Categories
Jamming with Jason

Vendor Risk Management with Rick Roybal


As organizations outsource more and more of their processes, the #risk associated with managing those vendor relationships goes up. Organizations may think they are removing the risk by #outsourcing, but they are only sharing or transferring a portion of the risk. Just ask the countless organizations that found themselves holding the bag on a multi-million dollar fine or penalty when their vendor wasn’t compliant.
In this #jammingwithjason #internalauditpodcast I speak with Rick Roybal about the importance of having mentors in your career and risk around third-party, vendor risk management.
Listen in at: http://www.jasonmefford.com/jammingwithjason/
Registration for the Fall 2020 Oil & Gas Vendor Roundtable mentioned during the episode is now open. When you are ready, visit https://www.vendoraudit.org/fall2020ogvr to see the speaker lineup (and you will see Jason’s smiling face).
Just a few details for you:
– If you work for an operator, there is no cost to you.
– There are a limited number of seats available.
– Dates: October 28-29.
– CPEs offered
Register for the Oil & Gas Vendor Roundtable at: https://www.vendoraudit.org/fall2020ogvr
Make sure to check also out The Tour Report podcast with Rick (especially if you are in the oil and gas sector) at: https://www.vendoraudit.org/tourreport

Categories
The Compliance Life

Louis Sapirman – How can communications be used as a driver of culture?


The Compliance Life details the journey to and in the role of a Chief Compliance Officer. How does one come to sit in the CCO chair? What are some of the skills a CCO needs to success navigate the compliance waters in any company? What are some of the top challenges CCOs have faced and how did they meet them? These questions and many others will be explored in this new podcast series. Over four episodes each month on The Compliance Life, I visit with one current or former CCO to explore their journey to the CCO chair. This month, my guest is Louis Sapirman, Vice President, Chief Ethics & Compliance Officer and Chief Compliance Counsel for Panasonic Corporation of North America, the principal North American subsidiary of Panasonic Corporation. He oversees the company’s regulatory and compliance function, maintaining a culture of ethics, and ensuring all employees are upholding Panasonic’s longstanding values in their work.
Louis previously served as Associate General Counsel & Chief Compliance Officer for the Dun & Bradstreet Corporation. During his tenure as CCO, the company was recognized as one of the World’s Most Ethical Companies by the Ethisphere Institute. Prior to moving in-house, Louis worked in private practice with several law firms including Wilmer Cutler Pickering Hale & Dorr and Buchanan Ingersoll. Throughout his career, Louis has been recognized for his work. In both 2015 and 2016, the Ethisphere Institute named him to their list of Attorneys Who Matter in Compliance and Ethics, and in 2010 he was named International Employment Lawyer of the Year by the Association of Corporate Counsel.
In this Episode 3, Sapirman discusses how communications can be used to help drive a more ethical culture. Sapirman believes that communication as a driver of culture. But more than simply being a great communicator, a compliance practitioner must use skill to help others communicate the messages of ethics and compliance. He discusses the concept of 360-degree communications. He is a big fan of social media and the power of non-verbal communications. He concludes with an example of how he used training as an effective tool of communications.

Categories
Innovation in Compliance

A Conversation with Skillsoft and StoneTurn: Part 2 – Charlie Voelker on How a Risk Assessment Informs Your Code of Conduct


Welcome to a special five-part podcast series, A Conversation with Skillsoft and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Skillsoft and StoneTurn Group, LLP. In this podcast series we will explore the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on your Code of Conduct and how it is informed by your Risk Assessment, training on your Code of Conduct, performing a Risk Assessment and conclude with how all this ties to continuous monitoring and continuous improvement. Participants in this podcast series include: from Skillsoft, Charlie Voelker, Director, Compliance Products; John Arendes, Vice President and GM of Global Compliance Solutions; from StoneTurn, Toby Ralston, Managing Director, Jamen Tyler, Managing Director and Stephen Martin, Partner. In this second episode, I visit with Voelker on how a Risk Assessment informs your Code of Conduct.
We began with an exploration of why the Code of Conduct is so foundational to a compliance program in general. Voelker said, the “Code of Conduct is a way of capturing the risks and the issues that the organization faces. These are the major concerns that, that the organization has in terms of the type of business it is in, where it is operating and other factors of that nature.” Moreover, “by capturing those major issues within a training experience that is delivered across the organization and to all employees, it helps to level set everybody within the company in terms of what are those issues that are sort of top of mind for the company, what are the areas that as an employee needs to be focused on. Also, for employees, the Code of Conduct is a source of that information and also about where to go for more help. In many cases, a Code of Conduct will point to other policies or procedures or other resources that serve to provide that support that employees might need as they go about their day-to-day business.”
One of the key themes of the 2020 Update was of the importance of a risk assessment to all aspects of your compliance program. Additionally, the 2020 Update made clear the relationship between risk assessment and Code of Conduct training going forward. A risk assessment informs the content of the company’s Code of Conduct itself by identifying the topics and the issues that relate to the risks the organization faces.
Join us tomorrow where Jamen Tyler, Managing Director at StoneTurn, helps us take a deep dive into Risk Assessments.

Webinar

If you enjoyed today’s podcast, I want to let you know about an upcoming webinar Skillsoft and StoneTurn are hosting. The webinar “Evolving Your Compliance Program” will be held on Wednesday Sept 23 and will explore how companies are leveraging data and information to improve and evolve their compliance programs. Information and Registration click here.

Resources

For more information on Skillsoft’s compliance offerings, click here.
For more information on the Skillsoft/StoneTurn partnership, click here.
For more information on StoneTurn, click here.

Categories
Compliance and Coronavirus

Eric Feldman on Culture, Governance and Compliance


Welcome to the newest addition to the Compliance Podcast Network, Compliance and Coronavirus. As the Voice of Compliance, I wanted to start a podcast which will help to bring both clarity and sanity to the compliance practitioner and compliance profession during this worldwide health and healthcare crisis. In this episode, I am joined by Eric Feldman, SVP at Affiliated Monitors, Inc. We discuss the role of the Board of Directors in establishing corporate culture during the time of Coronavirus, corporate governance issues and compliance in the Supply Chain during Covid-19.
For more information on Affiliated Monitors, Inc. check out their website here.

Categories
Innovation in Compliance

Why GRC is the Keys to the Kingdom with Matt Kunkel


Matt Kunkel saw a need in the market for “a platform that could act as a central nucleus and bring together and automate in a flexible, easy fashion, all of the different components that make up a traditional governance, risk and compliance regulatory program.” He, together with John Siegler and Dan Campbell, founded LogicGate to fulfill that need. Matt joins Tom Fox on this week’s show to talk about LogicGate’s GRC platform and how it helps businesses improve their bottom line.

Every Business Needs a GRC Champion
Matt wants to give business leaders the keys to the kingdom from a technology perspective. Leaders should be able to own and maintain Governance, Risk and Compliance (GRC) technology that grows and evolves alongside the company’s growth and evolution. A well run GRC program has multiple stakeholders throughout the organization, he points out, especially a champion who will advocate for a culture of risk and compliance. He shares six tips for choosing the best GRC solution.
Managing Third Party Risk
Tom asks about the key exposure points in third party risk and how LogicGate’s solution helps to manage those risks. Matt responds that the best GRC program is only as good as the third parties we use and the programs they have in place. He explains the role of their platform in managing third party risk as well as performing due diligence. 
Risk is Good
Matt explains why all businesses should have a Business Continuity Playbook: it’s your Bible to tell you what to do when a disaster strikes, he says. He emphasizes that risk is good. “Risk is good. Companies are built and scaled and grow and achieve great things because they take on… additional strategic risk,” he remarks. It’s about evaluating where risk lies and taking the necessary mitigating steps that would enable you to take on more risk and drive better business outcomes. “I hope that we as an industry can elevate compliance professionals, risk professionals, security professionals to a spot where we can help the organization make strategic decisions based on risk to drive better top-line outcomes, more revenue for the business. It’s not just about asset protection, it’s about revenue generation,” he comments.
Resources
LogicGate.com
LogicGate on LinkedIn | Twitter
Matt Kunkel on LinkedIn

Categories
Daily Compliance News

August 18, 2020-the COI at Calpers edition


In today’s edition of Daily Compliance News:

  • FT announces business books of the year. (FT)
  • Former McDonald’s CEO says company had evidence of his affairs, not his responsibility to tell company about them. (WSJ)
  • Calpers BOD asks how long COI had been going on. (WSJ)
  • If you can work from anywhere, can anyone do your job. (FT)