The International Chamber of Commerce has been a major rule-setter for international advertising since 1937, when the first ICC Code on Advertising Practice was issued. Since then, it has extended the ICC self-regulatory framework on many occasions to assist companies in marketing their products responsibly. Previously separate codes were revised and brought together in 2006 as the Consolidated ICC Code of Advertising and Marketing Communications Practice[1]and most recently updated in the 2011 revision, following in the long-established tradition of promoting high ethical standards for advertisers, advertising agencies and the media around the world. The global codes are regularly reviewed and updated by the ICC Commission on Marketing and Advertising, which brings together some of the best marketing, self-regulatory and legal expertise available from the range of participants in the industry and from around the world.

The Code is a fundamental underpinning but the credibility of self-regulation depends on its implementation. For the individual company or any other organization a commitment to a Code of Conduct will be of true benefit only when the principles and rules are made part of the governing policy and are actively applied and enforced.

This Guide has been drawn up with a view to facilitate the practical use of the ICC Marketing Codes specifically. However, it is based on general and sound principles of compliance, and may therefore prove helpful in relation to other sets of rules. In particular, it will easily apply to the implementation of national or sectoral codes in the field of marketing communications, which throughout the world are based on the ICC Codes.

Although the Guide gives advice on how to implement the Codes within an organization, the need to support and combine efforts with any relevant self-regulatory bodies set up by the industry should be underscored. When established with the means to be effective, such schemes multiply the value of self-regulation. Consultation of self-regulatory decisions and copy advice facilities can also provide deeper understanding of interpretation matters. 

Scope
This Guide provides principles and guidance for the implementation of the ICC Marketing Codes within an organization (company, firm, undertaking or association), including measures for maintaining and improving compliance with them. Where appropriate the Guide can also be used in connection with other commitments of a self-regulatory nature.

Objective
The objective of this Guide is to facilitate effective implementation of the ICC Marketing Codes and similar self-regulatory frameworks. The Guide can be used as a stand-alone document, but should preferably be combined with other relevant instruments such as compliance or training programmes where they exist.

Principles

  1. Endorsement and commitment
    The board/top management should endorse the Code in question and make a firm commitment to effective compliance that is to permeate all relevant parts of the organization, including branch offices and subsidiaries. This should be supported by action.
  2. Policy integration
    The endorsed Code – and adherence to relevant industry rules based upon it - should be made an integral part of the organization’s strategy and business objectives. This should be effectively communicated to the organization. The implementation should be so framed as to take due account of relevant cultural and commercial conditions and applicable legal requirements. Any organization specific rules or amendments must be compatible with the Code.
  3. Obligations and responsibility
    Obligations under the Code should be clearly identified and responsibilities for compliance should be assigned.
  4. Interpretation
    The Code should be interpreted in the spirit as well as to the letter. It should be made clear from the outset that circumvention of the rules will not be accepted.
  5. Resources and support
    Adequate resources should be allocated to raise and maintain Code awareness in the organization, and to allow for effective Code management. Support functions should be put in place, as needed.
  6. Education and training
    Education should be provided for all concerned so as to ensure sufficient knowledge of the Code’s substantive rules and the ensuing obligations. Where appropriate, assessment training should be provided.
  7. Monitoring and controls
    Adherence to the Code should be monitored systematically, and checks be put in place to manage the identified obligations. Monitoring should be followed by action for improvement.
  8. Encouragement and sanctions
    Conduct that creates and promotes compliance with the Code should be encouraged and rewarded, whereas conduct that undermines the respect for the Code should not be tolerated.
  9. Follow-up and improvement
    Implementation should be an ongoing process, not a one-time event. Feedback should be used to assess and improve performance.

Application

Endorsement and commitment
For the Code to take effect within the organization it must be clearly and visibly endorsed by the Board/ top management. Effective implementation requires an active commitment from the leadership to develop and maintain a programme for its operation and enforcement.

There should be an explicit message that observance of the Code is mandatory, and that lip-service does not meet the compliance requirement. Compliance should be the same as for any legal obligation. Also, it should be clear from the outset that accountability will be assigned to relevant management levels throughout the organization.

The reasons why the Code is being implemented should be widely communicated to the organization. This should always include the fundamental values of self-regulation, in particular its trust-building and brand enhancing features, but may also address specific situations and political issues, as appropriate.

The implementation programme should be drawn up and explained in a document that is readily available to all employees concerned, using plain language that all can understand. Where appropriate, it may include instructions for how specific local or regional circumstances or requirements can be accommodated when applying the Code. Obviously, how elaborate and detailed the programme needs to be depends on a number of factors, e.g. the diversity and size of the organization. However, care should be taken not to make it more complex than necessary.

Policy integration
The Code should be presented as an instrument that will help the organization to achieve its business objectives. It should therefore become an integral part of the organization’s business strategies, plans and operational policies.

It should be explained that the Code, in its field of application and together with other related documents, sets the ethical benchmark of the organization, and how that relates to assets such as brand value. The way these ethical norms impact on the organization’s activities and communications should also be outlined. All of this should be done in a manner that takes account of the organization’s degree of complexity (size, structure etc) and fields of operation. Particular attention should be given to relevant, ethically sensitive areas (target groups, culture, type of products, communications, etc).

Observance of the Code should be required of external suppliers and made part of the contract.

Obligations and responsibility
Responsibilities for managing the Code should be clearly identified and assigned. This should include observance of the substantive rules as a matter of professional diligence, as well as compliance procedures at different levels and stages. Responsibilities should be matched by adequate powers of intervention. Likewise, accountability should come with responsibility, and be applied in practice.

Particular compliance risks should be identified and potential consequences of failures be analysed. If needed, responsibilities and powers should be specified and enhanced.

It should be clarified that certain “excuses” are not accepted. The fact that competitors allegedly are using unethical practices is not a valid reason for doing the same, nor do sluggish sales justify breaches of the Code.

Large organizations often have a dedicated compliance officer with operational responsibility for compliance. Smaller organizations may also have someone with such overall responsibility, although combined with other tasks. As the Code should be part of the organization’s total “normative package”, it is likely to fit well into the responsibilities of that position. However, appointing a person or a group as generally responsible for code management does not relieve others of their assigned responsibilities. Successful implementation depends on cooperation, and managers should lead by example. A way of promoting compliance may be to have ethical conduct explicitly mentioned in position descriptions.

Interpretation
Adherence to the Code is not just a matter of mechanical application. The rules have to be understood against the background of the Code’s basic principles and its purpose and objectives. A formalistic approach should not be adopted. This means, for example, that a practice which clearly runs against the ethical principles underpinning the Code should not be undertaken, even though it is not explicitly addressed by any specific article. Also, using a name or a denomination different from the Code’s terminology for the purpose of circumvention, should not be permissible.

In most cases, the understanding of the Code should be unproblematic for a person with adequate training. However, borderline issues are likely to arise now and then. Those should be addressed with due care and insight, taking into consideration possible overall policy implications. Decisions should be recorded and kept easily available for employees concerned to ensure coherent and consistent application.

Resources and support
The introduction and maintenance of the Code as an instrument in the day-to-day operation of the organization are bound to require some dedicated resources, depending on the kind of organization. However, it is crucial that adequate resources are provided. Lack of resources tend to be taken as a sign of low priority, and undermines the respect for the Code and may put the credibility of the leadership’s basic commitment in doubt.

Resources will be required for such activities as communications and education/training, and for setting up mechanisms for information sourcing, complaints handling, feedback analysis, referral of controversial issues, and enforcement etc. Also, there is likely to be a need for various tools, such as checklists or manuals, to facilitate the application of the Code.

It is essential that line managers and employees who are faced with obligations and responsibilities are given adequate support. In particular they should have easy access to advice, whether in-house or externally. Seeking advice is an important component of an overall compliance culture, and should be encouraged.

Education and training
When introducing the Code for the first time there is usually a need to raise both awareness and knowledge of its substance and function. This may require a fairly extensive education effort. This should be adapted to the specific features and operations of the organization, so as to make the Code seem relevant from the start. Practical orientation with illustrative examples is usually better than just dry theory.

The purpose of the broad education should not be to turn everybody into code experts, but rather to convey basic knowledge and the ability to identify elements that might be problematic or controversial, and hence to seek advice/referral. Those having taken the course should be able to confirm they are familiar with the Code contents and understand its principles and the relevant ensuing obligations.

For those who have particular, identified responsibilities for the application of the Code, further in-depth training may be required. That is likely to focus on assessment capability, in terms of Code substance and in relation to organizational policies and objectives.

Education and training should include information about any existing self-regulatory body, set up by industry for the purpose of applying the Code in a given country. It should be made clear that decisions by such a body are to be followed. The organization should make sure those concerned can easily stay informed of the relevant self-regulatory “case-law”.

Perhaps the most difficult part here is to keep awareness and knowledge alive over time. Knowledge tends to fade, new persons come into the organization, and positions change. Therefore, an education and training plan should be established so as to ensure knowledge maintenance and development are kept up.

Monitoring and controls
The effectiveness of the implementation programme should be regularly monitored to ensure the desired performance and behaviours are achieved. Even if monitoring is done by means of sample testing it should be based on a systematic approach. Monitoring should be geared towards identifying compliance problems and points where the system does not work satisfactorily, but also functions that meet requirements particularly well. Code monitoring can target specific areas or functions, and may be carried out as an integral part of the overall compliance monitoring.

Monitoring is not an end in itself. It is undertaken for a learning purpose so that problems can be remedied and performance improved. Depending on the complexity of the system, specific indicators may have to be developed.

Some controls and check-points are necessary to ensure that Code obligations are met and risks of compliance failure eliminated as far as possible. Preferably, these controls should be designed to fit into the normal decision making process, and not as a stand-alone procedure. However, it is essential that control requirements are clear and documented. For instance, points where approval is mandatory should not be perceived as optional.

Encouragement and sanctions
Code compliance is effectively promoted by the full understanding of its contribution to the achievement of the organization’s business objectives. However, code implementation also needs to involve encouragement as well as deterrence.

This means that compliant behaviour should be visibly rewarded, and sanctions applied in cases of intentional or negligent disregard of the Code or the procedures put in place.

Although a code of conduct is not a legal regulation, it should be made clear that once adopted by the organization it is not a voluntary instrument, which is optional to follow. Top management should state that breaches will not be tolerated, and that action will follow if needed. The implications for staff could be generally set out in the conditions of employment.

Follow-up and improvement
Monitoring and other follow-up initiatives should be used as a basis for continual improvement of the Code implementation programme. This should include the review of the programme itself.

There are a number of information sources that can be used for this purpose. Apart from monitoring results and feedback from the organization’s own staff, complaints from customers and comments from suppliers and regulators can be analysed. Results may be used to set compliance benchmarks and/or performance targets.