POPULARITY
This week's Off the Shelf focuses on the mission of the Department of Justice's Procurement Collusion Strike Force (the PCSF).The PCSF is charged with coordinating the national response to antitrust and related crimes in procurement and grant programs at the federal, state, and local levels.It was created to fight procurement collusion which undermines the integrity of the procurement system, diminishes faith in government, and costs the taxpayer billions of dollars.The PCSF's director Daniel Glad and deputy director Sandra Talbot join host Roger Waldron to discuss the PCSF's mission, what it has accomplished, and what contractors and attorneys should know regarding compliance best practices.Glad and Talbot talk about what constitutes antitrust crimes in the context of procurement including collusion and bid-rigging.They also share real life case studies outlining the keys to identifying and combating collusive fraud and explain how the PCSF works across government entities to combat collusive fraud.Additional links:PCSF Complaint Online Form: https://www.justice.gov/atr/webform/pcsf-citizen-complaintAntitrust Division Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations: https://www.justice.gov/atr/media/1376686/dl?inlinePCSF contact: pcsf@usdoj.govLearn more about your ad choices. Visit podcastchoices.com/adchoicev Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
This week's Off the Shelf focuses on the mission of the Department of Justice's Procurement Collusion Strike Force (the PCSF). The PCSF is charged with coordinating the national response to antitrust and related crimes in procurement and grant programs at the federal, state, and local levels. It was created to fight procurement collusion which undermines the integrity of the procurement system, diminishes faith in government, and costs the taxpayer billions of dollars. The PCSF's director Daniel Glad and deputy director Sandra Talbot join host Roger Waldron to discuss the PCSF's mission, what it has accomplished, and what contractors and attorneys should know regarding compliance best practices. Glad and Talbot talk about what constitutes antitrust crimes in the context of procurement including collusion and bid-rigging. They also share real life case studies outlining the keys to identifying and combating collusive fraud and explain how the PCSF works across government entities to combat collusive fraud. Additional links: PCSF Complaint Online Form: https://www.justice.gov/atr/webform/pcsf-citizen-complaint Antitrust Division Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations: https://www.justice.gov/atr/media/1376686/dl?inline PCSF contact: pcsf@usdoj.gov Learn more about your ad choices. Visit podcastchoices.com/adchoicev Learn more about your ad choices. Visit podcastchoices.com/adchoices
Welcome to the award-winning FCPA Compliance Report, the longest-running podcast on compliance. In this episode, Tom welcomes Jag Lamba, CEO of Certa.AI, the podcast's sponsor. We look at the recent events involving economic and trade sanctions levied on Colombia (now withdrawn) and the announcement of DeepSeek as a cost-effective competitor to ChatGPT in the AI space to discuss how quickly your risks can change. We overlay this discussion through the lens of the DOJ's 2024 Update on the Evaluation of Corporate Compliance Programs (2024 ECCP). Jag provides insights on how compliance officers can proactively manage risk amidst rapidly changing global landscapes by ensuring their programs are well-designed, adequately resourced, and effective. Key takeaways include the importance of data, controls, and technology in building robust compliance frameworks and using business impact and ROI to secure necessary resources. Key highlights: Current Events Impacting Compliance 2024 ECCP-Designing a Well-Structured Compliance Program 2024 ECCP-Adequate Resourcing for Compliance Programs 2024 ECCP: Effectiveness of Compliance Programs in Practice Proactive Risk Management Strategies Export Controls and Compliance Challenges Resources: Jag Lamba on LinkedIn Certa.ai Learn more about your ad choices. Visit megaphone.fm/adchoices
The U.S. Department of Justice Antitrust Division recently updated its guidance regarding the division's “Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations.” What are the key changes? In this episode, Alicia Downey and Anora Wang talk to Emma Burnham, Antitrust Division Director of Criminal Enforcement, about how prosecutors assess the effectiveness of corporate antitrust compliance programs against the backdrop of the increasing utilization of artificial intelligence and ephemeral messaging technology. Private practitioner Tee St. Matthew-Daniel of Paul Weiss joins the conversation with her insights on the elements of the updated guidance that companies and their antitrust counsel need to consider, as well as a preview of the Section's biannual Women's Antitrust Roundtable. With special guests: Emma Burnham, Director, Antitrust Division, Department of Justice and Tee St. Matthew-Daniel, Partner, Paul, Weiss, Rifkind, Wharton & Garrison LLP Related Links: U.S. Department of Justice Antitrust Division, Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations (Nov. 13, 2024) Antitrust Magazine Interview with Emma Burnham, Director, Antitrust Division, Department of Justice, Antitrust, Vol. 39, Issue 1, Fall 2024 (Dec. 13, 2024) Hosted by: Alicia Downey, Downey Law LLC and Anora Wang, Arnold & Porter Kaye Scholer LLP
Welcome to the Great Women in Compliance podcast with Hemma Lomax and Lisa Fine, sponsored by Corporate Compliance Insights. Over the past few months, the Department of Justice put forth the Whistleblower Pilot Program, and the update to the Evaluation of Corporate Compliance Programs. It was the perfect time to focus on how these impact whistleblower laws. Jane Norberg, who is a partner at Arnold & Porter and the former Chief of the Office of the Whistleblower and Mary Inman, who is a founding partner of Whistleblower Partners. Mary is also an advocate for the power of whistleblowers and is known for representing Facebook Files whistleblower Frances Haugen and Theranos whistleblower Tyler Shultz. They provide insight into what makes a credible and legitimate whistleblower, how the SEC reviews tips from whistleblowers and what we as compliance professionals can do to build effective programs. All focused on the review of all concerns that are raised, regardless of the source. They provide some thoughts about how to handle different situations before, during, and after an investigation, providing practical advice. The group discusses the new DOJ Whistleblower Pilot program and where it follows the past programs like the SEC program and where it is filling new gaps. One part of the program includes the 120-day requirement for reporting an issue, and they focused on what that would mean for organizations. Mary and Jane share their views on the requirements and the best practices and reference how most compliance professionals are using the DOJ Evaluation of Corporate Compliance to develop their programs, which means that an issue is investigated. In practical terms, following the ECCP requirement to investigate, and the pilot program has a “race to report,” is a challenge, and this is discussed in depth. Mary and Jane both provided “one thing you should know” to conclude the discussion. Both points are significant ones for anyone who is dealing with any point of the whistleblower or building a strong speak up/anti-retaliation culture. Join the Great Women in Compliance community on LinkedIn here.
Rob Gerberry, Senior Vice President and Chief Legal Officer, Summa Health, speaks with Michael Peregrine, Partner, McDermott Will & Emery, about the Department of Justice's (DOJ's) updated compliance program guidance and its implications for Board oversight of compliance. They discuss the DOJ's updated Evaluation of Corporate Compliance Programs guidance, what Boards need to know, and specific considerations for the health care industry.To learn more about AHLA and the educational resources available to the health law community, visit americanhealthlaw.org.
How prepared is your company to handle the evolving risks of artificial intelligence and other emerging technologies in its compliance program? In this episode of Corruption, Crime and Compliance, Michael Volkov delves into the Department of Justice's 2024 updates to its evaluation of corporate compliance programs. As the DOJ continues to set global standards, Michael discusses key updates related to risk management, especially around AI and other technologies. He also covers important shifts in training, whistleblower protections, third-party management, and data analytics, offering a comprehensive overview of what businesses need to consider for effective compliance.You'll hear him discuss:The DOJ raises the bar for corporate compliance, including technology risk management through their updated Compliance Guidance (2024).Companies must evaluate AI in both business and compliance contexts, ensuring controls for trustworthiness and legal alignment.Firms need to incorporate lessons from other companies and adapt policies and procedures to reflect emerging tech.Employee training must now be interactive, tailored, and measured for effectiveness.With their focus on whistleblower protection, the DOJ emphasizes tracking employee comfort in reporting issues and ensuring protection from retaliation.Companies are encouraged to continuously monitor third-party relationships beyond the onboarding phase.Stronger processes are needed for compliance audits and integration after mergers.DOJ pushes for the use of data analytics tools in compliance and better coordination between HR and compliance teams.Resources:Michael Volkov on LinkedIn | TwitterThe Volkov Law GroupDOJ Evaluation of Corporate Compliance Programs
Welcome to the award-winning FCPA Compliance Report, the longest running podcast in compliance. In this edition of the FCPA Compliance Report, in this episode, host Tom Fox is joined by Roxanne Petraeus and Susan Divers from Ethena to discuss innovative perspectives on compliance training, specifically focusing on the 2024 update to the Evaluation of Corporate Compliance Programs. Roxanne, drawing from her military background, emphasizes the importance of practical and effective compliance training that resonates with employees rather than traditional 'check-the-box' methods. Susan highlights the shift towards emphasizing outputs over inputs, urging for compliance programs that are not just on paper but practiced and understood by all employees. The discussion delves into the new expectations from the DOJ regarding the use of AI and data analytics in compliance, positioning compliance officers as pivotal to maintaining organizational justice and fairness. They also explore strategies for persuading senior management to prioritize compliance through emphasizing organizational culture and reputation. The conversation concludes with the role of leadership in fostering a compliant culture and practical steps for reaching out to Ethena for further insights. Highlights in this Episode · Deep Dive into the 2024 Compliance Program Update · Roxanne's Journey and Ethena's Mission · Susan's Transition to Athena · Outputs Over Inputs: A New Compliance Focus · The Role of AI in Compliance · Leadership and Compliance Strategy Resources Roxanne Petraeus on LinkedIn Susan Divers on LinkedIn Ethena Tom Fox Instagram Facebook YouTube Twitter LinkedIn For more information on the Ethico Toolkit for Middle Managers, available at no charge by clicking here. Check out the full 3-book series, The Compliance Kids on Amazon.com. For an audio/video version of the Compliance Kids book, Speaking Up is AWESOME, contact Tom Fox. Learn more about your ad choices. Visit megaphone.fm/adchoices
Fastest 5 Minutes, The Podcast Government Contractors Can't Do Without
This week's episode covers DOJ's update to its Evaluation of Corporate Compliance Programs guidance, a proposed rule to amend the DFARS to implement updates to the Truthful Cost or Pricing Data statute (also known as the Truth in Negotiations Act or TINA), and reminders about common considerations for companies supporting disaster response efforts, and is hosted by Peter Eyre and Yuan Zhou. Crowell & Moring's "Fastest 5 Minutes" is a biweekly podcast that provides a brief summary of significant government contracts legal and regulatory developments that no government contracts lawyer or executive should be without.
Welcome to the only roundtable podcast in compliance as we celebrate our second century of shows. In this episode, we are joined by Susan Divers, Consultant at Ethena as our Special Guest and we take up the 2024 Update to the Evaluation of Corporate Compliance Programs (2024 ECCP). This week we have the quartet of Matt Kelly, Jonathan Marks, Special Guest Susan Divers and Karen Moore; all hosted by Tom Fox. 1. Special Guest Susan Divers says the key to the 2024 is that it focuses on outputs rather than inputs or processes. She shouts out to Washington Commanders. 2. Jonathan Marks considers continuous controls monitoring mandates in the 2024 ECCP. He shouts out to Philadelphia Phillies for making the NL Playoffs and rants about TSA. 3. Karen Moore takes a deep dive into new information on whistleblowers, reporting functions and whistleblower protections in the 2024 ECCP. She is sad because of the increased threat of violence during the Jewish High Holy Days. 4. Matt Kelly looks at the intersection of AI and compliance found in the 2024 ECCP. He rants about Trump appointed US district judge Kathryn Mizelle who ruled the False Claims Act unconstitutional. 5. Tom Fox shouts out to Colorado District Judge Matthew Barrett for his sentencing of convicted election tamperor Tina Peters. The members of the Everything Compliance are: • Karen Woody – Is one of the top academic experts on the SEC. Woody can be reached at kwoody@wlu.edu • Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com • Jonathan Armstrong –is our UK colleague and an experienced data privacy/data protection lawyer in London. He can be reached at Jonathan.Armstrong@puntersouthall.law • Jonathan Marks can be reached at jtmarks@gmail.com • Karen Moore is a principal at Sounding Board Compliance, and can be reached at Karen.moore@soundingboardcompliance.com The host and producer, rantor (and sometime panelist) of Everything Compliance is Tom Fox the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the award-winning Compliance Podcast Network. For more information on the Ethico Toolkit for Middle Managers, available at no charge by clicking here. Check out the full 3-book series, The Compliance Kids on Amazon.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
Welcome to the award-winning FCPA Compliance Report, the longest running podcast in compliance. In this edition of the FCPA Compliance Report, Tom Fox welcomes back Vince Walden, founder of KonaAI. Vince reports on the 2024 Update to the Evaluation of Corporate Compliance Programs. (Today's episode is a cross-posting from Data Driven Compliance.) Walden, a distinguished expert in compliance data analytics, actively participates in industry forums such as the Society of Corporate Compliance and Ethics annual summit in Grapevine, Texas. He advocates for compliance professionals to have ample access to relevant data sources, enabling them to monitor and test policies, controls, and transactions effectively. Walden stresses the importance of AI developers being vigilant about potential biases and public harm, aligning with the Department of Justice's stance on accountability. He advises compliance practitioners to collaborate with internal audit and finance teams to ensure they have the necessary transactional data for comprehensive risk assessments, highlighting successful, cost-effective implementations like those at Albemarle as models for gradual, data-driven compliance program adoption. Highlights in this Episode Data-Driven Compliance for Cost Savings Enhancing Compliance through Advanced Data Analysis Identifying High-Risk Areas for Data Analytics Proactive Risk Mitigation through Real-Time Monitoring ROI-driven Compliance Programs with Data Analytics Resources: Vince Walden on LinkedIn KonaAI Tom Fox Instagram Facebook YouTube Twitter LinkedIn For more information on the Ethico Toolkit for Middle Managers, available at no charge by clicking here. Learn more about your ad choices. Visit megaphone.fm/adchoices
This episode is a rare opportunity for #teamgwic to catch up in person at one of the key Ethics & Compliance events, the SCCE Compliance & Ethics Institute (CEI). CEI was in Grapevine, Texas, and, as usual, was a great experience. In this episode, Lisa, Hemma, Ellen and Sarah discussed their highlights from the event. The first keynote was from Principal Deputy Assistant Attorney General Nicole M. Argentieri, who announced revisions to the Evaluation of Corporate Compliance Programs, and the group touches on this and the significance of the changes and having them announced at SCCE. There will be much more to come on this topic. Each of the women discusses their favorite panels and some of the key takeaways they had, including discussions of DEI, controls, and how to work with Boards, as a few examples. They also sent their well-wishes to Nick Gallo, who was missed but, more importantly, is on the road to recovery. One of the best parts of the conference is the opportunity to network and share best practices, and the whole group thought this year's exhibit hall, and the format of the conference with longer breaks, allowed people to make great connections and have some in-depth discussions that don't always happen when you are moving so quickly to not make a panel or event. And the second morning keynote from Matt Friedman discussing his work in fighting human trafficking and modern slavery was moving and inspirational, a reminder of the importance of what we do every day with our due diligence and knowing our customers. All in all, it was a great week of connections, learning and providing so much optimism for the contributions that ethics and compliance professionals make, and to connect (or reconnect) with the amazing people in our community. If you were not able to attend, the team hopes this gives you a sense of the event. #GWIC is proud to announce that it has been nominated for the WomenInPodcastAwards. This is a people's choice award and whether you vote for #GWIC or other nominees, we ask that you send the elevator back down by voting. Voting closes October 1, 2024, and details can be found on the #GWIC LinkedIn page at http://www.linkedin.com/groups/12156164 Resources: Join the Great Women in Compliance community on LinkedIn here.
Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance brings to you compliance related stories to start your day. Sit back, enjoy a cup of morning coffee and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership or general interest for the compliance professional. · DOJ releases 2024 Update to the Evaluation of Corporate Compliance Programs. (FCPA Compliance & Ethics Blog) · Jackson Walker referred for disciplinary proceedings. (Reuters) · Singapore gears up for huge corruption trial. (Al Jazeera) · UK government says flexible work better for companies. (BBC) For more information on the Ethico Toolkit for Middle Managers, available at no charge by clicking here. Check out the full 3-book series, The Compliance Kids on Amazon.com. Learn more about your ad choices. Visit megaphone.fm/adchoices
By Adam Turteltaub Data analytics is a pretty darn big deal in compliance and ethics these days, with rising expectations for compliance programs to be able to demonstrate their effectiveness using hard data. The word “data” even appears a dozen times is the US Department of Justice Criminal Division's Evaluation of Corporate Compliance Programs document. Walter Appleby, formerly VP, Compliance & Ethics at Georgia-Pacific and Rosie Williams, Director, Compliance & Ethics there will be addressing “Harnessing the Power of Data: Unleashing Compliance Excellence” at the SCCE 23rd Annual Compliance & Ethics Institute, which will be held September 22-25 in Grapevine, TX. In this podcast they explain that better use of data carries a number of benefits including a stronger risk assessment and management program, better informed decision making, and more effective use of compliance resources. Data analytics begins with collecting together the data you have and determining its quality. As the old adage says: bad data in, bad data out. Sources of data can include your helpline, training statistics, HR and even legal. You will also need to determine which metrics best reflect the performance of the compliance program. Here, the risk assessment is helpful, but so too is taking the time to listen to and think through the needs of your customers in the business unit. Next, determine the proper recipe for integrating the various data resources so you and leadership can gain insights into gaps and deficiencies. This likely includes taking the time to think graphically to determine how best to visualize the data in ways management finds useful. Listen in to learn more about how to use data to pinpoint issues, identify opportunities and assess the effectiveness of your program. And, don't forget to catch their session at the 23rd Annual Compliance & Ethics Institute.
By Adam Turteltaub While most eyes have focused on the US Department of Justice's document Evaluation of Corporate Compliance Programs when looking for guidance, it's not the only DOJ source out there. Josh Drew (LinkedIn), Member, Miller & Chevalier explains that it would be wise to also look to Attachment C. What is it? It's a document typically attached to Foreign Corrupt Practices Act (FCPA) resolutions. It specifies what the defendant company will need to do to establish and maintain an effective corporate compliance program. As a result, it, like the Evaluation document, provides very clear guidance as to what the DOJ's thinking is when it comes to compliance. In August and September 2023 there were several changes to Attachment C. For one, it expanded the call for support from senior management down to include midlevel management as well. It specifically points to the importance of their tone and conduct: “The Company will ensure that mid-level management throughout its organization reinforce leadership's commitment to compliance policies and principles and encourage employees to abide by them.” In the realm of training, it calls for metrics to assess the effectiveness of the training, not just that it was given. That's a theme consistent with other direction from the DOJ. Not surprising for an FCPA-related document, it also calls for documenting the business justification for engaging a third party and ensuring that contract terms are specific. Third parties should also be tracked after the initial engagement, which means ongoing due diligence. And, here, too, as elsewhere, the Department of Justice reinforces the importance of both incentives for good behavior and disincentives for bad. Listen in and then be sure to spend some time reading Attachment C.
This week, we're listening in on Jeff Clark's excellent presentation at the recent TRACE Forum in London. Jeff is a partner in Cadwalader's Washington office and discusses the DOJ's revised ECCP, with an emphasis on corporate communications and compensation policies.
Across every industry and every region of the world, corporate compliance programs have increasingly become an integral part of a company's operations and procedures—and the trend shows no signs of slowing. In the first in a series of Jones Day Talks programs addressing topics related to corporate compliance programs, Jones Day lawyers Henry Klehm, Toni Citera, and Paloma Valor discuss the history of corporate compliance programs, the changing role of the compliance officer, challenges for multinational companies, the importance of technology, and how the compliance function can effectively partner with other parts of the organization to help mitigate risk and achieve business objectives.
Welcome to the award-winning FCPA Compliance Report, the longest running podcast in compliance. In the latest episode of FCPA Compliance Report, Tom Fox speaks with Parijat Jauhari and Susan Divers, both with LRN, about their new tool, Catalyst Reveal, which helps compliance professionals deal with the new DOJ requirements around culture assessment, risk management, monitoring, and improvement. They explain how Catalyst Reveal goes beyond traditional methods of measuring the effectiveness of compliance training and that the platform includes completion data, culture data, and learner sentiment analysis to determine training effectiveness. They also discuss the importance of benchmarking, which allows for easy comparison of clients within the same industry and revenue band. Plus, find out about their upcoming additions to their product and how it can provide solutions to challenges posed by the Department of Justice. Tune in now to discover how Catalyst Reveal can help compliance professionals fulfill their obligations under the 2023 Evaluation of Corporate Compliance Programs. Key Highlights · Measuring Ethical Culture · Enhancing Compliance Training Effectiveness · Challenges in measuring training impact · Data Analytics in Compliance Training · Benchmarking and Data-driven compliance training Notable Quotes “This is the most exciting development in this space in all the time that I've been working in ethics and compliance because it allows companies and chief ethics and compliance officers and their teams to move beyond what I would call dead data.” “The culture pulse survey that we've included in this which is the ethical culture pulse survey. That's its full title. It asks questions in real time about levels of engagement from the employee base and levels of respect levels of transparency, levels of organizational justice. And that that is a breakthrough.” “What this tells you is it goes beyond we had a warm seat. for this training to say, we had people take it, and a lot of people in this group really struggled with facilitation payments or with what is an actual conflict of interest. And this is an area that compliance officers really struggle with.” “We are really using some new technology, machine learning to mine the data because it's you're accumulating it every day that employees are actually.” Resources Parijat Jauhari on LinkedIn Susan Divers on LinkedIn LRN Tom Fox Instagram Facebook YouTube Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices
With methods of professional communication constantly evolving, the U.S. Department of Justice (DOJ) recently revised its Evaluation of Corporate Compliance Programs to address how prosecutors should evaluate the ways that companies are accounting for these developing risks. Corporate policies and procedures must keep pace with these changes as professional communication shifts to personal devices and messaging platforms.White Collar + Government Investigations Partners Abbey Hazlett and Megan Rahman, eMerge Managing Partner Alison Grounds, and eMerge Managing Director of Technology Chris Haley discuss the realities of conducting business in 2023. They will look at how regulators respond to the increased use of alternative means of communicating in the business context and some of the key considerations for companies subject to their scrutiny. Their discussion includes an overview of the DOJ's updated guidance and current regulatory landscape, perspectives on the compliance risks associated with electronic communication, bring-your-own-device (BYOD) policies, records retention, preservation and collection, and best practices for training and compliance programs.
By Adam Turteltaub The U.S. Department of Justice (DOJ) Criminal Division Evaluation of Corporate Compliance Programs document was updated in March 2023. Since then compliance teams and the broader compliance community have examined it closely, searching to better understand the government's expectations. Gaurav Kapoor, co-CEO and co-founder of MetricStream, sees an overarching key message to the update: The DOJ expects organizations to have a well-designed compliance, ethics and risk program and, with it, the ability to closely evaluate and monitor its effectiveness. The bar has definitely been raised. So what should the compliance team do? First, to his reading, the DOJ is encouraging organizations to follow connected, holistic approaches to compliance programs. Second, how you train and communicate must be well organized and integrated into business processes. Third, third-party risk must be scrutinized and the interconnectedness with the business must be made more visible. As for boards, they need to understand that they must continue to play their role in the business and risk governance. They must also, though, act in overseeing the risk management and compliance programs and ensuring they are successful. To that end, boards need to ensure that these programs are sufficiently funded and led, understand where compliance reports and remove any conflicts of interest. Listen in to learn more about these topics as well as adopting a compliance culture, looking beyond the guidance, and the proliferation of guidance documents that compliance teams need to navigate.
The relationship between compliance and HR can make or break a company's culture of ethics and integrity. The DOJ's revised Evaluation of Corporate Compliance Program requirements are pushing for greater cooperation and coordination between these two departments to create a robust and effective consequence management system. In this episode, Michael Volkov discusses the implications of these new requirements and emphasizes the need for HR and compliance to work together to achieve a culture of compliance and ethics. Here are some key ideas you'll hear Michael discuss in this episode:The Justice Department is taking a prescriptive approach to mandating greater cooperation between compliance and HR, as there have been too many problems between these departments in the past.HR and Compliance have joint responsibilities and obligations to achieve a culture of compliance and ethics.An effective HR and compliance partnership can leverage resources to ensure the overall advancement and success of the company.Companies must comply with the DOJ's revised Evaluation of Corporate Compliance Programs and provide compliance with access to data generated across the organization. This is necessary to improve the effectiveness of the company's compliance program.DOJ is now requiring companies to maintain a robust and enhanced investigation root cause system to address the specific elements required for a culture of ethics and integrity.An effective consequence management system can only occur when there is active cooperation and effective coordination between HR and compliance.The new consequence management system includes financial penalties resulting from clawbacks and deferred compensation schemes that are tied to compliance behaviors and requirements.DOJ is focusing on incentives and disincentives to enhance individual compliant conduct and overall accountability. Positive incentives include promotions, rewards, and bonuses and disincentives include deferment or escrow of compensation. CCOs need to champion the creation of this system.CCOs must be seated at the senior executive level of business operations to fulfill DOJ's expectations for overall consequence management in the disciplinary area.Companies should consider cross-assignments of business managers to compliance and vice versa to promote career opportunities.“I have always advocated on behalf of a committee approach or some kind of independent, objective reviewer or the institution that metes out disciplinary actions to ensure consistency,” Michael says.Senior management must establish a framework for effective coordination and cooperation between HR, senior sales executives, legal, and compliance to achieve a culture of ethics and integrity.This framework should be empowered to work on behalf of the company to establish organizational justice.KEY QUOTES:"The Justice Department is now taking on the role of marriage counselor, not with individual couples, but with the critical corporate relationship - Ethics and Compliance and Human Resources." - Michael Volkov"With regard to disciplinary actions, there's nothing worse, folks, than a disciplinary system that treats similarly situated employees and executives in different ways based upon where they sit or what their sales performance is… Justice has to be blind and consistent here." - Michael Volkov"Organizations that throw large contingent payouts for lucrative business contracts or for hitting specific targets should consider the impact of these incentives on sales employees and their ability and incentive to adhere to ethical requirements." - Michael VolkovResources:Michael Volkov on LinkedIn | TwitterThe Volkov Law GroupEvaluation of Corporate Compliance Programs
Welcome to the award-winning FCPA Compliance Report, the longest running podcast in compliance. In this special edition, sponsored by Traliant, I visit with Maria D'Avanzo Chief Evangelist Officer at Traliant to discuss the 2023 Evaluation of Corporate Compliance Programs. We discuss the DOJ's guidance on financial incentive programs and highlight the importance of cross-functional collaboration in establishing effective compliance programs. What are some of the challenges of implementing clawbacks for employees who engage in misconduct? We consider some of the risks involved when a company decides to file a lawsuit against an executive for clawback. Finally, they touch on the need for proper communication of the compliance message beyond legal and compliance departments. Join Tom Fox and Maria D'Avanzo as they dive deep into the future of corporate compliance programs. Don't miss this informative and eye-opening episode. Key Highlights · Evaluating Corporate Compliance Incentive Programs · Establishing Compliance Programs in Companies Facing DOJ Allegations · Incorporating Compliance Ethics and Clawbacks in Business · Lawsuit Consequences for Companies & Executives · DOJ Elevating Corporate Compliance Programs · Effective Communication for CCOs Notable Quotes “Certainly the timing of any type of any attempt to claw back the compensation, the board needs to be concerned about what's the right time? What's the right process? And are we going to open ourselves up?” “There's also language about non-financial incentives. And here, once again, nothing really new that companies are supposed to take doing business ethically.” “I'm not quite sure why a company without resolving the loss, the investigation, either internally or especially with the DOJ, would file a lawsuit against an executive in order to claw back the compensation.” “Is your investigation completed? Or is it ongoing. I'm not sure how you would win in a litigation if you have not established the basis for the breach of contract. Resources Maria D'Avanzo on LinkedIn Traliant Tom Fox Instagram Facebook YouTube Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices
In this episode of There Has to Be a Better Way?, the first in a special series of three episodes, Hui Chen and Zach Coseglia discuss the recent policy changes announced by the Department of Justice related to compliance incentives, clawbacks and messaging apps. Hui recounts the origins of the Fraud Section's “Evaluation of Corporate Compliance Programs” and she and Zach question some of the assumptions baked into these policy updates.
In this episode of There Has to Be a Better Way?, the first in a special series of three episodes, Hui Chen and Zach Coseglia discuss the recent policy changes announced by the Department of Justice related to compliance incentives, clawbacks and messaging apps. Hui recounts the origins of the Fraud Section's “Evaluation of Corporate Compliance Programs” and she and Zach question some of the assumptions baked into these policy updates.
Welcome to the only roundtable podcast in compliance as we celebrate our second century of shows. Everything Compliance has been honored by W3 as the top talk show in podcasting. In this episode, we have the quartet of Tom Fox, Jonathan Marks, Matt Kelly and special guest Scott Garland from Affiliated Monitors, who discuss at the recent speeches by DAG Lisa Monaco and Kenneth Polite, announcing changes in the DOJ's Evaluation of Corporate Compliance Programs. We conclude with our fan fav Shout Outs and Rants section. Matt Kelly looks at the changes around clawbacks. He shouts out to the PCAOB for reminding folks that cryptocurrency ‘reserve reports' are not worth the paper they are printed on. Jonathan Marks considers what the two speeches and changes in the ECCP mean for corporate governance. He shouts out to US House of Representatives for overwhelmingly voting to investigate the origins of Covid-19. Tom Fox looks at the changes to incentives, both financial and non-financial in the 2023 ECCP. He rants about the Tennessee legislature attempt to ban Shakespeare, movies such as Tootie and Some Like It Hot, politicians such as George Santos; all in the guise of banning drag shows. Special Guest Scott Garland looks at the changes in the monitor selection process and what that means for the line attorney prosecuting a FCPA violation. He shouts out to the Department of Justice for their continued evolution in their thinking about compliance and compliance programs. The members of the Everything Compliance are: Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com Karen Woody – One of the top academic experts on the SEC. Woody can be reached at kwoody@wlu.edu Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com Jonathan Armstrong –is our UK colleague, who is an experienced data privacy/data protection lawyer with Cordery in London. Armstrong can be reached at armstrong@corderycompliance.com Jonathan Marks is Partner, Firm Practice Leader - Global Forensic, Compliance & Integrity Services at Baker Tilly. Marks can be reached at marks@bakertilly.com The host and producer, ranter (and sometime panelist) of Everything Compliance is Tom Fox the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the Compliance Podcast Network. Learn more about your ad choices. Visit megaphone.fm/adchoices
What does remodeling a home have to do with ESG? In this episode of the ESG Report, Tom Fox and Kristy Grant-Hart discuss the role of compliance in leading the ESG initiative within a corporation. Kristy, the founder of Spark Consulting, explains how compliance professionals can expand their role to lead the E, S and G components of ESG. She also shares her personal experience of remodeling her new home with her husband and how it relates to ESG. Kristy Grant Hart is a well-known figure in the compliance field. She is the founder and CEO of Spark Consulting, a global compliance and ethics consultancy that recently celebrated its 6th anniversary. Spark Consulting now has locations in Chicago, New York, Los Angeles, and London. The company also recently released a business simulation game called Compliance Competitor, which has been picked up by many companies. Kristy has over 15 years of experience in compliance and governance, working with clients across multiple industries. She is also the author of four books, including How To Be A Wildly Effective Compliance Officer and The Compliance Entrepreneurs Handbook, which was written with Kirsten Liston and Joseph Murphy. You'll hear Tom and Kristy talk about: ESG is a bridge between compliance, governance, and board relationships. ESG can be a huge driver for change and reputation enhancement. CCOs are skilled at bringing together people and putting programs into a framework, and this lends itself well to running a successful ESG program. The renewed focus on G (Governance) is a positive development, as better governance leads to more ethical behavior and compliance. Compliance has a relationship with the board, the Audit and Risk Committee, and it makes sense for compliance to expand its remit of reporting and talk about different stakeholders in different ways for better board management. The push for gender diversity on boards is a step towards greater perspective and understanding of different stakeholders. Supply chain management is an important aspect of the compliance function. The June 2020 Update to the Evaluation of Corporate Compliance Programs from the Department of Justice emphasizes the importance of institutional justice and fairness within corporations, which ties into ESG principles. The compliance function and CCO must have access to all corporate data, not just compliance data, in order to effectively lead ESG efforts. The S in ESG, which stands for social, encompasses issues such as diversity, equity and inclusion, and responsible sourcing in the supply chain. The evolution of supply chain compliance and its integration into ESG efforts has been growing in recent years. Compliance professionals already have a wide range of skills and experience that can be applied to leading E efforts within ESG. They have an important role to play, even if they are not experts in the field. Remodeling a home can also be a valuable learning experience: her personal experience of learning new construction skills aligns with the idea that compliance professionals can learn and lead the E component of ESG. KEY QUOTE: "I think that the more that we see diversity on boards, the better companies will do, but also the opportunities become more expansive and that's something that I'm passionate about and feel that's incredibly important. I also think compliance should have much more of a seat on boards." - Kristy Grant Hart Resources: Kristy Grant-Hart on Website | LinkedIn | YouTube Kristy Grant-Hart books Spark Compliance
The All Star Panel was back together for an outstanding first roundtable of the year! Sean was Joined by Terry, Christine, Scott, and Paul to discuss 2023 EM Services for the Inpatient setting, Split/Shared Services, Corporate Compliance Programs, HIPAA, and much more!
Welcome to From the Editor's Desk, a podcast where co-hosts Tom Fox and Kyle Brasseur, EIC at Compliance Week unpack some of the top stories which have appeared in Compliance Week over the past month, look at top compliance stories upcoming for the next month, talk some sports and generally try to solve the world's problems. In this month's episode, we look back at top stories in CW from November around the SEC enforcement statistics for the prior years, how CW will report and cover the FTX scandal and take a deep dive into the print edition which focused on tech and innovation in compliance and the creative use of the DOJ's Evaluation of Corporate Compliance Programs and its Update by Home Depot to assess its own compliance program and remediate any gaps in a proactive manner. We previewed some of the stories CW will look at in December including several articles from the CW ‘Inside the Mind of the CCO' survey which was concluded in October. We conclude with a look at some of the top sports stories including a look at the NFL season as it moves into its final full month of regular season play, riff on the World Cup and the US win over Iran and ask if Tom Brady should have retired and stayed retired for the 2022 season. Resources Kyle Brasseur on LinkedIn Compliance Week
As the world emerges from a pandemic mindset, we find ourselves confronting new geopolitical realities with Putin's war in the Ukraine as well as increasingly fraught relations between the US and China. How is this geopolitical landscape changing the compliance landscape? In this episode of the Principled Podcast, host Susan Divers is joined by Tom Fox, the founder of the Compliance Podcast Network and aptly accredited “Voice of Compliance.” Listen in as the two discuss the impact of geopolitics on ethics and compliance, and what issues should be top-of-mind for E&C leaders in the near future. To learn more, download a copy of Tom Fox's white paper Never the Same: Five Key Areas in Which Business Will Never Be the Same After the Russian Invasion. Featured guest: Tom Fox Tom Fox is literally the guy who wrote the book on compliance with the international compliance best-seller The Compliance Handbook, 3rd edition, which was released by LexisNexis in May 2022. Tom has authored 23 other books on business leadership, compliance and ethics, and corporate governance, including the international best-sellers Lessons Learned on Compliance and Ethics and Best Practices Under the FCPA and Bribery Act, as well as his award-winning series "Fox on Compliance." Tom leads the social media discussion on compliance with his award-winning blog, and is the Voice of Compliance, having founded the award-winning Compliance Podcast Network and hosting or producing multiple award-winning podcasts. He is an executive leader at the C-Suite Network, the world's most trusted network of C-Suite leaders. He can be reached at tfox@tfoxlaw.com. Featured host: Susan Divers Susan Divers is the director of thought leadership and best practices with LRN Corporation. She brings 30+ years' accomplishments and experience in the ethics and compliance arena to LRN clients and colleagues. This expertise includes building state-of-the-art compliance programs infused with values, designing user-friendly means of engaging and informing employees, fostering an embedded culture of compliance, and sharing substantial subject matter expertise in anti-corruption, export controls, sanctions, and other key areas of compliance. Prior to joining LRN, Mrs. Divers served as AECOM's Assistant General for Global Ethics & Compliance and Chief Ethics & Compliance Officer. Under her leadership, AECOM's ethics and compliance program garnered six external awards in recognition of its effectiveness and Mrs. Divers' thought leadership in the ethics field. In 2011, Mrs. Divers received the AECOM CEO Award of Excellence, which recognized her work in advancing the company's ethics and compliance program. Before joining AECOM, she worked at SAIC and Lockheed Martin in the international compliance area. Prior to that, she was a partner with the DC office of Sonnenschein, Nath & Rosenthal. She also spent four years in London and is qualified as a Solicitor to the High Court of England and Wales, practicing in the international arena with the law firms of Theodore Goddard & Co. and Herbert Smith & Co. She also served as an attorney in the Office of the Legal Advisor at the Department of State and was a member of the U.S. delegation to the UN working on the first anti-corruption multilateral treaty initiative. Mrs. Divers is a member of the DC Bar and a graduate of Trinity College, Washington D.C. and of the National Law Center of George Washington University. In 2011, 2012, 2013 and 2014 Ethisphere Magazine listed her as one the “Attorneys Who Matter” in the ethics & compliance area. She is a member of the Advisory Boards of the Rutgers University Center for Ethical Behavior and served as a member of the Board of Directors for the Institute for Practical Training from 2005-2008. She resides in Northern Virginia and is a frequent speaker, writer and commentator on ethics and compliance topics. Principled Podcast Transcript Intro: Welcome to the Principled Podcast, brought to you by LRN. The Principled Podcast brings together the collective wisdom on ethics, business and compliance, transformative stories of leadership and inspiring workplace culture. Listen in to discover valuable strategies from our community of business leaders and workplace change makers. Susan Divers: General Pete Schoomaker made a remark some years ago that's always stayed with me. He said, "People like to think that life is an opera that unfolds over several acts, but it's really a rodeo. You never know what's coming out of the shoot." So much of the ethics and compliance sphere clearly demonstrates the truth of the general's remarks, especially recently. LRN's last two program effectiveness reports focused specifically on the impact of the pandemic on ENC programs. Now we have the war with Russia in the Ukraine and increasingly fraught relationships with China. How is the geopolitical landscape changing the compliance landscape? Hello and welcome to another episode of LRN's Principled Podcast. I'm your host, Susan Divers, director of thought leadership and best practices at LRN. Today, I'm joined by Tom Fox, the founder of the Compliance Podcast Network and aptly accredited Voice of Compliance. In addition to his 30 plus years of legal experience, Tom is the author of the award-winning FCPA Compliance and Ethics blog, and The Complete Compliance Handbook now in its third edition, which is by far the best source for best practices in one place about ENC programs. We're going to be talking about the impact of geopolitics on ethics and compliance and what issues should be top of mind for ENC leaders in the near future. Tom, welcome. Tom Fox: Susan, thanks. I have wanted to be on this podcast for a long time. I particularly enjoyed your reference about rodeos because in the great state of Texas, that's a college sport, rodeoing, so lots of rodeos and it's certainly an apt metaphor for what we're going to talk about today. Susan Divers: Well, great, Tom and I really appreciate the opportunity to have any conversation with you, but particularly on the podcast. So Tom, first, generally, how do you see the ongoing war in the Ukraine as disrupting trade and the rules, both formal and informal, that have governed the world for the last 20 years and is the World Economic Forum vision of trade now dead? Tom Fox: Susan, in addition to the rodeo metaphor you gave us, the most prescient comment I heard during the COVID-19 pandemic is that we've moved from disaster recovery to business interruption to, excuse me, to business resiliency, to business as usual. Literally now, we can have a weather event, we can have an economic event, we can have a geopolitical event, we can have any event and the requirement of a company is how do you respond? How do you respond tomorrow? Have you planned for this? I think the type of thing that we saw with the Russian invasion, as tragic as that was, it's one more, it's just an event and we're going to talk about that in some detail. But every company has legal, ethical and business obligations around that event. I was also particularly struck by your reference to the World Economic Forum, and when I read that, it put a frown on my face. And it put a frown on my face because the World Economic Forum, in my mind, has been one of the biggest leaders for the global economy. Since at least 1990 when I started paying attention to a global economic framework because I was in the energy industry and began to think about these issues on a global basis, the World Economic Forum and their symposiums, their position papers and really their raison d'etre was to talk about a global economy. Although I certainly thought we would have regional conflicts, as we have always had, I never thought we would, I guess my hope was that the global economy would help drive us towards a more integrated global community and that we wouldn't be put near a brink again of a global conflict. I don't pretend to say that's where we're going in Ukraine, but when you start talking about tactical nuclear weapons, that's a conversation we haven't had in this country since the '60s with seriousness. The World Economic Forum, the world they envision, the world you and I grew up in professionally, I think that world is gone. We're moving to something else. I use the Russian invasion of Ukraine really as an ending point or an exclamation mark on trends that we have seen percolating probably 10, 5, 3 years that accelerated extraordinarily greatly in the COVID-19 pandemic up to the war in Ukraine and the disruption that that has caused really impacts businesses, and this is going to be something, I think, we're going to have to deal with literally on an ongoing basis forward. Lots, really, to unpack there, but I do have to acknowledge you for pointing out it was really the World Economic Forum that has led, I thought, the charge for a global economy and globalization and unfortunately, I think that world is now dead. Susan Divers: I hear you and I feel the same way about the Forum. LRN participated in it quite actively until fairly recently, and the Forum really did an excellent job of helping global leaders cooperate, frame some of the rules and the practices. Maybe when the current situation resolves itself one way or another, there'll be an opportunity to do that again. But getting a little bit more granular at this point. You've written about the impact of the Ukrainian war on the supply chain and certainly for business that's one area where the rubber really hits the road. Can you explain that a bit to our listeners? Tom Fox: Sure. The Ukraine War, the Russian invasion of Ukraine, as I said, put a exclamation point on this. One of the key disruptions from COVID-19 was indeed supply chain. Here, I think for the first time, Susan, we started to look at geography as a risk. Geopolitical risk has been known for quite some time, but with the COVID-19, we have the swaths of the world that were unavailable to us because of the pandemic. As the pandemic raged through China and moved to India and moved to Africa, large parts of the global supply chain were literally shut down completely and they couldn't get back up, couldn't get running again. We saw, from COVID-19, a geographic risk that we have perhaps not considered as much before. This is different than an island that may worry about climate risk or flooding or fires in California or something like that. We had real geographic risk. The Ukraine War really put an exclamation mark on geopolitical risk. What is the risk? What was the risk in 2019 of Russia invading Ukraine? Certainly there were discussions at the highest level of our government. Frankly, I don't think you and I, wasn't on our radar. Maybe if you read foreign policy, it was on your radar, but for the business practitioner, from the compliance professional, I don't think we were thinking about a Russian invasion and what that might do to either our supply chain or business partners or customers. Well now, if the Ukrainian grain cannot be put in the global food supply chain, that's a huge disruption. The question that I thought about is what would be the effect of the disruption of the global food chain on one of our former employers, Aecom, Halliburton, businesses that you and I have both been involved with, but we don't think of as having perhaps a food risk. Nevertheless, if grain is not available, what do those types of risks mean for employees in allegedly or apparently unrelated companies? Companies have to start thinking about these kinds of things in ways that we haven't done before. I did a podcast earlier this week where someone said, "Look, the issue now is China and Taiwan." And he was absolutely right. That could be a military issue, could be a geopolitical issue. 82% of US semiconductors are made in Taiwan. That's a huge issue. Let's go back to our former employers who are now heavily invested in tech and actually use semiconductors as part of their manufacturing process. They're going to be impacted, let alone the US semiconductor industry and the US computer industry. That is something now that we have to consider. Are there any other geopolitical conflicts that could erupt, which might negatively impact our supply chains? And when I mean negatively, I mean you can't get your supplies out of those countries, whether it's a raw mineral, whether it's a extractive mineral, whatever it may be. Those types of issues now are more front and center than they ever have been. From the business perspective, Susan, supply chains, since at least the late '70s or early '80s, the primary goal was efficiency. That was generally translated to just-in-time. It was seen because of the experience in the '60s where particularly in the auto industry, you had lengthy supply chains and actually large number of parts piling up in warehouses that was deemed to be inefficient. They wanted it just before they needed it. That led to just-in-time. That led to one or two suppliers. We found that sole suppliers or sole plus one suppliers has a risk. That risk is, if they're in a geographic area that's wiped out by COVID, if they're in a geopolitical area that is no longer available to us, then we, as a company, have a problem with our supply chain. Certainly there are many industries that have been offshored outside of the United States. From our industry and service, or rather service industry folks like us, to manufacturing, to everything in between. That is now trying to be reshored on American soil. Can we do it? Yes. Can we do it tomorrow? Probably not. Can we do it in time for Christmas? Probably not. We're going to have to retrain, we're going to have to retool. We may have to allow greater immigration to get people in to do those jobs and it brings up an entire series of questions. It brings up economic questions. How much more is it going to cost to reshore? How much more does it cost and pay an American wage as opposed to a Philippine, Bangladeshi or other wage? Or you name the country outside the United States where the wages are disparate. All of those issues are now in play in a way that certainly they were percolating around and percolating along in the second half of the last decade. COVID-19 accelerated those conversations, particularly around just-in-time and sole source suppliers. But now, I don't know how much of the globe Russia consists of. I think at one point, it was 12%. That's not available to us as a supply chain partner now and Russian partners are not available to us as supply chain partners. Now, what happens if China is not available to us as a supply chain partner or Taiwan because of an armed conflict with China. How is that going to play? Or can we even get semiconductor chips out of Taiwan if they're in an armed conflict with China? All of these issues are now front and center and I think every company has to be looking at their supply chain, who's in their supply chain. Then obviously, this ties into things that were not deemed to be connected to all of these issues before, such as conflict minerals. Conflict minerals required you as a company to determine or any of the minerals you're buying, the four Ts, I think, coming out of countries primarily in Africa under conflict. This was the first time companies had really taken a deep dive, not to their direct suppliers, but to their sub-suppliers and they found out we don't exactly know who all of our sub-suppliers are. Obviously the Uyghur Forced Labor Prevention Act has huge impact on supply chains and hopefully, we can talk about that at some length in a little bit, but all of these issues on supply chain, it's elevated the discussion of the corporate supply chain, I hope, to where it properly belongs, in the board of directors level. But for the people that we deal with, the CCOs and compliance professionals, I think it should be a part of an equal conversation because what are the risks? I was going to say implications, but what are the risks of moving your supply chain, reshoring it? It's a change so the risks change. It may not be an FCPA risk because you may be in the United States, but almost every state in the US has an anti-corruption law and a state anti-corruption law. I had to look at it one time, 37 states do. That's not that you can't bribe our state government officials, every state says that, but 37 with regular commercial private or private anti-bribery laws. When was the last time you, as a compliance professional, had to assess that issue, that risk? Lots of new risks and you, as a compliance professional, need to be a part of those discussions so you can begin preparing your corporation for those eventualities. Susan Divers: Well, that's a perfect example, or I should say it's an example on steroids of how you have to respond to the risks that face you today and hopefully, tomorrow, try to look around corners. I remember, I think it was in the 2020 guidance that DOJ put out. They said that you can't let your program be a snapshot in time or go on cruise control. That's one of the biggest traps I see people fall into. You ask them what their risks are and it's kind of like what the risks were last year. With this environment and with what you just outlined in terms of supply chain, there's going to be a lot for compliance teams to do. How should people be addressing that right now? I know we'll talk later about sanctions and anti-money laundering being the new FCPA as Deputy Attorney General Monaco said recently, but what's your advice today in terms of how to think about those risks? Tom Fox: Susan, you hit it exactly on the head. Assess your risks when your business changed. You reference the 2020 update to the Evaluation of Corporate Compliance Programs. That's where the first time the Department of Justice formally said, it's not an annual risk assessment. It's not a biennial, all-encompassing $100,000 risk assessment. It's an assessment when your business changed. The beauty of the timing of that statement, it was June, 2020, everyone's risk had changed because we were working from home. It didn't mean your risk increased or decreased, they changed. How do you assess working from home or how did you assess working from home from a compliance perspective? Once you made that assessment and then you found there were actually new risks, then you had to put a risk mitigation strategy in place, then you monitored that strategy to determine its effectiveness and then you used that information to upgrade your compliance program. The formula is in place for all of these things, but it starts with exactly what you said, Susan, assess your risks if your business has changed and everyone's business has changed literally, particularly in the supply chain. You've got to know who your suppliers are. From the business perspective, who can supply us is paramount. Pricing is going to be paramount. But from the compliance perspective, where are they getting those? If you're a clothing manufacturer, how many of your suppliers are coming out of Bangladesh and how many of those suppliers are violating any sort of fair trade or human rights laws? Even what's the safety, as we know from the Plaza collapse a few years back in Bangladesh. You have to know who's in your supply chain to a level and degree that you didn't previously think about unless you were in conflict minerals. But the beauty of that is that if you make that assessment down into your sub-suppliers from your supply chain, you as a business will be stronger. You will see, number one, if there are inefficiencies in our supply chain, but two, if there's a disruption, you'll be able to mitigate that if a disruption occurs because you can move to another supplier because you know where the parts are coming in from and hopefully, you'll be able to have prior knowledge or planning around that. But think of a weather event. In 2021, I was living in Houston. It hit seven degrees. That was the first time we'd had single-digit weather in Texas since 1890. Well, we can't prepare for that, yeah! This is a town that had gone through two 500-year floods and 1,000-year flood over the past 18 months. We had a wildfire north of Houston. We'd never had a wildfire in Houston, Texas in my lifetime. All of that's to say is that things have changed. I don't pretend to say I know which way it's going, I just know that you have to be there. You have to have assessed those risks and have a plan in place if you can't utilize all the way down in your supply chain, but that gives you the opportunity to be more business efficient and if a catastrophe does occur, you're more quickly able to respond. Starts with a risk assessment, put a risk management strategy in place, monitor that strategy, and then improve your compliance program as information becomes available to you. Susan Divers:I totally agree with that, Tom and I want to relate it back a little bit to a point you raised earlier too, which is this gives you an opportunity to make sure that you're dealing with ethical sub-suppliers and that your whole supply chain meets spec. I think I've seen in the past, in my long years as an ethics and compliance lawyer, and before that as more of a specialist on FCPA that a lot of times, people don't know who their sub-suppliers are and the first they find out is when there's fraud or potential bribery issue or diversion or a theft of intellectual property. It does give you an opportunity to get a more solid grip on your suppliers and make sure that they are the right people that you're dealing with. Let's turn from that, which is I think a very good segue to the issue of economic sanctions. There's really been a quantum leap in that area, even it was starting before Russia, I think, with the sanctions on Huawei and the heating up of tension in the US-China relationship, but now it's on a completely different level and that really, I think, has to be top of list for companies when they review their ENC programs. Can you talk about that and give us some guidance? Tom Fox: Sure. Once again, Susan, let me use the Russian invasion as the exclamation mark because under the Trump administration, we saw an exponential increase in the use of trade and economic sanctions. I had several friends in that space and every once in a while, I'd email them, "Well, we had three changes today. What do you expect this afternoon?" The point being that the prior administration saw those as legitimate and important tools for US national security. That has only increased now on steroids because of the Russian invasion. What the Trump administration's use of those tools did was it elevated the discussion of the trade compliance director in a corporation to the board of director level. It may have elevated them within the compliance function or generally within the C-suite because people now had to call trade compliance and say, "Anything new today?" Well, the sanctions that have come out after the Russian invasion have been all encompassing. Now, I looked before this podcast, I think we're on our seventh round of sanctions and more to come. That's seven rounds from the United States. That doesn't even count the UK and Western Europe who have equally sanctioned Russia. Many US multinational companies are also subject to UK or EU trade sanction directives. You need to be cognizant of those. But the current trade sanctions that have been levied, and when I say there's still more to come, we haven't gotten to the nuclear option, which is secondary sanctions. If we get to secondary sanctions, that's an entire level of trade and economic sanctions literally that we have not seen since World War II. Discussion though, around trade sanctions, and once again, I've talked to several of our colleagues who have that as their specific compliance remit and their specialization is they now feel elevated within the corporation. They feel that the issues they've been dealing with, their professional careers are now being discussed literally at the board of directors level because of these huge potential fines and penalties, the huge visibility. As important as these legal restrictions are, Susan, it's actually the reputational damage. Just think about the companies that either drag their feet about leaving Russia or were slow or less than somebody's idea of we need to be out of there. They were excoriated in the press for doing business in Russia after this invasion. Those conversations have largely on by the wayside because I think most US companies are out of Russia now, but the reputational damage for the violation of trade sanctions or even some sort of norm or standard now costs more than perhaps even the finer penalty would've cost. It's really a huge change for our colleagues. It's an important change because now, those issues are being evaluated together with supply chain at the board level in a way they have not been previously evaluated. You may now need to look, you need to call your trade director of trade compliance about issues in your supply chain. You need to call your director of trade compliance about where are we doing business? How are we doing business? Who are we doing business with? Who's our customer base? Are we selling with commission sales agents, company employees or distributors? If we're using distributors, are they reselling our products into Iran? Are they reselling our products into a country that's exporting to Russia? All of those issues now, I think, are being discussed at the highest level of a company. But for me, Susan, the real beauty of this discussion is finally, I think, the silos are coming down within a corporation and you're seeing a much more holistic approach to many of these issues that we'd not seen previously. Once again, if I could go back to the DOJ's June, 2020 update to the Evaluation of Corporate Compliance Programs as presaging all of this, they said in that document compliance must have access to all data silos within a company because compliance needs to know what everyone's doing so compliance can do its job. Well, that turned out to be true, but it turned out to be true much broader. I think the DOJ was onto something when they said that, and I think now, companies are realizing you have to have this holistic approach. Trade sanctions and export control sanctions are here to stay. The other insight from the Trump administration use of them and the Biden administration use of them is they're administration agnostic. They're not going to go away and if 2024, we have a Republican administration, they are probably going to continue those and they're not going away. If there's a Democratic administration, they're not going away. They're probably going to continue those. Sanctions, trade sanctions, export control sanctions are here to stay. They're probably going to get more robust. And until Russia pulls out of Ukraine, I think companies have to take these very, very seriously, both for a potential legal finer penalty, but even more important is in the commerce or the business place of public opinion. Susan Divers: I totally agree with everything you've said and you've made a very articulate vision of what a major challenge is for compliance teams. The only thing I would add is, it's interesting to me, that this can affect small and medium-sized companies that don't think in these terms and may not even really be very sophisticated. When I was looking a couple of months ago, I came across a case involving a false eyelash manufacturer who was importing what turned out to be false eyelashes that sourced in North Korea. I mean, it was a Chinese supplier, but the sub-supplier was North Korean and they got in trouble. As you know, it doesn't really matter if you don't know. That's no defense and they paid a fine for that. It was a good reminder that trade sanctions can affect everyone and that you really, hopefully, have to have that on your radar. Let's take an interesting topic off of this, which is have the enhanced sanctions started to really impact whistleblowers? I mean, we know that FCPA enforcement has certainly inspired a lot of whistleblowers, as well as SOX and other areas such as that. But what about trade sanctions and what about AML and what we're seeing? Tom Fox: That's been, I don't want to say it was an unintended consequence, but one of the most interesting outcomes or aspects of the Russian invasion. For the first probably 30 days, the most ubiquitous picture of the Russian invasion was a yacht steaming away because it was a Russian oligarch's yacht and they were trying to steam to a port where the US couldn't come in and forfeit them because of trade sanctions and sanctions put on the Russian oligarchs. But here's what happened. On January 1st of 2021, US Congress overrode President Trump's veto of the National Defense Authorization Act. In that bill, there was something called the AML law of 2020. The AML law of 2020 was the first update to our anti-money laundering laws and trade sanctions laws since the Patriot Act passed in the wake of 911. As part of that change, a bounty program for whistleblowers was put in place similar to the SEC bounty program put in place in Dodd-Frank. That Department of Treasury money laundering or anti-money laundering bounty program applies to those Russian yachts because if a yacht is seized and sold, the person who reported it can be eligible for up to 30% of the proceeds of that sale. This created an entire cottage industry of marine yacht hunters who knew and they are working with law firms to actively, and when they find one in a port that the US can get jurisdiction over, these law firms notify the DOJ and then the DOJ does whatever they need to do to try to get seizure of that yacht in a foreign country. That was viewed as hugely popular and the American public is cheering them on in a way whistleblowers have never been cheered on in our lifetimes. I remember I interviewed a woman whose law firm specializes in whistleblowing and I said sort of in an offhand manner, "Are you telling me that whistleblowing is sexy?" Her response is, "You mean, it hasn't always been that way?" No, it hadn't. But now, it was seen as directly in the interest of the United States, particularly our national security for these whistleblowers to come forward. As important as whistleblowing is to the SEC, I don't think it had ever been considered a national security issue. That ties to what the Department of Treasury has announced publicly that they expect US corporations to be in on the fight of trade and economic sanctions and money laundering by self-reporting. I had had a little trouble tying self-reporting of your own violation to the fight against national security. But what the Treasury Department argued was, come to us, tell us if you find people within your organization violating trade sanctions or economic sanctions and we'll give you credit for that, that may be a declination up to it, including a declination. The DOT has truly tried to incentivize companies to be a part of this fight and that is now the same for whistleblowing. Whistleblowers are now seen. There's one other document called US Strategy on Combating Corruption, which came out in December, 2021. In that document, the Biden administration pointed to whistleblowers as a component of the fight against bribery and corruption, which that document elevated to national security status. Now, we have whistleblowers who before the Russian invasion, certainly were a part of the legal landscape and part of the compliance landscape, but now they're being told, you are a part of our national security interest and you are a part of our national security fight and if you bring us this information in the form of blowing the whistle, you will be rewarded. The US public is saying, you go. You go find those yachts. You go find those people who are doing business with those that are not in the national security interest of the United States and we'll support that. That's, in my mind, just a huge psychological change. Susan, I know you have written and said more about whistleblowing and how to treat whistleblowers than about anybody and I know this is something that you've been talking about for a long, long time, but I really see this as a true shift in the way whistleblowers are thought of in the United States. Susan Divers: Well, I'm glad you brought that point out because I think that's true. Tying it furthermore to the impact of corruption on national security, I think is an idea whose time has come and we're going to do a whole other podcast on that as part of this series so I won't get into it a lot. But the concept of corruption as a victimless crime has been around as long as I've been practicing, which is a long time. It's not a victimless crime. I don't need to convince you. But it basically corrodes good governance, it corrodes social structures, it makes it harder for the poor. I mean, if I can go bribe my way, get a MRI ahead of everybody else in some less developed country, I'm jeopardizing the other people who can't afford that in that country and I'm also corroding ethics and good governance, but it hasn't been seen that way in the past, either by the government really or in the corporate community, and so we'll get into that more in the next podcast. But that's fascinating to tie the whistleblowing into that and it has the additional benefit of being true, if you will. I have to say, I love the image of the yacht hunters. It's one of the first things I read when I open The Wall Street Journal in the morning to see if there's some oligarch's yacht that's being towed away or whatever, but it's definitely an idea whose time has come. Tom Fox: For those of you who think our ever new ideas, I think if you look back in history, that was called piracy and or rading by English- Susan Divers: Letters of marque. Tom Fox: Yes, exactly. Letters of marque. It's an old concept, but it's equally valid today. Susan Divers: Well, let's close off this session because we're going to do another podcast and talk more about anti-corruption and sustainability. But one of the things I was curious about is how does all of this tie in to the level of transparency that we're seeing in international trade, in commerce? Our chairman of the board, Dov Seidman, whom I know you know of and know has written a lot in the past about radical transparency and how does that tie in to what we've been talking about? Tom Fox: Susan, let me go back to 2015 and the Volkswagen emission testing scandal. I read a speech by the head of the German Manufacturer's Council, so the German trade group for manufacturers. In that speech he said, "The answer is compliance and transparency." One, be in compliance, but two, be transparent about it. That is how we, as a German industry, will get through this. Volkswagen has done what they've done. We can't stop that or do anything about that, but we, the rest of German manufacturing, can be in compliance and can be transparent about that compliance. That really struck me at the time and it stuck with me since then. The transparency, the radical transparency that Dov talks about is even more important in 2022 because of things like the Business Roundtable Statement on the Purpose of a Corporation. How many stakeholders are there now? Previously, there have been only shareholders, but now you have multiple stakeholders. It can be your employees, it can be your third parties. It can be those localities where you do business and that's where that radical transparency is so critical because they may not own shares and they may not be able to vote, but they can vote with their pocketbook. The radical transparency allows you to demonstrate to stakeholders who are going to vote with their pocketbook that we do business ethically and we are in compliance, and that you can and should do business with us because our values are what your values are. That's, to me, the power of radical transparency and it's the ability to demonstrate to those who are not regulators. Because remember, if you're fined for a regulatory violation, that's seen as a below the line sunk cost. Just the cost of doing business. Tell me how much my fine is and I can reserve for it, whatever it is. What I cannot reserve for is if 5, 10, 25 or 50% of my customer base chooses not to buy my products because I've been found to have violated sanctions or I've been found to have used Uyghur labor in product site sourced out of China, or you name the issue. That's not a bottom line cost. That's a top of the line cost. That's a cost you can never get back because you can't reserve for non-sales. It's a cost you can't anticipate, you can't reserve for, you can't mitigate the risk because once you don't have sales, you don't have sales. To me, that concept of transparency, that concept of doing business ethically, in compliance and that concept of radical transparency all really protects you and allows you as a corporation to say, "This is what we stand for. This is why we're proud to sell a product to you and hopefully, you're proud to buy a product from us." Susan Divers: Well, you're right and that really tees up the heart of sustainability. Sustainability isn't one giant checklist after another. It's what are we really doing and how are we doing it? What you're also saying too is, and it ties with things Dov said in the past, that we live in an age of radical transparency where anyone can go on Twitter, I guess, if they pay the $8 now or post on Facebook or Instagram or wherever and expose concerns. And with the incredible increase in sanctions and money laundering controls, it's just a further reason, if anyone needed one, why you have to get your house in order and you have to make sure that you are dealing with those risks effectively and of course, walk the walk as well as talk the talk. We are running out of time, unfortunately, but I'm excited to mention again that we're going to continue this conversation in an upcoming podcast. It's been such a pleasure having you today, and I know we could keep talking for another couple of hours, but we'll have further opportunities in the future. Tom Fox: I always have way too much fun when you and I sit and chit chat, whether it's over a lunch, a coffee, or a podcast, so thank you, Susan. Susan Divers: Oh, I feel the same way, Tom. My name is Susan Divers and I want to thank you all for tuning into the Principled Podcast by LRN. Outro: We hope you enjoyed this episode. The Principled Podcast is brought to you by LRN. At LRN, our mission is to inspire principled performance and global organizations by helping them foster winning, ethical cultures rooted in sustainable values. Please visit us at lrn.com to learn more. And if you enjoyed this episode, subscribe to our podcast on Apple Podcasts, Stitcher, Google Podcasts or wherever you listen. And don't forget to leave us a review.
Welcome to a special podcast series entitled, Corporate Case Management in the Era of the DoJ's Monaco Memo, sponsored by i-Sight Software Solutions. Over this five-part podcast series, I visit with Jakub Ficner, Director of Partnership Development at i-SIght. In this series we consider how the Monaco Doctrine and Monaco Memo have impacted compliance in several key areas. In this Part 4, we look consider the Fair Process Doctrine and how the Monaco Memo emphasized the requirements as laid out under the DOJ's Evaluation of Corporate Compliance Programs and its Update. Highlights include: What are DOJ expectations? The stakeholders needed to be involved with determining, recommending, and implementing that outcome based on your investigation. Why consistently applying the same disciplinary actions based on the nature of substantiated elements is critical. What is the Fair Process Doctrine? Following the Fair Process Doctrine is critical for the credibility of your investigative protocol. For more information check out i-Sight here.
Welcome to the Greetings and Felicitations, a podcast where I explore topics which might not seem to be directly related to compliance but clearly influence our profession. In this special series, I consider many structural engineering concepts are apt descriptors for an anti-corruption compliance program. In this episode 3, I consider the Roman Arch and resourcing your compliance program. Highlights include: Why and how was the Roman Arch such an engineering innovation? What other corporate functions can a CCO look to? How does HR help facilitate through all its employee touchpoints. How can IT help a CCO meet their obligations under the 2020 Update to the Evaluation of Corporate Compliance Programs? How can compliance use Internal Audit as a key corporate adjunct? Resources “Understanding the World's Greatest Structures: Science and Innovation from Antiquity to Modernity”, taught by Professor Stephen Ressler from The Teaching Company.
In this special 5 part podcast series, I am deeply diving into the Monaco Memo and analyzing it from various angles. In this episode of the FCPA Compliance Report, I am joined by my Compliance into the Weeds co-host Matt Kelly for a deep dive into the weeds of the Monaco Memo. Some of the highlights include: Corporate accountability. Timeliness in turning over evidence of wrongdoing. Baby Carrots in evaluating the corporate history of misconduct. Additions to Evaluation of Corporate Compliance Programs. Tweaks to the Yates Memo formulation. Monitors and Monitorships. Resources Matt in Radical Compliance Tom in the FCPA Compliance and Ethics Blog Introduction Self-Disclosure Corporate Compliance Programs Monitors What it all means Monaco Memo Learn more about your ad choices. Visit megaphone.fm/adchoices
Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, we look at the recently announced Monaco Doctrine as encapsulated in the Monaco Memo. Highlights include: Corporate accountability. Timeliness in turning over evidence of wrongdoing. Baby Carrots in evaluating corporate history of misconduct. Additions to Evaluation of Corporate Compliance Programs. Tweaks to the Yates Memo formulation. Monitors and Monitorships. Resources Matt in Radical Compliance Tom in the FCPA Compliance and Ethics Blog Introduction Self-Disclosure Corporate Compliance Programs Monitors The heat is on Monaco Memo Learn more about your ad choices. Visit megaphone.fm/adchoices
In 16 minutes Sean breaks down the 2010 Affordable Care Act (ACA) and its mandate on establishing a compliance program (Core Elements). The breakdown includes: 1. Mandatory Compliance and Enforcement 2. The implementation of the 60-Day Rule and how it actually works 3. The Relator (qui tam) Bar and Effective Changes under ACA
The most significant development for Boards and compliance in 2021 came from the Delaware courts, which have been expanding the civil law obligations of Boards through a series of court decisions involving the expansion of the Caremark Doctrine for a couple of years. These developments began with the Marchand decision which required Boards to manage the risks their organizations face. Next was the Clovis Oncology which required ongoing monitoring by the Board. The next case is Hughes which stands for the proposition that having the structures, policies and procedures in place is not enough. The Board must fully engage in oversight of a compliance program. Finally in 2021 came Boeing which stands for the continuing proposition that a Board cannot simply have the trappings of oversight, it must do the serious work required and have evidence of that work (Document, Document, and Document). The decision in Boeing is yet a further expansion of the Caremark Doctrine, once again beginning with Marchand. Boeing also stands for the proposition that a company must assess its risks and then manage those risks right up through the Board level. Finally a Board must be aggressive in their approach and not simply passively taking in what management has presented to them. The DOJ has also made clear its thoughts on the role of the Board of Directors. The role of the Board is different than that of senior management. Both the 2020 Update and DOJ Antitrust Division's 2019 Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations was even more explicit in announcing their expectation for robust Board oversight of a corporate compliance function. Name any of the most recent corporate scandals; Wells Fargo, Theranos, Volkswagen, Boeing, etc., and there was no compliance expertise on the Board. It is now enshrined as a best practice for companies to have a seasoned compliance professional on the Board. I would also add the DOJ may soon expect there be a Compliance Committee separate and apart from the Audit Committee. The DOJ continually speaks about the need for companies to operationalize their compliance programs. Businesses must work to integrate compliance into the DNA of their organization. Having a Board member with specific compliance expertise or heading a Compliance Committee can provide a level of oversight and commitment to achieving this goal. The DOJ enshrined this requirement in the FCPA Corporate Enforcement Policy. This means that when your company is evaluated by the DOJ, under the factors set out in the 2020 Update and FCPA Corporate Enforcement Policy, to retrospectively determine if your company had a best practices compliance program in place at the time of any violation, you need to have not only the structure of the Board-level Compliance Committee but also the specific subject matter expertise (SME) on the Board and on that committee. All of this means that every Board of Directors needs a true compliance expert. Almost every Board has a former Chief Financial Officer (CFO), former head of Internal Audit or persons with a similar background, and often times these are also the Audit Committee members of the Board. Such a background brings a level of sophistication, training and SME that can help all companies with their financial reporting and other finance-based issues. So why is there not such SME at the Board level from the compliance profession? #Comment Begins Three key takeaways: 1. The 2020 Update required active Board of Director engagement and oversight around compliance. 2. Board communication on compliance is a two-way street; both inbound and outbound. 3. The Delaware courts have been expanding Boards roles through expansion of the Caremark Doctrine. Learn more about your ad choices. Visit megaphone.fm/adchoices
Continuous monitoring and continuous improvement are two of the most important phrases for any compliance program. These twin concepts were perhaps the biggest modifications in the 2020 Update to the Evaluation of Corporate Compliance Programs. In 2021, all companies' risks changed as we moved from Working From Home to Return To Office and now a hybrid work model. These changes in our basic work location drove home perhaps the most prescient comment I heard during the pandemic year of 2020, which was by Jed Gardner, who said “We have moved from disaster recovery to business continuity to business as usual.” What this means is that risks will change in ways you may not see at speeds you not anticipate. Your compliance program must be ready to respond to whatever those risks might be going forward. In the 2020 Update, the DOJ it began to address this from the compliance program perspective with several questions. “Is the risk assessment current and subject to periodic review? Is the periodic review limited to a “snapshot” in time or based upon continuous access to operational data and information across functions? Has the periodic review led to updates in policies, procedures, and controls? Do these updates account for risks discovered through misconduct or other problems with the compliance program?” The next area for continuous monitoring and continuous improvement was in an area of compliance which is not normally associated with those concepts, Policies and Procedures. Here questions included “When was the last time your policies and procedures were updated? Perhaps more importantly under the 2020 Update what was your process for doing so? Was there any rigor around your process? Did that rigor include incorporating information and data collected through continuous monitoring, real-time monitoring or continuous access to operational data and information across functions?” The final area in the 2020 Update for consideration is appropriate called Continuous Improvement, Periodic Testing and Review. Here the question included the following, “How often has the company updated its risk assessments and reviewed its compliance policies, procedures, and practices? Has the company undertaken a gap analysis to determine if particular areas of risk are not sufficiently addressed in its policies, controls, or training? What steps has the company taken to determine whether policies/procedures/practices make sense for particular business segments/subsidiaries? Does the company review and adapt its compliance program based upon lessons learned from its own misconduct and/or that of other companies facing similar risks?” Three key takeaways: 1. How has your company's risks changed over the past year? 2. What is your process for continuous monitoring and improvement? 3. What sources of information do you use come from outside your organization? Learn more about your ad choices. Visit megaphone.fm/adchoices
The DOJ, FBI, and other enforcement partners have announced DOJ's Procurement Collusion Strike Force to combat antitrust crimes in government procurement at a national level. How does the government detect and investigate these crimes and who are the prosecutors and FBI agents that work these cases? DOJ Strike Force Director Daniel Glad and Supervisory Special Agent Kelvin Ortiz join John Roberti and Wendy Huang Waszmer to discuss the government's effort on a national level to combat collusion, antitrust crimes and related fraudulent schemes. Listen to this episode to learn more about the DOJ's Strike Force and the crimes being investigated and prosecuted Related Links: FBI Tips Procurement Collusion Strike Force Page FBI's International Public Corruption Page Dan Glad speech to the ABA's Section of Public Contract Law about the PCSF: The Procurement Collusion Strike Force: A Whole-of-Government Approach to Combating a Whole-of-Government Problem A quick summary of the per se violations and red flags: Price Fixing, Bid Rigging, and Market Allocation Schemes: What They Are and What to Look For The criminal enforcement program's public page: Criminal Enforcement The Antitrust Division's Leniency Program: Leniency Program The new compliance policy: Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations Criminal Antitrust Anti-Retaliation Act (“CAARA”), 15 U.S.C. § 7a-3, full text: Criminal Antitrust Anti-Retaliation Act (CAARA) | Whistleblower Protection Program Hosted by: Wendy Huang Waszmer and John Roberti
The compliance sphere is exciting as it is challenging to look into how the risk landscape is quickly changing. In this episode, Compliance Evangelist Tom Fox engages in a power-packed conversation with Jonathan Marks, a long-time professional in internal audit and thought leader in the compliance space. Tune in and extract valuable insights as they go deep on the evolution of the internal audit profession since implementing the SOX Act of 2002, the arc of professionalism in compliance, the importance of an overall integrated structure of Enterprise Risk Management, and many more. Major takeaways discussed in the episode: ✔️ Why the COSO 2013 Internal Controls Framework serves as a seminal moment for compliance professionals and helps keep up with the exponential speed of developments in the space. ✔️ The move to an overall integrated structure of Enterprise Risk Management is critical in proactively identifying, assessing, monitoring, and responding to risks and opportunities. ✔️ The 2020 Update to the Evaluation of Corporate Compliance Programs brought business intelligence to compliance and serves as a significant step towards enterprise resiliency. Organizations today have to be flexible and nimble and adapt to changes of new risks to survive and evolve. ✔️ The importance of prioritizing root cause analysis in investigation and approach. Jonathan has advocated for this in so long and the rigor around the process. "When I look at the root cause, it's really finding that one domino that fell and tipped off everything else. Often, some recommendations are made specifically related to internal controls that are treating the symptoms and not the underlying issues. And then we have this funky word called recidivism. And so that same problem keeps happening or coming back." ✔️ The three vital skills that have come into play that a compliance professional needs today are being "digitally athletic" to understand data analytics, be a great communicator and possess critical thinking to keep up with the evolving compliance functions. ✔️ The most successful auditors are the ones that can communicate, build trust and relationships with people. ✔️ Companies and compliance need to be thinking about into 2025 are becoming more risk resilient, with what Jonathan calls the Bermuda Triangle — where internal audit, compliance, and legal all work harmoniously. ✔️ From a board member's perspective going into the future, one has to start asking tough questions surrounding the company's audit process and creating an internal audit plan. Jonathan T. Marks is the firm leader of the global fraud and forensic investigations and compliance practice at leading advisory, tax, and assurance firm Baker Tilly. He has more than 30 years of experience working closely with his clients, their board, senior management, and law firms on global and cross-border fraud and misconduct investigations, including bribery, corruption, and compliance matters. Jonathan specializes in internal and regulatory investigations, governance matters; risk assessment, design, and implementation of compliance programs; global fraud risk management programs; and compliance coordination and monitoring services for the private, public, not-for-profit sectors. He assists his clients to mitigate potential issues by conducting root-cause analysis, developing remedial procedures, and designing or enhancing governance and compliance systems along with internal controls, policies and procedures, and customized training. LinkedIn: Jonathan T. Marks Website: www.bakertilly.com/contact/directory/jonathan-t-marks/ Blog: boardandfraud.com
In this segment Sean discusses the DOJ Criminal Division's Evaluation of Corporate Compliance Programs. Sean breaks down various aspects of what most consider a prosecutors playbook. A discussion of conducting internal audits and developing corrective actions to ensure listeners are intune with what is required ensures risk mitigation.
Beginning in November 2012 with the publication of A Resource Guide to the U.S. Foreign Corrupt Practices Act (commonly referred to as the FCPA Resource Guide), the U.S. Department of Justice and the Securities Exchange Commission have regularly been publishing useful and informative guidance on the elements of effective compliance programs and the Department and the Commission’s expectations. Following the publication of the FCPA Resource Guide, the DOJ Fraud Section published another important document in February 2017 entitled “Evaluation of Corporate Compliance Programs”. It has been updated twice since then in 2019 and again in 2020. The FCPA Resource Guide was also updated in 2020. These two documents are the primary desk references used by federal prosecutors to examine whether a company they are investigating has an “effective compliance program”. Because of that, it is incumbent upon board members and C-suite executives to be familiar with these documents, understand what is expected of them and to hold themselves and others accountable ensuring that the company has properly considered the risks of their unique business operations and has tailored a robust compliance program based upon a nuanced understanding of that risk.
Welcome to a multi-part podcast series, Smart Automation for Risk Management, sponsored by Lextegrity Inc. Over the course of this series we will be visiting with Parth Chanda, Founder and Chief Executive Officer (CEO), Andy Miller, Chief Analytics Officer, and Kara Bonitatibus, Head of Product. We are reviewing the Lextegrity Product Suite, taking a deep dive into continuous risk monitoring, considering pre-approvals and third-party due diligence and integrations and user experience. In a special bonus episode, Chanda and I will discuss the Integrity and Analytics Collective. In Episode 3, I conclude my two-part visit Miller about risk monitoring with data analytics. We began with the Department of Justice’s (DOJ) 2020 Update to the Evaluation of Corporate Compliance Programs, (2020 Update), which mandated for the first time that compliance practitioners and the corporate compliance function have access to a company’s data lakes. Miller believes the DOJ 2020 Update has really been an eye opener for a lot of risk professionals and companies out there that they “need to do better.” Compliance professionals should have access to their own data as risk professionals, they need to have a plan and an actual program to monitor their company’s data. This works directly on the first two prongs of any compliance program; to prevent and detect actions which could be fraudulent, corrupt such as bribery, or other actions which could put your company in danger. This is even more true in 2021 as the DOJ is ramping up their enforcement efforts. Lextegrity provides a continuous monitoring solution that provides compliance and audit teams with a comprehensive way to keep a pulse on transactional spend and revenue risk. Miller emphasized the key is that your continuous monitoring solution should be flexible and curable to your specific company. The Lextegrity platform provides analyses that are broken out in a variety of areas to look for specific types of risk in that general risk-based area. It allows you to identify transactions that could be associated with some wrongdoing like bribery, corruption or fraud. However, what many compliance professionals struggle with is separating the wheat from the chaff. In other words, they are bogged down in the details of a transaction such as gifts, travel and entertainment (GTE) spend, lack of approvals on discounts or third-party issues and do not have the ability to step back and look at a bigger picture. We concluded by considering what connecting all these dots might look like. Miller said that by “connecting the dots of risk you start to see other things happen, you catch an exception in this area and now you say, well, so-and-so was a major part of that. Let’s see what else they’ve touched in this area or looking at the cross impact between employee spend and vendor spend, and then be on that in the compliance space”. You can also cross-reference hotline reports, due diligence metrics, audit reports, training completion data and indeed “all this other program information that compliance has a hand into that can feed into this transactional data.” It can truly provide to you the broadest look at your compliance risk. Join us tomorrow where we explore pre-approvals and third-party due diligence with Kara Bonitatibus. For more on Lextegrity, check out their website here. Texas Tax rate at 80% of 8.25%
Business Ventures with Brandon Daniels In today's episode of The Compliance Podcast, Thomas Fox is joined by regulatory expert and technology practitioner Brandon Daniels, President of Exiger - Global Markets. Tune in to the episode as Thomas and Brandon share an interesting discussion about trending compliance risks and business ventures. Major takeaways discussed in the episode: Be reminded that third parties are essentially part of a company's ecosystem as well. Brandon Daniels emphasizes that third parties must also use compliance practices applied to the company's people, processes, and technology. Take advantage of technological advancements, namely the ability to utilize open-source data to evaluate risk in due diligence and assessments. Recognize that holistic risk assessment is necessary to search hotspots subject to multi-factor risks. Doing so will effectively mitigate them to stay ahead of both commercial disruption and regulatory enforcement. Be constantly reminded to avoid the risks that wipe out the profit. Companies need to be thinking ahead beyond their business relationships and creating strong mitigation practices in times of crisis to stay relevant and economically successful. Amid a pandemic, there are areas of growth in the market that will demand more robust compliance and more vital ESG practices. About Thomas Fox: Thomas Fox, the Compliance Evangelist®, is one of the leading writers, thinkers, and commentators on anti-bribery and anti-corruption compliance. In this latest edition of The Compliance Handbook, he continues to arm seasoned compliance professionals and those new to the realm with the practical, actionable guidance and tools needed to design, create, implement and continually enhance a best practices compliance program. The "Nuts and Bolts" for Creating a Comprehensive Compliance Plan This chapter of this unique work lays out a succinct yet thorough one-month approach to operationalizing a company's compliance regimen. Beginning with a section on what 2020 brought to the compliance landscape, each chapter methodically outlines best practices for everything from establishing policies, procedures, and internal controls, to assessing risk, training, handling investigations, and more. Each day ends with three key takeaways you can implement at little or no cost. Understanding Compliance Responsibility Across the Organization The Compliance Handbook also takes a close look at all professionals' roles with compliance responsibility, from Compliance Officers and Boards of Directors to Human Resources, to Internal Audit and Internal Controls and Communications and Training professionals. In-Depth Treatment of Hot Topics and Trends The Handbook provides an in-depth look at the latest thinking and trends for the full range of critical compliance topics, including: • Compliance and business ventures • Third-party risk management • The Board's Role in Compliance • Continuous improvement • Compliance innovation • And much more Incorporating Current Government Pronouncements The Second Edition incorporates the most current government pronouncements governing best practices compliance programs, including the 2019 Evaluation of Corporate Compliance Programs released by the Fraud Section of the Department of Justice, and its 2020 Update; the updated FCPA Resource Guide 2nd edition; the Framework for OFAC Compliance Commitments; and the 2019 DOJ Antitrust Division's Evaluation of Corporate Compliance Programs in Criminal Antitrust. Order your copy OR copies of The Compliance Handbook: A Guide to Operationalizing Your Compliance Program. Save 25% off. http://www.lexisnexis.com/fox25
Written Standards & Great Women In Compliance with Mary Shirley & Lisa Fine The definition of a successful compliance program is not foreign for many compliance specialists. However, the challenge is to understand what it truly means for a compliance program to be effective. Most organizations claim that the central meaning of compliance is to define and enforce guidelines and standards that can minimize the possibility of a violation of compliance. Though, the truth remains that if misconduct exists, your attempt to highlight that your compliance policy conforms with regulatory requirements will increment your culpability score and contribute to a noticeable difference in fines and jail time. To help you paddle through your compliance programs, I recently met two influential women in compliance, Lisa Fines and Mary Shirley. These phenomenal women will add transparency to these ethics and compliance concerns. We will dive into written compliance and touch base on #GWIC (Great Women In Compliance) and how it has become a powerful platform that supports compliance practitioners. Key takeaways discussed in the episode: Know what is written compliance inside out. Understand that everybody needs to know what the rules are. But, it should not be lawyer-written, 20 pages long. Use the simplest terms possible, break things down to the absolute essential thinking. Call to mind that the code is our ethos, and the policies are the regulations to explain them. If possible, get your message across in the shortest possible time using the least words possible. Hark back to the truth that there is no one size fits all compliance program. Thus, make learning come to life and apply it to people's job roles. As much as possible, tell people what the expectations are and help facilitate their decision-making. Factor into that it's natural to maintain your relationships with former colleagues, but It's not okay and could be risky if you talk shop with them. Support Women Empowerment and appreciate their contributions, especially in compliance. Learn how #GWIC grew into a community of great women who share valuable resources and support compliance practitioners. About Thomas Fox: Thomas Fox, the Compliance Evangelist®, is one of the leading writers, thinkers, and commentators on anti-bribery and anti-corruption compliance. In this latest edition of The Compliance Handbook, he continues to arm seasoned compliance professionals and those new to the realm with the practical, actionable guidance and tools needed to design, create, implement and continually enhance a best practices compliance program. Incorporating Current Government Pronouncements The Second Edition incorporates the most current government pronouncements governing best practices compliance programs, including the 2019 Evaluation of Corporate Compliance Programs released by the Fraud Section of the Department of Justice, and its 2020 Update; the updated FCPA Resource Guide 2nd edition; the Framework for OFAC Compliance Commitments; and the 2019 DOJ Antitrust Division's Evaluation of Corporate Compliance Programs in Criminal Antitrust. eBooks, CDs, downloadable content, and software purchases are non-cancellable, non-refundable, and non-returnable. Click here for more information about LexisNexis eBooks. The eBook versions of this title may feature links to Lexis + for further legal research options. A valid subscription to Lexis + is required to access this content. Order your copy OR copies of The Compliance Handbook: A Guide to Operationalizing Your Compliance Program. Save 25% off. http://www.lexisnexis.com/fox25
The Department of Justice Antitrust Division enjoys many tools to hone its criminal investigations, including many designed to incentivize cooperation from potential defendants. But how do Deferred Prosecution Agreements differ from the leniency program, and when might the Antitrust Division choose to negotiate one? Jon Jacobs, a seasoned antitrust trial lawyer and DOJ alumnus, joins Christina Ma and Matt Harper to examine how Deferred Prosecution Agreements factor into the Antitrust Division’s criminal investigation and when Deferred Prosecution Agreements might be expected in the future. Listen to this episode to learn more about Deferred Prosecution Agreements and how the Antitrust Division uses them. Related Links: DOJ Antitrust Division - Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations Hosted by: Christina Ma and Matt Harper
Post By: Adam Turteltaub The approach to compliance programs of the Antitrust Division at the US Department of Justice has evolved considerably over the last few years, starting with the release of their watershed Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations in July 2019. This document was a dramatic step forward in providing recognition of compliance programs and encouraged prosecutors to consider three fundamental questions: Is the corporate compliance program well designed? Is the program being applied earnestly and in good faith? Does the corporation’s compliance program work? In August 2020 the DOJ followed up with the creation of the Office of Decree Enforcement and Compliance (ODEC) to provide additional resources for criminal and civil antitrust cases. In this podcast Larry Reicher, the ODEC Chief, explains that the Office has multiple goals. First, it seeks to ensure that companies are compliant with decrees. There have been instances in the last few years in which parties had not lived up to their obligations. ODEC is also charged with acting as a resource for the Criminal Section of the Antitrust Division as it analyzes compliance programs in companies seeking to earn credit for them. In addition, the Office is responsible for the section of monitors, when one is required. Its role is also to incentify compliance and good citizenship and, ideally, prevent problems from happening in the first place. To help achieve that goal ODEC looks for four common traits in organizations: A commitment to a culture of compliance The company self-reports properly Full and timely cooperation Thorough and timely remediation In addition, they are particularly focused on determining if the compliance program is tailored to the industry and company, not an off-the-shelf exercise. Listen in to learn more about ODEC as well as the Department of Justice’s expectations and rewards for effective antitrust compliance programs.
Compliance Mitigation dot com For reasons expressed throughout these modules, every business leader should consider possible steps to lessen potential exposure to a government investigation. Three suggestions follow: Show a commitment “to doing good” in all communications. Document processes that show a commitment to operating the business with principled, transparent policies that are easily defensible. Train all team members to understand the corporate culture, and also the reasons behind every policy in place. These three components would go a long way toward protecting businesses and individuals. Government Officials: In 1991, the U.S. Sentencing Commission (USSC) amended its guidelines. The amendments incentivized business owners to act in compliance with regulations and the law. Those changes opened opportunities for prosecutors to grant leniency, non-prosecution agreements, or deferred-prosecution agreements to businesses that put “effective compliance programs” in place. Theoretically, if business leaders designed effective compliance programs, their efforts would show a good-faith effort toward corporate responsibility. By building a record demonstrating that they want all team members to act appropriately, leaders reduce risk levels. Although no one can eliminate the possibility of a government investigation, good records will serve as an excellent defense mechanism. As we’ve stated throughout, although business leaders can control personal decisions, they cannot observe decisions that other people on their team make. For those reasons, leaders should add training on the personal costs that can accompany an investigation or a prosecution for white-collar crime. Agencies within the Department of Justice now incentivize businesses to make bigger investments in compliance. Guidance from 2019 advises federal prosecutors to consider the following questions when evaluating corporate compliance programs: Is the program well designed? Is the program being implemented effectively? Does the compliance program work in practice? In 2020, the DOJ emphasized another two key points with its publication of: Evaluation of Corporate Compliance Programs (2020 Guidance): https://www.justice.gov/criminal-fraud/page/file/937501/download First: Corporate compliance programs, to be deemed genuine and effective by the DOJ, must be examined, tested, and updated on a continual basis, including (and perhaps especially) during a government investigation. Compliance efforts should integrate current data analytics, capabilities wherever possible. If deficiencies are found, then changes should be made, and the 2020 Guidance makes clear that DOJ expects regular review of compliance efforts. Second: The quality of a company’s compliance program continues to be a major factor in deciding on the appropriate resolution of a government investigation. The 2020 Guidance makes clear a program’s effectiveness will be considered at the close of an investigation as well as when the underlying company conduct occurred. Consequently, under DOJ policy, the strength of a company’s past and present compliance efforts will ordinarily have an effect on the terms of a resolution, including the often quite important matter of whether a monitor is required (and the scope of a monitorship). The DOJ’s guidance can help business leaders make decisions to lessen exposure to investigations. Effective compliance programs will not only show people what they should do, it will help those people understand what they should not do. In addition, they may also profile the consequences that follow for bad behavior. If a company invests the time to show a person how to make the right decisions, and it requires the people to acknowledge that they understand corporate policy, the business protects itself. Good compliance programs will encourage both corporate accountability, and personal accountability. If there is a breach of policy, the company should create a record and demonstrate the steps that it has taken to make things right. Two questions that investigators may ask include: Has the company ever terminated or otherwise disciplined anyone for the type of misconduct at issue? Have the disciplinary actions and incentives been fairly and consistently applied across the organization? To demonstrate individual accountability, the company will record disciplinary measures taken against people charged with violations of compliance policies. If a company shows that it pays more than lip service to compliance, it may lessen exposure to a government investigation. Compliance programs serve as an insurance policy. Although business leaders may strive to do the right thing every time, rogue employees can expose the business to risks. The compliance program may influence the lens through which prosecutors view the company. That said, some metrics show that the mere existence of a compliance program doesn’t show commitment to compliance. Solely requiring employees to sign forms showing that they’re familiar with the corporate polices won’t move the needle if a pattern of fraud is uncovered. In 2012, the prosecutors brought criminal charges against Garth Peterson, a trader at Morgan Stanley. Documents noted that Peterson had gone through seven compliance-training sessions and 35 related reminders on bribery. Despite that training, he pleaded guilty to bribery charges. Compliance initiatives had little influence on Peterson, because he viewed them as pro forma, something he needed to do in order to keep his job. If a business doesn’t create a compliance program with robust follow-through, it may be ineffective and dubious from the perspective a government investigator. Prosecutors will not give credit for compliance programs that fail to inspire appropriate conduct. A company protects itself when it comes up with innovative ways to help people within the organization embrace the principles of compliance—but also understand the consequences for non-compliance. Designing A Compliance Program: Compliance is not a “one-size-fits-all” proposition. Leaders within a company should: Document the reasons behind the compliance training. Show the tools, tactics, and resources they’ve implemented to train. Create accountability logs to show people that have gone through the training, encouraging them to self-report what they’ve learned from the program. If the program doesn’t work, the leader should show what adjustments he or she has made. Federal and state regulations, as well as industry standards, evolve constantly. For this reason, leaders should conduct regular assessments to minimize the risks associated with noncompliance. Risk factors: What inherent risks exist in the company’s market? What efforts does the company leadership make to stay aware of the market? In what ways does the company solicit third-party expertise? Objectives: What purpose does each module within a compliance program serve? In what ways do members of the team understand the objectives of a corporate compliance program? Departmental Responsibilities: In what ways does the company delegate responsibility for compliance programs? In what ways does the company measure excellence in delivering compliance training? How does the company record employee buy-in of the training? What do team members or stakeholders understand about reporting metrics? Training: What level of commitment does the company make to training? What efforts does the company make to update the training? In what ways can employees independently participate in computer-based training? How does the company measure employee engagement? Corresponding Policies: Like every individual has a personality, every organization has an identity. Different businesses will need a compliance program that matches the business’s identity. Some organizations may require a policy that scrutinizes new hires more than others. For example, a business that controls financial information for consumers may require criminal-background checks on all new hires, while a company that specializes in landscaping may not. A compliance program should show a commitment to transparency. All policies should harmonize with the behavior of officials at the highest level. In this era of cloud-based computing, leaders may make use of computer-based training, encouraging members of the team to review lessons remotely. If employees have feedback, mechanisms should exist for them to provide feedback in a manner that will not undermine their position—provided they offer the feedback in a good-faith effort to promote compliance. Summary: In summary, the best way to minimize vulnerabilities to government investigations is to create a good compliance program that is consistent with the corporate culture. Document every practice within the company. Show the reasons behind the ways that the company makes decisions. Train team members on how to work within the framework of the corporate culture. Leaders may want to review guidance from the Department of Justice, and question whether the compliance programs they’ve put in place measure up. A good tactic may include bringing in a neutral third party who has that credentials to ask the questions that investigators will ask. Create a program that will allow leaders of the organization to respond honestly, with their dignity intact. When making a decision on whether to bring charges against a company, government attorneys will ask: Is the program well designed? Is the program being implemented effectively? Does the compliance program work in practice? If a company leader can respond to those questions as quickly as he can answer the questions regarding corporate profitability, the leader will have done everything possible to minimize vulnerabilities to a government investigation. In our era of big government, that doesn’t mean a government investigation will not begin. It only means that a company is in as good a position as possible. No one can change past behavior. But we all can work toward minimizing risks in the future.
How often have you thought about the role of communications in your entire hotline reporting system? I do not mean posters giving the hotline number, promising anonymity and non-retaliation. I mean using compliance communications to create a social environment where employees feel comfortable speaking up to ask questions and report concerns and they know the options for doing that. Why do many compliance professionals find it so difficult to use compliance communications to help move the ball forward on driving a speak up culture? It begins because many conflate such communications with training. Training tends to be viewed as something that happens once per year or on a similar cadence. Yet even the DOJ has seen through the fallacy of this argument in its 2020 Update to the Evaluation of Corporate Compliance Programs when it stated, “companies have invested in shorter, more targeted training sessions to enable employees to timely identify and raise issues to appropriate compliance, internal audit, or other risk management functions.” The 2020 Update also leads to the following questions, what resources have been available to employees to provide guidance relating to raising an issue? And, has your company assessed whether its employees know when to seek advice and whether they would be willing to speak up? Can you answer these to satisfaction of the DOJ? If not, you may have a gap in your speak up communications program. The bottom line to all is that in compliance, you are only limited by your imagination. When you overlay creativity on your imagination, you can create something very special. And you can use compliance communications to drive a speak up culture. Three key takeaways: How can communications improve a speak up culture? Use communications to foster trust. A speak up culture only works when paired with a ‘listen-up’ culture.
In yet another major compliance development, the Justice Department announced the adoption of a new policy to credit effective compliance programs in resolving criminal cartel prosecutions against corporations. Since the 1990s, the Antitrust Division's policy regarding corporate compliance programs was generally fixed given the ability of companies to seek benefits under the leniency program. As part of its new policy, the Antitrust Division released its own guidance for the Evaluation of Corporate Compliance Programs. This new document complements the recent guidance issued by the Criminal Division. The Antitrust Division's new policy was announced by Assistant Attorney General Makan Delrahim in a recent speech. The announcement is the culmination of a lengthy process, which included a public roundtable with antitrust practitioners, coordination with global cartel enforcement authorities, and an internal DOJ review. In this episode, Michael Volkov discusses the Antitrust Division's new policy and accompanying guidance.
In a major development in ethics and compliance program expectations, the Justice Department has issued a new and important revised guidance on the Evaluation of Corporate Compliance Programs . The new Evaluation Guidance supersedes the prior document issued in February 2017, which contained a lengthy list of questions on key topic areas. Join Michael Volkov as he discusses the new guidance and outlines the impact for all corporate compliance programs.
The Justice Department has released two important documents that provide guidance to compliance practitioners as to compliance program best practices: (1) The FCPA Guidance; and (2) The Evaluation of Corporate Compliance Programs. In combination, these two documents provide important compliance program guidance. In this episode, Michael Volkov discusses various issues related to ethics and compliance program best practices.