Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Internal Controls – Internal Controls in International Locations

While a CCO should expect (or at least hope) that internal controls at locations outside the U.S. are of the same effectiveness as internal controls within U.S. business units and at the U.S. corporate office, unfortunately, that might not always be the case, it is often the case that corporate level internal controls are stronger than those in foreign business units. There may well be several reasons for this. First, the CFO may be paying closer attention to the corporate level internal controls, with the idea that the corporate level internal controls are the final “filter” to detect issues. This follows partly from the focus in most companies on the controls over financial reporting, which does not include all controls needed for compliance. A second reason is that many companies were built through acquisitions, resulting in many business units (both in and outside the U.S.) having completely different accounting, ERP, and internal control systems than the corporate office. There is often a tendency to leave acquired companies in the state where they were acquired rather than trying to integrate their controls and conform them to those of current business units. After all, the reason for the acquisition was the company’s profitability, and nobody wanted to be accused of negatively impacting profitability.

A third situation may exist at locations outside the U.S. with what began simply as a sales office and then expanded its scope of operations to become a business unit with its accounting and data processing functions. Unfortunately, it is not often a situation where there was a master plan for internal controls as the location’s scope grew. Processes are usually added and designed by the local personnel, which, in practice, means the country manager has total control over financial affairs and is not truly accountable to the corporate office. This can be particularly true if a country’s business unit’s profits continue. In such situations, there will rarely be any focus on effective preventive internal controls for compliance risk.

Where should a CCO begin in any of the above scenarios? The first step is to determine the extent of centralization or decentralization of relevant processes or, put another way, to what extent are relevant processes performed at the corporate offices? The second step for the CCO is to determine the possible universe of risks and to assess the risks to result in a priority of how attention will be focused. One useful approach is to perform a location risk assessment, whose purpose is to capture each location outside the U.S. where your company conducts business in one place and assess the compliance risks posed by the nature of operations at each location. Once the risks at each location have been properly categorized, you can prioritize your approach to dealing with the risks.

 Three key takeaways:

1. Modifying your internal controls can work to operationalize your compliance program more fully.

2. Check the effectiveness of your internal controls for your international locations.

3. Revisit your internal controls when a country or region experiences large growth or disruption.

Categories
Corruption, Crime and Compliance

Person of the Year: The Trade Compliance Officer Featuring Alex Cotoia

 

Trade compliance officers were recognized as the “Person of the Year” in 2022. Michael Volkov welcomes Alex Cotoia, Regulatory Manager, to discuss this development. Alex sheds light on the challenges faced by these professionals over the past year: from navigating the global pandemic to ensuring compliance with sanctions regulations, trade compliance officers have done it all. 

Alex Cotoia, Regulatory Manager at The Volkov Law Group, is a seasoned trade compliance expert with extensive knowledge across ITAR compliance, BIS compliance of commerce, and opacity sanctions. She brings valuable insights on the crucial role of compliance in the world’s rapidly changing landscape.

 

Key ideas you’ll hear Michael and Alex discuss:

  • The unprecedented challenges faced by trade compliance professionals. The global pandemic and the rapid and constant changes in the regulatory climate had a major impact on trade compliance professionals.
  • The importance of trade compliance professionals was demonstrated this year, as they were seen as unsung heroes who played a crucial role in ensuring compliance with regulations.
  • The invasion of Ukraine by Russia led to a more fulsome political response compared to the invasion of Crimea in 2014, which further highlights the significance of trade compliance in today’s world.
  • The recommended approach for trade compliance is to consider the market exposure to sanctions risk and adopt measures that are reasonably designed to deter and detect infractions.
  • Increased importance of end-user certificates: The use of end-user certificates became more important in ensuring compliance with regulations in exports to Russia.
  • Michael and Alex emphasize the need for verifying the end use of products purchased from a third party to ensure it’s for a permissible purpose. 
  • Alex stresses the need for international organizations with broad exposure to invest heavily in trade compliance, including having a trade compliance officer and choosing the right tools. Michael highlights the importance of integrating the overall trade compliance function into the overall ethics and compliance function. This requires a strategic approach for trade compliance and sanctions risks, including education, internal controls, and technology solutions that integrate sanction screening, third-party risk management, incident reporting, and trade compliance.
  • The responsibility for internal controls lies with the leadership team and the board of directors.
  • Trade compliance should be part of compliance education.
  • Trade compliance is an industry that’s here to stay.

 

KEY QUOTE:

“Consider where the greatest sanction risk lies from a market exposure perspective and then adopt measures that are reasonably designed to deter and detect inflections.” – Alex Cotoia

 

Resources:

Alex Cotoia on LinkedIn | Email

The Volkov Law Group

Categories
The ESG Report

Practical ESG with Lawrence Heim

What is the role of ESG in shaping a sustainable future? Tom Fox and his special guest, Lawrence Heim, take an insightful journey into the principles and practice of ESG in this week’s show. Lawrence is a true advocate for ESG and shares his unique perspective and deep understanding of ESG and its role in shaping a sustainable future. 

Lawrence Heim is the editor of Practical ESG. He is a seasoned professional in the field of environmental sustainability; with a background in environmental compliance, technical consulting, non-financial auditing, and risk management, Lawrence has been at the forefront of the industry for over 30 years. His expertise and dedication have earned him a reputation as a leading voice in the ESG community. 

 

You’ll hear Tom and Lawrence discuss:

  • Practical ESG is a resource for ESG practitioners and the corporate community, providing practical and candid content analysis, and helping them understand complex issues.
  • Contributions cover a range of ESG topics, including climate issues, investor perspectives, and corporate culture management.
  • Lawrence is working on a blog about the recent SEC proposed rules for climate disclosure risk.
  • The ISSB (International Sustainability Standards Board) just announced the creation of a working group with multiple regulatory agencies, including the SEC. The goal of the working group is to align ISSB standards with existing national frameworks.
  • Adoption of ISSB standards is not automatic; it must go through legal and administrative processes in each country. In the US, FASB (Financial Accounting Standards Board) is responsible for the convergence process.
  • The SEC proposed rules have received over 6000 public comments, most of which are form letters or from concerned citizens. Stakeholders are concerned about the complexity of the proposal and need more time to evaluate it.
  • There are three different categories in the proposed framework for measuring greenhouse gas emissions: Scope One (direct emissions from the company’s own equipment), Scope Two (emissions from energy purchased from third parties), and Scope Three (emissions embedded in the company’s supply chain).
  • The proposed SEC framework does not specify how to collect the data or interact with suppliers. Other established frameworks, such as Conflict Minerals, can be used as a reference to think about how to approach the collection of the data and interaction with suppliers.

 

KEY QUOTE:

“…just because IFRS adopts a standard or develops a standard, that doesn’t mean that it is automatically established as a regulatory standard. These countries, as with anything else, individual countries have got to go through their legal and administrative processes to implement them and make them enforceable within their own boundaries, their own jurisdiction.” – Lawrence Heim

 

Resources

Lawrence Heim on LinkedIn | Email

Practical ESG

Categories
FCPA Compliance Report

Alastair Parr on New Developments in TPRM

Welcome to the award-winning FCPA Compliance Report, the longest running podcast in compliance. In this special episode, I am joined by Alastair Parr, SVP of Global Products & Delivery at Prevalent to discuss developments in third-party risk management.

In this episode we consider:

  • Why is a comprehensive 3rd risk management solution not simply a nice to have but a must to have now?
  • Why is 3rd party risk management so much critical after the pandemic and the Russian invasion of Ukraine?
  • Improving the UX for TPRM.
  • Why has simplifying the UX for TPRM eluded most providers so far?
  • How can the UX be improved so the information which is the most vital and most relevant is captured and more importantly can be actioned?
  • How can the process of obtaining TPRM information to implementing controls to manage the risk be improved?
  • How can companies automate data gathering by using a single targeted assessment by building in targeted compliance mappings for legal or regulatory requirements?
  • Other areas of compliance such as modern slavery and human trafficking?
  • Do you see continued evolution of 3rd party risk management into 2025 and beyond?

Resources

Alastair Parr on LinkedIn

Prevalent

Being a Compliance Officer is Awesome on Amazon.com

Categories
Daily Compliance News

February 6, 2023 – The Activision Blizzard Punished Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition of Daily Compliance News:

  • Trump offers to post bond. (Bloomberg)
  • Activision Blizzard was spanked by SEC. (CNN)
  • Age discrimination win and whistleblower award in the UK. (FT)
  • Farewell to Mr. Peeps. (AP News)