Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Internal Controls – Code of Conduct as an Internal Control

In 2016, the SEC announced one of the most interesting non-international-focused FCPA enforcement actions. It involved a clear quid pro quo benefit paid out by United Airlines, Inc. to David Samson, the former chairman of the Board of Directors of the Port Authority of New York and New Jersey. This public government entity has authority over, among other things, United’s operations at the company’s huge east coast hub in Newark, New Jersey.

At the time, United’s Code of Conduct prohibited “United employees from directly or indirectly making bribes, kickbacks or other improper payments to government officials, civil servants or anyone else to influence their acts or decisions” and that “[n]o gift may be offered or accepted if it will create a feeling of obligation, compromise judgment or appear to influence the recipient improperly.” Only the United Board of Directors could grant a waiver to the code, and none was sought or obtained by Smisek. The Order concluded, “The [Chairman’s] Route was initiated in violation of United’s policies.”

The company was also sanctioned for not having internal controls to prevent such actions as those taken by Smisek. The SEC also found this was a violation of Section 13. This was in the face of detailing the protocol for the United instituting or reinstituting a route. The Order stated, “United had insufficient internal accounting controls to prevent approval of the South Carolina Route in derogation of United’s Policies.” All the underlying facts, enforcement theories, and remediation point towards the failure of internal controls when domestic bribery corruption occurs.

 Three key takeaways:

1. It is very unusual for the FCPA to form the basis of a domestic bribery violation.

2. A Code of Conduct can be an internal control.

3. Even a CEO must follow internal controls.

For more information on building a best practices compliance program, including internal controls, check out The Compliance Handbook, 3rd edition.

Categories
Hidden Traffic Podcast

EU Corporate Sustainability Reporting Directive Update

In this solo episode of Hidden Traffic Podcast, host Gwen Hassan dives into the new Corporate Sustainability Reporting Directive (CSRD) adopted by the European Council, which replaces the Non-Financial Reporting Directive (NFRD). The CSRD requires companies, both public and private, to report on a wide range of sustainability-related topics, including human rights, anti-corruption, modern slavery and human trafficking prevention, and environmental protection. Gwen will explain the impact of this directive on businesses and provide valuable insights into what companies can do to meet its requirements. 

The CSRD directive aims to increase disclosure requirements for companies and prevent greenwashing. It will also require subsidiary level reporting and auditable information about supply chain, due diligence and human trafficking prevention. The CSRD applies to a larger number of public and private companies and will increase cost. Companies should start preparing as soon as possible to meet the requirements.

 

The CSRD requires companies to report on a wide range of sustainability-related topics – including human rights, anti-corruption, modern slavery and human trafficking prevention, and environmental protection – and provide information about their strategy, targets, governance policies, incentives and risks. The European Commission will adopt standards for reporting under the CSRD by June of next year. The directive will become effective on January 1, 2026, with a 2028 opt-out date for small and micro entities. Large entities and their parents will have to comply immediately.

 

The recent development of the Forced Labor Protection Act in Africa highlights the issue of outsourcing services to low-cost countries and the potential liability companies can face for labor violations and human trafficking in their supply chain. A former content moderator in Kenya filed a lawsuit against both the outsourcing company he worked for and Meta, a social media giant, alleging that he was subjected to viewing graphic and violent material that caused him post-traumatic stress disorder. The court ruled that the case against Meta can move forward, highlighting the need for companies to take responsibility for practices in their supply chain, even if they were not aware of them. This could result in a strict liability standard for many types of companies.

 

Resources

Gwen Hassan on LinkedIn

Categories
Life with GDPR

NIS II

Jonathan Armstrong and Tom Fox return for another episode of the award-winning Life with GDPR. In this episode, we take up NIS II and are pleased to be joined by Jonathan Marks and Matt Kelly for a robust conversation.

Highlights include:

  • What is NIS II and how does it differ from NIS I?
  • NIS II governs by sectors.
  • What are the implications for global companies?
  • Where can you go for more information.

Resources

For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Connect with Tom Fox

Connect with Jonathan Armstrong

Categories
Daily Compliance News

February 16, 2023 – The Defending Fraud Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition of Daily Compliance News:

  • Banks want visibility into account ownership data bank. (WSJ)
  • China national soccer head arrested on corruption charges. (FT)
  • Bankruptcy court rejects call for another investigation into FTX collapse. (Reuters)
  • After having accused Twitter of fraud, Musk now defends lawsuits accusing Twitter of fraud. (Bloomberg)