The Catholic sexual abuse scandal again came to light after a Pennsylvania grand jury found that over 1,000 victims had been sexually abused by more than 300 priests over 70 years and that many employees of the Catholic Church were involved in covering up the abuse. How was it that so much abuse was able to be hidden from the public eye for so long? The answer to this question holds lessons for all institutions who want to ensure they take the right steps in the face of allegations of misconduct.

The most likely explanation is that the Catholic Church was protecting its reputation and rather than deal with the optics of priests being investigated and convicted of sexual abuse against children, the church tried to cover up the details and deal with the problem internally. In other words, the church created a de facto policy that when allegations surfaced that its priority would be to ensure that the allegations were not made public and the abuse not reported. When details did surface in the community, the Catholic Church would simply transfer the priest to a new church where the parishioners would not know he was a child abuser. As the grand jury put it, the church followed “a playbook for concealing abuse.” That “playbook” was policy. More details about this policy may be coming to light after the New York State Attorney General's Office issued subpoenas to every Catholic diocese in the state as part of its investigation into sex crimes committed by Catholic priests.

All businesses, especially churches, should have a policy “playbook” in place so that when something goes wrong, there's a procedure to follow with a reporting protocol. While it makes sense to consider public image, there are legal, and often more importantly, ethical considerations that should go into those policies. An organization must have a policy in place that's rooted in doing what's right, rather than covering up shortcomings. Buy-in from the highest levels—including the general counsel—along with resources devoted to implementation of protocol, is the only way to ensure effective compliance with policy.

This is critical when the safety of children is involved. During the decades that this abuse was ongoing, it should have been obvious to the church employees that covering up sexual abuse raised serious ethical concerns and liability.

Willow Creek Community Church, a megachurch near Chicago, recently dealt with a similar issue when the entire leadership team resigned due to frustration with the response of church elders when allegations of sexual misconduct were made against the pastor. In 2013 and 2014 the church elders were made aware of a number of complaints of harassment during the prior two decades, including unwanted touching, kissing and sexual comments made to parishioners and church employees, according to the Chicago Tribune. The church was slow to bring any investigation or punishment against the pastor, exacerbating an already damaging situation.

The churches involved in these scandals would have benefitted from policies that focused on identifying abuse, reporting the abuse to authorities and demonstrating transparency with the congregation. Focusing on the safety of the children and other parishioners would have, in turn, protected the organization from reputational harm and liability. Instead, these churches went to great lengths to protect their own employees, despite knowledge of the terrible acts they had engaged in. Even though many priests may be protected by the statute of limitations, it will take years for the organization to regain the trust of the community it depended on for charitable donations.

Putting safety first isn't an issue unique to churches. For example, it didn't take long for a lawsuit to be filed on behalf of the families of several victims of the July 19 duck boat tragedy in Branson, Missouri, where 17 passengers drowned. The complaint, filed in federal court, seeks $100 million for negligence, wrongful death and product liability from Ripley Entertainment, Ride the Ducks of Branson, Herschend Family Entertainment and other defendants.

This unspeakable tragedy could have been avoided entirely, the complaint alleges, if the defendants had simply not sent the boat out onto the water with the reports of a storm approaching or if they had required the passengers to wear life vests. The defendants are also alleged to have ignored safety recommendations made by the National Transportation Safety Board following a duck boat accident in 1991. The defendants weren't required to follow these recommendations by law, but they had ethical obligations to protect the safety of their customers. The defendants' failure to create critically important policies or follow their existing policies may be to blame for the tragic deaths of their customers.

Many businesses will likely face similar decisions, even if not on the same scale as protecting thousands of children from abuse. Businesses may be tempted to create policies with the goal of saving money or alleged protection of reputation. However, more often than not, prioritizing safety through sound policy is the best investment a business can make.

Alex Herd is an attorney with the Tendy Law Office, which serves as cost-effective outside general counsel to midsized corporations, not-for-profits and financial institutions regarding all corporate and employment matters, including operational risk and compliance.