Two weeks ago we learned that Boeing’s board settled a shareholder suit for $237 million related to the crashes of two 737 MAX airplanes, Lion Air 610 and Ethiopian Airlines 302, in which a combined 346 people died. The settlement is yet another implicit recognition by Boeing of its problematic practices around safety, transparency and oversight that have been laid bare in Congressional hearings and Federal investigations over the last two years.
We recently had the opportunity to share our analysis of the Boeing case with the Society for Corporate Compliance and Ethics (SCCE) at their Seattle Regional Conference. That discussion centered on two noteworthy dimensions of the MAX tragedy, both of which provide enduring insights for business ethicists.
The MAX Design
One dimension of the case concerns Boeing’s management and numerous internal processes that led to the eventual design of the MAX. The MAX that was certified in 2017 was the result of the decisions of well-placed individuals—including Boeing pilots, engineers and compliance officers; but it was also made possible through a number of well-established practices within Boeing that systematically allowed safety-related questions about the airplane to escape sufficient scrutiny. Most notably, the Maneuvering Characteristics Augmentation System (MCAS), which was responsible for the repeated and uncontrollable downward pressure on the planes’ nose that caused both crashes, was declared to be potentially “catastrophic” in early flight simulations and yet was hidden from the view of both Boeing’s own head of safety and regulators at the Federal Aviation Authority’s (FAA).
Investigations by the New York Times—highlighted in a recent documentary produced by PBS’s Frontline—underscored the extent to which many of these problems were traceable to Boeing’s position in the commercial airplane market. The MAX was “marked” from inception by “competitive pressures” to produce a fuel efficient, mid-range airplane that could serve as an alternative to Airbus’s A320 neo. Part of this meant minimizing costs to customers as well as assuring there would be no delays in delivery. These commitments, we now know, pushed Boeing management to design MAX in a way that would not require airlines to invest millions in flight simulator training for existing 737 pilots. This meant keeping MCAS, its very presence in the MAX airplanes, and its few, but significant problems, obscured from regulators and pilots. 
Regulation and Delegation
Another dimension was the regulatory oversight of the MAX. Not only does it seem like the FAA should have known about the MCAS problems noted by Boeing employees, its oversight should have extended to MCAS itself, thereby potentially catching the risks of the system in advance.
The problem, however, was that the FAA was operating under a long-standing approach to airplane certification that involved significant delegation of regulatory authority to Boeing itself. Under the agency’s Organization Designation Authorization (ODA) program, Boeing-paid managers and technical employees were part of an internal team tasked with performing the analyses needed to eventually certify the MAX. Boeing’s ODA team interacted with the FAA in Seattle when needed. They delivered the necessary documentation that the FAA eventually used to certify the plane.
Members of Congress have been quick to claim that this regulatory regime amounts to the “fox guarding the hen house.” How can a Boeing team, made up of individuals paid by Boeing, serve as an independent check on the overall safety and design of a Boeing aircraft?
This is a good question. The answer rests in large part on the nature of commercial aircraft. To say aircraft are complex is an understatement. Advanced engineering, hundreds of systems, thousands of components and millions of parts go into every airplane. Regulators insist that relying on Boeing’s expertise and collaboration is essential if the regulatory process is to be streamlined and focused on essential elements of a plane’s airworthiness. Not all of the details that go in to a safe, reliable and efficient aviation system need to be directly assessed by the FAA—or so the argument goes.
The problem with delegation in the MAX case, however, was three-fold. All three of these issues underscore how a system of regulatory delegation is only as strong as the trust it assures.
First, post-crash investigations have uncovered numerous occasions where business considerations related to the MAX’s timely debut influenced the work of the Boeing ODA team. The FAA ODA program demands that an airline’s FAA ODA team remain independent within the company and only qualified individuals are placed within relevant roles. Both of these features of Boeing’s ODA team now seem to have been deficient; business demands crept into safety and operational decisions (as with the request to remove references to MCAS from pilot training manuals) and less than qualified individuals were involved in the assessment of the MAX’s design.
Second, well-placed individuals in Boeing, including Chief Technical Pilot Mark Forkner, became involved in the very question of which certification tasks the FAA should delegate to Boeing. We referred to this as the problem of the “delegation of delegation,” meaning that the delegated authority—Boeing—had a say in what it should regulate and how the FAA should classify certain features of the MAX. This had the practical effect of deepening the extent to which Boeing exercised control over the analysis behind the MAX’s certification. It is one thing for the FAA to delegate authority; it is another for it to allow the delegated company to tailor the scope of what is delegated by government.
Forkner now infamously made the case to FAA officials that MCAS was just a support system improvement and not a design change germane to the safety and airworthiness of the plane. Even after Forkner learned that there were significant changes to the operation of MCAS, he declined to notify the FAA, which has prompted a Federal fraud indictment. This illustrates the third problem with delegation in the MAX case, namely a lack of disclosure. The reliability and effectiveness of regulatory delegation demands the highest level of transparency and the history of MCAS’s use and development in the MAX illustrates vividly how this was lacking.
Implications for Co-Regulation
We argued at the SCCE conference that the system of delegation represented by the FAA’s ODA program can be most accurately described not simply as self-regulation but co-regulation. Businesses like Boeing that are allowed to independently evaluate themselves are involved in a good-faith, collaborative approach to regulation, acting on behalf of government for the public interest.
Boeing—and any other FAA-approved company with an ODA team—therefore have special ethical responsibilities because they are exercising the political authority that would normally be discharged by government. Systems of co-regulation should be seen as moments where the duties and obligations of the regulator, as well as its guiding aims, should be fully internalized in the management practices of the company being regulated. Ethical business conduct here means adopting the attitudes, practices and vision of the government and to show proper esteem for the need to regulate business in the first place.
This opens up a new set of norms for corporate managers who seek to exercise their delegated authority in a legitimate fashion. Moreover, these imperatives can easily be extended to other companies, other industries and other regulatory domains given that areas such as environmental protection, pharmaceuticals development and health care utilize regulatory delegation.
- Independence and Reporting
Co-regulatory units within a regulated company need to have verified levels of independence from other business units and maintain separate channels of reporting within the company’s governance process.
- Integrity of Information
All information pertaining to the work of the co-regulatory units should be subject to formal mechanisms that preserve the veracity and availability of the information for government authorities.
- Embrace De-Delegation
Co-regulatory units within a regulated company should actively review their work to determine when they cannot fully, competently, and independently perform their delegated tasks. When they cannot, the government authority should be invited to reclaim its direct oversight or provide additional support.
- Board Oversight
In addition to direct reporting and communication with co-regulatory units with the company, the Board of Directors of a regulated company should include governance subcommittees that are specifically tasked with oversight of the domain of activity defined by a regime of co-regulation. The prominence of such subcommittees should be reflected in articles of incorporation and other public governance statements.
- Continuous Improvement with Third Parties
Most co-regulation occurs with the work of organizations, government regulators, non-governmental organizations and industry competitors. All of the imperatives identified above can be improved with the input and collaboration of all stakeholders in the co-regulatory environment.
Boeing has undoubtedly made progress on many of these fronts. The recent shareholder settlement gave rise to additional board seats related to safety and design, which will be part of the revamped work of the company’s long-standing safety subcommittee. There is renewed attention to the qualifications of employees appointed to any future ODA teams. What is ultimately needed is an expansion of a broad system of internal controls to assure that the independence, transparency and reporting called for above are realities. These controls are one noteworthy feature of Boeing’s early 2021 Deferred Prosecution Agreement (DPA) on criminal fraud charges.
At the SCCE conference we also called for a range of recommendations for regulatory bodies, thereby creating a more inclusive ethics of regulation, one that applies not just to companies but to regulators as well. A well-developed system of co-regulation needs ongoing improvement to the process of delegation itself and the rules that determine what gets delegated and how. That is the work in front of both regulators and members of Congress.