Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley.In episode 48, Lisa Fine speaks with Gwen Romack, who is the Senior Director of Legal and Regulatory Compliance at VMWare. They visit about creating multi-faceted ‘Dream Teams’ for a corporate compliance function.
Almost every compliance practitioner is asked at least once “what do you mean by compliance?” And, the answer is often very different, depending on many factors – public or private sector, non-profit, geography…just to name a few. It’s also hard to build a compliance team to address the different parts of each program. Prior to that her current position of Senior Director of Legal and Regulatory Compliance at VMWare where she has been for the past four years, Gwen spent twenty years at HP, growing her career first outside of compliance and then in the area of ethics and compliance, building a public sector program. Gwen has built many different programs, and Lisa and Gwen start to build one version of a “dream team.”
Gwen is a senior compliance leader, and she is not an attorney, and has looked at various work areas. Her perspective on how attorneys and non-attorneys work together to build a team to look at four pillars of compliance that she categorizes as awareness, process controls, inspection, and mitigation. As a woman in compliance, as well as a non-attorney, Gwen also discusses her experiences with imposter syndrome, which impacts so many people, of all genders and that sometimes one type of imposter syndrome replaces another, and how to move past it altogether. Building anything should have architects, contractors, and inspectors, and we hope you enjoy thinking about your work and the role you and your colleagues play on your dream team.
Join the Great Women in Compliance community on LinkedIn here.
Day: January 29, 2020
Well known fraud investigator Jonathan Marks, defined a root cause analysis as “a research based approach to identifying the bottom line reason of a problem or an issue; with the root cause, not the proximate cause the root cause representing the source of the problem.” He contrasted this definition with that of a risk assessment which he said “is something performed on a proactive basis based on various facts. A root cause analysis analyzes a problem that (hopefully) was previously identified through a risk assessment.” He went on to note a, “Root cause analysis is a tool to help identify not only what and how an event occurred, but also why it happened. When we are able to determine why an event or failure occurred, we can then recommend workable corrective measures that deter future events of the type observed.”
Marks also contrasted a root cause analysis with an investigation. He noted, “in an investigation we are try to either prove or disprove an allegation.” This means that in a compliance investigation you may be trying to prove or disprove that certain transactions could form the basis of a corrupt payment or bribe by garnering evidence to either support or refute specific allegations. You do not assess blame and that is the point where a root cause should follow to determine how the compliance failure occurred or was allowed to occur
Three key takeaways:
- A root cause analysis is now required if you have a reportable compliance failure.
- There is no one process for performing a root cause analysis. You should select the one which works for you and follow it.
- To properly perform a root cause analysis, you need trained professionals who really understand what they’re doing.
Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode Matt indulges me as we take a deep dive into 2020 Edelman Trust Barometer and its implications for the CCO and corporate compliance function.
Some of the highlights include:
- Why is trust down so much in developed countries while going up in under-developed countries?
- Why is the trust gap widening between the well-educated and others?
- While respondents tend to trust their employers, why is business in general seen as untrustworthy?
- What does the growing gap in executive pay portend for employee trust?
- What are the implications for the compliance discipline and CCO?
Resources
Download the Edelman Trust Barometer here.
Read Matt’s blog post, Edelman Trust Report Gets Grim
In today’s edition of the Daily Compliance News:
- Airbus to settle corruption allegations for nearly $4bn? (Bloomberg)
- Chair of Chemistry at Harvard arrested for working with Chinese. (Washington Post)
- Britain chooses Huawei over Trump. (NYT)
- The coronavirus outbreak as a business risk. (Houston Chronicle)
