionally, researchers must become familiar with the jargon used by corporate management and attain the expertise to decipher responses. Focus groups are also elaborated upon within this section. Focus groups enable the subjects to inform the researcher as to why their collective opinion is relevant. To conclude the qualitative section of the volume, the use of ethnographies is underscored. Two case studies are provided to demonstrate the process of conducting an ethnography within an organizational setting. Ultimately, the case studies exemplify how a combination of participant observation, informal interviews, and semi-structured interviews can enable researchers to gain an in-depth understanding of compliance management.

Ultimately, the authors emphasize that to overcome the limitations formerly identified in both quantitative and qualitative techniques; one should adopt a mix-methods approach when measuring corporate compliance. Compliance is a complex social phenomenon that requires mixing disciplines, theoretical paradigms, and an action research perspective (p. 259). The authors demonstrate the advantageous factors associated with mixed-method approaches by presenting a case study involving compliance with COVID-19 regulations. Thereby, the authors suggest that using deliberative methods, comparative perspectives, time-series analysis, and technology abets researchers in analyzing compliance. Each approach is discussed in intricate detail in the work.

Additionally, the edited volume delves into the use of meta-analyses and systemic reviews to examine corporate compliance. A comprehensive overview of the technique is offered alongside a discussion detailing how systematic reviews can subsidize the adequacy of measuring corporate compliance. A systematic review synthesizes the results of a panoply of studies to summarize what is known about a particular topic while providing context for interpreting individual studies. Meta-analysis is one form of synthesizing the results derived from a systematic review. This approach quantitively summarizes the results of extant studies where the findings of each study are expressed as an effect size. With the espousal of meta-analysis, researchers can gain a better understanding of definitional and measurement issues and guide future research. Lastly, the book exemplifies how Monte Carlo Simulations (MCS) can profit compliance researchers when arranging studies, especially when identifying appropriate sample sizes. MCS also aids researchers in deciphering the implications that are associated with measuring variables like compliance in various ways or controlling for certain variables, a problematic concern reiterated throughout the book. The authors acknowledge that the discussion of MCS may be irrelevant or apathetic to some readers yet emphasize that MCS can be employed to estimate the cost of corporate compliance and reveal how estimates derived from a meta-analysis can be biased.

Overall, the work Measuring Compliance: Assessing Corporate Crime and Misconduct Prevention is an incomparable resource that should be utilized by practitioners and scholars alike to measure the effects of corporate compliance. Various research methodologies are elaborated upon in the text. Each discussion of these distinct methodologies is fused with case studies that exemplify the strengths and weaknesses of each approach. Additionally, the edited volume offers countless suggestions, recommendations, and criticisms that unquestionably abets future researchers in their endeavors. The edited volume is also perforated with advice on defining corporate compliance and measuring variables associated with organizational compliance. Moreover, the case studies presented identify methodologies and techniques that work and what developments are needed for impending assessments. Overall, the work is arranged effectively, yet there are occasions where chapters repeat information. Several chapters, for instance, reiterated the complications associated with defining variables and measuring outcomes. Although redundant in some respects, each chapter offers additional knowledge that subsidizes the ultimate objective of the edited volume, which is to aid future research within the field of corporate compliance.