Categories
The Compliance Life

Stephen Martin-Move into Compliance Consulting

The Compliance Life details the journey to and in the role of a Chief Compliance Officer. How does one come to sit in the CCO chair? What are some of the skills a CCO needs to success navigate the compliance waters in any company? What are some of the top challenges CCOs have faced and how did they meet them? These questions and many others will be explored in this new podcast series. Over four episodes each month on The Compliance Life, I visit with one current or former CCO to explore their journey to the CCO chair. This month, my guest is Stephen Martin, CCO at Skillsoft on his path to the CCO Chair.

From the corporate world, Martin moves to the compliance consulting world, first at Baker & McKenzie and later moving to StoneTurn. Martin literally traveled the globe (multiple times) both investigating allegations of bribery and corruption and building out best practices compliance programs. He also began teaching a compliance course at the University of Denver and reflects on lessons from that experience. He concludes by talking about the need for a personal brand and how he created one.

Resources

Stephen Martin LinkedIn Profile

Categories
The Hill Country Podcast

The Big Empty On 5 Economic Issues Facing Texas Today: Part 2-Power

This is a special podcast series on current economic and culture issues faced by the state of Texas, its governments and its citizens. We will explore these issues with author Loren Steffy, through the prism of his book The Big EmptyThe Big Empty set in 1999, is a tale about the sense of place and tells the story of a fictional company AzTech which builds a semi-conductor plant in the dying west Texas city of Conquistador. The attempt is beset by the clash of culture in bringing Silicon Valley tech entrepreneurs to rural Texas. The book also raises multiple economic issues facing Texas as we move towards the mid 21st century. Over this 5-part podcast series we will consider the following issues facing Texas today; including water, power, land investment, housing and the clash of cultures.

In Episode 2, we consider power in Texas. In the book, the massive power lines to the plant play a seminal role in the story. How do you bring the massive amounts of power needed to run a semi-conductor plant to rural west Texas. How is power generated? The Texas power grid has sustained three major failures over the past 12 years, does the Texas Legislature have the political will to ever fix it? What about alternative forms of power and why is Texas uniquely situated to exploit wind and solar power? Many companies and homeowners are now onsite power generation. What does this mean for the Texas power grid? For Texas to continue to bring high tech manufacturing facilities, the state will have to address these issues.

Purchase The Big Empty

Categories
Innovation in Compliance

Corporate Case Management in the Era of the DoJ’s Monaco Memo: Episode 2-Strategic Triage

Welcome to a special podcast series, Corporate Case Management in the Era of the DoJ’s Monaco Memo, sponsored by i-Sight Software Solutions. In this series, I am joined by Jakub Ficner, Director of Partnership Development at i-Sight. Over this series, we detail the changes wrought by the Monaco Memo and how compliance professionals can respond to these new challenges. In this Part 2, we look at the need for active triage in your investigative protocol to allow your organization to meet the strictures of the Monaco Memo. Some of the highlights include:

  • What is triage in a best practices compliance program?
  • Why triage is as important as the original report coming in.
  • How to document triage for regulators.
  • What to do when new issues are discovered
  • Why is the ability to ultimately learn from your collected data a key outcome?

For more information, check out i-Sight here.

Categories
Career Can D0

Valuing Communication in Interviews with Akili Atkinson

In this episode of Career Can Do, Mary Ann Faremouth chats with Akili Atkinson, a neurodiversity trainer helping individuals and businesses understand workplace communication strategies. Akili discusses how to overcome the problem of finding employees in today’s economy, emphasizing the importance of communication in interviews. She also shares advice on alternative methods for hiring.

 

 

Neurodivergent people have unique ways of approaching situations, creating solutions that wouldn’t otherwise be found by traditional methods. Organizations should consider this in the hiring process, Akili believes, as these individuals bring new skills to the talent pool that haven’t been tapped into yet.

 

When hiring people, interviewers should ask candidates what they can contribute to the company. Oftentimes the best employees aren’t necessarily the most qualified, but the ones who have the dedication and desire to do the job. They bring their passion with them, and employers can easily put them in alignment with what needs to be done.

 

Resources

Faremouth.com

 

Categories
Everything Compliance - Shout Outs and Rants

Episode 107, Shout Outs and Rants

Welcome to the only roundtable podcast in compliance. Everything Compliance was honored by W3 as a top talk show in podcasting. In this episode, we have the full gang of Jonathan Marks, Matt Kelly, Jonathan Armstrong, Jay Rosen, Tom Fox, and Karen Woody.

1. Matt Kelly shouts out to everyone who voted.

2. Karen Woody rants about the Russian government’s treatment of Brittany Griner and her shipment to a Russian penal colony.

3. Jonathan Marks shouts out to the Houston Astros for winning the World Series and continues his ongoing rant about takeaway food from Chipotle.

4. Jonathan Armstrong shouts out the Houston restaurant Mac N’ Wings for having Asian/Southern fusion food and the hottest curry he has ever tasted.

5. Jay Rosen shouts out to former Patriot Julian Edelman, who spoke forcefully against antisemitism.

6. Tom Fox joins in to shout out to Kerrville City Councilperson Brenda Hughes, who defended the City of Kerrville’s Butt-Holdsworth Memorial Library’s right to have books on LGBTQ+ issues.

The members of Everything Compliance are:

•       Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com

•       Karen Woody – One of the top academic experts on the SEC. Woody can be reached at kwoody@wlu.edu

•       Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com

•       Jonathan Armstrong –is our UK colleague, who is an experienced data privacy/data protection lawyer with Cordery in London. Armstrong can be reached at jonathan.armstrong@corderycompliance.com

•       Jonathan Marks is Partner, Firm Practice Leader – Global Forensic, Compliance & Integrity Services at Baker Tilly. Marks can be reached at jonathan.marks@bakertilly.com

The host and producer, ranter (and sometime panelist) of Everything Compliance is Tom Fox, the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the Compliance Podcast Network.

Categories
Innovation in Compliance

Uncovering Hidden Risks with Erica Toelle

 

Erica Toelle is the Senior Product Marketing Manager on the Microsoft Purview product team. Her focus is on growing the Data Lifecycle and Records Management business and listening to customers and partners to make solutions better. She and Tom Fox discuss her podcast, her book, and the relationship between technology and humans.

 

 

Relaunching the Uncovering Hidden Risks Podcast

Tom asks Erica why she relaunched her podcast. Erica explains that she hopes to target chief security officers, and people in compliance leadership roles, and provide information on topics they are interested in learning about. In particular, the podcast explores how enterprises can reduce their risk by moving to a more holistic approach to data protection. The world of compliance is rapidly changing, with new regulations and privacy laws being implemented regularly, and the leaders want to know and understand how their peers successfully comply. Erica says that her podcast will bring these stories to life, “so that we can all learn from the best practices and success and hopefully apply them in our own situation.”

 

Technology Requires Humans

Tom comments that a common theme on Erica’s podcast is the human element. Erica explains that technology cannot function without the human element. Technology takes care of collecting data and presenting it in a way that would help people make the best business decisions. However, no algorithm can replace the human ability to weigh, analyze and make a decision when it comes to identifying and managing risks, and driving compliance. 

 

Microsoft 365 Compliance

Erica wrote a book entitled Microsoft 365 Compliance; Tom asks what inspired her to write this book and who is her intended audience. When the pandemic hit, Erica responds, she was working as a consultant at Microsoft helping customers deploy compliance tools. She was one of the only Microsoft Teams compliance experts in the world. It was a stressful period as she was trying to keep governments and business afloat and online. This situation taught her that there was a need for more compliance experts who were familiar with Microsoft’s compliance technology. Therefore, she decided to write a book to make the assimilation into the job and online compliance sphere easier for her successors. 

 

Looking Ahead

In the future, Erica would like to address more topics her listeners would like to hear about related to compliance. Additionally, she would like to interview more diverse guests to get a broader perspective on what is happening in the compliance space outside of Microsoft.

 

Resources 

Erica Toelle | LinkedIn | Twitter 

Uncovering Hidden Risks Podcast | Microsoft 365 Compliance: A Practical Guide to Managing Risk 

 

Categories
Daily Compliance News

November 15, 2022 the Who’s to Blame Edition

In today’s edition of Daily Compliance News:

  • Google settles with states for $391MM. (WSJ)
  • Tyson Foods Board to review CFO arrest. (FT)
  • DR Congo ex-Presidential advisor on trial for corruption. (Barron’s)
  • Who’s to Blame for FTX. (NYT)
Categories
Blog

Corporate Case Management in the Era of the DoJ’s Monaco Memo: Strategic Triage

Welcome to a special five-part blog series, entitled Corporate Case Management in the Era of the DoJ’s Monaco Memo, sponsored by i-Sight Software Solutions (i-Sight). Over this series, Jakub Ficner, Director of Partnership Development, and I consider how the Monaco Doctrine and Monaco Memo have impacted compliance in several key areas. We not only detail the changes wrought by the Monaco Memo but how compliance professionals can respond to these new challenges. In Part 2, we look at the need for active triage in your investigative protocol to allow your organization to meet the strictures of the Monaco Memo.

In the wake of the Monaco Doctrine and attendant Monaco Memo, one of the things that the Department of Justice (DOJ) clearly now expects is even more enhanced cooperation during investigations. But this does not mean the prior version of ‘enhanced’ cooperation where you might throw more bodies at an investigation and it does not mean you have to spend more money or bring additional resources. This type of ‘enhanced’ cooperation means the speed and quality of your investigation. It has emphasized the issue of  triage and why triage is so critical in not only a speak up culture, but also in the investigative process.

We began at the beginning; what is triage? Ficner analogized investigative triage as something like triage within a hospital or healthcare environment. It is a quick review of the facts as they are related in front of you and making a determination in terms of the severity, criticality, and next steps for managing the complaint based on the nature of the complaint and the information that you have at the time. Ficner added, “having a triage place or triage process in place really reduces the risk that organizations face of not handling a complaint properly right from the start.”

It is critical to have both your investigative protocol and triage process written out before any report comes in, so you are not trying to create one on the fly. Ficner suggested that your protocol should include such steps as “what you should do when a complaint or allegation is received, based on the nature of the complaint or allegation. Next factor in elements such as the nature of it, the case type, the jurisdiction or region of the complaint, and ultimately the severity of the complaint and using backend rules.” It is also important to have a mechanism in place to “enforce that process, because while having a process is great, but if the DOJ sees that you are not consistently following that process, then it can actually hamper the risk mitigation factors to the organization.”

 We turned to the type of report which implicates a senior executive, which makes things “riskier.” It certainly requires steps in place you should take. Ficner noted these include “the notifications that we need to trigger and the people who ultimately need to complete the action items.” It is critical that the rules “be enforced using automation, so it is routed to the appropriate team or individual, and the appropriate notifications are triggered. And those initial assessment steps that we know we need to take each and every time are factored into that process.”

Put another way it is critical to “Document, Document, Document” because ultimately the system your organization has in put in place has to be “auditable and defensible.” This is the core of the i-Sight solution, an “application that enables you to be able to see how a complaint came in, when it came in, who was notified and what steps were followed each and every time. And by having that audit trail in place that shows it went for triage, these are the steps that we take when we receive this type of allegation based on the nature of the allegation, and we see that it was action consistently. Those are things that ultimately our clients are looking for as they’re mitigating factors. When the DOJ looks at organizations is there a process in place they can clearly demonstrate that it is auditable, it is defensible?”

A final key element is does your protocol have a consistent approach to follow? If your intake comes in from Singapore, London, Brazil, or the United States do you have confidence that the compliance professional who investigates it will have a consistent approach to follow? Here Ficner noted that given the “complex nature of operating in multiple different regions, jurisdictions, different laws, subject based on where the complaint originated, where the complaint or violation occurred, you can factor those parameters into the actual assessment process so that you can uniquely tailor: you have a single set of steps that we need to follow to assess one of these complaints.”

Join us tomorrow where look at ethical investigations.