Ethics

Ethics is the topic most organisations believe they have handled, until they haven't. A new team member joins and doesn't quite know what the rules are. A project is behind schedule and someone suggests a creative approach to the reporting figures. A trustee has a personal connection to a key supplier and no one mentions it. In each case, the moment of decision arrives quietly, with no alarm and no obvious villain. Most ethical failures in small organisations are not the result of bad people doing bad things. They are the result of good people in ambiguous situations, without a clear enough framework to navigate them.

Why it matters

The consequences of ethical failure in project management are both practical and reputational. For charities, they are also regulatory. The Public Trust Index, which tracks Irish public attitudes toward charities, has consistently shown that trust is the primary determinant of whether people donate and volunteer. According to the Charities Regulator's research published by Amárach in 2023, eight out of ten Irish people said trust and confidence in a charity was very important when deciding to donate or volunteer their time (Charities Regulator, 2023). That trust, which takes years to build, can be destroyed by a single procurement decision that looks too close to home, or a single set of accounts that appears inconsistent with stated activity.

For SMEs, the consequences are equally material. Repeated research in business ethics, from Treviño and Weaver's organisational ethics scholarship to Ariely's behavioural economics work on dishonesty, suggests that the moral climate of an organisation, set principally by its senior leaders, shapes the day-to-day decisions of everyone within it (Treviño and Weaver, 2003; Ariely, 2012). A project manager who cuts corners under pressure, and is seen to cut corners, gives their whole team implicit permission to do the same.

Core concepts

Archie Carroll's 1991 article in Business Horizons offered what has become one of the most widely cited frameworks for understanding the different obligations an organisation carries. His pyramid of corporate social responsibility (CSR) places economic responsibility at the base, organisations must be profitable or financially viable, then legal responsibility (operate within the law), then ethical responsibility (do what is right even when the law doesn't require it), and finally philanthropic responsibility at the top (contribute positively to society beyond what is required) (Carroll, 1991). The pyramid's hierarchy is important: you cannot build the higher levels without the lower ones, but an organisation that stops at legal compliance and claims to be ethical is missing the point.

The Project Management Institute's Code of Ethics and Professional Conduct, which applies to all PMI-certified professionals, structures ethical obligations around four values: responsibility (owning the consequences of your decisions), respect (treating all people with dignity), fairness (making decisions without bias and disclosing conflicts of interest), and honesty (communicating truthfully and providing accurate information) (PMI, 2006). These four values are not aspirational extras, they are the foundation of every client relationship, team dynamic, and funder interaction in project work.

A particularly relevant concept for Irish charities is conflict of interest. The Charities Act 2009 requires trustees to act solely in the best interests of the charity, and the Charities Governance Code's second principle, Behaving with Integrity, requires each trustee to have signed a code of conduct and to disclose and manage any conflicts that arise (Charities Regulator, 2018; Charities Act, 2009). A conflict of interest is not automatically disqualifying: what matters is that it is declared and managed appropriately. Conflicts that are discovered rather than disclosed are the ones that cause reputational crises.

Treviño and Weaver's work on ethical culture in organisations reinforces something that the PMI Code implies: that individual compliance with rules is insufficient without a broader organisational climate that makes ethical behaviour the default (Treviño and Weaver, 2003). Leaders who model integrity under pressure, who decline a shortcut, disclose an inconvenience, correct a misunderstanding even when silence would have been easier, create organisations where others feel safe to do the same. Leaders who look the other way create organisations where looking the other way becomes normal.

The Irish context

The Irish charity sector has a particularly vivid institutional memory of what happens when ethics break down. The charity scandals of 2013 and early 2014, centring on the Rehab Group, the Central Remedial Clinic, and other well-known organisations, revealed patterns of financial mismanagement, governance failures, and an absence of the transparency that donors and beneficiaries had every right to expect. These events were a direct prompt for the establishment of the Charities Regulatory Authority in October 2014 and the subsequent development of the Charities Governance Code (Charities Regulator, 2018; Wikipedia, 2024). The Code can be read as an attempt to institutionalise the ethical infrastructure that had been absent.

The consequences of those failures were not abstract. Public trust in charities dropped significantly, voluntary income declined, and organisations unconnected to the scandals found themselves facing a more sceptical public and more demanding funders. This is Carroll's CSR pyramid made painfully concrete: failing at the ethical level undermined the philanthropic mission that those organisations existed to pursue.

For Irish SMEs, the General Data Protection Regulation (GDPR), enacted in 2018 under EU law and enforced in Ireland by the Data Protection Commission, has created a new and practical ethical obligation around the handling of personal data. Project management teams that gather data from clients, customers, or service users, as part of impact reporting, CRM systems, or operational processes, now carry legal and ethical responsibilities that their predecessors did not (Data Protection Commission, 2024). This is Carroll's legal and ethical layers converging: GDPR compliance is the floor, but the question of how you use data (not just whether you're technically allowed to) is an ethical one.

Common pitfalls

Three patterns recur. The first is treating ethics as compliance: reading the Charities Governance Code, ticking the boxes, and considering the matter closed. Compliance creates a floor, not a ceiling, and the ethical questions that actually matter in project work, should we tell the funder that we missed the milestone? should we disclose that the quoted supplier is the CEO's brother-in-law?, are rarely answered by any checklist. The second is ethical fading: the process by which ethical dimensions of a decision gradually become invisible as people focus on technical, schedule, or financial pressures. Ariely's research shows that small dishonesties accumulate and normalise over time, and organisations under pressure are especially vulnerable (Ariely, 2012). The third is assuming good people don't need frameworks. They do. Honest people in ambiguous situations, without agreed norms, consistently make inconsistent decisions. The value of an explicit ethical framework is precisely that it makes the right choice obvious before the pressure arrives to make the wrong one easier.

Watch / Listen / Read

Watch, Our buggy moral code by Dan Ariely (TED2009, 16 min). Behavioural economist Ariely uses clever studies to show the hidden, predictable ways that otherwise honest people convince themselves it is acceptable to behave unethically, and what organisations can do about it. Available at https://www.ted.com/talks/dan_ariely_our_buggy_moral_code.

Listen, Choiceology, a podcast from Schwab on the science of decision-making, covers the cognitive biases and situational pressures that lead people into poor ethical choices. Widely available on all major podcast platforms; search for the episodes on overconfidence and moral licensing.

Read, Carroll, A.B. (1991) 'The Pyramid of Corporate Social Responsibility: Toward the Moral Management of Organizational Stakeholders', Business Horizons, 34(4), pp. 39–48. The clearest introduction to how the different levels of organisational obligation relate, and why stopping at legal compliance is not the same as behaving ethically.

Quick quiz

1. What are the four levels in Carroll's (1991) CSR pyramid, from base to apex?
2. Name the four core values in PMI's Code of Ethics and Professional Conduct.
3. Which principle of the Irish Charities Governance Code most directly concerns ethics and integrity?
4. The Charities Regulatory Authority was established in response to major charity scandals in which years?
5. What Irish data protection body enforces GDPR in the Republic of Ireland?

Answers: (1) Economic, legal, ethical, philanthropic. (2) Responsibility, respect, fairness, honesty. (3) Principle 2, Behaving with Integrity. (4) 2013 and early 2014. (5) The Data Protection Commission.

References

Ariely, D. (2012) The (Honest) Truth About Dishonesty: How We Lie to Everyone, Especially Ourselves. New York: HarperCollins.

Carroll, A.B. (1991) 'The Pyramid of Corporate Social Responsibility: Toward the Moral Management of Organizational Stakeholders', Business Horizons, 34(4), pp. 39–48.

Charities Act 2009. Dublin: Oireachtas. Available at: https://www.irishstatutebook.ie/eli/2009/act/6/enacted/en/html (Accessed: 27 April 2026).

Charities Regulator (2018) Charities Governance Code. Dublin: Charities Regulator. Available at: https://www.charitiesregulator.ie/en/information-for-charities/charities-governance-code (Accessed: 27 April 2026).

Charities Regulator (2023) Report on the Social and Economic Impact of Registered Charities in Ireland. Dublin: Charities Regulator/Amárach. Available at: link (Accessed: 27 April 2026).

Data Protection Commission (2024) GDPR guidance for organisations. Available at: https://www.dataprotection.ie/en/organisations/ (Accessed: 27 April 2026).

Project Management Institute (2006) PMI Code of Ethics and Professional Conduct. Newtown Square, PA: PMI. Available at: https://www.pmi.org/about/ethics/code (Accessed: 27 April 2026).

Treviño, L.K. and Weaver, G.R. (2003) Managing Ethics in Business Organisations: Social Scientific Perspectives. Stanford, CA: Stanford University Press.

Wikipedia (2024) Charities Regulator. Available at: https://en.wikipedia.org/wiki/Charities_Regulator (Accessed: 27 April 2026).