Categories
Coffee and Regs

Special Episode with the Deputy Commissioner, Securities Division of the Vermont Dept. of Financial Regulation

Categories
Compliance Kitchen

Cambodia Business Advisory


OFAC issues Cambodia Business Advisory on High-Risk Investments and Interactions.  Stop by for more detail.

Categories
The Ethics Experts

Episode 099 – Kari Mirabal

In this episode of The Ethics Experts, Gio welcomes Kari Mirabal, International keynote and TEDx speaker, author, and consultant who shares innovative networking strategies to help professionals leverage the power of authentic connection..

Categories
The ESG Report

Board Role in ESG


 
Tom Fox speaks on the role of boards and management in ESG in this episode of the ESG Report. He was inspired by a recent article in the Harvard Law School Forum on Corporate Governance, written by Jurgita Ashley, Randi Van Morrison, et al., entitled ESG Governance: Board and Management Roles & Responsibilities
 

 
Oversight
The board has the responsibility of oversight in ESG matters, which can include issues running the gamut from human capital to climate change to the supply chain. “There is no consensus right now on key topics or issues encompassed under the ESG categories,” Tom tells listeners. Each stakeholder may have their own criteria about what they see as a priority, but they all want to see “demonstrable and verifiable results”. More companies want to see enhanced board oversight and management responsibility for business-relevant ESG issues, but there is no universally accepted approach on how to structure board oversight as it depends on varying factors across organizations. “Key for companies,” Tom remarks, “is to develop an oversight structure with accountability – which can include both corporate charters and corporate governance guidelines as well as internal processes and procedures – which are appropriate for your organization.” The next step is to develop corresponding disclosures to inform investors and stakeholders how the board is overseeing these issues, he continues. 
 
Board Oversight Approaches
Tom shares ways ESG oversight responsibilities can be allocated within the board, including:

  • Full board oversight – suitable for smaller companies or smaller boards. This approach raises the profile of ESG in the company; however, ESG issues may not be fully examined or addressed for lack of time on the board’s agenda.
  • Mix of full board and committee oversight – the full board has oversight on the most significant ESG matters, and other matters are dealt with by appropriate standing committees who report to the board. “This approach can help integrate ESG considerations into business functions,” Tom points out.
  • Standalone ESG committee – this approach allows for regular and in-depth discussions of ESG considerations but runs the risk of separating ESG from broader strategic and financial discussions. If you choose this approach, Tom advises, include chairs from other representative committees.
  • Multiple existing board committees for oversight of discrete ESG matters.

 
Reporting to the Board
Many compliance professionals struggle with what and how to report to the board regarding ESG. “I think the first thing to do is assess your Board of Directors’ ESG competencies,” Tom advises. Most board members will need to be trained on their role of ESG oversight. What you ultimately need to report, he points out, are the ESG metrics deemed most significant to the company. There’s also no universal rule on how often to report. The authors of the article agree, however, that “a regular reporting cadence is important in light of the directors’ fiduciary oversight at many companies.” 
 
Resources
Tom Fox email
FCPA Compliance and Ethics blog
Article: ESG Governance: Board and Management Roles & Responsibilities
 
 

Categories
FCPA Compliance Report

John Davis and James Tillen on WPP


In this Episode of the FCPA Compliance Report, I visit with Miller & Chevalier members John Davis and James Tillen. We take a deep dive into the WPP Foreign Corrupt Practices Act enforcement action. Highlights of this podcast include:

  1. What the basic facts?
  2. What were the missed red flags and M&A failures?
  3. When do compliance incentives become perverse?
  4. What were the investigative failures?
  5. What made the Chinese bribery scheme so unusual?
  1. The Peru bribery scheme was across national lines. Does that make it harder to detect?
  1. Where is the DOJ?
  2. Where is the SFO?
  3. How did WPP get a resolution with no monitor?

Resources
John Davis
James Tillen
 

Categories
Daily Compliance News

November 22, 2021 the Why Corruption edition


In today’s edition of Daily Compliance News:

  • Will Activism CEO resign?(WSJ)
  • Office reopening gets trickier. (WSJ)
  • Banks must promptly report cyber breaches. (Reuters)
  • Why do some become corrupt? (Foreign Policy)
Categories
Blog

Crisis Week: Part 1 – Compliance as a Trip Wire

Perhaps the most prescient comment I heard during the height of the pandemic came from Jed Gardner, Group Director of Transformation at Linedata, which was that we have moved from disaster recovery to business continuity to business as usual. It appears that not only was the comment correct but now we are moving in the business world from crisis to crisis to crisis. This month’s Harvard Business Review magazine dedicated its Big Idea Series to the topic of crisis. Over this short week I will be exploring what this new reality means for the compliance professional. We begin with the article A New Crisis Playbook for an Uncertain World by John E. Katsos and Jason Miklian. As we enter a period of unprecedented instability, is your compliance function prepared?
The authors begin by identifying what makes us now in essentially permanent crisis but as Gardner reminds us, it’s just business as usual. They state, “Today we stand at the precipice of not one but three converging and potentially catastrophic long-term trends: climate change, globalization, and growing inequality.” Given the political instability of America and much of the world, these will only get worse. Moreover, because of this political instability, corporate America has been forced to take the lead in providing solutions to these crises. But one type of crisis can initiate several other types of crises, so “the Covid-19 pandemic, for example, was not just a health crisis but an economic and political one as well.”
Last year we saw increased pressure on compliance functions to speed things up, disregard existing controls for the sake of expediency and move to doing business with a wide variety of third parties, both on the sales side and in the Supply Chain that were not fully vetted through standard due diligence. The Department of Justice (DOJ) responded to these developments in a very clear manner, do not forsake your standard controls for the sake of expediency. If you do and the resulting conduct violates the Foreign Corrupt Practices Act (FCPA) or other federal law, standard or regulation, your organization will not be able to use the excuse that it was an unprecedented crisis.
What the authors found was that “the red-flashing danger signals were always apparent to anyone reading the local news or talking to local people.” Yet almost all companies were “trying to do what they thought was the right thing. But the ones that both survived and thrived had more than good intentions or strong leadership.” Most interestingly, the single most important tactic for every company was to employ a tool long used by every successful Chief Compliance Officer (CCO) and compliance professional – to listen. Every best practices compliance program has a series of early warning posts which should be monitoring your organization. It could be the hotline, your internal controls, your compliance professionals embedded in business units or it could be your local compliance resources who are not compliance function employees. The authors developed a business playbook for dealing with them that I have adapted for the compliance professional.
Listening Locally
A compliance function cannot do effective strategic risk planning or risk management without understanding your organization’s sociopolitical context. The authors found that companies which “had little engagement with local communities, viewing them merely as sources of consumers or raw materials, were unlikely to outrun upheaval.” This is compounded that when a crisis hits and it becomes economic, leading to layoffs, your information flow is constricted and perhaps resentments arise from arbitrary closings. The key is to build a broad base in such localities, both in your compliance function but also far beyond. This is where both ESG and corporate social responsibility (CSR) initiatives can be critical. Through such initiatives, companies can “build deeper ties with the broader community, because those connections are integral to business survival during crises. This means developing relationships with local leaders within and beyond the corporate world and working across societal dividing lines instead of siloing within the “safest” segment of the community.”
Now think about those same concepts from the compliance perspective. Even if you do not have compliance professionals physically located in all regions, this is where your local compliance champions can be so critical. They can provide you information on a wide variety of topics. You could also consider the Regional Compliance structure I have previously advocated which can put an early warning system in place.
Go Beyond the Government Requirements
If it is one thing the business community has learned over the past few years is that the fractured US government will not show leadership in any meaningful way. While businesses have called for greater government regulation and oversight, most particularly in the tech sector, the government has failed to answer. This was most evident in the Business Roundtables Statement on the Purpose of a Corporation where businesses advocated a broader view of stakeholders than simply shareholders. Of course, the Trump Administration laid down regulations that were clearly anti-ESG, even with all business concerns supporting ESG.
This means businesses may well have to go beyond the basic legal requirements. This is even more important in the age of social media which can amplify any corporate misstep that becomes a public controversary. Witness the reputational damage to companies when their supply chains are found to include forced labor or modern slavery of employees. For the compliance professional, it also means going beyond the local government where you might do business. If the port authority where you are bringing goods in continually demands bribes for unloading of equipment, you can engage with a higher level in that country.
Make Principled Choices
Most interestingly, the authors found that the third key step was to “not be afraid to take principled political stands.” They found that “firms tend to thrive when they make consistent choices and communicate them clearly, even if a segment of the population disagrees with them.” They pointed to “the case of the American yogurt company Chobani in the highly polarized United States.” While the company was criticized for hiring immigrants and supporting others in immigrating to the US, it continued to do so because it was not only the right thing to do, it was good for the business. It improved morale and brought a hard-working class of employees into the organization.
This would seem right in the wheelhouse of the compliance professional. Think of institutional justice and institutional fairness. Not only did the DOJ announce in the 2020 Update to the Evaluation of Corporate Compliance Programs that the CCO and corporate compliance function is the keeper of institutional justice within an organization but the social justice movement over the past 18 months have made clear that employees expect the same inside of an organization. Witness the current imbroglio of Activism. Even with a CCO who criticized internal company employee whistleblowers, numerous employees stepped forward with information about the toxic culture of the company, through specific instances of discrimination and harassment.
Many compliance professionals are currently engaging in these steps. However, they may not be thinking about them as early trip wires for the next crisis. With the further admonition from the DOJ in the 2020 Update to the Evaluation of Corporate Compliance Programs that the compliance function must have access across all the data lakes within a company, CCOs and others may be the most uniquely suited corporate functions to help be ready for the next crisis.