Day: July 27, 2021

Categories
Fraud Eats Strategy

Investigations for Non-Investigators

Internal investigations often are conducted by company personnel who may not have investigative backgrounds. While that is a common scenario and perfectly appropriate, there are certain dos and don’ts that non-investigators should know about to avoid missteps that could undermine the investigation and limit its effectiveness.

>

Join us each week as we take a deep dive into the various forms of fraud across the world and discuss crime families, penny stock boiler rooms, international money launderers, narco-traffickers, oligarchs, dictators, warlords, kleptocrats and more.

Scott Moritz is a leading authority on white-collar crime, anti-corruption, and in the evaluation, design, remediation, implementation, and administration of corporate compliance programs, codes of conduct. He is also considered an authority in the establishment, training, and oversight of the investigative protocols carried out by financial intelligence, corporate security, and internal audit units.
 

Categories
Coffee and Regs

Data Privacy & Building Compliance into the Product Development Lifecycle


 

Data Privacy & Building Compliance into the Product Development Lifecycle

 
In this episode, CSS’s Director of Cyber IT Services, E.J. Yerzak sits down with Co-Founder and COO of TerraTrue, Chris Handman to discuss data privacy and how compliance can keep up with the ambitions of product teams by building data privacy controls into the product development lifecycle.
 

 

About Our Guest Speakers:

E.J. Yerzak CISA®, CISM®, CRISC™ assists firms in assessing and managing their cybersecurity risk – from network vulnerability scanning and penetration testing to onsite cybersecurity assessments and assistance in implementing the NIST cybersecurity framework. E.J. has authored articles and alerts on emerging regulatory and technology issues, and is regularly requested to speak as a cybersecurity expert at industry conferences.

 
 
 


Before co-founding TerraTrue, Chris Handman was the first General Counsel at Snap, where he built the company’s legal, compliance, public policy, and law-enforcement teams. During his time there, Chris developed a transformative privacy program that coupled rigorous review with tools and systems that were nimble enough not to restrain the relentless pace of execution. Chris is a Homeland Security Project fellow at Harvard’s Belfer Center for Science and International Affairs. And he’s constructed two crossword puzzles that have been published in the New York Times (one of which was featured on the Colbert Report). He graduated from Yale Law School.

 
 

Categories
The Compliance Life

Asha Palmer-Into the Chair and Beyond

 
The Compliance Life details the journey to and in the role of a Chief Compliance Officer. How does one come to sit in the CCO chair? What are some of the skills a CCO needs to success navigate the compliance waters in any company? What are some of the top challenges CCOs have faced and how did they meet them? These questions and many others will be explored in this new podcast series. Over four episodes each month on The Compliance Life, I visit with one current or former CCO to explore their journey to the CCO chair. This month, my guest is Asha Palmer, CECO at Convercent.
Palmer discusses her decision to join Convercent—traditional CECO plus more. She believes that the profession must continue to go toward collaboration, conversation, and digitalization. Her belief is that CECOs must be seen as business partners and that technology will fuel and help drive that partnership. She concludes on why CECOs must start thinking about and approaching things differently.
Resources
Asha Palmer LinkedIn Profile
Convercent by One Trust

Categories
Compliance Kitchen

FDIC and 3rd Party Risks


The FDIC invites comments on proposed guidance to banking institutions on managing 3rd party relationships risks.  The Kitchen explores the timeline, applicability and what to comment on.
 

Categories
The Compliance Handbook

Using Compliance Data to Facilitate Business Efficiency with Jonathon L. Kellerman


To leave a legacy of operational excellence in compliance is what Global Chief Compliance Officer, Strategic Leader, and Partner at StoneTurn Jonathon Kellerman hopes to achieve in this dynamic industry.
He has been at the forefront of the evolution of compliance programs in health care, life sciences, and pharmaceuticals with over 25 years of experience in compliance strategy, program development and execution; controls design; operational excellence; risk assessment and mitigation; complex investigations; and negotiating and managing government settlements.
Major takeaways discussed in the episode:
✔️ Glean lessons from Jonathon’s unique journey starting a health care compliance practice that served as the first in the industry. His experience in a consulting practice helped health care providers with complex compliance challenges.
✔️ Traditional compliance has been limited by the rigid standards around an audit mentality. Jonathon shares that the focus on looking at transactions in silos instead of the holistic approach of looking at data over time is what’s made compliance programs from being truly effective.
✔️ Compliance programs limiting themselves to the standard practice of risk management will risk being irrelevant in future companies.
✔️ The COVID-19 pandemic broke barriers and accelerated digital transformation. Every company does it to some extent in utilizing digital platforms and data that opens up new ways of rethinking our traditional engagements.
✔️ Advanced technologies use data and digital platforms that create a new type of risk. But it also means that more than ever, there’s a lot of pressure put on companies to operate quickly and very efficiently.
✔️ The skills needed for the compliance professionals of the future is something never taught in law school. Jonathon emphasizes that an individual in the compliance space must speak business language, have trust and credibility, and be willing to think outside the box.
____________________________________________________________________
Jonathon L. Kellerman is a Partner with StoneTurn, brings over 25 years of experience in compliance strategy, program development, and execution; controls design; operational excellence; risk assessment and mitigation; complex investigations; and negotiating and managing government settlements.
A former Global Chief Compliance Officer in the heavily regulated pharmaceuticals industry, Jonathon draws on his in-house career, as well as 20 years as a trusted adviser, to counsel executives and Board members on evolving compliance risk and to help clients design innovative, data-enabled, and business-friendly compliance solutions to proactively and reactively manage risk.
Jonathon has deep experience pioneering technology and data-driven compliance solution innovation, operational improvement, and business protection/enablement in the pharmaceutical, life sciences, and healthcare industries, including his prior role as Global Chief Compliance Officer of Allergan.
LinkedIn: https://www.linkedin.com/in/jonathonkellerman/
Email: jkellerman@stoneturn.com
____________________________________________________________________
About Thomas Fox:
Thomas Fox, the Compliance Evangelist®, is one of the leading writers, thinkers, and commentators on anti-bribery and anti-corruption compliance. In this latest edition of The Compliance Handbook, he continues to arm seasoned compliance professionals and those new to the realm with the practical, actionable guidance and tools needed to design, create, implement and continually enhance a best practices compliance program.
Order your copy OR copies of The Compliance Handbook: A Guide to Operationalizing Your Compliance Program.
http://www.lexisnexis.com/fox25

Categories
The Ethics Movement

Reinventing Compliance Communications with Ronnie Feldman of Learnings & Entertainments


YOU are at the center of The Ethics Movement—the journey to move ethics to the center of business, and build a better world in the process. Join hosts Tom Fox and Philip Winterburn as they unpack the big ideas of ethics and compliance, in the context of today’s big news stories—on The Ethics Movement. As we return to the office setting, ethics and compliance teams have a unique opportunity to reinvent the way we communicate with employees. Ronnie Feldman, founder of Learnings & Entertainments, pitches humor, storytelling, and improv as a new source of inspiration for compliance training.
Resources:
Ronnie Feldman (LinkedIn)
Learnings & Entertainments (LinkedIn)
Ronnie Feldman (Twitter)
Learnings & Entertainments (Website)
60-Second Communication & Awareness Shorts – A variety of short, customizable, quick-hitter “commercials” including songs & jingles, video shorts, newsletter graphics & Gifs, and more. Promote integrity, compliance, the Code, the helpline and the E&C team as helpful advisors and coaches.
Workplace Tonight Show! Micro-learning – a library of 1-10-minute trainings and communications wrapped in the style of a late-night variety show, that explains corporate risk topics and why employees should care.
Custom Live & Digital Programing – We’ll develop programming that fits your culture and balances the seriousness of the subject matter with a more engaging delivery.
Tales from the Hotline – check out some samples.

Categories
Jamming with Jason

Thinking, Reflecting and Being Intentional with Mo Issa


In this #jammingwithjason #podcast I speak with my friend Mo Issa about his journey of self discovery and finding what is really important in life.
I met Mo many years ago when we were both trained to be coaches by Brian Tracy and we have continued our friendship as our paths keep crossing. Mo is one of the most authentic, reflective and wise people I know, so thought it was perfect to have him on the podcast to discuss how to become more self-aware, intentional, and learn how to slow down and relax… things most of us don’t start doing until a mid-life crisis.
And I’m guessing you don’t want to have a “crisis” in your life to before you start implementing this wisdom, right?!
And of course, like usual there are lots of quotable lines and lessons for you to develop habits that help you live your best life and get the most out of your career.
How can you reflect more and be intentional in your life?
Learn more about Mo and sign up for his weekly newsletter at: mo-issa.com
Listen in at: http://www.jasonmefford.com/jammingwithjason/

Categories
Innovation in Compliance

Hitting The Magic Button with Heather Buker


 
Tom Fox’s guest this week is Heather Buker. Heather is the Product Manager at Allgress and oversees the full life cycle of development and QA processes. She has spent her professional life in the world of computer engineering until making her way into the cybersecurity space. Tom welcomes her to this week’s show to talk about a new innovation from Allgress around authorizations to operate in the federal sector.
 

 
All About Allgress
Heather explains that Allgress is for highly regulated industries such as technology, government, and healthcare. “Allgress in general is a global provider of next generation audit, compliance, security and risk management solutions for organizations and their business partners to meet business risk objectives,” she says. Allgress enables organizations to streamline these processes and manage assessment monitoring in a more simplified way, and without the need for a contingent of consultants. 
 
Fed Ramps & ATOs
Tom asks Heather to explain what fed ramps and ATOs are and why they’re important. Fed ramps are federal risk and management programs that are government wide. The programs provide a standardized approach to security assessments and continuous monitoring for cloud-based services. An ATO is the government giving you the authorization to operate a compliant cloud-based service. ATOs and fed ramps are necessary if you sell your service to the federal government. After acquiring your fed ramp or ATO, then you can focus on maintaining the continuous monitoring that the ATO provides.
 
How Allgress Maintains Your Federal ATO Effectively
“We’re going to give you the dynamic preparedness assessment; we’re going to automatically determine your impact level based on a survey; we’re going to guide you through [attaining an ATO] step by step,” Heather tells Tom. Allgress completely streamlines this process via automation and creates the audit trail that its clients need. “When the auditors come and they have questions, you’re gonna have all of the answers, and it’s going to be in the single pane of glass view that Allgress provides,” she adds. Allgress provides all the evidence and policies necessary for when you’re testing to the federal controls. 
 
The Impact of COVID-19 & What’s Next
The pandemic put a spotlight on the need for GRC solutions and exposed those companies that didn’t have those processes in place. It was a reminder to organizations that we never know when unexpected risk may strike, how we may be impacted, and how it may affect our organizational systems. Businesses have to start preparing for unexpected risks within our organizations. Heather explains to Tom that Allgress helps with this by automating organizational and partner risk assessment and leading them in the direction of a recovery plan. Businesses also need to be putting more importance on the usability of their products. 
“User adoption is something that’s so difficult to achieve when you introduce a new product to your workforce… It’s imperative that GRC solutions continue to become more user-friendly and reduce that learning curve so that users are going to adopt the technology more quickly and with ease,” Heather remarks.
 
Resources
Heather Buker | LinkedIn | Twitter 
 
 

Categories
Daily Compliance News

July 27, 2021 the SFO Still Relevant? edition


In today’s edition of Daily Compliance News: