OKRs and Insider Trading
How can we shape top-level OKRs with the business which contain sensitive financial information which could increase the risk of insider trading as we are a publicly listed company?
The question has been asked along the lines of:
How can we shape top-level OKRs with the business which contain sensitive financial information which could increase the risk of insider trading as we are a publicly listed company?
There are several answers to this question – you’ll need to figure out which ones pertain to your situation.
First Argument – These are Not the OKRs You are Looking For
First off, the “sensitive financial information which could increase the risk of insider trading” would generally be very high-level financial information and would not be any one person (or team’s) OKRs. OKRs are supposed to be the few things that you, as an individual (or as a team), can control and improve. Everyone in the organization influences, to some extent, those overall financial measures, but only through their activities, which by their nature are just a small portion of all the things that need to get done to significantly change a high-level financial key-result. The top-level "sensitive financial measures" are calculated from those many components but are not an OKR in themselves.
Even if someone made the mistake of making these “sensitive financial information” into an OKR, that OKR would be assigned to senior members of the organization, but they already have access to that information! The possibility of them using that information for insider trading existed long before you made it into an OKR.
Now there will be some OKRs that are either financially based, such as "Days Payables Outstanding" or "$ Inventory". There are others that could be extrapolated into financial data, such as "Average Sales by Customer" combined with "Number of Customers". Those OKRs are obviously not the "sensitive financial information" referred to in this question.
Second Argument – Confidential Information
Confidentiality issues have existed long before OKRs came along. There is considerable legislation to protect investors from insider information being used and those laws must still be followed within an OKR approach. Typically these regulations include the need for people who do have access to sensitive financial information which could lead to insider trading to sign restricted trading clauses in their employment agreements, such as:
"No employee or director shall purchase or sell any type of security while in possession of material, non-public information relating to the security, whether the issuer of such security is the Company, its subsidiary or any other affiliated company. Additionally, no employee or director shall purchase or sell any security of the Company during the period beginning the seventh day of the third month of any fiscal quarter of the Company and ending two days after the public release of earnings data prepared in accordance with the Listing agreement with the Stock Exchanges."
Third Argument – Compartmentalized Detailed OKR Data
OKRs are focused on the operational aspects of the great work done by individuals and teams. In larger organizations, as publicly traded companies tend to be, those detailed OKRs are most relevant and mainly only shared within that area. This means that each area has detailed knowledge of their part of the puzzle, but not the whole picture. HR knows HR stuff (e.g. HR may have OKR targets for downsizing, but that would not be shared outside of HR), IT knows IT stuff, Sales knows sales stuff.
Now some OKRs are shared across organization boundaries - those that impact the down-stream or linked processes need to know how their Partner area is performing to better organize their activities. For example, if I need some many parts from the shop-floor, I'd like to know how many are coming and have some visibility into operational issues they are having, etc. But I am not seeing all of the shop floor area's OKRs.
Likewise, upstream processes may also need to see some of my area's OKRs to track the impact of their work.
In all cases, it is just small bits of the puzzle. This means that they cannot create an overall performance view, let alone the financial implications of that data that impacts investors.
So, to a large extent, the risk of data leaking out of an OKR system that would enable insider trading is unlikely.
Fourth Argument – Protecting Company Secrets
Most OKR software have access rights and security to ensure data is only seen by the right people, so accidental access is avoided.
For data that does need to be shared, the normal solution is to index it. Typically once performance data goes outside the department it is reported as a “percentage or target”, such as “83% of New Customers Acquisition target”. Why? Because in most cases the other departments do not understand the detailed metrics of your area. The only way they can understand your performance is to compare it to something (target, last year, best-in-class, etc.)
Fifth Argument – The Whole is Different than the Sum of the Parts
But, let’s assume that there is a group of employees – one from each department – who get together to share their department’s detailed performance numbers. Vision a war-room where they have plastered those numbers on charts and spreadsheets all over the wall (kind of like the Executive team does). What do you think the chances are that they could make accurate and correct financial projections of “sensitive financial information that could lead to insider trading”? Obviously quite low since most executive teams cannot even do so as seen by the failed earnings projections etc. In fact, if such a team and capability were to exist, I say “Promote those people to executive status!”, or better yet, they should start up an Investment Brokerage and make some serious money.
Sure, they can make an educated guess, but in fact, the data they are using could be cobbled together from outsiders too – suppliers, customers, competitors – from their own records, internet searches, hanging out at local bars, etc. That data is a long way away from being insider data because it is detailed operational numbers that need to be analyzed.
Sixth Argument – Open Book Management
Jack Stack wrote a great book in 1993 that was great at the time and seems to have had a huge resurgence. His argument is that all this financial information should be widely shared. Thousands of companies have done so to great effect - and maybe instead of hiding the data, it should be shared.
Take a look at Jack's approaches.
Seventh Argument – Education
Even without OKRs, your organization should have education on insider trading. Implementing an education plan on what constitutes insider trading and material information can help employees from both partaking in insider trading, and accidentally or intentionally sharing non-public material information. In this way the risk of insider trading is further reduced – whether the weak link be the OKR system, or some other source.
Eighth Argument – Risk Management 101
Above and beyond all the previous points, every publicly traded organization needs to have an effective Risk Management process (team). This responsibility includes setting up a process whereby employees must declare their holdings and thereby help identify insider trading.
..and furthermore...
The good news is that OKRs do drive better performance…and can be easily included in a fair-deal compensation system. If employees are ethically rewarded for the performance improvements they have contributed to, they can easily be correctly rewarded so that there is less motivation to take illegal action to get their rewards.
…but about the issue behind the question… Another excuse to avoid change?
We have heard similar, but different, arguments about almost all change efforts in organizations. We often see individuals trying to use “regulatory requirements” (in this case, insider trading) as a lever to resist change. It is worthwhile exploring whether this question is a legitimate concern for your organization or a "I hate change" smoke screen. If legitimate, adjust your OKR solution to comply with insider trading constraints from the ideas from above. If not...dig out some change management approaches!