Corporate Codes of Conduct:

The Counter-Intuitive Effects of Self-Regulation


Alain Lapointe & Corinne Gendron, Université du Québec à Montréal, Canada






Observing the proliferation and wide acceptance of corporate codes of conduct, the paper questions the regulatory potential of corporate social responsibility. Taking stock of the serious limitations of self-regulation, the authors nevertheless doubt that a resurgence of national government regulation, or the emergence of supranational public regulation is likely. Rather, they foresee the development of an unprecedented hybrid model of regulation in which market, state and civil society will share regulatory responsibilities. 





Almost unheard of merely two decades ago, corporate codes of conduct are now commonplace. Most major companies have adopted some kind of statement, policy or management system concerning what could loosely be called their corporate social responsibility (CSR). Bradley (1999) reports that more than 85% of big US corporations already adhere to such codes.  A survey by KPMG (2000) among the biggest 1000 national firms showed a similar portrait on the Canadian scene. More recent figures would surely confirm that more than nine out of ten companies pretend that they self-regulate, implying, at least implicitly, that they should not be regulated by external agents. 


But what does self-regulation mean?  Apparently, it refers a lot of different things. A recent study of the OECD (2001) sampled some 246 different codes of corporate conduct, addressing a wide variety of issues, ranging from labour standards and human rights to environmental stewardship and consumer protection. Some codes cover many different issues, but some are very narrow, sometimes restrained to only one issue. The study also revealed a large diversity of approaches, from codes with explicit substantive content to mere management system codes. And finally, but probably the most important difference, codes reveal various degrees of commitment towards CSR: most codes are self-declared, self-imposed and very little constraining.  But some codes are developed and monitored by external actors; some even involve various forms of cooperation with NGOs, especially when the process leads to some kind of certification of «good conduct». 



A largely positive reception…


Notwithstanding the diversity and vagueness of these codes of conduct, the mere proliferation of these voluntary private initiatives towards some broader social objectives than sole profit is usually perceived quite positively. Many people consider such initiatives as a commitment by companies to serve, or at least to respect, the interests of a larger range of stakeholders than their own shareholders. Instead of being in opposition, profits and common good could be reconciled through a form of win-win strategy; financial, social and environmental performances are, or at least could be, convergent.


Not surprisingly, this possibility is very much welcomed, at least in Canada.  A recent survey conducted on behalf of the Canadian Democracy and Corporate Accountability Commission (2002)  reported that 72% of the Canadian population approved of this new vision of corporation's role and responsibilities.  One might think that shareholders would not "share" this opinion.  But the survey also revealed that even more shareholders agreed to this profound revision of the corporation's mission: 74% of Canadian shareholders agreed.  If corporate social responsibility is so largely welcomed, then corporate codes of conduct, the most obvious implementation tool of CSR,  might be used as a promising avenue to reconcile private and public interest. Many interested parties apparently think so, including business associations as well as NGOs. And these hopes accordingly give rise to considerable efforts to define codes and design implementation and monitoring tools that would make this reconciliation operational. 



… but also some scepticism


Of course, there are also lots of sceptics, who believe that corporate codes of conduct are mere window-dressing.  And the simple fact that the main widely acknowledged motivation of business leaders in adopting such codes is to escape or to delay government regulation is indeed reason enough to arouse suspicion.  It is not surprising that managers would prefer the "soft law" of voluntary codes of conduct to the "hard law" of command and control government regulation.  Detractors insist that codes of corporate conduct are designed to protect profits, not to curtail them. And recent empirical research brings support to this position by confirming that corporate codes of conduct are, or at least could be used as efficient marketing tools.  For instance, Maignan and Ferrel (2001) argue that codes of conduct do improve both employee's loyalty and consumer's fidelity.  One could argue that underlying motives might not be so important if codes and certification did generate better results. But scepticism bears as much on effectiveness as on motivation; commitments are nice to hear, but do they really translate into concrete action? And even if they do, does more responsible behaviour really generate better social and environmental performance? 


Two main categories of practical difficulties severely limit the regulatory potential of corporate codes of conduct:  the problem of definition and the problem of implementation.  In the first place, effectiveness of codes of conduct is plagued by the generalised presence of vague, low and non-operational standards.  Codes tend to be limited to what the corporation already does well and ignore the problematic issues.  This is at least partly explained by the fact that most codes are issued by corporations themselves (48% according to the OECD survey, 2001), or by business associations (38%), leaving small room for codes issued by non-profit actors, governments or NGOs.  Accordingly, private codes are often procedural (like the ISO certification) rather than substantive (like the Global Report Initiative referential), meaning that the corporate commitment is limited to the adoption of management procedures to deal with specified social or environmental issues, but does not have to set any specific targets of performance.  Consequently, a bad performance could nevertheless respect the code of conduct.  On the other hand, the weak impact of codes could rather be due to the absence of formal implementation mechanisms.  The OECD survey (2001) reported that only 32% of the sampled codes discussed implementation issues.  Other studies observed a very loose control of compliance; for instance, Kolk (1999) observed that no more than 44% of companies who adopted a formal code of conduct with labour rights provisions did control compliance at all. 


One would think that codes and certifications monitored by external actors would not give rise to such credibility problems.  But here again, empirical evidence (Hepple, 1999; O'Rourke, 2000) reveals numerous and serious flaws in the auditing process of even some of the more respected certifications, such as the SA8000 (LARIC, 1999): flexibility of standards, incompetence of auditors, lack of factual information, confidentiality of reports are but some of the most glaring deficiencies of the monitoring system.  And the rapid expansion of a «certification industry», which implies that social auditing is largely becoming the business of private companies paid by their own clients to monitor their social and environmental performance, does not contribute to the credibility of the whole process.


It is thus not surprising then that some detractors will go as far as to assert that the «service industry for monitoring codes is driven by the logic of global corporate rule» (LARIC, 1999), and that ultimately, codes and certifications are not only inefficient, but are indeed detrimental to truly more responsible corporate behaviour. Should then voluntary corporate social responsibility, codes of corporate conduct and certification of responsible behaviour still be viewed as a positive social development which ought to be encouraged?  Should they not rather be considered as potentially dangerous sources of counter-intuitive effects, to be considered very critically, if not with distrust?



The regulatory potential of corporate codes of conduct


Self-regulation may be plagued by numerous and serious weaknesses, but its regulatory potential still has to be judged against possible alternatives:  what are the options?  The first one, which is indeed the actual trend in North-America, is to keep improving private regulation, finding ways to alleviate its main dysfunctions.  The second option, the exact opposite, is the revival of public regulation, both at the national and the supranational level. And we believe there exists a third way, that would reside in an unprecedented hybrid model of regulation characterised by the integration of different levels and logics of regulation.



The improvement of private regulation


We have already observed that there is still a lot of room to improve the actual processes of private regulation, in particular through the expansion and generalisation of external monitoring.  According to OECD studies (2001-3), external monitoring is not very popular as a source of compliance control; less than 2% of all corporations surveyed were open to external verification of their social and environmental performance.  Customary external control would be an obvious way to improve the credibility of private regulation, especially if independent control was coupled with standardisation of norms and professionalisation of procedures.  And there are reasons to be optimistic about future developments in that direction. For instance, even if its forthcoming certification will be essentially procedural, the entry of ISO in the CRS certification business will probably help upgrading the industry's standards. 


But even if private regulation improved enough to gain widespread credibility, the regulatory potential of corporate codes of conduct would still be constrained by the dominant voluntary approach to corporate social responsibility.  As long as corporations are free to self-select to adopt or not an externally monitored code of conduct, the problems of legitimacy of private regulation will persist.  At first look, private regulation is like a secular version of the "pari de Pascal", which suggested that one has nothing to loose in believing in God:  if he does exist, you win; if he does not, you loose nothing, a rather safe bet.  But the consequences are not so inconsequential in the case of private regulation; they might, in fact, be detrimental. Codes of conduct, and to an even higher degree externally monitored certification, are sources of social legitimacy that constitute a corporate asset and that managers accordingly use as a strategic tool.  An ISO 14001 or SA8000 company is obviously considered as a «better» company than a competitor who is not, and it will take advantage of this positive perception.  Private regulation sometimes sends false signals of good behaviour and even confers undeserved legitimacy (Champion et Gendron, 2003). These are not very useful features for a regulatory system.



The revival of public regulation


Unfortunately, the weaknesses of private regulation do not automatically transmute into public regulation strengths.  We must first acknowledge the reasons for past deregulation; there were mutual benefits to corporations and governments.  Corporations welcomed deregulation because it gave them more autonomy to choose relevant and cost-effective ways to meat social and environmental objectives, but governments were also satisfied to shift the burdens and costs of regulation to private actors.  This apparently win-win situation has not suddenly disappeared.  Furthermore, as Petrella (1989) suggests, new partnerships have now emerged between corporations and governments in the context of economic globalisation;  corporations are the main agents of wealth creation and governments are increasingly willing to support their national "champions" by giving them the required autonomy to compete successfully on the international scene.  If corporations once were instruments of public policy, these roles now appear to have been exchanged.


On the other hand, supranational public regulation does not appear to be forthcoming.  There does not exist so far any international authority to institutionalise social responsibility regulation. The World Trade Organisation is presently the only organisation that has the coercive power to impose rules at the international level, but the WTO's logic and very raison d'être are economic, not social or environmental.  So, albeit for different reasons, the potential of efficient public international regulation does not appear to be much stronger than that of private regulation.  Private regulation does not have the legitimacy; public regulation does not have the means.  Apparently, the only way out is in a hybrid model, where regulatory responsibilities are shared among agents: market, state and civil society.



A new hybrid system of regulation


In order to bridge the gap between the respective advantages of the preceding options, the new system will have to be hybrid on different levels.  First of all, it would conceivably be at the same time private and public, which means proposed and designed by private actors, but framed by public authorities; private actors could work out appropriate norms and procedures, but monitoring (or at least monitoring the monitors) would be in the public sphere in order to insure credibility and legitimacy.  On the other hand, this regulation system will probably be configured as a complex articulation of national regulation systems with international norms.  Procedural norms (like ISO), which tend to be incorporated in national legislation, will have to be articulated with substantive norms, some of which have long been adopted by international organisations (like the International Work Organisation) without yet getting the necessary support to be enforced effectively.  Finally, this regulatory system will have to reconcile two different logics, the voluntary and the mandatory. For instance, certification is obviously a voluntary initiative, but the decision to be certified is made, some labelling and traceability become compulsory; opposed in theory, but logics can be complementary and reconcilable in practice.


If corporate codes of conduct are to play a significant role as global regulation mechanisms, the complex hybridization that we anticipate will somehow have to worked out; carried by multiple actors, articulating public and private, national and international, voluntary and compulsory, it will raise unprecedented challenges.  But is there any other way?




BRADLEY, P. (1999), in CDCAC (2001), «An Overview of the Issues».






CANADIAN DEMOCRACY AND CORPORATE ACCOUNTABILITY COMMISSION (2002), «The New Balance Sheet: Corporate Profits and Responsibility in the 21th Century»,


CHAMPION, E. et C. GENDRON (2003), «Le développement durable selon Monsanto», Oeconomia Humana : Bulletin de la Chaire Économie et Humanisme, Vol. 1, No. 6,


CHEVALIER, J. (1987), «Les enjeux de la déréglementation», Revue de droit public, Tome 103, pp. 281-319.


KPMG-CANADA, (2000), «Sondage KPMG sur l’éthique»,


KOLK, A. and al. (1999), «International Codes of Conduct and Corporate Responsibility: Can Transnational Corporations Regulate Themselves?», Transnational Corporations, no. 8, pp.143-180.


GENDRON, C. et M.-F. TURCOTTE, «Environnement, concertation et déréglementation : la modernisation réglementaire à l’heure des méta-enjeux», Sociologies pratiques, Vol. 7, pp.139-156.


GRI (2002), Sustainability Reporting Guidelines, 64 p.


HARISSON, K. (2001),  «Volontarisme et gouvernance environnementale, sous la direction de E. Parsons, Gérer l’environnement : défis constants, solutions incertaines, pp. 209-247, Presses de l’université de Montréal.


HEPPLE, B. (1999), «A Race to the Top? International Investment Guidelines and Corporate Codes of Conduct», Comparative Labour Law & Policy Journal, no. 20, pp. 347-363.


ISO-COPOLCO (2002), The Desirability and Feasability of ISO Corporate Social Responsibility Standards,


ISSALYS, P. (1999), «Figures et avenir de la réglementation», Éthique publique, vol. 1, no. 2, pp. 83-91.


LARIC (Labour Rights in China, 1999), «No Illusions. Against the Global Cosmetic SA8000«, China Labour Bulletin, Asia Monitor Ressource Center, pp. 1-14.


MAIGNAN, I and O.C. FERREL (2001), «Corporate Citizenship as a Marketing Instrument:  Concepts, Evidence and Research», European Journal of Marketing, Vol. 35, No. 3-4, pp. 47-62.


OCDE (1997), «Rapport de l’OCDE sur la réforme de la réglementation-Synthèse».


OCDE (2000), «Inventaire des codes de conduite des entreprises», Groupe de travail du comité des échanges, 121 p.


OECD (2001), «Corporate Responsibility:  Results of a Fact-Findind Mission on Private Initiatives», Directorate for Financial, Fiscal and Enterprise Affairs, no. 2, pp.1-23.


OECD (2001/3), «Making Codes of Corporate Conduct Work:  Management Control Systems and Corporate Responsibility», Working Papers on International Investment,


O’ROURKE, D. (2000), «Monitoring the Monitors: A Critique of Pricewaterhouse Labour Monitoring», Unpublished manuscript, Department of Urban Studies and Planning’ Massachusetts Institute of Technology, pp.1-15.


PETRELLA, R. (1989), «La mondialisation de la technologie et de l’économie», Futuribles, Septembre, pp. 3-25.


PRIEST, M. (1997-98), «The Privatization of Regulation: Five Models of Self-Regulation», Ottawa Law Review, vol. 29, no. 2, pp. 233-267.