Designing Trustworthy Organizations

Companies often blame trust violations on ‘rogue employees,’ but these violations are predictable in organizations that allow dysfunctional, conflicting or incongruent activities to take root.

Reading Time: 15 min 



In the aftermath of the well-publicized corporate scandals of Enron, WorldCom and Tyco circa 2001 and 2002, there were major efforts in the United States to restore trust and enforce corporate compliance. Among other things, the U.S. Congress passed the Sarbanes-Oxley Act of 2002, featuring enhanced whistleblower protections, holding CEOs and CFOs personally responsible for financial statements, and establishing the creation of the Public Company Accounting Oversight Board, harsher sentencing rules and even new organizational guidelines to encourage boards to adopt changes to organization structures and processes to target more systemic approaches to prevent wrongdoing. Corporate spending on compliance increased an estimated $6 billion annually,1 and leading business schools created ethics centers and made ethics training mandatory.

Yet despite these reform efforts, corporate trust violations have gone unabated and public trust in business has plummeted.2 A full recitation of the significant trust violations of recent years would go on for pages, covering Olympus Corporation’s accounting fraud, Barclays’ LIBOR rigging scandal, News Corporation’s phone-hacking scandal, and the BP Deepwater Horizon oil spill. In fact, some of the most insidious practices from the Enron era (notably, disguising financial weakness with off-balance-sheet debt) were front and center again during the global financial crisis of 2008. In the wake of that financial crisis, the U.S. Congress passed the Dodd-Frank Wall Street Reform and Consumer Protection Act, which extended and tightened the financial regulatory system and strengthened consumer protections. But the apparent inability of governments and industry groups to curb the level of wrongdoing raises important questions: Why do trust failures continue to occur with such frequency, and how can they be reliably prevented?

The matter is all the more perplexing considering that there is substantial research on organizational trust, including what trust is, how trust affects the functioning of organizations and how trust can be built, lost and repaired.3 Much of the work supports commonsense notions about how leaders can and should earn the trust of followers. One of us (Robert Hurley) developed the framework below to help leaders understand how to earn trust.4 It effectively summarizes the empirical evidence regarding trust drawn from several decades of research in fields including psychology, game theory, organizational behavior and sociology, identifying six types of signals people consider when deciding whether to trust a person, group or organization (a “trustee”):

  1. Common values: Does the trustee share our values and beliefs?
  2. Aligned interests: Do the trustee’s interests coincide rather than conflict with ours?
  3. Benevolence: Does the trustee care about our welfare?
  4. Competence: Is the trustee capable of delivering on commitments?
  5. Predictability and integrity: Does the trustee abide by commonly accepted ethical standards (such as honesty and fairness), and is he or she predictable?
  6. Communication: Does the trustee listen and engage in open and mutual dialogue?

In this article, we apply the framework to understand how organizations as a whole can consistently produce authentic signals of trustworthiness. To explore the processes of building, losing and repairing trust in organizations, we conducted a series of studies that enabled us to detect patterns across organizations. (See “About the Research.”) We found that building and sustaining organizational trust is different from, and not nearly as intuitive as, building and sustaining interpersonal trust. Thus, while some insights from the trust literature in psychology and management might apply, we believe that a new model is required to understand how to manage trust in large, complex organizations operating in highly diverse global environments. Such a model enables us to explore three fundamental questions:

  • Why do major trust violations occur within organizations?
  • Why do some organizations systematically earn and sustain stakeholder trust while others experience repeated trust violations? How can an organization weave trustworthiness into its core?
  • When trust violations do occur, why are some organizations successful at repairing trust while others aren’t?

Although companies often blame trust violations on ‘rogue employees’ and ‘a few bad apples,’ our research indicates that major organizational trust violations are almost never the result of rogue actors.

Why Trust Violations Occur

Trust is a judgment of confident reliance on another (a person, group, organization or system) based on positive expectations of future behavior.5 A trust violation occurs when the trusted party bears some responsibility for an act that significantly deviates from positive expectations (for example, fraud, deceit, gross incompetence, negligence or exploitation). When people perceive a trust violation, they lower their expectations of future behavior — in other words, they reduce trust.6

Although companies often blame trust violations on “rogue employees” and “a few bad apples,” our research indicates that major organizational trust violations are almost never the result of rogue actors. Rather, they are predictable in organizations that allow dysfunctional, conflicting or incongruent elements of their organizational system to take root. Numerous cases bear this out: Mattel, the California-based toy manufacturer, for example, had a strong reputation for quality, but weak oversight of its Chinese supply chain resulted in lead paint contamination of toys and massive recalls in 2007. BP’s Deepwater Horizon oil rig explosion and oil spill in 2010 highlighted the conflict between the company’s strategy and culture of minimizing costs to enhance profitability and its focus on safety. The 2011 U.S. Senate Permanent Subcommittee on Investigations report on the financial crisis was very critical of Goldman Sachs and its role in the Abacus fund, where investigators found that Goldman’s stated values of client focus and integrity were at times overshadowed by a less formal culture that emphasized getting deals done with less than full disclosure.7

Indeed, virtually all companies that have experienced major trust violations had some, and often extensive, systems and processes in place to produce trustworthy behavior (for example, compliance procedures, quality checks, codes of conduct and ethics training). However, as important as these systems and processes may be, other elements undermined the companies’ ability to deliver on their core responsibilities to stakeholders. The problem is the inconsistency in embedding trustworthiness.

Our in-depth analysis of large organizations that experienced major trust violations highlights the organizational root causes of trust violations. When we asked several hundred leaders at a large multinational company, “What are the most frequent trust issues you encounter at work?,” the most frequent responses focused on fundamental aspects of how the organization functioned: organizational restructuring and instability; poor support and follow-through; poor talent management; lack of communication and information; and leadership and strategy issues. When we asked employees of a government agency, “What one change would you make to improve trust in the organization?,” respondents provided similar answers: improve communication, enhance senior management capability, provide more accountability for performance, empower employees and enhance collaboration across groups.

In examining trust failures, we have found that one type of incongruence that frequently led to widespread loss of trust was the development of a company strategy (and, in turn, the allocation of resources) that either accidentally or deliberately favored the interests of one stakeholder group while betraying those of others. This problem has often been defined as letting shareholder profits take precedence over core responsibilities to other stakeholders (such as employees, customers, suppliers or communities). To be sure, it is not uncommon for organizations to favor some stakeholders’ interests over those of others.8 Rather than simply prioritizing certain groups, however, a trust betrayal occurs when the organization actively caters to a group (or groups) but fails to uphold responsibilities to others (such as providing employees with a safe working environment). The balance goes beyond merely serving one stakeholder group better than another to serving the selected group at the expense of and even causing harm to another group. Given the global prevalence of social media, online global forums and 24-hour news cycles, a breach of trust with any one stakeholder group can rapidly undermine an organization’s reputation for trust in its broader stakeholder community.

Building High-Trust Organizations

Creating and sustaining a high-trust organization requires understanding how the various stakeholders — the investors, employees, suppliers, customers and other affected communities — gauge trustworthiness. Based on our studies of high-trust organizations and cases of effective trust repair, we propose that the six criteria highlighted above — common values, aligned interests, benevolence, competence, predictability and integrity and communication — can serve as a foundation for organizational trust. But how can an organization use these criteria to advance trustworthiness when the company already has preexisting social, technical and political subsystems in place?

Our model draws on trust research, systems theory and strategic organizational design to conceptualize the elements of organization design that are central to engineering high-trust organizations.9 (See “A Model of Organizational Trust.”) Developing sustainable trust with a broad range of organizational stakeholders demands effective organizational infrastructure (strategy; leadership and management; culture; structure; and systems), which generates and sustains effective core processes (the development, production and delivery of products and services). Trustworthiness must be embedded in a way that is congruent and mutually reinforcing in order to reliably produce signals of trustworthiness. Organizations that weave trustworthiness signals into all elements of their infrastructure and core processes, over time, earn reputations of trust with their stakeholders. In contrast, trust failures occur when important elements are allowed to become misaligned.

A Model of Organizational Trust

View Exhibit

Organizations that weave trustworthiness signals into all elements of their infrastructure and core processes, over time, earn reputations of trust with their stakeholders.

Engineering trustworthiness into each element of the organization involves setting formal and informal constraints, incentives, expectations, values and norms, which influence the behavior of employees and agents. These formal and informal controls can promote diligence and honesty — or recklessness and malfeasance. Having positive signals across all of the elements can inspire and regulate employees’ trustworthiness; having mixed or deviant messages can lead to cynicism and unpredictable behavior. (See “How Trustworthy Is Your Organization?”)

How Trustworthy Is Your Organization?

View Exhibit

To provide some guidance for embedding trustworthiness into the organization’s infrastructure and core processes, managers can consider the following questions.

Effective external governance plays an integral role in supporting organizational trustworthiness. However, for several reasons, it should be viewed not as the complete answer but as only a starting point in creating trust. The legal system and regulatory agencies establish minimum standards, but because regulators are often under-resourced, they cannot prevent all trust failures. Sadly, external regulation may give organizations a false sense of security that can lull them and their stakeholders into complacency about trustworthy conduct.

QuikTrip, a privately held company based in Tulsa, Oklahoma, with more than 600 convenience stores and over $10 billion in annual sales, provides a helpful illustration of how a trustworthy organization can be created. An industry leader, the company has been on Fortune’s “100 Best Companies to Work For” list for 11 straight years. The company has a clear competitive strategy and a mission that emphasizes obligations to employees, customers and communities. For example, the company returns 5% of its net profits to the communities it serves. The leadership team is largely homegrown and is populated by people who believe in the company’s values. This is sustained by a rigorous succession planning process that ensures that those rising in the organization share the company’s values and deliver results with competence.

In our study of the QuikTrip culture, we found that “doing the right thing” — for customers and employees — was almost a religion. The company has an experienced and active board and clear accountability for key functions and geographies across the organization. Key leaders from each region periodically undergo extensive reviews by senior management that go beyond profit analysis to include store quality and employee and customer satisfaction. The company’s communication, HR and planning systems all reinforce fairness, competence and benevolence. For example, the CEO and senior management team invest considerable time each year attending employee meetings around the United States with the primary goal of listening and taking action on feedback. The company has low employee turnover and high customer satisfaction for its industry, and its community and other stakeholder relationships are characterized by high trust.

Our research suggests that the key differentiator between companies that violate trust and those that sustain it is integrity and consistency within and across the organization. The organizational design — how the elements of the organization’s architecture and core processes are configured and aligned — enables reliable delivery on the expectations of stakeholders, and hence minimizes the likelihood of an organizational trust failure.

The more difficult challenges involve making changes to the organization’s culture, strategy and leadership and management practice.

Restoring Trust

Ironically, trust failures can act as positive catalysts for creating a high-trust organization. Much can be learned about how to establish and sustain organizational trustworthiness by examining how organizations successfully restore trust after a major violation. (See “How Three Companies Sought to Repair Trust.”) Beyond immediate crisis management, the key to restoring stakeholder trust is identifying the root causes of the failure and implementing and reinforcing real organizational reforms to tackle the problems.10 In analyzing cases of companies that have attempted to repair trust, we identified three critical stages: investigation, organizational reform and evaluation.11

How Three Companies Sought to Repair Trust

View Exhibit

Restoring stakeholder trust involves implementing and reinforcing organizational reforms to tackle the problem.
1. Investigation.

One contributing factor to effective trust repair is the credibility, rigor, independence and accuracy of the investigation of the trust violation. Companies are often so concerned with appearance and damage control that they are unwilling to engage in the degree of examination required to root out the entrenched causes of trust violations. Such was the case of BP after the 2005 Texas refinery explosion and of News Corp. following the jailing in 2007 of an employee who had engaged in phone hacking. As a result, the seeds of the trust violation are embedded within the system and can result in future violations (such as BP’s 2010 oil spill in the Gulf of Mexico and News Corp.’s 2011 phone-hacking scandal).

Effective investigations need to make clear how each element of the organizational system directly or indirectly contributed to trust failures and what needs to change to prevent other incidents in the future. Siemens and BAE Systems, which both paid fines to settle bribery charges, launched their trust repair efforts with independent and rigorous investigations, which led to recommendations for systemic reforms.

2. Organizational reform.

Since trust failures are typically systemic, the organizational reforms need to be systemic as well. Structures, systems and processes should be the first point of intervention because they are relatively easy to change and design. However, such interventions by themselves are unlikely to produce sustainable change. The more difficult challenges involve making changes to the organization’s culture, strategy and leadership and management practice. Indeed, adding training in ethical conduct probably won’t affect organizational behavior in any meaningful way if supervisors, workplace norms and/or performance management objectives continue to encourage questionable activities.

In successful repair efforts, systemic reforms need to be reinforcing and congruent so that trustworthiness becomes embedded in the organization’s culture over time. Ethics and compliance officers know that this is the holy grail of trustworthiness, but it is notoriously difficult to realize because it often confronts deeply embedded mindsets. For example, BAE Systems restricted itself for ethical reasons from using sales contractors in some parts of the world, which created enormous challenges for the global sales force. Yet the fact that the company implemented the restrictions, despite the difficulties they caused, clearly communicated to the organization that management was serious about reform. Companies that are serious about their trustworthiness are convinced that real culture change doesn’t happen without changing how employees do their work and are rewarded, as well as changes in the behaviors that leaders model.

3. Evaluation.

Even when a trust crisis recedes, old habits have a way of returning. Reforms must be evaluated to ensure they are working as intended, and shortfalls must be addressed. BAE Systems, for example, works with an auditing firm to evaluate the execution of its reforms. Because it takes time to change systems and deep change is hard to realize, in some respects the most important part of trust repair is the ongoing assessment, learning and course correction required to build authentic, sustained trustworthiness.

Successful trust repair requires going beyond crisis communication, first to take a systems perspective to accurately diagnose and reform the true faults in the organizational system, and then to evaluate the effectiveness of the reforms. Through this process, organizations not only repair trust but also embed trustworthiness into the organization’s design, making the organization more resilient to future trust failures.

It is challenging for companies to meet goals and manage trust in complex, competitive and dynamic markets and a globally interconnected, multi-stakeholder community. Companies that do this well develop robust trustworthy organizational systems that enable them to reliably deliver on their core responsibilities to stakeholders and rapidly recover in the event of a trust failure. They reap benefits from having earned a sustained reputation of trust among employees, customers, investors, suppliers and communities. In fact, we would argue, and some research supports the idea, that high-trust organizations also tend to be high-performing, with lower employee and customer turnover, lower monitoring costs and even better financial returns.12 The good news is that we know how to engineer trustworthy organizations. If leaders and senior managers get smarter about how to manage trust, perhaps we can stop the deluge of damaging headlines and reverse the declining measures of trust in business by manifesting authentic and consistent signals of trustworthiness.



1. J. Schaller, “Almost Ten Years After the Enron Meltdown: More Costs, More Persecution, More Compliance?” July, 7, 2010,

2. “2013 Edelman Trust Barometer,” January 2013,

3. See, for example, K.T. Dirks, R.J. Lewicki and A. Zaheer, “Repairing Relationships Within and Between Organizations: Building a Conceptual Foundation,” Academy of Management Review 34, no. 1 (January 2009): 68-84; and R.M. Kramer and T.R. Tyler, eds., “Trust in Organizations: Frontier of Theory and Research” (Thousand Oaks, California: Sage Publications, 1996).

4. R.F. Hurley, “The Decision to Trust,” Harvard Business Review 84, no. 9 (September 2006): 55-62; and R.F. Hurley, “The Decision to Trust: How Leaders Create High-Trust Organizations” (San Francisco: Jossey-Bass, 2011).

5. D.J. McAllister, “Affect and Cognition-Based Trust as Foundations for Interpersonal Cooperation in Organizations,” Academy of Management Journal 38, no. 1 (February 1995): 24-59.

6. P.H. Kim, K.T. Dirks and C.D. Cooper, “The Repair of Trust: A Dynamic Bilateral Perspective and Multilevel Conceptualization,” Academy of Management Review 34, no. 3 (July 2009): 401-422.

7. C. Levin and T. Coburn, “Wall Street and the Financial Crisis: Anatomy of a Financial Collapse,” 2011,

8. M.D. Pfarrer, K.A. Decelles, K.G. Smith and M.S. Taylor, “After the Fall: Reintegrating the Corrupt Organization,” Academy of Management Review 33, no. 3 (July 2008): 730-749.

9. N. Gillespie and G. Dietz, “Trust Repair After an Organization-Level Failure,” Academy of Management Review 34, no. 1 (January 2009): 127-145; D.A. Nadler and M.L. Tushman, “Competing by Design: The Power of Organizational Architecture” (New York: Oxford University Press, 1997); and W.W. Burke and G.H. Litwin, “A Causal Model of Organizational Performance and Change,” Journal of Management 18, no. 3 (September 1992): 523-545.

10. Gillespie and Dietz, “Trust Repair After an Organization-Level Failure.”

11. G. Dietz and N. Gillespie, “The Recovery of Trust: Case Studies of Organisational Failures and Successful Trust Repair,” occasional paper no. 5, Institute of Business Ethics, London, 2012,

12. See, for example, I.S. Fulmer, B. Gerhart and K.S. Scott, “Are the 100 Best Better? An Empirical Investigation of the Relationship Between Being a ‘Great Place to Work’ and Firm Performance,” Personnel Psychology 56, no. 4 (December 2003): 965-993; and P.A. Saparito, C.C. Chen and H.J. Sapienza, “The Role of Relational Trust in Bank–Small Firm Relationships,” Academy of Management Journal 47, no. 3 (June 2004): 400-410.

i. K.T. Dirks and D.L. Ferrin, “Trust in Leadership: Meta-Analytic Findings and Implications for Organizational Research,” Journal of Applied Psychology 87, no. 4 (August 2002): 611-628; K.T. Dirks and D L. Ferrin, “The Role of Trust in Organizational Settings,” Organization Science 12, no. 4 (July/August 2001): 450-467; Gillespie and Dietz, “Trust Repair After an Organization-Level Failure”; Hurley, “The Decision to Trust”; and R.J. Lewicki, E.C. Tomlinson and N. Gillespie, “Models of Interpersonal Trust Development: Theoretical Approaches, Empirical Evidence, and Future Directions,” Journal of Management 32, no. 6 (December 2006): 991-1022.

ii. G. Dietz and N. Gillespie, “Building and Restoring Organizational Trust.”

iii. E. Lichtblau and C. Dougherty, “Siemens to Pay $1.34 Billion in Fines,” New York Times, December 15, 2008; and S. Schubert and T.C. Miller, “At Siemens, Bribery Was Just a Line Item,” New York Times, December 21, 2008.

iv. M. Peel and S. Kirchgaessner, “BAE to Pay $450M to End Bribery Case,” Financial Times, February 5, 2010.

v. L. Story, “Lead Paint Prompts Mattel to Recall 967,000 Toys,” New York Times, August 2, 2007.

Reprint #:


More Like This

Add a comment

You must to post a comment.

First time here? Sign up for a free account: Comment on articles and get access to many more articles.

Comments (2)
Daniel T C Lee
Excellent Article!
Trust is about perceptions and expectations, not just the results delivered.
There are two highly interrelated areas of trustworthy organizations: 
  (i) The External area - Customer expectations
  (ii) The Internal areas - Management and Staff perceptions 
In my capacity as the Regional Service Business strategist for various large and small organizations, I have recognized that we cannot address everyone's expectations and needs.  There is a need to define customer segments and who are actually your customer, and who just isn't.  Companies fail when they are trying to address everyone's needs without knowing if these are really their customer targets.
Upon identifying the customer segment, there is a need to manage these customers' expectations.  I have seen how an organization is actually run by the customers rather than the management.  The philosophy 'The customer is always right' is taken to the extreme leading to a crisis within the organization.  Customers do have self interests which may conflict with the organizational longer term objectives.
Again the selection of the right customers helps in reducing such conflicts, and appropriate communication helps to address this.
The related internal factors is the lack of understanding of the organization's resources required when committing to expectations.  This is especially so when a senior member of the management has inadequately designed performance measurements that focuses only on specific initiatives rather than the entire organizational well-being.  Staff turnover becomes high or costs overrun may result from delivering expectations and commitments made by that member of management to internal or external parties.  Alternatively, the staff may also end up distrusting the management, and fail to deliver the expectations, thus leading to a spiraling of distrust throughout the organization.  These eventually boils down to the competence of the management, the structure of the organization and the communication culture that has developed.
Praveen Kambhampati
I have known organizations which have used phrases like "Pran Jaaye per dhammidee na jaaye" ( Let life go but not a cent, (Dhammidee is an ancient Indian currency)) but the organization has submerged into oblivion and the stakeholder hands have changed. 

Similar organization an MNC, The senior VP had explicitly mailed its employees, do anything violate any policies but get business and retain customer. week back this announcement the corporate ethics team was following up with the Indian regional office to complete the mandatory ethics training by all employees because the performance appraisal is liked to the ethics training compliance. The organization had been acquired by a global major. 

On a different plane, Rogue employees  are sometimes productive the organization cannot bind them with policies, rules and rulers. The Rogue employees have usually independent thinking and the organization should have a mechanism to get productivity from the creative side of such resources. This is definitely not say or advocate indiscipline or nurture violations but to identify and drive the energies of such independent resources constructively to the organizational needs. 

Organizations are unfortunately find it good as long as the rogue employee is aligned to a certain lobby or senior manager and the social instincts keep the bosses in good humor. 

Long term vision of organization would not usually give these jitters of policy violations and impacts on organizational trust and customer dependability. 

Companies like for example, Accenture which are usually cash cows are capable to overcome these violations much easily and they have a different mechanism to align or dis-align any such deviations. These are much tougher for organizations which are more technology seeded and need a strong and conservative approach to stand steady in turbulence.