In this edition of Author Talks, McKinsey Global Publishing’s Raju Narisetti chats with Alison Taylor, executive director of Ethical Systems and clinical associate professor at NYU Stern School of Business, about her new book, Higher Ground: How Business Can Do the Right Thing in a Turbulent World (Harvard Business Review Press, February 2024). In the book, Taylor argues that ethics should no longer be seen as a defense mechanism, but rather as a fundamental aspect of corporate responsibility. Despite calls for change, organizations struggle to implement ethical practices in an environment of distrust and heightened expectations. Organizations also grapple with discerning when they should lend their voice to an issue—and when they shouldn’t (see sidebar, “Nine questions to ask yourself before you speak up”). Using real-life examples and stories to guide leaders in reshaping their approach, Taylor offers a blueprint for setting environmental and social priorities, navigating contentious social and political issues, fostering a healthy organizational culture, and more. An edited version of the conversation follows.
Why did you write this book now on a not-so-new challenge for CEOs?
The question of the role of business in society, and what it takes to be an ethical business, is a perennial question. We were debating it in Roman times. I’m sure we’ll be debating it forevermore. There are two things, though, that have been going on in the last decade or so.
One is the breakdown of adherence to the Milton Friedman consensus that kept us going for a long time. We had a particular vision of the role of business that has become unworkable. We’ve ended up in the situation where we’ve still got all those shareholder value pressures, but now we’ve got a lot of new pressures as well.
We seem to have lost sight of what the debate is about, to the degree there’s now a lot of jargon and weird terminology. We can think about ESG [environmental, social, and governance]. We can think about purpose. There are a lot of proxy conversations going on about what the role of business in society should be.
There are three sets of very concrete changes. One is the rise of social media. Hyper-transparency forces companies into a more interactive and fraught relationship with their stakeholders. Another is the increased willingness of business leaders to get involved in controversial social, political, and environmental questions. The third is very profound value shifts among younger generations. These three trends mean that we can’t rely on a lot of old assumptions and old mechanisms and old approaches for being a more ethical and responsible business. It’s almost like our old tool kit doesn’t work anymore.
Why is simply managing reputational risk not good enough?
We have managed to equate building stakeholder trust with managing reputational risk. But managing reputational risk is essentially a communications-heavy defensive strategy that says, “If we have certain sorts of narratives and certain sorts of accounts for stakeholders, stakeholders will like us more. And there will be a more intangible reputational upside.”
There are several problems with this concept. One obvious problem is that if you look at activism, activists target the best performers, as well as the worst. So the idea that reputational risk is a sort of linear accountability mechanism for good behavior is unfortunately not true. It leads companies very often down the path of governance by Twitter [X] or governance by social media. The second thing is that we’ve had this long-standing approach of treating communications efforts and PR efforts as if they can be divorced from what the underlying business is doing.
We get this sort of sunny messaging from sustainability reports about all our wonderful achievements. And then very often, there’s a different narrative in the annual report or the 10-K, for example. The public has become obsessed with questions of hypocrisy and whether companies’ operations are aligning with their message to stakeholders.
Finally, all these kinds of very defensive communications-led efforts do not convey the reciprocity that you need to build trust. Academics debate what trust really means, but there’s the expectation that you can rely on someone to treat you in a way you would wish to be treated. And reputational risk management does not convey that. It is a defensive mechanism to protect shareholder value, essentially.
You believe there is an upside to CEOs’ ‘admitting imperfection’?
There is a perception out there that if you admit to imperfection, if you say that something is difficult, if you say you’re not on top of your climate goals, then you will be punished by the public. There is a perception that the public can’t handle a nuanced message.
We end up with these very sunny stories about all the wonderful things companies are doing. And the result is a universal eye roll from the public. We’ve seen all this noise more recently about greenwashing, woke-washing, and that kind of thing.
There is a perception out there that if you admit to imperfection, if you say that something is difficult, if you say you’re not on top of your climate goals, then you will be punished by the public. There is a perception that the public can’t handle a nuanced message.
The reality is that if you are honest and focused about the challenges and the limitations of what you can do with your own internal decisions—where you might need policy action, where you might need collaboration, and where you might need action from other actors in society—counterintuitively, that can help build more trust. It seems more realistic and more honest. We’re desperately lacking a realistic, honest conversation.
Another problem with managing reputational risk is that by the time the risk has manifested, it’s usually too late to do anything about it. If we start with our impact on human beings and understand what is making the public angry and upset, we will have a better chance of managing these things before they manifest as reputational risks.
Is there more of a generational divide in expectations for CEOs?
I love this question of who the book is really for. I was very deep in the worlds of, first, political risk, and then ethics, compliance, and investigations, and then sustainability, ESG, and culture.
The first thing to say is that this entire conversation is absolutely loaded with dense insider jargon. What I wanted to do was write a book for the general reader, who is not that familiar with how to set ESG priorities, for example, but needs to understand this topic. As you point out, the world has changed very dramatically. So when I was trying to figure out, as I was writing, what level of detail would be appropriate, what level of explanation would be appropriate, I often thought of my interested, passionate MBA students. My hope for the book is that it is a guide for them, because they are the leaders of the future. I want to explain how the world has changed and provide them with the tools, thinking, and methodologies to help them.
I also hope it is a guide for our current CEOs and leaders, because I talk to so many who are really struggling with this rise in expectations and employee voice. I talk a lot in the book about strategic leaking and the way that young employees today will very often undercut the narrative.
The corporation is putting out a certain view of its priorities and what it cares about, and that is very often being countered by younger employees. There’s been a very recent trend of employees’ sharing videos of themselves being fired on TikTok. That is a very good example of how a company will try to look like it’s managing its people in a compassionate way, but then this different data will emerge.
In the aftermath of George Floyd’s murder, lots of CEOs made very impassioned comments about systemic racism. But then many young employees formed Instagram groups to say, “Well, you know, I know the leader says they care about these things, but here’s what it’s actually like to work there.” We’ve seen the boundaries around organizations really open up.
That need to build coalitions for support from your workforce—if you want to have a consistent narrative and if you want to be able to explain what you are and aren’t doing—is relatively new. And for what it’s worth, I think it’s just getting going.
Are you advocating for ‘corporate political responsibility’?
Before about 2013, there was certainly this consensus in corporate America that business should be politically neutral. We have this joke, right, from Michael Jordan in the ’90s: “Republicans buy sneakers too.” And it’s very intuitive. If you’re Walmart, why would you want to alienate half your potential customer base by making statements or comments or taking positions that might annoy them?
But after about 2014, we saw the massively increased willingness of CEOs to get involved in controversial questions. This started really early in the Trump administration with conversations about climate change and then about immigration. Then, there was a lot of rhetoric in 2018–19 about how CEOs are the new societal activists.
CEOs are the new politicians. We need CEOs to stand up on these issues, because we can’t rely on the political process anymore. Many leaders got seduced by this stakeholder narrative being pushed by everyone. But very clearly, this has gotten a lot more complicated since.
Now, we’ve started to see the expectation that corporate leaders will take stands on far more difficult issues like abortion, gun control, or the conflict in the Middle East. The other ironic consequence has been that once companies start taking public positions on very controversial issues, activists, employees, and other actors in society look at those gaps between what the company says its priorities are and what its political spending indicates (see sidebar, “Nine questions to ask yourself before you speak up”).
It’s relatively common, for example, to say, “I, as an organization, am supporting the goals of the Paris Climate Agreement,” while lobbying via your government relations team for opposing goals. So there’s this focus on misalignment between political spending and rhetoric.
There’s a lot to be said of IBM’s approach. IBM has never funded political candidates in its entire history. There’s mixed evidence on whether [funding PACs] even propels financial value. We’re really entering this era of corporate political responsibility. And we can expect a lot more pressure on these topics in the run-up to the 2024 election, not to mention the other elections globally this year.
Why is not speaking up the best, safest option for CEOs?
I don’t know if it’s always the safest option to say, “I’m not going to get involved.” If it is a question about culture, people, race, gender, or social identity, I don’t think any corporate leader can say, “This has got nothing to do with me.”
I would also query the idea that corporate voice is the same thing as corporate action. I’m not sure that anyone has ever changed their mind on abortion. It’s vastly more important that corporations take the concrete measures to show their commitments to, for example, reproductive rights or one of these other topics than it is that they’re out there making public statements or using their voices or speech. We’ve gotten in a problematic position, wherein we seem to be equating corporate speech with action. And the reality is that there’s very often a huge disconnect between the two.
If it is a question about culture, people, race, gender, or social identity, I don’t think any corporate leader can say, ‘This has got nothing to do with me.’
You want to see CEOs tackle corruption ‘for real.’ How realistic is that?
I started working in the anti-corruption world in the aftermath of 9/11. Back then, the FCPA [Foreign Corrupt Practices Act] wasn’t really being enforced. And there was this very widespread notion, even if people wouldn’t say it publicly, that, “That’s just the way they do business over there,” or, “That’s just the cost of doing business and that kind of thing.”
The story of anti-corruption is fascinating, because we have since then seen the emergence of a very coherent international consensus. There is an understanding of what it takes to have a good anti-bribery program and what companies need to have in place.
Today, your business partners will know they need to sign these agreements with you. So we’ve really seen this transformation of the regulatory environment and corporate practices over the past couple of decades. But as your question implies, there are real concerns that corruption itself hasn’t diminished.
We’ve ended up with a big compliance machine, whereby companies have policies and procedures and they tick the boxes, but we haven’t really made much progress in tackling things like repeated demands for facilitation payments, combined with extortion in the port sector, for example. Nor have we made progress on the very difficult questions of when, how, and whether a big multinational should work in a country that has enormous corruption problems or enormous human rights problems. I fully agree that tackling these wider questions of corporate impact is very, very challenging.
We’re relying on this nexus of policies and procedures, and we’re not really getting to the point. This topic of corruption has a lot of lessons for advocates of human rights and climate change and those kinds of issues.
It also illustrates the limits of regulation. It’s very common for people challenging ESG and these voluntary actions to say that what we really need is more government regulation. The story of anti-corruption tells us both what regulation can achieve and what its limits are because of the way regulatory risk is treated by corporations.
What will real success look like on these issues?
I was asked to write a very practical book. I have tried to do that. There are tips. There are approaches. There are methodologies. There are tools. I want the book to speak to readers at that level. I want to answer the question: “If I wanted to run an ethical business today, how would I realistically go about it?”
But the underlying argument of the book is that the metaphors we use to describe corporate life, the metaphors we use to describe the role of business in society, are not helpful. We treat corporations like self-interested, profit-maximizing black boxes. We personify them. We talk about them as if they’re people with singular brains that can be hypocrites. We talk about them as if they’re entities that can be separated from society. And none of this describes what organizations are.
We treat corporations like self-interested, profit-maximizing black boxes. We personify them. We talk about them as if they’re people with singular brains that can be hypocrites. We talk about them as if they’re entities that can be separated from society. And none of this describes what organizations are.
What I’m really encouraging everybody to do is to think of organizations as the open systems that they are. Organizations are social systems. They sit in other environmental, social, and political systems. They can’t seal themselves off. Nor can they take on every challenge out there. I try to present this idea that we need new metaphors. I clearly do not explore all the implications of that. My hope is that readers will challenge and advance these ideas and that we will have a better debate and a better conversation.
I want to be very clear. I’m a long way from answering all the very profound questions that I raise. What I really hope for is a better discourse about these topics, because it feels like we’re lost in this fog of noise and everybody is yelling at each other. And we’re not even getting to the point.