Making rules

Society of angels

An exam I sat when I was eighteen had a question I ponder to this day. I rarely remember anything of an exam, so it must have caught my imagination. It was this:

Do you need laws in a society of angels?

If you assume angels are both good and wise, and your aims in legislating are also good, you don’t need rules backed by sanctions to get angels to do the right thing. But I thought you would still want a particular type of law. Laws align behaviour practically as well as morally. For example, it is not a moral decision which side of the road cars should drive on. But it is a moral decision to drive on the same side as everyone else. Admittedly you probably don’t need sanctions in the republic of angels; this is an agreed convention.

It is, of course, possible for the interests of two good people to come into conflict, and you may need rules to solve that conflict. But my purpose here is not to rewrite that past paper (honestly) but to reflect on the role of rules and regulations inside our organisations.

I think there are similarly two classes of rules inside our organisations: those that try to define and punish bad behaviour and those that seek to establish helpful shared conventions. We have too much of one and not enough of the other.

Although I don’t think that angels are a significant demographic in our workforce, I do think the majority of people have good intentions. Perhaps we are sometimes parochial and often prefer pleasant to unpleasant tasks, but we generally rise to meet expectations.

There is, sadly, a small minority of crooks. And a different group of unhappy and self-destructive individuals who can drag you down with them.

You face a difficult question: for which group do you design your rules? Bear in mind that rules are not without cost. With every rule you create, you sacrifice a small amount of discretion and engagement. And, just as people rise to meet high expectations, they also sink to meet low expectations. The best way to create an untrustworthy workforce is to distrust them.

There are some crimes you cannot permit – where the consequences of a single infraction are disastrous. Safeguarding, for example, discrimination or large scale fraud. There will be others unique to your organisation. In these areas you should have clear and uncompromising rules. There won’t be too many of them.

Rules might also be useful in people management. These sorts of decisions do bring those tendencies toward parochialism and avoidance to the fore. See the ideas of management debt and unfair kindness for a deeper discussion. I see these more as constraints on management than on staff however – limits to authority rather than limits to autonomy. There’s a difference between rules on diversity in hiring, for example, and a complex expenses policy.

So, you need a few rules to guard against disaster and the misuse of power. In many other areas, the cost in discretion and trust outweighs the losses of the imagined infractions. Set out some broad and general principles and then scrap as many of these other rules as you can. Netflix’s expense policy is often held up as a prime example here: “act in Netflix’s best interests”. That’s it.

Although you may miss some individual cases, you can often spot someone who is taking advantage more generally. With some broad principles in place, you are in a good position to manage their conduct.

Where the risk is low, legislate for the many, not the few. It will make the few rules you have all the more stark. Ten non-negotiables are more potent than a ring binder stuffed full of petty regulations.

This brings us to shared conventions. They are entirely different. Common ways of doing things can – paradoxically – liberate discretion and build trust.

If you design them carefully, conventions (standards, best practices, guidelines, protocols) help people focus their energy on the problems and opportunities where their creativity is needed. Think of them in the light of cognitive load theory. In any given role or process, where do you want people to deploy their ingenuity and perform original thought? They only have the time and space for so much. If the rest can be standardised, even automated, you create a lot of freedom in the places where it counts.

An education analogy: you are a more effective mathematician if you can spend more time thinking about your problem-solving strategy and less time on basic sums (because you have become fluent in them). Memorising your times tables does have a point.

In a similar vein, you want your salespeople understanding and convincing customers and less time inventing their own tools for managing their pipeline. You want your teachers diagnosing the misconceptions of a specific class, or inspiring a child who has had a tough time, and less time preparing resources from scratch for a lesson that many people have taught before.

As these examples hint however, if you want to make ground in standardising professional activities, you need to show a clear win in freeing up creative space. It is easy to see clumsy standardisation as a threat to autonomy rather than the boon it should be.

Standardised processes also build trust because they make it easier to predict other people’s behaviour. You know how they will go about things and can easily collaborate with them.

So, in designing procedures, my ideal is, firstly, a small number of strict rules in high-risk areas and minimal rules elsewhere, just broad ethical principles. And, secondly, a good number of thoughtful standardised processes, each of which protects explicit spaces where we want people to be original and creative. Many organisations have the opposite: lots of rules and little best practice. I know it’s a subtle distinction, but it is an important one.

What is that subtle difference between a rule and a convention? A rule is an instruction backed by a sanction and imposed by authority. A convention is the explicit shared wisdom about the best way to perform a task, owned and updated by those who perform it. It evolves gradually as people learn what works. It belongs to them, and they take pride in it as representing their best. You should be able to depart from a convention if you have good reason (although you would rarely want to). As noted above, a good convention would call out the areas of freedom that it supports and encapsulates. A good convention is a tool rather than a constraint.

That’s the ideal. I have to say that it is easier to add procedures than it is to take them away. Organisations get used to their rules and grow vested interests around them. There are jobs that exist to monitor and enforce them. Organisations also live down to their rules, so it does look like they are necessary. It takes a leap of faith to conclude that behaviour could improve as a result of reducing rather than increasing regulations. A lot of organisations as they ‘grow up’ think they need more rules like the big bad corporation they aspire to be. They probably don’t – the big bad corporations are jealous of their agility – but they might want to invest in some more shared conventions instead.