Podcasts about compliance alliance

Our next guest has 25 years of experience working in the food and beverage industry and has guided multiple startups from concept to table and shelf. Her expertise is in the intersection between food, science, and technology. She entered the cannabis industry in 2015 and is known for being a provocative thought leader in the realms of the future of food and cannabis consumable innovations.Advertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

This week, I was honored to get a chance to sit down and pick the brain of one of the very best and well respected, Global Compliance Professionals, Eric T. Young. It's easy to be intimidated by someone of such stature and 40 years of unbelievable experience with companies like GE Electric and JP Morgan. He also has several years with the Fed and several international banks, but what really grabbed my attention, is the fact that he is "pro-whistleblower". Let me explain. Usually, the compliance department mitigates damage for the corporation. Their job is  to protect their company by making sure the rules and regulations are being followed. They also sometimes pick up the duty alongside corporate counsel, of getting the train back on the track with the least cost to the company. So, you can see why they may be antagonistic with whistleblowers a little bit. Then, there's Eric Young, a very likable gentleman who really wears his "badge" of ethics with pride. If you haven't checked him out on LinkedIn, you should! He has some really great articles, (especially, his recent one on whistleblowers).  I'm not the only one, ask any of his 26,000 followers there. Click to go to  EricsLinkedInProfilePlease check out his first book and (yes, please) vision for accountability and ethical business, titled, Declaration of Independence- Part 1 Personal Lessons and Part 2 Duty of Care.He really has a unique view on corporate America. It restores (a little) hope in me for the future. Support the show (https://www.paypal.com/donate?hosted_button_id=N9GUASNKEKGHW)MEHRI & SKALET PLLC whistleblower firm Offering a broad range of legal representation-from civil rights to whistleblower, they really care.

What does the future hold for compliance? How can today's compliance officers stay ahead of the curve? We spoke with Scott Daugherty, President & General Counsel at Bankers Alliance, the holding company of Compliance Alliance and Review Alliance, about the challenges financial institutions face as they work to maintain expertise in the complex, ever-changing world of compliance, especially as the next generation of compliance professionals enters the scene. Scott talked about how banks can ensure that their compliance departments have the information, training, and resources they need to succeed.

In part 2 of this series Chance joins again to share how Compliance Alliance falls under the Bankers Alliance umbrella, provides ongoing and real time consulting for community banks, and how that impacts the everyday consumer/business owner!Learn more about Compliance Alliance at www.compliancealliance.com! Podcast is powered by The Binge Podcast NetworkIntro/Outro - "Minding Your Business" by Eli POverlay - "Summer in NY" by Ayalia The MYB community resides at www.themybpodcast.com!!!

Day 22-10 Questions to Better Operationalized Compliance I conclude this month’s series inspired by an article in the Harvard Business Review, entitled “Does Management Really Work?” by Nicholas Brown, Raffaella Sadun and John Van Reenen. I found the article very useful because it gave succinct advice about what a business can do to improve its management practices and determined that this advice can be applicable to a compliance program. Based upon this article I have developed 10 questions which you might want to put use as a starting point for operationalizing your compliance initiatives going forward. I would challenge you to think about some of the answers to these questions in the context of your compliance program. Interconnectedness of Targets - How are compliance goals cascaded down to individual workers? Everyone recognizes the importance of ‘tone-at-the-top’ as it is enshrined in every description of a best practices compliance program. However, operationalizing compliance means moving towards an appropriate tone in the middle and at the bottom. As stated in the Department of Justice (DOJ) Evaluation of Corporate Compliance Programs (Evaluation), under Prong 1, “How have senior leaders, through their words and actions, encouraged or discouraged the type of misconduct in question? What concrete actions have they taken to demonstrate leadership in the company’s compliance and remediation efforts? How does the company monitor its senior leadership’s behavior? How has senior leadership modelled proper behavior to subordinates?” Clarity and Comparability of Goals - Does anyone complain that your compliance targets are too complex? Certainly the initial role out of a compliance program can be quite a large undertaking. Perhaps another approach might be to focus on high risk areas and remediate them by rolling out initiatives to manage those risks first and then move to other areas. Many companies have reviewed and remedied the third party sales side of their business but are only now looking at the Supply Chain or Procurement side of the equation. If you work on one such problem at a time, it can help move the overall process forward in a more orderly fashion. Consequence Management - How do you deal with repeated compliance failures in a specific business segment or compliance program area? This is certainly one question that you would want to consider carefully. Do you have problems with one business unit or one geographic area from the compliance perspective? Are gifts in China, for example, an ongoing issue for your company? What about travel and entertainment? Consider this carefully as the DOJ asks the following about accountability in the Evaluation, “What disciplinary actions did the company take in response to the misconduct and when did they occur? Were managers held accountable for misconduct that occurred under their supervision? Did the company’s response consider disciplinary actions for supervisors’ failure in oversight? What is the company’s record (e.g., number and types of disciplinary actions) on employee discipline relating to the type(s) of conduct at issue?” Instilling a Mind-Set - How does your company show that attracting and developing talent who will engage in ethical business conduct is a top priority? This is a key part of operationalizing your compliance program and one where your Human Resources (HR) Department should take the lead. If top management will make a commitment to this, you should work to create the appropriate mind-set of doing business the right way throughout your organization. Removing Poor Performers - How long is compliance underperforming tolerated? The DOJ asks in the Evaluation, “Has the company ever terminated or otherwise disciplined anyone (reduced or eliminated bonuses, issued a warning letter, etc.) for the type of misconduct at issue?” I think that many companies would clearly say that they will discipline, up to and including discharge, any employee who engages in practices that violate the Foreign Corrupt Practices Act (FCPA). But this question drills deeper and forces a more rigorous analysis on not just FCPA failures by employees but poor ethical choices which may be less than full FCPA violations. Unique Employee Value Proposition - What makes it distinctive to work at your company? What is the culture of your organization? Is it to do business ethically or simply make your numbers no matter how unrealistic they are aka Wells Fargo? More pointedly, how can your compliance challenges be turned into business leadership opportunities? Ethisphere annually shows that its top list of the Most Ethical Companies out performs the Standard & Poor (S&P) 500. If you more fully operationalize your compliance program into your company, it could well make your business not only more efficient but at the end of the day, more profitable. Continuous Improvement - How do compliance programs that are not working typically get exposed and remediated? There is a difference between auditing and monitoring. Monitoring is a commitment to reviewing and detecting compliance programs in real time and then reacting quickly to remediate them. A primary goal of monitoring is to identify and address gaps in your program on a regular and consistent basis. Auditing is a more limited review that targets a specific business component, region or market sector during a particular timeframe in order to uncover and/or evaluate certain risks, particularly as seen in financial records. A robust program should include separate functions for auditing and monitoring. While unique in protocol, the two functions are related and can operate in tandem. Monitoring activities can sometimes lead to audits. For example, if you notice a trend of suspicious payments in recent monitoring reports from a country in the Far East, it may be time to conduct an audit of those operations to further investigate the issue. Performance Tracking - What key compliance indicators do you use for compliance tracking? What metrics have you developed around the operationalization of compliance. A good starting point can be with your hotline or helpline. What can you determine from the calls or reports submitted through these systems? What if you have not had any reports for several years, what should that be telling you about your communication to your employee base? Or does it mean that people have not been properly and effectively trained that a hotline or helpline exists and is available for their use or, more ominously, are afraid to make any reports for fear of retaliation or even losing their jobs? This is certainly something you should consider, whichever way the metrics are going for your company. Root Cause - For a given compliance problem, how do you identify the root cause? The DOJ asked in Root Cause Analysis – “What is the company’s root cause analysis of the misconduct at issue? What systemic issues were identified? Who in the company was involved in making the analysis?”Clearly the reason is that if you do not know what the cause of a problem is, you cannot successfully work towards remedying that problem. This does not simply mean firing any persons involved in a potential FCPA violation. You need to dig down and found out what allowed this issue to arise. I once heard that the difference between Japanese and American post-incident investigations is that in the US there is an attempt to assess blame, conversely in Japan there is an attempt to find a solution to the problem. This is the approach that I believe compliance practitioners should take, to try and find a solution by determining the root cause of a compliance failure. Retaining - What are you doing to retain your top employees from the compliance perspective? This is not a question that is typically asked in the compliance department, however it fully encapsulates the entire concept of operationalization. Have you considered what your company is doing to retain, promote and take to senior management those employees who do business in an ethical manner and in compliance with your company Code of Conduct? I found the article to be very useful when applied to the compliance practitioner by not only using the triumvirate of targets, incentives and monitoring as a management practices but also the questions that the authors posed in the context of your company’s own compliance program. Compliance practitioners continually face the challenge of keeping up with the ever-evolving compliance best practices with little or no budget increase. By asking yourself and of your compliance program these questions you may create a road map to more fully operationalize your compliance regime. Three Key Takeaways What are the unique compliance targets you have set and how interconnected are they to your business unit goals? Use a root cause analysis to determine why compliance initiatives are not successful. Retraining employees in compliance is an under-utilized tool. This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

How can you determine if Human Resources (HR) can meet the needs of a best practices compliance program? One place to start is with a gap analysis to determine what HR has in place that can facilitate your company’s compliance program. According to Bright Hub Project Management, a gap analysis “compares actual performance (or status) with the desired performance (or status). A gap analysis takes into account where the company is and where it wants to be. Any review of a company and its goals should include a thorough gap analysis - especially when wanting to improve productivity, processes and products.” From the HR and compliance perspective the four steps to undertaking a gap analysis are: (1) understanding the compliance and HR environment in your organization; (2) taking a holistic approach to understanding the compliance and HR environment; (3) determining a framework for analysis, and (4) compiling supportive data to test the program. Yet before beginning this exercise it is incumbent to understand that the first element of an effective compliance program under the U.S. Sentencing Guidelines is to have Established Policies and Procedures to protect and detect non-compliance with regulations. While the US Sentencing Guidelines specifically target “criminal conduct”, companies would be wise not to limit their “risk assessment” or “gap analysis” to only criminal conduct. Most, if not all, companies possess several corporate policies that govern employee behaviors.  The person in charge of corporate compliance function should first identify the policies in place by utilizing a gap analysis to catalog the existence of corporate policies across the company, noting policy gaps and inconsistent application of policies across various locations. The business units and functional disciplines should be tasked with filling the gaps and standardizing conflicting polices. This exercise allows you to move forward to what is required to operationalize compliance as you have to know what you must be compliant with going forward. So how does one work with the business units and the functional disciplines to structure the identification of legal and compliance risks in a way that can be managed and utilized with some degree of ease? Here are a few questions that a compliance practitioner may pose to the HR department to perform a gap analysis regarding policies and procedures: Does the HR department have an inventory of policies, procedures, laws and regulations covering employees and employment related matters applicable to the company’s business? If yes, do you have a specified person who is in charge of updating the inventory? If no, what system does the HR department utilize to ensure that it is aware of the various compliance laws and regulations and has a process to comply with them? What evidence would the HR department be able to produce to the government to support a finding that the company has a solid compliance program for applicable labor and employment laws and regulations? What types of compliance training are mandatory for all employees, which are optional and how does HR track and document completion? How is the training performed? Is it provided in the native language of the employee or only in English? What types of enforcement actions predominate in the compliance arena for your industry or where your organization does business? How is such data tracked in your company? Are employees within the HR department specifically trained to understand compliance requirements applicable to your organization? Does the HR department provide senior management with periodic updates on the monitoring of results, key risks, and compliance violations within HR? Has the HR department established some type of escalation criteria to ensure that high-risk compliance issues are reviewed at the corporate level? Does the HR department have compliance monitoring standards in place? Does the HR department perform periodic audits to ensure that the policies and procedures are being complied with? These are only a few of the questions that you may want to ask to begin the process of assessing how compliance and the role of HR apply to your company.  My final suggestion is to work with HR to create a consolidated Human Resources Compliance Audit Checklist that can be used to audit (and document) the company’s HR Compliance Program. The key to compliance, in my opinion, is having the proper structure to identify the issues, implement policies and procedures to address the issues, audit for compliance and document, document, and document. Three Key Takeaways A gap analysis is a key component in the risk assessment process. The ultimate responsibility should lie with the business units and functional discipline to fully operationalize compliance. The role of the compliance department is to oversee, provide subject matter expertise and coordinate. This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox.   Learn more about your ad choices. Visit megaphone.fm/adchoices

The key concept from the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Program (Evaluation) is operationalization. For instance, under the query Shared Commitment is the following question - “How is information shared among different components of the company?” Under the Prong relating to Policies and Procedures the Designing Compliance Policies and Procedures asks, “What has been the company’s process for designing and implementing new policies and procedures? Who has been involved in the design of policies and procedures? Have business units/divisions been consulted prior to rolling them out?” Lastly, under the same Prong is Responsibility for Integration, with the following question “Who has been responsible for integrating policies and procedures?” These questions point to a Chief Compliance Officer (CCO) or compliance practitioner demonstrating how compliance is being burned into the fabric of an organization. While leadership at and from the top has long been considered by both the DOJ and compliance professionals as a key element to move compliance forward, the Evaluation has also crystalized thinking around compliance leadership from the middle and the bottom. I thought about these concepts when reading a recent Financial Times (FT) article by Andrew Hill, entitled “Leadership from the bottom up”. I was particularly struck by a quote from Shlomo Ben-Hur, a professor at IMD business school, who said, “We teach the top 5 per cent — but the majority of this work is carried out by the other 95 per cent.”  In Ben-Hur’s work he found that many executives came from the middle management ranks. They tended to be persons “with a determination to “take what I have responsibility for and make it truly great.”” Anecdotally, he related “They typically said, ‘I’ve responsibility for the minibus,’ and people then asked them to drive bigger and bigger buses until one day they drove the whole business.”” Think of the military and the responsibility given to front line commanders and how that “is increasingly reflected at large companies.”  The key for companies is that senior management must “find ways to transmit leadership skills to people who do not have ‘leader’ in their job description and will probably never attend a top-level leadership program.” Hill noted, “Ben-Hur’s work has focused on ensuring that managers understand how to assign the right jobs to their team members and motivate them to perform well, using theories of behavioural change that senior executives have typically never learnt on their way to the top. Dedicated managers well below the executive board need to know how to use these tools.”  For the CCO or compliance practitioner, this provides a clear path to help in the operationalizing of compliance by providing the tools to persons far down the organization to put compliance into the operations of a business. One thing Hill writes about is a company should nuture such learning because by doing so, it will both teach practical skills around compliance but also foster a strong internal network of compliance advocates who can move initiatives up and down and organization. Moreover, as these individuals progress through the company ranks, they can take their compliance message with them at each new level.  Building on the writings of Hill and the work of Professor Ben-Hur, my suggestion is to build a Compliance Excellence Center in your company. Bring in middle-managers to focus on understanding not only their roles in compliance but also how to assign the right team members to a compliance initiative and motivate employees going forward. Hill wrote that Airbus has recently established a corporate ‘university’ to spread leadership ideas through the company. Airbus’ theory behind this push is “being a leader isn’t just about being a vice-president; it’s about being able to push the company towards new ways of doing things and executing the things we have to execute. That could [apply to] a blue-collar worker on the shop floor or a VP.”  A key is not simply to train such middle and front line managers on compliance but getting them to consider rollout, effectiveness, testing and improvement. In other words, as Jay Martin would say, it is all about execution. One way to help facilitate this is through exercises using incentives to “make leadership insights stick and change workplace behavior.” Hill also writes that concepts from entrepreneurship can assist in such learning by encouraging managers to “think and act independently” to operationalize compliance. Finally, never forget mentoring as a manner to spread good compliance practices throughout a company if a more formal approach is not possible.  Too often, strategies to move a compliance program or even an initiative come from the top of an organization and are pushed down. To fully operationalize compliance, you must have leadership in compliance further down the organization which (hopefully) has been a part of the design process and can lead the implementation throughout an organization.  Three Key Takeaways While tone at the top is critical, the tone at the bottom can actually work to more fully operationalize compliance. 95% of the work is done at this bottom level. Use HR to come up with a strategy to move compliance into the bottom for more complete operationalization.  This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

  One of the ways that Human Resources (HR) can help to operationalize compliance is to assist each level of an organization to have a proper tone. While the top of an organization rightly gets much of attention, the tone about doing business ethically and in in compliance is equally important in the middle of an organization.  A company must have more than simply a good ‘Tone-at-the-Top’; it must move it down through the organization from senior management to middle management and into its lower ranks. This means that one of the tasks of any company, including its compliance organization, is to get middle management to respect the stated ethics and values of a company, because if they do so, this will be communicated down through the organization. Adam Bryant, in a NYT article, entitled “If Supervisors Respect The Values, So Will Everyone Else”, explored this topic when he interviewed Victoria Ransom, the Chief Executive of Wildfire, a company which provides social media marketing software. Ransom spoke about the role of senior management in communicating ethical values when she was quoted as saying “Another lesson I’ve learned as the company grows is that you’re only as good as the leaders you have underneath you. And that was sometimes a painful lesson. You might think that because you’re projecting our values, then the rest of the company is experiencing the values.” These senior managers communicate what the company’s ethics and values are to middle management. So while tone at the top is certainly important in setting a standard, she came to appreciate that it must move downward through the entire organization. Bryant wrote that Ransom came to realize “that the direct supervisors become the most important influence on people in the company. Therefore, a big part of leading becomes your ability to pick and guide the right people.”  Ransom said that when the company was young and small they tried to codify their company values but they did not get far in the process “because it felt forced.” As the company grew she realized that their values needed to be formalized and stated for a couple of reasons. The first was because they wanted to make it clear what was expected of everyone and “particularly because you want the new people who are also hiring to really know the values.” Another important reason was that they had to terminate “a few people because they didn’t live up to the values. If we’re going to be doing that, it’s really important to be clear about what the values are. I think that some of the biggest ways we showed that we lived up to our values were when we made tough decisions about people, especially when it was a high performer who somehow really violated our values, and we took action.” These actions to terminate had a very large effect on the workforce. Ransom said, “it made employees feel like, “Yeah, this company actually puts its money where its mouth is.””  Ransom sought to ensure that everyone knew what senior management considered when determining whether employees were “living up to the company culture.” The process started when she and her co-founder spent a weekend writing down what they believed the company’s values were. Then they sat down with the employees in small groups to elicit feedback. Her approach was to look for what they wanted in their employees. They came up with six.  Passion: Do you really have a thirst and appetite for your work? Humility and Integrity: Treat your co-workers with respect and dignity. Courage: Speak up - if you have a great idea, tell us, and if you disagree with people in the room, speak up. Curiosity: They wanted folks who would constantly question and learn, not only about the company but about the industry. Impact: Are you having an impact at the company? Be outward-looking: Do good and do right by each other.  Ransom had an equally valuable insight when she talked about senior management and ethical values. She believes that “the best way to undermine a company’s values is to put people in leadership positions who are not adhering to the values. Then it completely starts to fall flat until you take action and move those people out, and then everyone gets faith in the values again. It can be restored so quickly. You just see that people are happier.”  What should the tone in the middle be? Put another way, what should middle management’s role be in the company’s compliance program? This role is critical because the majority of company employees work most directly with middle, rather than top management and, consequently, they will take their cues from how middle management will respond to a situation. Moreover, middle management must listen to the concerns of employees. Even if middle management cannot affect a direct change, it is important that employees need to have an outlet to express their concerns. Therefore your organization should train middle managers to enhance listening skills in the overall context of providing training for what she termed their ‘Manager’s Toolkit’. This can be particularly true if there is a compliance violation or other incident that requires some form of employee discipline. Ransom believes that most employees think it important that there be “organizational justice” so that people believe they will be treated fairly. Ransom further explained that without organization justice, employees typically do not understand outcomes but if there is perceived procedural fairness that an employee is more likely accept a decision that they may not like or disagree with.  So think about your lines of communication and your communication skills when conveying your message of compliance down from the top into the middle of your organization.  Three Key Takeaways While tone at the top is critical, the tone in the middle can actually work to more fully operationalize compliance. How do you train middle managers? What compliance tool kit do you provide to middle managers? This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox.     Learn more about your ad choices. Visit megaphone.fm/adchoices

The role of Human Resources (HR) in anti-corruption compliance programs, is often underestimated. If your company has a culture where compliance is perceived to be in competition or worse yet antithetical to HR, the company certainly is not hitting on all cylinders and maybe moving towards dysfunction. Another way you can operationalize compliance is in HR’s involvement of employee promotion. In Prong 8 of the Evaluation of Corporate Compliance Programs it asks the following question, Have there been any examples of actions taken (e.g., promotions or awards denied) as a result of compliance and ethics considerations?  The 2012 FCPA Guidance expounded further, “[M]ake integrity, ethics and compliance part of the promotion, compensation and evaluation processes as well. For at the end of the day, the most effective way to communicate that “doing the right thing” is a priority is to reward it. Conversely, if employees are led to believe that, when it comes to compensation and career advancement, all that counts is short-term profitability, and that cutting ethical corners is an ac­ceptable way of getting there, they’ll perform to that measure. To cite an example from a different walk of life: a college football coach can be told that the graduation rates of his players are what matters, but he’ll know differently if the sole focus of his contract extension talks or the decision to fire him is his win-loss record. In other words make compliance significant for professional growth in your organization and it will help to drive the message of doing business in compliance.  I thought about these concepts when I read an article in the Corner Office column of the Sunday New York Times (NYT), where columnist Adam Bryant interviewed Sally Smith, the Chief Executive of Buffalo Wild Wings, the restaurant chain. She had some interesting concepts not only around leadership but thoughts on the hiring and promotion functions, which are useful for any Chief Compliance Officer (CCO) or compliance practitioner striving to drive compliance into the DNA of a company.  Here Smith had some thoughts put in a manner on promotions not often articulated. One of her cornerstones is to search out the best person for any open position, whether through an external hire or internal promotion. Bryant stated that Smith said “We use the phrase “wait for great” in hiring. When you have an open position, don’t settle for someone who doesn’t quite have the cultural match or skill set you want. It’s better to wait for the right person.”  Smith articulated some different skills that she uses to help make such a determination. Once a potential hire or promotion gets to her level for an interview, she will assume that person is technically competent but “I assume that you’re competent, but I’ll probe a bit to make sure you know what you’re talking about. And then I’ll say, “If I asked the person in the office next to you about you, what would they say?””  Passion and curiosity are other areas that Smith believes is important to probe during the hiring or promotion process. In the area of passion, Smith will “Often ask, “What do you do in your free time?” If they’re passionate about something, I know they’re going to bring that passion to the workplace.” Smith believes curiosity is important because it helps to determine whether a prospective hire will fit into the Buffalo Wild Wings culture. Bryant wrote, “I look for curiosity too, because if you’re curious and thinking about how things work, you’ll fit well in our culture. So I’ll ask about the last book they read, or the book that had the greatest impact on them.” Smith also inquires about jobs or assignments that went well and “ones that went off the tracks. You ask enough questions around those and you can determine whether they’re going to need a huge support team.” I found these insights by Smith very useful for a compliance practitioner and the hiring and promotion functions in a compliance program. By asking questions about compliance you can not only find out the candidates thoughts on compliance but you will also begin to communicate the importance of such precepts to them in this process. Now further imagine how powerful such a technique could be if a Chief Executive asked such questions around compliance when they were involved in the hiring or promotion process. Talk about setting a tone at the top from the start of someone’s career at that company. But the most important single item I gleaned from Bryant’s interview of Smith was the “Wait for great” phrase. If this were a part of the compliance discussion during promotion or hiring that could lead to having a workforce committed to doing business in the right way. Three Key Takeaways Denying a promotion or award due to an employee’s ethical lapses. Use promotions to reinforce your company’s commitment to compliance and ethics. Should you wait for great?  This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

The Evaluation of Corporate Compliance Programs document makes clear that operationalization of compliance into an organization should be done at multiple levels in a company. Creating an ethical culture is an important step for any company to burn compliance into the DNA of a business. It must be done at every level of an organization on a continuous basis.  In an article in the Harvard Business Journal (HBJ) online publication by Christopher McLaverty and Annie McKee, entitled “What You Can Do to Improve Ethics at Your Company”, the authors surveyed C-suite executives and noted, “More often the dilemmas were the result of competing interests, misaligned incentives, clashing cultures.” Based on this study and their prior work, the authors noted three major obstacles to ethical behavior.  Initially was the issue of corporate change. The authors stated, “Companies can warp their own ethical climate by pushing too much change from the top, too quickly and too frequently. Leaders in the study reported having to implement staff reduction targets, dispose of big businesses in major markets, and lead mergers and acquisitions. Some of these activities included inherent conflicts of interest; others simply caused leaders to have to act counter to their values. Many leaders felt poorly prepared for the dilemmas they faced and felt compelled to take decisions they later regretted.”  The second was the age old dilemma of compensation where incentives tended to drive certain behaviors or, as the authors stated, “People do what they are rewarded to do, and most leaders are rewarded for hitting targets.” Of course the most recent example is Wells Fargo where employee compensation was based solely on the number of accounts they opened. Yet such incentive based behavior was not limited to front line employees as the authors stated, “The lure of incentives are a problem in boardrooms too: Bonus payments and executive share schemes are often based on short-term business metrics, which can be counter to long-term success.”  Finally, was an area which may require a Chief Compliance Officer (CCO) or compliance practitioner to think through several different calculi; cross cultural differences. Obviously some countries have gift giving cultures but this is more than simply the value of a gift to give at Christmas, it involves cultures where gift giving may be a part of the overall business relationship. The authors cited examples such as “closing a sales office in Japan, breaking a verbal promise made during after-work drinks in China, or ignoring “sleeping” business partners in a Saudi Arabian deal, all of which have cultural and ethical components.”  An interesting insight was teaching employees how to understand what matters in an organization. This is not simply the written Codes but how things really work. The authors posited three questions: (1) How are employees paid? Obviously a compensation plan is a critical benchmark. If it is solely based on ‘eat what you kill’, focusing on the short term, it may presage problems down the road. (2) Who gets promoted and why? This is not simply whether the high producer gets promoted but how about those who speak up and raise ethical issues. Are they subtly (or not so subtly) discriminated against or held back from promotion? (3) How do employees feel about their organization? Although it seems straight-forward, if your employees are disengaged or worse yet, ashamed about your company, you might be an ethical time bomb waiting to happen.  The authors then turned to initiatives that the interviewees had successfully used in their own organizations to improve the ethical climate. While noting that there is some importance in the corporate governance documents, such as a Code of Conduct and policies and procedures, the authors averred “Companies become ethical one person at a time, one decision at a time.” This means employees need to understand their organizations underlying culture. They stated, “Self-awareness enables you to build and strengthen that inner compass. Organizational awareness enables you to identify the forces in your company’s culture and processes that could drive you and others to do the wrong thing. You also need emotional self-control: it takes courage to step away from the crowd and do the right thing.”  To have such courage, the authors noted many employees who did speak up had a personal network which operates as “an informal sounding board and can highlight options and choices that the leader may not have considered. When making ethical decisions, it’s important to recognize that your way isn’t the only way, and that even mandated choices will have consequences that you must deal with.” This is yet another reason for the breaking down of silos in a corporate organization because “The challenge is that most leaders have networks full of people who think and act like them and many fail to seek out diverse opinions, especially in highly charged situations. Instead, they hunker down with people who have similar beliefs and values. This can lead to particularly dire consequences in cross-cultural environments.”  Finally, and perhaps most intuitively, is speaking up. Here business leaders must encourage not only a speak up culture but also one of no retaliation. But it is more than this as Vanessa Rossi, FCPA Due Diligence Counsel at Baker Hughes Inc. noted in a panel discussion to the Greater Houston Business and Ethics Roundtable, it is more tones at the tops as for many employee’s senior leadership resides in the form of their direct manager. The authors phrase it as “If you find you need to speak up, there will be a number of choices to be made. Do you talk to the boss? Consult with peers? Work with advisory functions such as legal, compliance or human resources? You can draw on your personal network for support and guidance on the right way forward within the context of your unique situation.”   Ethics and compliance blend together in the corporate world. It is not just the responsibility of CCOs and compliance practitioners but of senior managers to support those employees who want to do the right thing. While written protocols are significant in both detection and prevention, one should never lose sight of a corporate culture as a way to positively impact your workforce and company going forward. Three Key Takeaways Beware of the three obstacles to creating an ethical culture. What really matters in your company? A speak up culture will improve the operational performance of your business. This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

The exit interview can be a further mechanism to operationalize compliance. This type of interview is used when someone voluntarily departs from a company, as opposed to a lay-off or reduction in force exercise. Typically departing employees are more willing to share about their experiences, concerns and issues which led to their employment departure. In an article in the Harvard Business Review, entitled “Making Exit Interviews Count”, authors Everett Spain and Boris Groysberg demonstrate that exit interviews, when conducted with care, can be a very useful tool in two important areas: to increase employee engagement, to reveal what may not be working in the organization. These points speak directly to operationalizing compliance through Human Resources (HR). Exit interviews can provide insight into what employees are thinking, reveal problems in the organization, and shed light on the competitive landscape. They believe that companies should focus on six goals in their exit interviews, that there must be an emphasis in both “tactics and techniques” and, finally, that the process is a continuing conversation. Uncover issues. Organizations “that conduct exit interviews almost always pursue this goal but often focus too narrowly on salary and benefits.” The problem with this approach is that salary concerns are not usually what drives employees to seek employment elsewhere. It is almost always something else. The article stated, “One leader from a food and beverage company told us that exit interviews inform his company’s succession planning and talent management process.” Understand employees’ perceptions of the work itself. The person conducting the exit interview understand the departing employee’s job design, working conditions, culture, and peers. By understanding and questioning the employee on this information, the exit interview “can help managers improve employee motivation, efficiency, coordination, and effectiveness.” Gain insight into managers’ leadership styles and effectiveness. Leadership style is an important reason many employees depart for greener pastures. By inquiring into and understanding this dynamic, an organization can begin to “reinforce positive managers and identify toxic ones. One executive at a major restaurant chain told us that several exit interviews she’d recently conducted revealed that micromanagement was a big problem. The conversations, she said, “led to some very tangible outcomes,”” such as establishing training and development initiatives to create better managers.” Learn about HR benchmarks (salary, benefits) at competing organizations. While salaries and compensation packages are usually not the driver of departures, they certainly do play a role. You should use the exit interview to do some benchmarking. The authors cited to a HR executive at a global food and beverage who noted, “We use exit interviews to see how competitive we are against other employers: time off, ability to advance, different benefits, and pay packages. And we want to see who is poaching our people.” Foster innovation by soliciting ideas for improving the organization. The authors believe that exit interviews should go beyond the departing employee’s “immediate experience to cover broader areas, such as company strategy, marketing, operations, systems, competition, and the structure of his or her division.” They cite as one “emerging best practice is to ask every departing employee something along the lines of “Please complete the sentence ‘I don’t know why the company doesn’t just ____.’” This approach may reveal trends which can be incorporated into future innovations.” Create lifelong advocates for the organization. This is perhaps the most innovative, yet in many ways the most basic, which is of course to treat departing employees with dignity, respect and gratitude. Such treatment at departure may well encourage departing employees to recommend their former companies to potential employees, to use and recommend the companies’ products and services, and to create business alliances between their former and new employers. The authors cite to one North American financial services executive for the following, “You want [a departing employee] to leave as an ambassador and customer.” Finally are issues around hotlines, whistleblower and retaliation claims. The starting point for layoffs should be whatever your company plan is going forward. The retaliation cases turn on whether actions taken by the company were in retaliation for the hotline or whistleblower report. This means you will need to mine your hotline more closely for those employees who are scheduled or in line to be laid off. If there are such persons who have reported a FCPA, Code of Conduct or other ethical violation, you should move to triage and investigate, if appropriate, the allegation sooner rather than later. This may mean you move up research of an allegation to come to a faster resolution ahead of other claims. It may also mean you put some additional short-term resources on your hotline triage and investigations if you know layoffs are coming. The reason for these actions are to allow you to demonstrate that any laid off employee was not separated because of a hotline or whistleblower allegation but due to your overall layoff scheme. However, it could be that you may need this person to provide your compliance department additional information, to be a resource to you going forward, or even a witness that you can reasonably anticipate the government may want to interview. If any of these situations exist, if you do not plan for their eventuality before the employee layoff, said (now) ex-employee may not be inclined to cooperate with you going forward. Also if you do demonstrate that you are sincerely interested in a meritorious hotline complaint, it may keep this person from becoming a SEC whistleblower.  Three Key Takeaways The exit interview is an excellent opportunity to obtain information to inform your compliance program. Use the exit interview to create advocates from departing employees. Use the exit interview for probing and insight questions around compliance.  This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

Employment separation and layoffs can present some unique challenges for the compliance practitioner. Employees can use layoffs to claim that they were retaliated against for a wide variety of complaints, including those for concerns that impact the compliance practitioner. Yet there are several ways that operationalization will help to protect your company as much as possible. Before you begin your actual layoffs, the compliance practitioner should work with your legal department and HR function to make certain your employment separation documents are in compliance with the Securities and Exchange Commission (SEC) requirement regarding Confidentiality Agreement and Separation Agreement language which purports to prevent employees from bringing potential violations to appropriate law or regulatory enforcement officials. Such documents must not have language preventing an employee taking such action. But this means more than having appropriate or even approved language in your CA, as you must counsel those who will be talking to the employee being laid off, not to even hint at retaliation if they go to authorities with a good faith belief of illegal conduct. You might even suggest, adding the appropriate language to your script so the person leading the conversation at the layoff can get it right and you have a documented record of what was communicated to the employee being separated. When it comes to interacting with employees first thing any company needs to do, is to treat employees with as much respect and dignity as is possible in the situation. While every company says they care (usually the same companies which say they are very ethical), the reality is that many simply want terminated employees out the door and off the premises as quickly as possible. At times this will include an ‘escort’ off the premises and the clear message is that not only do we not trust you but do not let the door hit you on the way out. This attitude can go a long way to starting an employee down the road of filing a claim for retaliation or, in the case of FCPA enforcement, becoming a whistleblower to the SEC, identifying bribery and corruption.  Treating employees with respect means listening to them and not showing them the door as quickly as possible with an escort. From the compliance perspective this could also mean some type of conversation to ask the soon-to-be parting employee if they are aware of any FCPA violations, violations of your Code of Conduct or any other conduct which might raise ethical or conflict of interest concerns. You might even get them to sign some type of document that attests they are not aware of any such conduct. I recognize that this may not protect your company in all instances but at least it is some evidence that you can use later if the SEC or Department of Justice comes calling after that ex-employee has blown the whistle on your organization. I would suggest that you work with your HR department to have an understanding of any high-risk employees who might be subject to layoffs. While you could consider having HR conduct this portion of the exit interview, it might be better if a compliance practitioner was involved. Obviously, a compliance practitioner would be better able to ask detailed questions if some issue arose but it would also emphasize just how important the issue of FCPA compliance, Code of Conduct compliance or simply ethical conduct compliance was and remains to your business. Finally, are issues around hotlines, whistleblower and retaliation claims. The starting point for layoffs should be whatever your company plan is going forward. The retaliation cases turn on whether actions taken by the company were in retaliation for the hotline or whistleblower report. This means you will need to mine your hotline more closely for those employees who are scheduled or in line to be laid off. If there are such persons who have reported a FCPA, Code of Conduct or other ethical violation, you should move to triage and investigate, if appropriate, the allegation sooner rather than later. This may mean you move up research of an allegation to come to a faster resolution ahead of other claims. It may also mean you put some additional short-term resources on your hotline triage and investigations if you know layoffs are coming.  The reason for these actions are to allow you to demonstrate that any laid off employee was not separated because of a hotline or whistleblower allegation but due to your overall layoff scheme. However it could be that you may need this person to provide your compliance department additional information, to be a resource to you going forward, or even a witness that you can reasonably anticipate the government may want to interview. If any of these situations exist, if you do not plan for their eventuality before you layoff the employee, said (now) ex-employee may not be inclined to cooperate with you going forward. Also if you do demonstrate that you are sincerely interested in a meritorious hotline complaint, it may keep this person from becoming a SEC whistleblower. Three Key Takeaways Treat departing employees with dignity. Make sure your separation documents meet SEC requirements regarding disclosures re: whistleblowing. You must check your hotline and anonymous reporting systems to make sure you do not lay off a whistleblower.  This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

What should a company do when it desires to hire a Chief Compliance Officer (CCO).  I sat down and visited with Maurice Gilbert, the Managing Partner at Conselium Partners LP. Gilbert believes that it behooves any company to find the right CCO or compliance practitioner for the right position. But to do so, a company needs to fully understand and appreciate what it needs from such a position going forward. Unfortunately, many companies do not have this insight at the beginning of the recruitment process.  The process often begins with the company supplied job description, which Gilbert noted is “typically a legacy of various things that are not even updated. It's a hodgepodge of things that maybe began a few years ago, but it needs to be updated to reflect what’s going on in the company at that particular moment. You have certain business risks. You have certain regulatory risks.... You need to be attentive to those risks so that you could build your profile about what those risks need to be addressed presently.” Moreover, “what you’re going to get in a company job description is just a litany of things that actually could be quite disjointed and may not necessarily make sense for what you’re going to be asking the person to do.”  Gilbert will bring the key company stakeholders into an initial meeting to help them understand the process. Obviously, this will include Human Resources (HR) and others involved in the internal hiring process for the company. Gilbert gets them to rethink their approach to focus on what they will ask the new hire to accomplish because typically there is a disconnect between what the company thinks it needs and what it really needs.  The next step is developing an appropriate job profile. Gilbert will ask the key stakeholders to give him a list of four things they would like the new hire to accomplish in the first year of employment. By limiting to this to four, Gilbert not only ends unrealistic expectations but helps winnow down the inevitable “laundry list of, “We'd like the professional to accomplish 30 things within the first year.” Many of which, are inconceivable. They have to be done in the course of several years. When we’re listening to the response, we, again, are counseling our client as to whether that makes sense or if that’s an unreasonable, let’s say, expectation.”  Gilbert gave an example of a recent search he headed for a client. One of the things he was able to develop at this initial meeting was that the company wanted the CCO “to spend the first two, three months evaluating her staff, to see if she has the appropriate team in place for the rest of the journey. By the way, she’s traveling all over the world doing just that. Evaluating her staff.” However that task alone could take several months. The company also wanted the CCO to perform a comprehensive risk assessment immediately upon starting the position. It is simply not realistic to expect such disparate and time consuming tasks to be performed so quickly, all the while the new CCO would be expected to travel to company locations across the globe.  Another important issue in this initial meeting is the professional growth opportunities that the company will present to any candidate. Gilbert explained that this is something companies do not always appreciate in the hiring process. Yet, as he explained, a company is trying to get a seasoned executive to leave a position so they need to have an attractive package ready to present. It is more than simply salary and benefits. Gilbert said, “we have to capture data such as, “What are career growth options once a person steps in and does a good job for three, whatever, years?” We have to capture data. “What is the culture of the company? What is the culture of the compliance department? What are the hot buttons and the management strategy, if you will, of the hiring authority? How does that person like to interface with the individuals?” A final query to the company is around the sourcing of candidates. Gilbert needs to know if there are any particular competitors, or companies, which the client feels are hands off for sourcing candidates from and before he leaves this meeting he needs to know the companies that his client does not want Conselium to recruit from.  I found these points quite illuminating for several reasons. First, the company was not clear on what it wanted the new CCO to accomplish and had not thought through what it would need to commit to in terms of resources to have these goals accomplished. The second demonstrated the communications flow facilitated learning on the part of both parties, i.e. for the client this was to have a realistic expectation of the new role and for Gilbert it was to help develop an appropriate Job Profile. It also demonstrated the collaborative nature of the relationship. By engaging in this process Gilbert is able to move from simply a third party executive search firm to a trusted advisor to the client. By having such a relationship Gilbert and his company, Conselium, are able to deliver a much more focused and valuable service beyond the typical generalist experience available inside a corporation in the hiring process.  From these discussions, Gilbert will develop a Job Profile and present to the company to have them sign off on not only the package of what they are looking for in a candidate, but also the package they will be willing to present. Gilbert related that through the capture of and agreement with these points, he is ready to begin the next step, which is to tell the compelling story about the job position on behalf of his client.   Three Key Takeaways Bring in your key stakeholders to flesh out the job description. Consider the top four things you would like a new CCO to accomplish in the first year. For a new CCO to succeed, the company must have a realistic expectation developed before the process begins. This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

One of the ways to operationalize compliance and to drive it into the DNA of an organization is through a performance review. Indeed, the 2012 FCPA Guidance states, “DOJ and SEC recognize that positive incentives can also drive compliant behavior. These incentives can take many forms such as personnel evaluations and promotions, rewards for improving and developing a company’s compliance pro­gram, and rewards for ethics and compliance leadership. Some organizations, for example, have made adherence to compliance a significant metric for management’s bonuses so that compliance becomes an integral part of management’s everyday concern.” Most HR experts will opine that properly executed performance appraisals are crucial to organizational productivity as well as the development of employee skills and employee morale. Moreover, they can serve a couple of different functions for a best practices compliance program. First, and foremost, they communicate to each employee their job performance from a compliance perspective. However, one key is not to approach the performance appraisal review as an isolated event but rather a continual process. This means that instead of trying to play catch-up at the last minute, supervisors should provide feedback and assess job performance throughout the year so annual reviews are grounded in a year's worth of experience. This includes the compliance component of each job. The second area performance appraisals impact is compensation. As noted above, the DOJ and SEC expect that your compliance program will have both discipline and incentives. But those incentives need to be based upon something. The score or other performance appraisal metrics will provide to you a standard which you can measure and use to evaluate for other purposes such as employee promotion or advancement to senior management going forward. In an article in the Houston Business Journal entitled “6 Ways To Make Performance Reviews More Productive”; provided six points you should consider which I have adapted for the compliance component of an annual employee performance appraisal. Prioritize reviews in your schedule - You should schedule the employee performance appraisal at least several days in advance, rather than when a time slot suddenly opens up. You would make sure that you allot sufficient time for unhurried give and take between the reviewer and the employee. Review the entire year's performance - You should resist the attempt to focus the discussion on the latest compliance experience. This is called recency bias. If a compliance issue arose in the past month or so, you need to keep it in perspective for the entire review period. Moreover, by focusing a review on a recent problem you may obscure prior accomplishments and make an employee feel demoralized. Take care not to go too much in the opposite direction as recency bias can work both ways, and one should not let a favorable recent compliance event overshadow the full review period. Do not hesitate to critique - Be generous with praise where it is warranted, but do not hesitate to discuss improvements needed in the compliance arena. Many supervisors are reluctant to confront and indeed desire to avoid confrontation. However remaining silent about an employee's compliance shortcomings is a disservice to both the company and the employee. Do not dominate the conversation - Remember that you must give the employee time for self-appraisal and to ask questions or to comment about the feedback received from the compliance perspective. If there are specific questions or concerns raised by the employee you need to be prepared to address them as appropriate. Understand the employee's role - You need to understand and appreciate that if the recent economy has resulted in many employees assuming the responsibilities of more than one position. If relevant to the employee, acknowledge that fact and take it into account in the review. This is certainly true from the compliance perspective as many non-Compliance Department employees have cross-functional responsibilities. If they claim not to have the time to handle their compliance responsibilities you will need to address this with the employee and perhaps structurally as well. Anticipate reprisal - Although it is rare, you can face the situation where an employee who is very dissatisfied with a review may refuse to sign it. The employee may be offered the opportunity to add a statement to the review. Also point out that the employee signature is an acknowledgement of receiving the review and does not signify agreement. If the employee still refuses to sign, have a second supervisor come in to witness the refusal. This may be particularly important from the compliance perspective. The article ends by noting, “A proper annual review requires considerable effort from employee supervisors. It should be a full-year process involving regular guidance and feedback and perhaps several mini-reviews along the way. But rather than viewing it as onerous, supervisors should keep in mind that it is a tool for making their departments work more efficiently and yields better results for everyone involved.” I would add this is doubled from the compliance perspective. The potential upside can be significant from your overall compliance program perspective. Three Key Takeaways To incentivize compliance, you must be able to accurately appraise senior managers and employees around compliance. Clearly communicate your compliance expectations, then fairly evaluate employees on them. Consider an ongoing review as well. This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

Another area where compliance can play a key role is in succession planning. A.G. Lafley and Noel M. Tichy, writing in the Harvard Business Review, in an article entitled “The Art and Science of Finding the Right CEO”, discussed the issue of succession planning during his tenure as the Chief Executive Officer of Procter & Gamble (P&G). Many of the concepts and issues that Lafley discusses within the context of succession planning in general are applicable to the concern of compliance within this area. Lafley makes clear that succession planning is just as important as governance, enterprise risk and strategic oversight. In other words, it is just as important. Sadly, many companies fail to give it the attention it requires. Indeed, in a PricewaterhouseCoopers survey, cited in the foreword, nearly one-half of the more than 1,000 directors gauged reported dissatisfaction with their companies’ succession plans. Imagine what that number would be if they took into account the compliance aspect of succession planning.  Borrowing from Lafley, I have adapted his box for an analysis of some of the characteristics that should be considered in succession planning from the compliance perspective.    Personal Judgment Team Judgment Organizational Judgment Stakeholder Judgment People Personal judgments about overall compliance goals Judgments regarding your team members regarding compliance Judgments on organizational systems for assessing compliance with the organization Judgments about how to engage stakeholders regarding compliance Strategy Personal judgments regarding compliance in your career Judgments about how your team evolves in its compliance approaches as new compliance challenges arise Judgments about how to engage and align all organization levels in compliance Judgments in leading stakeholders to execute compliance strategies Crisis Personal judgments regarding compliance in times of crisis Judgments in how your team operates regarding compliance in times of crisis Judgments about how to work with your overall organization in compliance in times of crisis Judgments about dealing with key stakeholders regarding compliance in times of crisis  Lafley makes clear that succession planning does not begin at the time a CEO decides to retire. It should being at the time that a CEO is hired. This is to prevent a decision at the last minute or, worse yet, “to be left with effectively no decision.” As well as the process being started at the time of the hiring of a new CEO it must also fully engage the Board of Directors. Lafley provides several key points, all of which are applicable to the compliance component of succession. Lafley defines the criteria that the evaluation process is an ongoing, not episodic process. In addition to a “broad and deep pipeline of qualified leaders” the candidates should be put through a variety of roles. In the compliance context, this would provide an opportunity to review the initiatives and responses in several different areas. In addition to running large and small business units, such candidates should oversee several different functions, as broadly as the Chief Financial Officer  to HR.  In many ways, evaluating a compliance criterion is as much an art as it is science. However, Lafley states that a specific list of “must-haves” is appropriate. It is not as simple as whether there was a violation or not. It is broader than that calculus. Paul McNulty’s three Maxims for evaluating a corporate compliance program are: (1) what did you do to prevent it; (2) what did you do to detect it; and (3) what did you do when you found out about it? Compliance for the CEO candidate is more than the third prong. How did you inculcate compliance into the business unit that you are managing? What controls did you put in place? And then what did you do when you found out about it? Indeed Department of Justice Compliance Counsel Hui Chen, recently remarked about the importance of ‘facetime’ by a Chief Compliance Officer with a President or Chief Executive. Moreover the 2015, BNY Mellon’s FCPA enforcement action points towards the need to follow establish protocols, even in HR. If you have a process in HR for evaluation around succession planning, that process should be followed. If any exception is made, it is encumbent the exception be documented, justified, then reviewed and approved by an appropriate level of management.  Lafley defines this as “how the future might look”. You might explore a new geographic market with a candidate or a new product line, either of which might bring new compliance challenges. Being a part of a team to perform a risk assessment might indicate that new or different compliance safeguards need to be considered. Should monitoring, through continuous controls monitoring or other more sophisticated tools, be utilized as the compliance program evolves be considered?  Lafley points out that the choice of “a successor isn’t a done deal until the votes are cast and the announcement is made.” He advocates continuing to provide challenging projects, which would include those in the compliance arena, which can continue to provide feedback and guidance from the compliance perspective. As one division President told me “You are always being evaluated.” And so it should be. The selection of a new CEO is a substantial investment by a large company. Having the right person in the position from the compliance perspective is an important element in an overall evaluation. Remember - it all starts with the “Tone from the Top”.  Every time I perform a risk assessment and speak the company’s HR lead, they immediately understand the role than can play in moving forward a company’s compliance program. Even if the HR role is limited in the hiring process, they can ask potential candidates their views to determine underlying business ethics. HR can also begin the compliance inculcation process, even pre-hiring, by talking about the company’s values in the interview process. This sets an expectation that can be built upon if a candidate is selected and in every HR touch point going forward, including looking at employees in the succession planning process.  Three Key Takeaways Succession planning is just as important as governance, enterprise risk and strategic oversight Do not begin your succession planning when a senior manager announces their retirement. You are always being evaluated (or you should be).  This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

In the Department of Justice’s Evaluation of Corporate Compliance Programs, Prong 8 Incentive and Disciplinary Measures it states: Incentive System – Consistent Application – Have the disciplinary actions and incentives been fairly and consistently applied across the organization?  In the Department of Justice’s (DOJ) 13 point minimum best practices compliance program, Item 10 states: Discipline. A Company should have appropriate disciplinary procedures to address, among other things, violations of the anti-corruption laws and the Company's anti-corruption compliance code, policies, and procedures by the Company's directors, officers, and employees. A Company should implement procedures to ensure that where misconduct is discovered, reasonable steps are taken to remedy the harm resulting from such misconduct, and to ensure that appropriate steps are taken to prevent further similar misconduct, including assessing the internal controls, ethics, and compliance program and making modifications necessary to ensure the program is effective. However, I believe that the DOJ best practices are more active than the ‘stick’ of employee discipline to make a compliance program effective and I believe that it also requires a ‘carrot’. This requirement is codified in the US Sentencing Guidelines with the following language, “The organization’s compliance and ethics program shall be promoted and enforced consistently throughout the organization through (A) appropriate incentives to perform in accordance with the compliance and ethics program; and (B) appropriate disciplinary measures for engaging in criminal conduct and for failing to take reasonable steps to prevent or detect criminal conduct.” One of the areas which Human Resources (HR) can operationalize your compliance program is to ensure that discipline is handed out fairly across an organization and to those employees who integrate such ethical and compliant behavior into their individual work practices going forward. Procedural fairness is one of the things that will bring credibility to your Compliance Program. Today it is called the Fair Process Doctrine and this Doctrine generally recognizes that there are fair procedures, not arbitrary ones, in processes involving rights. Considerable research has shown that people are more willing to accept negative, unfavorable, and non-preferred outcomes when they are arrived at by processes and procedures that are perceived as fair. Adhering to the Fair Process Doctrine in two areas of your Compliance Program is critical for you, as a compliance specialist or for your Compliance Department, to have credibility with the rest of the workforce. Finally, it is yet another way to more fully operationalize your compliance program. Internal Investigations The first area is that of internal company investigations. If your employees do not believe that the investigation is fair and impartial, then it is not fair and impartial. Further, those involved must have confidence that any internal investigation is treated seriously and objectively. One of the key reasons that employees will go outside of a company’s internal hotline process is because they do not believe that the process will be fair. This fairness has several components. One would be the use of outside counsel, rather than in-house counsel to handle the investigation. Moreover, if company uses a regular firm, it may be that other outside counsel should be brought in, particularly if regular outside counsel has created or implemented key components which are being investigated. Further, if the company’s regular outside counsel has a large amount of business with the company, then that law firm may have a very vested interest in maintaining the status quo. Lastly, the investigation may require a level of specialization which in-house or regular outside counsel does not possess. Administration of Discipline and Employee Promotions However, as important as the Fair Process Doctrine is with internal investigations, I have come to believe it is more important in another area. That area is in the administration of discipline after any compliance related incident. Discipline must not only be administered fairly but it must be administered uniformly across the company for the violation of any compliance policy. Simply put if you are going to fire employees in South America for lying on their expense reports, you have to fire them in North America for the same offense. It cannot matter that the North American employee is a friend of yours or worse yet a ‘high producer’. Failure to administer discipline uniformly will destroy any vestige of credibility that you may have developed. In addition to the area of discipline which may be administered after the completion of any compliance investigation, you must also place compliance firmly as a part of ongoing employee evaluations and promotions. If your company is seen to advance and only reward employees who achieve their numbers by whatever means necessary, other employees will certainly take note and it will be understood what management evaluates, and rewards, employees upon. I have often heard the (anecdotal) tale about some Far East Region Manager which goes along the following lines “If I violated the Code of Conduct I may or may not get caught. If I get caught I may or may not be disciplined. If I miss my numbers for two quarters, I will be fired”. If this is what other employees believe about how they are evaluated and the basis for promotion, you have lost the compliance battle. Three Key Takeaways The DOJ and SEC have long called for consistent application in both incentives and discipline. The Fair Process Doctrine ensures employees will accept results they may not like. Inconsistent application of discipline will destroy your compliance program credibility. This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

In the Department of Justice’s Evaluation of Corporate Compliance Programs, Prong 8 Incentive and Disciplinary Measures it states: Incentive System –How has the company considered the potential negative compliance implications of its incentives and rewards?  This week I have been considering how a company could use incentives to further a compliance program and the role of HR in this process. I want to consider how incentives might lead to the converse but looking at the intersection of sales incentives and compliance which led to the problems at Wells Fargo. When you misalignment these two concepts with a faulty sales strategy it can lead to a catastrophic failure, literally costing a company millions of dollars in fines, loss of business and depreciation of shareholder value.  The sales incentives under which Wells Fargo came to such grief is simple and even benign, cross-selling of products. As noted by Rachel Louise Ensign, writing in a Wall Street Journal (WSJ) article entitled “Banks Simple Strategy Gets Tangled”, “the concept sounds simple enough. If a customer has a checking account, why not sell him a mortgage, wealth management services and credit card as well?” She went on to write, “with banks becoming larger over the past two decades, cross-selling has become a mantra.” You can also think of the cross-selling McDonalds engages in every time you buy a Big Mac when the representative asks you “Would you like french fries with that?”  Yet there are other reasons for engaging in this type of business practice. Each and every time a company has a touchpoint, particularly a commercial touchpoint with a business, it strengthens the relationship. According to Gary Silverman, writing in the Financial Times (FT) in an article entitled “John Stumpf, the Labrador of Main Street”, Wells Fargo’s Chief Executive Officer (CEO) “Mr Stumpf’s take on traditional Wells teaching was to promote deeper, more frequent contact with the people it serves. “If there’s one word to describe this company, it’s ‘relationship,’” he told the Financial Times in May. “What we’re trying to do is make sure that every team member, in every interaction with a customer, gets it right. If we don’t get it right, we try to make it right, really quickly.””  So what starts off as a legitimate, legal and beneficial business strategy becomes not only high risk but illegal because of the manner in which Wells Fargo administered its approach to cross-selling. As with any sales initiative, if a company wants to push it, it will set up incentives for the sales team to engage in such behavior. This can be done by increasing commissions around the service or product being emphasized, such as the banks products. Ensign noted, “Banks have tried to create incentives for cross-selling.” At some banks, “Branch employees can get bonuses—sometimes 10% or more of their salaries—when they sell additional products.” Companies can also increase sales by making clear that you will be evaluated on how much you sell a product or service. In other words, whether you receive a bonus, pay raise or even keep your job will be evaluated, in some part, on how much you cross-sell.  You can even have a hybrid of the above, which may be the worst of all worlds. At Wells Fargo, employees were evaluated for continuing employment by supervisors on cross-selling. Yet they did not receive the same financial incentives to make such cross-selling. Branch managers and supervisors could receive bonuses of up to $10,000 per month for meeting cross-selling quotas when employees who hit their monthly quotas, received, in addition to continued employment, $25 gift cards.  A panel at Compliance Week 2016, entitled “The Unsolvable Problem: Performance, Pay, Pressure and Misconduct”, contained an academic type, Marc Hodak, adjunct Professor of Business at New York University, Alexander Proels, Compliance Head Americas at Siemens, and Michael Weisman, Chief Ethics and Compliance Officer at The Kraft Heinz Company. They had some interesting thoughts around compensation, which I think you should consider in your role as a Chief Compliance Officer (CCO) going forward. One key area is the amount of your variable compensation relative to risk? What does your discretionary bonus program consist of? Is it corporate performance based? Group performance based? Only personal, i.e. eat what you kill? Or is it some combination of all of the above?  What are some of the indicia that your compensation structure might be off the rails from the compliance perspectives? Weisman gave three examples: (1) Lofty goals but no direction for employees on how to get there; (2) that is a paucity of communication between management and line employees, meaning there was raw fear from employees to inform their immediate supervisor of bad news. Conversely, it could be the supervisors who do not want to hear such bad news; and (3) if your company has singular focus on numbers, meaning that is the single judge of your worth as an employee.  Tied directly into this concept is that for every incentive there is an offsetting risk. Managing that risk must be done on an ongoing basis. As a CCO or compliance practitioner, you need to know your business and be a trusted business partner. You will need to understand the design of incentive plans and finally to be able to monitor incentive plans to identify underlying links that may arise through compliance violations.  Hill ended his piece by citing to Oxford Saïd Business School Professor, Jonathan Trevor, for the following “whether the strategy, purpose and structure of companies are aligned often makes the difference between a good organisation and a bad one. Expunging phantasms is essential, but not enough. Leaders also need to make new truces, lest the dead hand of past behaviour strangles new ways of working.” This is particularly true in the convergence of compensation and compliance. Whatever the structure, there will be employees who try to game the system. Some will do it with the tacit or explicit approval of management. You, as the CCO, may be required to act.  Three Key Takeaways Even a benign sales incentive program came become skewed. A sales incentive program can become high risk or illegal if not properly monitored. If there is alignment between the strategy, purpose and structure of an incentive system, it often makes the difference between a good and a bad one. This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

Today I want to focus on incentives, looking at senior management and compensation. I thought about this inter-connectedness of compensation in a compliance program, focusing up the corporate ladder when I read a recent article in the New York Times (NYT) by Gretchen Morgenson, in her Fair Game column, entitled “Ways to Put the Boss’s Skin In the Game”. Her piece dealt with a long-standing question about how to make senior executives more responsible for corporate malfeasance? Her article had some direct application to anti-corruption compliance programs such as those based on the US Foreign Corrupt Practices Act (FCPA) or UK Bribery Act. Morgenson said the issue was “Whenever a big corporation settles an enforcement matter with prosecutors, penalties levied in the case – and they can be enormous – are usually paid by the company’s shareholders. Yet the people who actually did the deeds or oversaw the operations rarely so much as open their wallets.”  She went on to explain that it is an economic phenomenon called “perverse incentive” which is one where “corporate executives are encouraged to take outsized risks because they can earn princely amounts from their actions. At the same time, they know that they rarely have to pay any fines or face other costly consequences from their actions.” To help remedy this situation, the idea has come to the fore about senior managers putting some ‘skin in the game’. Her article discussed three different sources for this initiative.  The first was a proxy proposal in front of Citigroup shareholders which “would require that top executives at the company contribute a substantial portion of their compensation each year to a pool of money that would be available to pay penalties if legal violations were uncovered at the bank.” Further, “To ensure that the money would be available for a long enough period – investigations into wrongdoing take years to develop  -  the proposal would require that the executives keep their pay in the pool for 10 years.”  The second came from William Dudley, the President of the Federal Reserve Bank of New York, who made a similar suggestion. His proscription involved a performance bond for the actions of bank executives. Morgenson quoted Dudley from his speech, “In the case of a large fine, the senior management and material risk takes would forfeit their performance bond. Not only would this deferred debt compensation discipline individual behavior and decision-making, but it would provide strong incentives for individuals to flag issues when problems develop.”  Morgenson reported on a third approach which was delineated in an article in the Michigan State Journal of Business and Securities Law by Greg Zipes, “a trial lawyer for the Office of the United States Trustee, the nation’s watchdog over the bankruptcy system, who also teaches at the New York University School for Professional Studies.” The article is entitled, “Ties that Bind: Codes of Conduct That Require Automatic Reductions to the Pay of Directors, Officers and Their Advisors for Failures of Corporate Governance”. Zipes proposal is to create a “contract to be signed by a company’s top executives that could be enforced after a significant corporate governance failure. Executives would agree to pay back 25 percent of their gross compensation for the three years before the beginning of improprieties. The agreement would be in effect whether or not the executives knew about the misdeeds inside their company.”  As you might guess, corporate leaders are somewhat less than thrilled at the prospect of being held accountable. Zipes was cited for the following, “Corporate executives are unlikely to sign such codes of conduct of their own volition.” Indeed Citibank went so far as to petition the Securities and Exchange Commission (SEC) “for permission to exclude the policy from its 2015 shareholder proxy.” But the SEC declined to do and at least Citibank shareholders will have the chance to vote on the proposal.   In the compliance context, these types of proposals are exactly the type of response that a company or its Board of Directors should want to put in place. Moreover, they all have the benefit of a business solution to a legal problem. In an interview for her piece, Morgenson quoted Zipes as noting, “This idea doesn’t require regulation and its doesn’t require new laws. Executives can sign the binding code of conduct or not, but the idea is that the marketplace would reward those who do.” For those who might argue that senior executives can not or should not be responsible for the nefarious actions of other; they readily take credit for “positive corporate activities in which they had little role or knew nothing about.” Moreover, under Sarbanes-Oxley (SOX), corporate executives must make certain certifications about financial statement and reporting so there is currently some obligations along these lines.  Finally, perhaps shareholders will simply become tired of senior executives claiming they could not know what was happening in their businesses; have their fill of hearing about some rogue employee(s) who went off the rails by engaging in bribery and corruption to obtain or retain business; and not accept that leaders should not be held responsible.  Three Key Takeaways Perverse incentives are named that for a reason, they really are bad. How can you create positive incentives in your organization? There is a business response to the legal issue. Employ it.  This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

One of the areas that many companies have not paid as much attention to in their Foreign Corrupt Practices Act (FCPA) anti-corruption compliance programs is compensation. However the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have long made clear that they view monetary structure for compensation, rewarding those employees who do business in compliance with their employer’s compliance program, as one of the ways to reinforce the compliance program and the message of compliance. As far back as 2004, the then SEC Director of Enforcement, Stephen M. Cutler, said “[M]ake integrity, ethics and compliance part of the promotion, compensation and evaluation processes as well. For at the end of the day, the most effective way to communicate that “doing the right thing” is a priority, is to reward it.” The FCPA Guidance states the “DOJ and SEC recognize that positive incentives can also drive compliant behavior. These incentives can take many forms such as personnel evaluations and promotions, rewards for improving and developing a company’s compliance pro­gram, and rewards for ethics and compliance leadership.”  A Harvard Business Review (HBR) article, entitled “The Right Way to Use Compensation”, discussed a company’s design and redesign of its employee’s compensation system to help drive certain behaviors. The piece’s subtitle indicated how the company fared in this technique as it read, “To shift strategy, change how you pay your team.” The article lays out a framework for the Chief Compliance Officer (CCO) or compliance practitioner to operationalize compensation as a mechanism in a best practices compliance program.  As your compliance program matures and your strategy shifts, “it’s critical that the employees who bring in the revenue-the sales force-understand and behave in ways that support the new strategy. The sales compensation system can help ventures achieve that compliance.” The prescription for you as the compliance practitioner is to revise the incentive system to focus your employees on the goals of your compliance program. This may mean that you need to change the incentives as the compliance programs matures; from installing the building blocks of compliance to burning anti-corruption compliance into the DNA of your company.  There are three key questions you should ask yourself in modifying your compensation structure. First, is the change simple? Second, is the changed aligned with your company values? Third, is the effective on behavior immediate due to the change?  Simplicity  Your employees should not need “a spreadsheet to calculate their earnings.” This is because if “too many variables are included, they may become confused about which behaviors” you are rewarding. Keep the plan simple and even employee KISS, Keep it simple sir, when designing your program. If you do not do so, your employees might fall back on old behaviors that worked in the past. Roberge notes, “It should be extraordinarily clear which outcomes you are rewarding.”  The simplest way to incentive employees is to create metrics that they readily understand and are achievable in the context of the compliance program. This can start with attending Code of Conduct and compliance program training. Next might be a test to determine how much of that training was retained. It could be follow up, online training. It could mean instances of being a compliance champion in certain areas, whether with your employee base or third party sales force.  Alignment  As the CCO or compliance practitioner, you need to posit the most important compliance goal your entity needs to achieve. From there you should determine how your compensation program can be aligned with that goal. Roberge cautions what the DOJ and SEC both seem to understand, that you should not “underestimate the power of your compensation plan.” You can tweak your compliance communication, be it training, compliance videos, compliance reminders or other forms of compliance messaging but it is incumbent to remember that “if the majority of your company’s revenue is generated by salespeople, properly aligning their compensation plan will have greater impact than anything else.”  The beauty of this alignment prong is that it works with your sales force throughout the entire sales channel. If your sales channel is employee based then their direct compensation can be used for alignment. However, such alignment also works with a third party sales force such as agents, representatives, channel ops partners and even distributors. Here Roberge had another suggestion regarding compensation that I thought had interesting concepts for third parties, the holdback or even clawback. This would come into place at some point in the future for these third parties who might meet certain compliance metrics that you design into your third party management program.  Immediacy  Finally, under immediacy, it is important that such structures be put in place “immediately” but in a way that incentives employees. Roberge believes that “any delay in the good (or bad) behavior and the related financial outcome will decrease the impact of the plan.” As a part of immediacy, I would add there must be sufficient communication with your employee or other third party sales base. Roberge suggested a town hall meeting or other similar event where you can communicate to a large number of people.  Even in the world of employee compensation incentives, there should be transparency. He cautioned that transparency does not mean the design of the incentive system is a “democratic process. It was critical that the salespeople did not confuse transparency and involvement with an invitation to selfishly design the plan around their own needs.” However, he did believe that the employee base “appreciated the openness, even when the changes were not favorable to their individual situations.” Finally, he concluded, “Because of this involvement, when a new plan was rolled out, the sales team would understand why the final structure was chosen.”  So just as Roberge, working with HubSpot as a start-up, learned through this experience “the power of a compensation plan to motivate salespeople not only to sell more but to act in ways that support a start-up’s evolving business model and overall strategy”; you can also use your compensation program as such an incentive. For the compliance practitioner one of the biggest reasons is to first change a company’s culture to make compliance more important but to then burn it into the fabric of your organization. But you must be able to evolve in your thinking and professionalism as a compliance practitioner to recognize the opportunities to change and then adapt your incentive program to make the doing of compliance part of your company’s everyday business process.    Three Key Takeaways The DOJ and SEC have long advocated compensation as a way to motivate employees into ethical and compliant behaviors. Keep the compliance aspects of your compensation structure simply and easy for your employees to understand. Have full transparency in the frame of you compensation structure. This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

In metrics laid out by former Assistant Attorney General Leslie R. Caldwell, she spoke about the need for compliance program incentives.  She posed it with the following question, “Are there mechanisms to enforce compliance policies? Those include both incentivizing good compliance and disciplining violations.”  I think most compliance professionals understand the need to discipline employees who may have violated the Foreign Corrupt Practices Act (FCPA) or otherwise engaged in bribery and corruption. However, many CCOs and compliance practitioners do not focus as much attention to compliance incentives. I have developed six core principles for incentives, adapted from an article in the Spring 2014 issue of the MIT Sloan Management Review entitled “Combining Purpose with Profits” and reformulated them for the compliance function in an anti-corruption compliance program.  Compliance incentives don’t have to be elaborate or novel. The first point is that there are only a limited number of compliance incentives that a company can meaningfully target. Evidence suggests the successful companies are the ones that were able to translate pedestrian-sounding compliance incentive goals into consistent and committed action. Compliance incentives need supporting systems if they are to stick. People take cues from those around them, but people are fickle and easily confused, and other goals can quickly drive out compliance incentives. This means that you will need to construct a compliance support system to operationalize their pro-compliance incentives at different levels, and thereby make them stick. The specific systems which support incentives can be created specifically to your company but the key point is that they are delivered consistently because it signals that management is sincere. Support systems are needed to reinforce compliance incentives. One important form of a supporting system for compliance incentives is to make the incentives visible. As stated in the 2012 FCPAGuidance, “Beyond financial incentives, some companies have highlighted compliance within their organizations by recognizing compliance professionals and internal audit staff. Others have made working in the company’s compliance organization a way to advance an employee’s career.” Compliance incentives need a “counterweight” to endure. Goal-framing theory shows how easy it is for compliance incentives to be driven out by other goals, so even with the types of supporting systems it is quite common to see executives bowing to short-term financial pressures. Thus, a key factor in creating enduring compliance incentives is a “counterweight”, that is any institutional mechanism that exists to enforce a continued focus on a nonfinancial goal. This means that in any financial downturn compliance incentives are not the first thing that gets thrown out the window and if a Regional Manager misses his numbers for two quarters, he does not get fired. The key is that the counterweight has real influence; it must hold the leader to account. Compliance incentive alignment works in an oblique, not linear, way. If you want your employees to align around compliance incentives, your company will have to “eschew narrow, linear thinking, and instead provide more scope for them to choose their own pathway.” This means emphasizing compliance as part of your company’s DNA on a consistent basis — “the intention being that by encouraging individuals to do “good,” their collective effort leads, seemingly as a side-effect, to better financial results. The logic of “[compliance first], profitability second” needs to find its way deeply into the collective psyche of the company.” Compliance incentive initiatives can be implemented at all levels. Who at your company is responsible for pursuing compliance incentives? If you head up a division or business unit, it is clearly your job to define what your pro-social goals are and to put in place the supporting structures and systems. But what if you are lower in the corporate hierarchy? It is tempting to think this is “someone else’s problem,” but there is no reason why you cannot follow your own version of the same process. Obviously, this list is not exhaustive. Yet it is now more important than ever that you demonstrate tangible incentives for your employees to gain benefits, both financial and hierarchical, thorough doing business ethically, in compliance with your own Code of Conduct and most certainly in compliance with the FCPA. It is also a requirement that such actions must be documented so they can be demonstrated to the DOJ if they come knocking and look to employ the metrics which Caldwell has laid out for us all.  Three Key Takeaways Compliance incentives do not have to be elaborate or novel. You must create support systems for your compliance incentives. Compliance incentives should be implemented at all levels.   This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

In the Department of Justice’s Evaluation of Corporate Compliance Programs, Prong 8 Incentive and Disciplinary Measures it states:  Incentive System – How has the company incentivized compliance and ethical behavior? How has the company considered the potential negative compliance implications of its incentives and rewards? Have there been specific examples of actions taken (e.g., promotions or awards denied) as a result of compliance and ethics considerations?  Further, one of the key points that representatives of the DOJ and Securities and Exchange Commission (SEC) have continually raised when discussing any best practices compliance program; whether based on the Ten Hallmarks of an Effective Compliance Program, as articulated in their 2012 FCPA Guidance, or some other articulation such as in a Deferred Prosecution Agreement’s (DPA) Attachment C embedded in a compliance program. They continually remind Chief Compliance Officers (CCOs) and compliance practitioners that any best practices compliance program should have incentives  as a part of the program.  The 2012 Guidance is clear that there should be incentives for not only following your own company’s internal Code of Conduct but also doing business the right way, i.e. not engaging in bribery and corruption. On incentives, the Guidance says, “DOJ and SEC recognize that positive incentives can also drive compliant behavior. These incentives can take many forms such as personnel evaluations and promotions, rewards for improving and developing a company’s compliance pro­gram, and rewards for ethics and compliance leadership. Some organizations, for example, have made adherence to compliance a significant metric for management’s bonuses so that compliance becomes an integral part of management’s everyday concern.” But the Guidance also recognizes that incentives need not only be limited to financial rewards as sometime simply acknowledging employees for doing the right thing can be a powerful tool as well.  All of this was neatly summed up in the Guidance with a quote from a speech given in 2004 by Stephen M. Cutler, the then Director, Division of Enforcement, SEC, entitled, “Tone at the Top: Getting It Right”, to the Second Annual General Counsel Roundtable, where Director Cutler said the following: [M]ake integrity, ethics and compliance part of the promotion, compensation and evaluation processes as well. For at the end of the day, the most effective way to communicate that “doing the right thing” is a priority, is to reward it. Conversely, if employees are led to believe that, when it comes to compensation and career advancement, all that counts is short-term profitability, and that cutting ethical corners is an ac­ceptable way of getting there, they’ll perform to that measure. To cite an example from a different walk of life: a college football coach can be told that the graduation rates of his players are what matters, but he’ll know differently if the sole focus of his contract extension talks or the decision to fire him is his win-loss record. All of this demonstrates that incentives can take a wide range of avenues. The oilfield services company Weatherford, annually awards cash bonuses of $10,000 for employees who go above and beyond in the area of ethics and compliance for the company. While some might intone that is to be expected from a company that only recently concluded a multi-year and multi-million dollar enforcement action; if you want emphasize a change on culture, not much says so more loudly than awarding that kind of money to an employee.  While I am sure that being handed a check for $10,000 is quite a nice prize, you can also consider much more mundane methods to incentivize compliance. You can make a compliance evaluation a part of any employee’s overall evaluation for some type of year end discretionary bonus payment. It can be 5%, 10% or even up to 20%. But once you put it in writing, you need to actually follow it. But incentives can be burned into the DNA of a company through the hiring and promotion processes. There should be a compliance component to all senior management hires and promotions up to those august ranks within a company. Your Human Resources (HR) function can be a great aid to your cause in driving the right type of behavior through the design and implementation of such structures. Employees know who gets promoted and why. If someone who is only known for hitting their numbers continually is promoted, however they accomplished this feat will certainly be observed by his or her co-workers. Three Key Takeaways The DOJ evaluation specifically calls out incentives for doing business ethically and in compliance. HR can lead the efforts around incentives. Incentives go beyond financial rewards.   This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices

Why is hiring so important under for compliance? It is because hiring is important to any company’s health and reputation. At this point, until the US Supreme Court tells us that a corporation is the same as a human being, with both obligations and rights; a company is only as strong as its employees. Like most areas of compliance good hiring practices for those employees who will do business in compliance with anti-corruption laws such as the FCPA are simply good business practice. I have seen one industry estimate, it costs an average of roughly $4,000 to replace a single employee, and one survey of 2,500 companies found that a single bad hire can cost more than $25,000 in lost productivity, lower morale and the like. For one of the energy services company where I worked this estimate went as high as $400,000 to hire and fully train a new employee. I would add that those costs could go up significantly if a bad hire violates the FCPA. As far back as 2004, in Opinion Release 04-02, the Department of Justice (DOJ) realized this was an important part of an overall compliance program when it approved a proposed compliance program that had the following requirement: Clearly articulated procedures which ensure that discretionary authority is not delegated to persons who the company knows have a propensity to engage in illegal or improper activities. One tool which that is often overlooked in the hiring process is the reference check. Many practitioners feel that a reference is not of value because prospective candidates will only list references that they believe will provide glowing recommendations of character. This leads to a pro forma reference check. However, in an article in Harvard Business Review (HBR), entitled “Gilt Groupe’s CEO on Building a Team of A Players”, author Kevin Ryan explodes this misconception by detailing how he views the entire hiring process and specifically checking references. I would add that it could be a valuable and useful tool for you and your compliance program. In the hiring of personnel, Ryan details the three steps his company takes: (1) Resume review; (2) In-Person interview; and (3) Reference checks. Ryan believes that resumes are good for establishing “basic qualifications for the job, but not for much else.” He believes that the primary problem with in-person interviews is that they are skewed in favor of “persons who are well spoken [or] present well.” For Ryan, the key check is through references and he says, “References are really the only way to learn these things?” Ryan recognizes that many people believe that reference checks are not of great value because companies cannot or will not give out much more information than confirming dates of employment. However, he also believes that “the way around it is to dig up people who will speak candidly.” He also recognizes that if you only speak to the references listed on a resume or other application, you may not receive the most robust appraisal. Ryan responds that the answer is to put in the work to check out references properly. Ryan believes this is one of the key strengths of search firms and that companies should emulate this practice when it comes to reference checks. He notes that anyone who has worked in an industry for any significant length of time will have made many connections. Invariably some of these connections will be acquainted with you or those in your current, and former, company. Ryan gave the following example: A longtime friend who was employed at another company called and said that he had been asked by his hiring partner to find out “the real story” on a hiring candidate by asking Ryan his candid opinion of the candidate. Ryan’s response was “Don’t hire him.” Lest you think that such refreshing honesty no longer exists when informal employment references are provided, you are mistaken. In my past corporate position, I was charged with performing compliance due diligence on senior executives and I spent time doing what Ryan suggested, calling acquaintances that I knew and asking such direct questions. More than 75% of the time, I got direct responses. Ryan believes that you must invest your company in the hiring process to get the right people for your company. The same is true in compliance. You do not want people with a propensity for engaging in corrupt acts working for, or leading, your company. Moreover, failure to prevent such hires can be evidence of an not effective compliance program and lack of appropriate commitment to compliance at your company. The hiring of someone who will perform business activities in compliance with anti-corruption laws such as the FCPA will continue to be as much art as science because the hiring of quality employees for senior management positions is similarly situated. But that does not mean a company cannot work to not hire those persons who might have a propensity to engage in bribery and corruption if the situation presented itself. The hiring process is just one more tool that can be utilized to build an effective and operationalized compliance program. Three Key Takeaways The hiring process can be seen as the first step in operationalizing your compliance program. The DOJ spoke to hiring as part of a best practices compliance program as far back as 2004. Reference checks are an underutilized part of the hiring process and a key internal HR control. This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox.     Learn more about your ad choices. Visit megaphone.fm/adchoices

One of the theories of conventional wisdom about anti-corruption compliance is that you will never be able to reach 5% of your workforce with compliance training because they are predisposed to lie, cheat and steal anyway. Whether they are simply sociopaths, scumbags or just bad people; it really does not matter. No amount of training is going to convince them to follow the rules, as they do not think such laws apply to them. They will lie, cheat and steal no matter what industry they are in and what training you provide to them. But knowing such people exist and they may be able to lie, con or otherwise dissimilate their way into your organization does not protect your company from FCPA liability when they inevitably violate the law by engaging in bribery and corruption. It is still the responsibility of your company to prevent and detect such conduct and then remediate if it occurs. This is where your HR function has a dual role. They can work to help weed out such miscreants and to communication your corporate values of doing business ethically, in compliance and aligned with your corporate values of integrity. Today, I want to consider several techniques which might be used to both help in the hiring process and begin the ongoing communications with prospective employees about your values at the pre-employment process in the employment relationship lifecycle. Through a structured series of questions, a properly trained HR professional can begin to assess whether an employee might have a propensity to engage in bribery and corruption. By adding information about your company’s values towards doing business ethically and in compliance, you can introduce this topic at either the interview evaluating process or in the promotion process. While true sociopaths will most certainly lie to you, perhaps even convincingly, by introducing the topic at such a pre-employment stage, they may be encouraged to take their skills elsewhere. In a Corner Office column of the New York Times (NYT), entitled “Three Keys to Hiring: Skill, Will and Fit”, Adam Bryant interviewed Marla Malcolm Beck, the Chief Executive Officer (CEO) of Bluemercury. She had several lessons that are helpful when trying to have your company avoid bringing in the five per-center mentioned above. Avoiding the hiring or promotion of the sociopaths, is a key tool that HR brings to the table. Beck’s approach is to take a short interview technique in which she attempts to assess, Skill, Will and Fit. She said, “I’ll ask, “What’s the biggest impact you had at your past organization?” It’s important that someone takes ownership of a project that they did, and you can tell based on how they talk about it whether they did it or whether it was just something that was going on at the organization. Will is about hunger, so I’ll ask, “What do you want to do in five or 10 years?” That tells you a lot about their aspirations and creativity. If you’re hungry to get somewhere, that means you want to learn. And if you want to learn, you can do any job. In terms of fit, I’m looking for people who have some sort of experience with a smaller company. At big companies, your job is really one little piece of the pie. I need someone who can make things happen and is comfortable with ambiguity.” Another approach was suggested by Russell Goldsmith, the Chairman and Chief Executive Officer (CEO) of City National Bank in Los Angeles, CA. He was interviewed by Adam Bryant for the Corner Office column entitled, “What’s Your Story” Tell It, and You May Win a Prize”. Goldsmith focuses on character by directly asking the prospective hires what their expectations are in coming to work at City National because if the person is not a good match for the company, both parties will be better off if he or she does not go to work there in the first place. Goldsmith also asks if a prospective hire has any questions for him. Goldsmith believes it is important for a candidate to not only have questions but to ask them as well. He stated, “Not because I want them to kind of butter me up or something. It tells me several things. Sometimes people don’t have a single question. And if you have any curiosity, here is your window. I mean, you are thinking of changing your entire career and you have 40 to 60 minutes with the C.E.O., and you don’t have a single question about the company?” An interesting example came from an interview of Brian Ching, the General Manager of the Houston Dash, the city’s professional women’s soccer team. The Dash are quite active in the local community, not only sent its players out into the community to meet fans but also encouraged its players to adopt local charities and become involved to create greater community involvement. The Dash left it up to the individual player as to which charity they might want to be involved with.   I asked him how the team could work to draft or sign players or prospects who are willing to engage in that type of community development. He said that in addition to the metrics and traditional scouting it involved having a frank discussion with any prospective signing about what would be expected of her as a Dash member. If getting out, meeting and interacting with the fans was not something that the prospective player was interested in doing that was considered in the evaluation process. This last point is assessed during face-to-face interviews with any prospect. Something that may not seem important for professional athletes is the ability to get out and engage with the community, however this was viewed as not only an important part of the job description with the team but a key job skill which was required. For prospective Dash players, this meant that there had to be some direct conversations about not only the team’s expectations but also the prospects ability to engage in those activities.  Ching’s discussion about how they communicate their expectations was also an important point that the compliance practitioner should also consider in the interview process and compliance. Just as the Dash use the interview process to convey expectations, they also use the interview to directly inquire from candidates whether they would be willing to go out into the public and represent the franchise. This is important when interviewing for compliance positions and for senior management positions in companies as well. Another approach was suggested by Mike Tuchen, Chief Executive Officer (CEO) of the software vendor Talend, in an interview by Adam Bryant for the NYT Corner Office Column entitled “Watch the Road, Not the Wipers”. I thought Tuchen’s thoughts on hiring from the compliance perspective were pertinent. When he interviews, “The first questions are always going to be about management and leadership style. And I’ll ask a number of open-ended questions about what’s important to get right as a leader. Some people will talk about the people on the team and the best way to motivate them. The answers that kind of scare me are from candidates who talk about people as if they’re something on a spreadsheet. Leadership and management are all about people.” Clearly for Tuchen, leadership is about people and this should be so for any CCO who is interviewing as well. Three Key Takeaways Use the interview process to determine who will be an ethical and compliance fit for your organization. Consider the skill, will and fit Ask open-ended questions. This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox.             Learn more about your ad choices. Visit megaphone.fm/adchoices

Today, I conclude my review of FCPA enforcement actions that involved the corporate hiring function. From these three cases I have considered, it is clear that HR must be involved in compliance and if HR hiring controls are over-ridden there must be an appropriate consideration of the risk management issues. In November 2016, JP Morgan Chase (JPM) and its subsidiary, JPMorgan Securities (Asia Pacific) Limited (JPM-APAC) resolved its FCPA matter, obtaining a NPA from the DOJ with a penalty of $72MM, agreeing to a Cease and Desist Order (“Order”) from the SEC, with a penalty consisting of profit disgorgement and interest of $135MM, and reaching an agreement with the Federal Reserve Bank (Fed) for a Consent Cease and Desist Order (Fed Order) to put in place a best practices compliance program and pay a penalty of $61MM. The total fines and penalties paid by JPM for its violation of the FCPA was $268 MM. The conduct involved JPM-APAC’s Client Referral Program, named the “Sons & Daughters Program” (Sons and Daughters), which targeted children of high Chinese government officials and employees of state-owned enterprises, other close family members and even close friends and associates of foreign officials and employees of state-owned enterprises for hiring in a blatant attempt to win business. It was designed, created and implemented by the top management of JPM-APAC, which went so far as to keep a tally of those persons hired by JPM-APAC and JPM tied to specific business development. As noted in the NPA, “certain senior executives and employees of (JPM-APAC) conspired to engage in quid pro quo agreements with Chinese officials”. The language quid pro quo is replete throughout the settlement documents because that is the specific language used by JPM-APAC personnel when discussing Sons and Daughters. These actions led to over $100MM in profit to JPM. While JPM was certainly aware that many of these hires did not meet the companies stringent hiring requirements, there never seemed to be oversight of this illegal program or even investigation into the clear red flags presented by the company’s actions. What is more JPM knew the high-risk in hiring family members of foreign officials as far back as 2001 and indeed, had a written policy prohibiting such conduct. However, in 2006, this program morphed into a targeted program “directly attributable linkage to business opportunity”, and lasted until 2013. Over seven years, over 100 family members went through the program, with parents in more than 10 different Chinese government agencies. The program extended from new hires to summer internships to lateral hires. JPM-APAC tracked the metrics of Sons and Daughters, the with “a spreadsheet that tracked hires to specific clients, while also tracking revenue attributable to those hires.” This spreadsheet was so detailed that it delineated “columns for each hire, the referring client, the relationship of the candidate, and the amount of revenue generated attributable to the hire in U.S. dollars.” Finally as noted in the NPA, a of the purpose of this level of documentation “was to track deals that resulted from the hires and measure revenue associated with Client Referral Program hires.” So the corruption scheme and the benefits obtained therefrom were fully documented. The Son and Daughters program began as a FCPA risk management tool and listed five requirements to be considered for hire at JPM-APAC: “(1) whether the applicant was qualified for the position; (2) whether the applicant had gone through the normal interviewing process; (3) whether the referring client/potential client was government-related; (4) whether the firm was actively pitching for any business from the client/potential client; and (5) whether there was an “expected benefit to JPMorgan” for hiring the referred candidate.” These criteria were designed to act as internal control to prevent illegal hiring under the FCPA but it morphed into a program to disguise the true reason for these hires. Worse, it appears that both the HR and compliance functions were complicit in the scheme to violate the FCPA because on at least one instance where the JPM-APAC business unit sponsor noted on the form “[t]he hiring of this candidate will place JPMorgan in a more favorable position for securing future business from the client.” This business justification morphed into the next iteration, “The candidate will be trained by JPMorgan for couple of years and then go to local bank. Thus, will bring more business”; all because the company’s compliance and HR functions “instructed the JPMorgan-APAC employee to remove the offending language, writing, “[h]iring of the candidate should not be for the purposes of securing future business of the firm. Please remove.” Further damning to the JPM-APAC compliance and HR functions was that of the more than 200 candidates hired through the Sons and Daughters program, none were rejected by either HR or compliance. In addition to the tying of business to the hiring’s under the Sons and Daughters program, there was the additional problem that these hires did not meet JPM’s basic hiring and retention standards. According to the Order, one JPM-APAC representative described those hired under the program “as a protected species requiring [senior management] input. His reporting line to you is accountable but like national service.” Both the Order and NPA were replete with document evidence that the hires under Sons and Daughters did not meet minimum hiring standards and they often failed to meet minimum standards for retention at the company. The Box Score is a summary from the NPA of some of the candidates which clearly did not meet JPM hiring standards, yet who were hired and where such hires under the Sons and Daughters program brought benefits to JPM.   Foreign Official or SOE employee Reasons for hire Candidate deficiencies Deficiencies as JPM employee Benefit tied to hire Client 1 Maintain good relationship with client     $4.82MM profit Client 2 Quid pro quo for business     JPM-APAC lead underwriter on IPO Client 3   Not very impressive, poor GPA Attitude issue. He doesn’t seem to care about work. Don’t need to have an intern doing nothing JPM-APAC lead underwriter on IPO Client 4 Promised IPO work Not qualified for job at JPM. Tech and quantitative skills ‘light’ Communication skills and interest in work lagged his peers JPM-APAC lead underwriter on IPO. $23.4MM profit Government Official 1 Father would go the extra mile to help JPM Worst business analyst candidate ever seen Immature, irresponsible and unreliable. Sent out sexually inappropriate emails JPM-APAC lead underwriter on IPO Government Official 2 Hire would ‘significantly’ influence role of JPM-APAC Unlikely to meet hiring standard New York not comfortable with his work. Recommends he follow a different career path JPM-APAC lead underwriter on IPO   One thing that the resolution decidedly does not stand for is the proposition that a company can never hire a family member of a foreign official or employee of a state-owned enterprise. Indeed, it was one JPM-APAC compliance officer (albeit a new one) in 2013 who stopped the entire Sons and Daughters program with the following reason for denying a family member a position at the company, writing, “I’m afraid from an anti bribery [sic] and corruption standpoint, we cannot create positions to accommodate client requests….”. This statement clearly shows that when an official refers a family member for hire, a red flag should go up. It also demonstrates why compliance should be involved in any high-risk endeavor. If there is no position which the candidate can fill based upon their own qualifications at your company, that should be the end of the discussion, full stop. What are the criteria compliance can advise to HR to operationalize the compliance issues in hiring? There are three questions I suggest be used to analyze the hiring of a family member of foreign official or state-owned enterprise. They can also be installed as internal controls. Does the candidate meet your firm’s hiring criteria? Did the foreign official whose family member you are considering for hire demand or even suggest your company hire the candidate? Has the foreign official made or will make a decision that will benefit your company? If the answer to the first question is “No” and the second two “Yes”, you may well be in a high-risk area of violating the FCPA. You should investigate the matter quite thoroughly and carefully. Finally, whatever you do, Document, Document, and Document your investigation, both the findings and the conclusions. These questions can be set up as internal controls. This is another example of how a company can operationalize compliance and burn it into the fabric and DNA of an organization. Further, it provides another level of oversight or “a second set of eyes” on the hiring process around hires that are high-risk under the FCPA or other anti-bribery/anti-corruption regime such as the UK Bribery Act. Three Key Takeaways Never institutionalize your illegal conduct. Develop a set of HR internal controls around hiring and compliance. Always put a second set of eyes on any exceptions granted. This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox.     Learn more about your ad choices. Visit megaphone.fm/adchoices

  BNY Mellon Up until the summer of 2015, hiring practices under the FCPA were not been given much thought or widely discussed. However that began to change in the summer of 2015 when the SEC announced a resolution with Bank of New York Mellon Corporation (BNY Mellon) for violations of the FCPA. This was the first enforcement action around the now infamous Princess-lings and Princelings investigation where US companies hired the sons and daughters of foreign officials to curry favor and obtain or retain business. In this matter the BNY agreed to pay $14.8 million to settle charges that it violated the Foreign Corrupt Practices Act (FCPA) by providing valuable student internships to family members of foreign officials affiliated with a Middle Eastern sovereign wealth fund. The Order also specified how the hiring of the relatives led directly to BNY Mellon obtaining and retaining business. One foreign official, made a personal request that BNY Mellon provide internships to two of his relatives: his son and nephew. As a Middle Eastern Sovereign Wealth Fund department head, he had authority over allocations of new assets to existing managers and was viewed within the bank as a “key decision maker” at the Middle Eastern Sovereign Wealth Fund. The second foreign official, who had authority to make decisions directly impacting BNY Mellon’s business asked that BNY Mellon provide an internship to the official’s son. Added to all of this was that none of the three individuals met the BNY Mellon requirements for its internship program; they met neither the academic or professional requirement to obtain an internship. BNY Mellon not only waived its own hiring requirements, it did not even go through the pretense of meeting with them or interviewing them. Finally, these three individuals were provided with personalized, rotational internships so they had the opportunity to work in a number of different BNY Mellon business units, enhancing the value of the work experience beyond that normally provided to interns. Red Flags Each of the candidates were recommended by foreign officials who controlled of business for the bank. The internship requests were specifically quid pro quo for receiving of business. The candidates did not meet the basic entrance standard for a bank internships. The candidates were hired sight unseen before even meeting or interviewing them. The internships themselves were all bespoke, separate and apart from the standard internship program. Qualcomm In February 2016, came the Qualcomm enforcement action. In addition to the types of facts presented in BNY, there were additional reasons not to hire the family member of a foreign official. The candidate was rated as a “No Hire” because not only was he not a “skill match” for the company but he did not even “meet the minimum requirements for moving forward with an offer”. Finally, among the Qualcomm team involved in the interview process, “there was an agreement that he would be a drain (not even neutral) on teams he would join.” Yet he was offered a job as a “special favor”. [Emphasis supplied]. If someone is so unqualified that employing them will negatively impact the company, there must be another very good reason to hire them, such as providing a benefit to their father, who is an official under the FCPA. Lessons Learned Going Forward The obvious starting point for any hiring of a close family member of a foreign governmental official is whether the candidate is qualified for the position. If they are not qualified it is ‘Full Stop’ at that point. In the case of BNY Mellon there was no evidence any of the candidates had the academic background, the academic credentials, leadership traits or intangible skills to meet the bank’s normal internship hiring criteria. As with any other anomaly granted in a company’s normal process, there must be a documented reason for the exception, review by appropriate authority of the exception and documentation as to why the exception was granted. None of these steps were present in the BNY Mellon matter. Put another way, if you are hiring a family member or close relative of a foreign official for any reason other than merit, it had better be a darn good one and well-documented as to your decision-making calculus with appropriate senior management oversight. But your risk management does not stop simply with the hiring process. If the foreign governmental official is the person who made the request for the hiring of the family member, this is a Red Flag not to be overlooked. Your analysis needs to be on the role of that foreign governmental official in awarding new business to your company or in retaining old business. If the foreign governmental official has direct or even strong indirect control over such business relation, this may present such a direct conflict of interest, this may be a risk that you cannot manage. A good rule of thumb here is whether there is full transparency in the hiring with the foreign government involved with your company. In the case of BNY Mellon, they did not want anyone in the Sovereign Wealth Fund to know BNY Mellon had hired the son or nephew. That is a clear sign transparency is lacking and someone, somewhere is engaging in unethical conduct, if not breaking the law. Finally, if you do decide to move forward and hire the close family member, you need to assign that new hire to work not associated with the business relationship between your company and the foreign government involved. Just as in the lifecycle of third party management, managing the relationship after a contract is inked is in many ways the most critical element; the same is true in the employment relationship involving close family members of foreign officials. Ultimately, you need to have internal controls to ensure effective compliance going forward. You cannot have customer relationship managers making the calls on hiring which over-ride the Human Resources (HR) procedures. There must be not only HR review but also mechanisms to flag for compliance review such hires. Lastly, there needs to be sufficient senior management oversight because this is such a high-risk proposition.  Three Key Takeaways When considering the son or daughter of a foreign official, if a candidate does not meet your internal hiring criteria, it should be the end of the conversation full stop. If the candidate is hired but cannot meet the workload requirements, there should be no special circumstances for retention. The actions of the foreign official must be scrutinized as a part of the hiring process and forward indicia of awarding business going forward. This month’s series is sponsored by Advanced Compliance Solutions and its new service offering the “Compliance Alliance” which is a three-step program that will provide you and your team a background into compliance and the FCPA so you can consider how your product or service fits into the needs of a compliance officer. It includes a FCPA and compliance boot camp, sponsorship of a one-month podcast series, and in-person training. Each section builds on the other and provides your customer service and sales teams with the knowledge they need to have intelligent conversations with compliance officers and decision makers. When the program is complete, your teams will be armed with the knowledge they need to sell and service every new client. Interested parties should contact Tom Fox.     Learn more about your ad choices. Visit megaphone.fm/adchoices

Darlia Fogarty brings a wealth of knowledge and practical experience to our banks as well as our staff. After 12 years as a commissioned national bank examiner with the OCC, Darlia developed an expertise in compliance while administering examinations in banks of all sizes. She contributed as a member of the Retail Credit Team, with a Compliance Designation. Darlia also holds 10 years of experience as a compliance officer/auditor and 4 years as a compliance/audit consultant. Darlia has spoken at a number of conventions, meetings and schools throughout the years. Her articles can be found in State Banking Association magazines. Darlia oversees the creation of tools and resources while also fielding questions from a wide range of regulatory and compliance issues faced by banks of all sizes.