In this episode I visit with Vin DiCianni on how ethical culture is a part of an overall ethics and compliance program assessment and how to go about it. We began with an exploration around the areas assessed to help determine if a company has an ethical culture. DiCianni said you need a framework for such an assessment. DiCianni advocates starting with the program itself. This means a review of what does the organization’s compliance program look like and does it meet the foundational tenants? He would ask such questions as whether it is educational; does it have a process for detection; and is there some type of remediation when something is found? From this baseline, you might consider what the company is doing for training to educate their staff, are they really touching on the elements of the parts of education that the staff need and is it meaningful to them in their positions? In other words, is the training both focused and effective?
DiCianni concluded with accountability. He said, “I think the other one that I can’t emphasize enough is accountability. You know if there are serious violations of an ethics policy of the company, be it conflicts of interest or code of conduct. If nothing is done about it, everyone in the organization knows about that. It diminishes all of the efforts that have gone into creating this program and trying to have an ethical culture. If you do not do anything to enforce it, when something serious happens, it literally becomes a futile exercise”.
Day: June 30, 2020
Welcome to the podcast series: In Conversation with K2 Intelligence FIN: Navigating an Increasingly Complex Sanctions Landscape. This series is sponsored by K2 Intelligence FIN. This week I will visit with Adam Frey, Managing Director at Intelligence FIN and Eric Lorber, Vice President at Intelligence FIN.
Over the week, we will review the current sanctions landscape, discuss how to build a sanctions compliance program, walk listeners through what happens when you discover a sanctions breach or potential breach, consider new sanctions exposure and conclude with a look in that veiled land of the future by considering issues on the horizon. In this Episode 2, I am joined by Adam Frey to learn about how to build an effective sanctions compliance program.
We conclude with a few thoughts on the constant pressure for cost-cutting in the compliance function, which has been made more acute during the time of Covid-19. Frey noted that it “ is a consistent pressure. But I think it’s important to emphasize organizations really have to resist the urge to, to cut costs.” The reason is the cost of a compliance failure is so high and the regulators have said that all businesses must remain ever vigilant. The idea of cutting corners now in an attempt to reduce costs could really end up adding costs down the line in terms of fines and penalties down the road.
Please join us tomorrow where Eric Lorber returns to discuss the actions you should take if you have sanctions violation or even a potential. While it depends somewhat on the size of the organization.
Resources
For more information on K2 Intelligence FIN’s Sanctions Risk Advisory Services, click here.
For more information on Navigating the Sanctions Minefield: What Every Global Business Should Know, click here.
On this special bonus episode of The Ethics Experts, we speak with Ron Skillens about having relationships with vendors, and how getting to know account managers is key to successful integration with the business.
Check out more episodes, and don’t forget to subscribe on your favorite podcast platform!
Welcome to the newest addition to the Compliance Podcast Network, Compliance and Coronavirus. In this episode, I visit with Ryan Schonfeld, founder of RAS Consulting and Investigations. We consider various issues relating to IT security brought on or amplified by Covid-19. They include some of the top questions Schonfeld is getting from clients during Covid-19; why due diligence and investigative services are even more important now; how IT security and risk profiles have changed in the era of Covid-19 and WFH; how have risk profiles around physical security changed; and as we move into phased reopening across the country, what are some of the key IT security issues to consider. For more information on RAS Consulting and Investigations, check out their website here.
Director of Advisory Services at SAI Global, James Green, is this week’s guest on the Innovation In Compliance podcast. James’ role involves helping clients manage atypical risk concerns or situations, including business continuity, vendor risk, pandemic, workplace violence, and active shooters. He chats with Tom Fox about his company’s 360° view of risk management and how to survive risks that you never saw coming.
Compliance vs Operational Risk Management
James gives his perspective on the difference between compliance and operational risk management. Compliance, he says, is ensuring that you’re adhering to your own standards, policies, and regulatory requirements. Operational risk management, on the other hand, is mitigating any risk to the company, no matter where it originates. Hurricane Harvey is a classic example of checking all the compliance and risk management boxes, but failing to mitigate the actual risk. Tom comments that compliance and risk management are much closer than just complementary: a combined approach helps a business create a more robust strategy for overall risk management.
360° View of Risk Management
SAI Global advocates a 360° view of risk management; risk and compliance need to be seen holistically. “We believe a company needs to be assessing risk in totality wherever it comes from,” James says. “And it doesn’t matter where it comes from, because the goal is to increase your organization’s resilience, right. That is really the goal of all of our collective functions, is that when there’s a bump in the night, we can manage through it successfully, legally, ethically, to the satisfaction of our stakeholders.”
When Things Go Bump In The Night
Tom comments on SAI Global’s real-time risk management approach. He asks James how it allows an organization to be more agile and responsive to market conditions as they come up. James responds that while compliance and risk professionals are great at mitigating issues that just happened, they need to also be aware that there will always be unknown and unanticipated issues. “…The problem is in our world, there’s always an unknown that’s coming up. Right now we’re living through COVID-19 which was unknown to a lot of us,” James points out. “There’s always something that’s gonna happen. There’s always another bump in the night. So you can’t be planning based on what happened in the past. You need to be agile. You need to be nimble.” He gives tips on how to determine if a risk is strategically acceptable, and the role risk management should play in the corporation.
COVID-19 and Supply Chain
They originally saw COVID-19 as a supply chain issue, James says, and started advising their clients about it in January. It became much more than that, he remarks. “Supply chain really needs to be embedded in your risk model… because it can damage what your suppliers and vendors do, it can damage your brand to your customers.” He shares useful COVID-19 resources that his company has made freely available to the public.
Resources
SAIGlobal.com
COVID-19 Resources
James Green on LinkedIn | Twitter
In this #jammingwithjason #internalauditpodcast I’m talking about relevance and relationships with the one and only Hal Garyn. If you don’t already know Hal, you should.
For many years #internalaudit has been losing its relevance in some organizations, and if you were having trouble with your relevance before, after what we’ve experienced in early 2020, your job just got harder. But fear not, in this episode we discuss what you can do to become more relevant.
Since 80% of challenges stem from relationship issues, it’s also fitting that we discuss relationships. If you want a seat at the table you have to earn it, and keep it. The way you do that is by showing your relevance and developing relationships.
As I mention at the end of the episode, if you are a Chief Audit Executive and struggling with either of these, please reach out to me. Send me an email or message me through LinkedIn.