“Hearing a Lecture” and “Changing Behavior” Are Two Different Things
There was news that players from the professional soccer club Azul Claro Numazu in Shizuoka attended a compliance lecture on “the current state of special fraud,” led by a lawyer. On the surface, this seems like a model initiative. However, I want owners and managers of small and medium-sized enterprises (SMEs) to recognize a certain “dangerous illusion” from this news. It is the fantasy that “compliance will be upheld as long as we provide education.”
This lecture was held in response to increased player use of social media—risks of careless posts damaging the club’s reputation—and the risk of fraud targeting high-income earners. Certainly, “not knowing” is the greatest risk, so imparting knowledge is a meaningful first step.
However, we must not stop thinking there. The essence of governance is not the “transmission of knowledge,” but the design of “a system that reliably elicits appropriate, knowledge-based actions from the organization as a whole.” Being satisfied with the fact that a lecture was held and merely checking a box solves nothing. It can even lead to the “ritualization of governance,” where only a “sense of having done something” remains, delaying the implementation of effective measures.
Why Does “Education Dependency” Fail? Three Structural Problems
Why do scandals persist in many organizations despite their emphasis on compliance education? There are three structural problems inherent in the educational approach itself.
1. The “Fragility” of Relying on Individual Memory and Goodwill
Knowledge gained from a lecture fades over time. Before a tense match or amidst transfer rumors, the lecture’s content will likely fly out of one’s head. Governance is a system designed to ensure the organization takes desirable actions not when individuals are at their best, but during times of “maximum pressure,” “peak busyness,” or “impaired judgment.” A design that relies on individual memory or morality is inherently fragile.
2. The Lack of “Translation” into Action
Messages like “beware of fraud” or “be careful with social media posts” are abstract. So, what should one do specifically? Who to report a suspicious call to, and how? Before posting on Instagram, whose approval is needed for that photo or comment? Is the approval process something that can be completed in 30 seconds from a smartphone, or is it so cumbersome that people want to bypass it? Without a design that translates knowledge into concrete “action protocols” and “tools” woven into daily work, the effect of education is limited.
3. Decreased Risk Perception Due to a “Sense of Accomplishment”
This is the most dangerous side effect. Management and administrative departments may mistakenly believe that “compliance measures are complete” or “significantly advanced” simply because “a lecture was held.” This leads to postponing investment in more essential and effective systems (e.g., introducing a simple approval system for social media posts or building a double-check rule for financial transactions). It can even create a “safety myth” that paralyzes the organization’s overall sense of risk.
Learning from Azul Claro Numazu’s Case: Shifting SMEs’ Focus to “Design”
So, using this news as material, let’s consider concrete actions for how SMEs can design “systems” that go beyond lectures. Let’s replace Azul Claro Numazu’s case with a typical SME (e.g., an IT or sales company where employees might post company information on social media or engage in personal transactions related to business).
Action 1: Break Down Rules into “Action Flows”
Translate a rule like “be careful with SNS posts” into a concrete action flow like the following:
- Clarify the Scope: Create an “image list” enumerating specific NG patterns—photos showing the company logo, backgrounds revealing meetings with clients, images that might include unreleased products, etc.
- Simplify the Approval Flow: If pre-approval is required, design a “light” process where one simply posts the image and draft text in a specific channel of an internal chat tool (Slack, Teams, etc.), and receives an OK/NG stamp from the responsible person within 30 minutes. Cumbersome email approvals or paper-based requests significantly reduce compliance rates.
- Emergency Response: Document the procedure for “immediate deletion and reporting” in case of an accidental post, and ensure everyone knows there are no penalties for reporting it.
Action 2: Incorporate Mechanisms to “Visualize” Risk
Make risks visible through systems, not by relying on individual goodwill. For example, to prevent sales staff from engaging in personal monetary loans with clients (a potential compliance violation), having them sign an “annual confirmation form for major compliance matters” once a year is insufficient.
Instead, slightly alter the design of the accounting system. Set a rule so that when an entry is made for a high-value transfer to a personal account or a payment to an individual who is not a business partner—transactions clearly different from normal expense claims—an alert email is automatically sent to the accounting manager and general affairs manager. This functions as an “automatic safety net” to protect company assets, not to monitor individuals. Technically, it’s a simple mechanism possible with many accounting software packages.
Action 3: Elevate “Education” to an “Opportunity to Verify Design”
This is not to completely否定 lectures or e-learning. However, change their purpose from “knowledge injection” to “a venue for understanding the designed system and gathering feedback.”
During a lecture, have participants practice: “Now, let’s actually operate the simplified SNS approval flow on your smartphone.” Immediately collect feedback like “this button is hard to find” or “I don’t know the substitute when the approver is absent,” and use it to improve the system itself. This transforms education from a one-off event into part of a “continuous improvement process” that refines the mechanisms.
Governance is Designing the Organization’s “Default”
Excellent governance is not about creating a state where each employee must consciously make the “right choice” every single day. Quite the opposite. It is about designing systems, processes, and tools to create a state where the easiest, most effortless choice (the default) automatically becomes the “action desirable for the organization.”
If posting an image in chat is easier than filling out a cumbersome application form, people will naturally follow the application rule. If they know that entering a suspicious transaction triggers an automatic alert, the barrier to misconduct rises significantly. This “design of the default” is the true governance task for management and administrative departments.
Don’t just consume the Azul Claro Numazu news as a “good practice example.” Use it as material to ask, “So, how will we design the ‘system beyond the lecture’ in our company?” Compliance is not something learned by ear; it only comes alive when embedded into the workflow.
Comments