The current economic environment brings to the foreground the critical linkage between ethics, compliance, and business success. Due to the intense pressure to enhance operational performance, organizations that believed they were “in compliance” may suddenly find themselves mired in regulatory or legal problems. These problems may arise from lax internal controls and oversight, or from conscious risk-taking that is well outside of reasonable business judgment.

Given these pressures—and the related risks—audit committees need to be particularly focused on the adequacy of their organization’s ethics and compliance program. Indeed, two thirds of the senior executives who took part in KPMG’s Fraud Survey 2009 identified inadequate internal controls or compliance programs at their organizations as “most enabling fraud and misconduct to occur.”

As a baseline, every organization should establish an ethics and compliance program that ensures comprehensive reporting, clear accountability, and full and effective oversight by the top decision makers. By focusing on six key elements, audit committees can help ensure that ethics and compliance programs hold up to the pressures of a turbulent business environment.

Establish the right tone at the top…and at the middle. An ethical culture, it is often said, starts with “tone at the top.” But equally important is “tone in the middle,” the influence of mid-level managers and supervisors who serve as the day-to-day role models for a majority of the organization. In addition to monitoring reports and employee survey results to get a sense of the “tone in the middle,” audit committees also should use executive sessions as an opportunity to obtain the views of internal and external auditors about the organization’s culture and tone.

Organize the business to support the program. The right organizational structure and tools must be in place to create an ethical culture that will drive an effective ethics and compliance program. This starts with a governance structure that gives the ethics and compliance program both independence and stature.

Independence is critical to guard against potential conflicts and to ensure that issues are treated objectively. And although a culture of ethics and compliance must be embedded across the organization, ensuring the independence of an ethics and compliance program may require a governance structure that separates ethics and compliance components from the operational components. Finally, a periodic ethics and compliance risk assessment is an essential part of any well-functioning governance structure of an organization.

Make the code of conduct clear and relevant. A key element of any ethics and compliance program is the code of conduct, which sets forth the organization’s core values, ethical standards, and expectations. The document should be practical, clearly demonstrating how the organization’s values apply in the everyday work environment for every person.

Maximize training opportunities. Instilling an ethical culture requires more than periodic training efforts. There are innumerable “touch points” that every organization has where it connects with its employees. Touch points can range from orientation to company-wide meetings, and from technical training to employee letters and publications.

Be prepared to respond effectively. The strength of an ethics and compliance program is measured, in large part, by how an organization responds to the reports of possible misconduct that inevitably arise. There are three fundamental elements for ensuring a successful response to ethics and compliance matters:

• Identification: Provide multiple channels of communication—including “whistle-blower’’ mechanisms that accept anonymous complaints or allegations—that enable individuals to raise ethics, fraud, and misconduct issues without fear of retaliation.

• Investigation: Ensure the consistent, fair, and thorough investigation of complaints. The audit committee should have a clear action plan in place for conducting an independent investigation.

• Remediation: For substantiated reports, ensure that appropriate disciplinary action is taken, and implement both specific and general remedial measures to mitigate the possibility of recurrence.

Re-evaluate and refine. Although it can be challenging to measure the effectiveness of an ethics and compliance program, surveys of personnel can be a good indicator of how well the program is doing. No program can be successful, however, without a process for continual re-evaluation and refinement.

Sven Erik Holmes is executive vice chair of Legal and Compliance at KPMG LLP.