Categories
The Ethics Experts

Episode 147 – Elliot Schreiber

 

In this episode of The Ethics Experts, Nick welcomes Elliot Schreiber. Elliot Schreiber has enjoyed a highly-successful career as a C-Suite executive, consultant and academic. He is recognized as one of the most knowledgeable and experienced experts in reputation and risk management and organizational governance. He is the author (2022) of The Yin and Yang of Reputation Management: Eight Principles for Strategic Stakeholder Value Creation and Risk Management, which argues that the success and minimization of risk of all organizations is through understanding stakeholder expectations of value and delivering value better than alternative offerings.

Categories
Corruption, Crime and Compliance

Five Steps to Enhance Your Sanctions Compliance Program

Is your business prepared to effectively manage and mitigate the risks associated with sanctions compliance in today’s global economic landscape? In today’s increasingly interconnected global economy, sanctions compliance is more critical than ever. Companies around the world face complex regulatory environments and unprecedented risks, requiring a comprehensive and proactive approach to sanctions compliance. In this episode of Corruption, Crime and Compliance, Michael Volkov explores the pressing need to elevate corporate sanctions compliance programs, as well as the renewed focus on enforcement by the Department of Justice, and the practical steps every company must take to meet these evolving challenges head-on.

You’ll hear Michael talk about:

  • Companies must enhance their sanctions compliance programs. Basic programs that simply rely on screening tools are no longer sufficient. Companies need to incorporate comprehensive measures to ensure compliance with evolving sanctions laws.
  • The Department of Justice (DOJ) has escalated the enforcement of national security crimes, demonstrating a renewed focus on sanctions compliance. This shift necessitates a proactive response from companies to mitigate potential risks.
  • The OFAC has outlined five crucial elements for an effective sanctions compliance program: management commitment, risk assessment, internal controls, testing and audit, and training. Companies should familiarize themselves with these elements and incorporate them into their existing compliance programs.
  • Risk assessment is a crucial first step in compliance. Companies must review their operations holistically, assessing all touchpoints with international markets to identify potential vulnerabilities and risks.
  • Geoblocking technology is a valuable tool in sanctions compliance. Working with IT departments to develop comprehensive geoblocking capabilities can help prevent interactions with prohibited individuals or entities.
  • Thorough screening and due diligence processes are imperative, moving beyond just the results of screening tools. This ensures that companies identify and mitigate potential risks associated with sanctioned entities or countries.
  • Companies must implement effective escalation controls to ensure that any red flags identified through screening or due diligence are properly addressed and resolved.
  • End-user verifications and documentation are critical components of a robust sanctions compliance program. These procedures help ensure that the company’s products or services are not being used by sanctioned entities.
  • Annual training for employees and personnel is essential. Tailoring this training to the company’s specific risk profile ensures that all staff understand their responsibilities and the potential risks associated with non-compliance.

 

KEY QUOTES:

“Your company’s survival may depend on your ability to navigate sanctions compliance in an increasingly complex global economy.” – Michael Volkov

 

“It’s not just about checking boxes. We have to understand our touchpoints to the international markets and assess the potential risks. That’s the foundation of an effective compliance program.” – Michael Volkov

 

“Training isn’t a one-and-done task. It’s an ongoing commitment to ensure our personnel understand and can navigate the complex world of sanctions compliance.” – Michael Volkov

 

Resources:

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Categories
All Things Investigations

All Things Investigations: Episode 28 – New French Anti-Corruption Investigative Guidance with Anne Gaustad and Bryan Sillaman

 

The new French Investigative Guidance, jointly introduced by the AFA (Agence Française Anticorruption) and PNF (Parquet National Financier), discusses the appropriate methodology for carrying out internal investigations, specifically concerning corruption-related instances. In this episode of All Things Investigations, law experts Anne Gaustad and Bryan Sillaman join hosts Tom Fox and Mike DeBernardis to provide a detailed overview of the guide, contrasting the similarities and differences with US guidelines, and the implications it holds for US companies.

Anne Gaustad is an accomplished French lawyer and an authority in white-collar crime and compliance matters. With over 15 years of professional experience, Anne’s practice focuses on cross-border investigations and compliance matters, notably regarding corruption, fraud, and money laundering. 

 

Bryan Sillaman is a seasoned American lawyer based in Paris. As a partner at Hughes Hubbard & Reed, Bryan has worked extensively on matters related to the US Foreign Corrupt Practices Act (FCPA), French anti-corruption law (Sapin II), and other international anti-corruption laws. 

 

You’ll hear Tom, Mike, Anne and Bryan discuss:

  • The French Investigative Guidance is not covered by secret professional or French legal privilege, making its contents publicly accessible.
  • The new guide was jointly issued by the AFA and PNF agencies to provide comprehensive guidance on conducting internal investigations.
  • While there are similarities to US guidelines, the French guide incorporates the civil law tradition, stringent labor requirements, data privacy considerations, and whistleblower regimes.
  • The French legal privilege holds an absolute character, and it’s a criminal violation for French lawyers to breach it.
  • The new guide underscores the importance of transparency in data collection during internal investigations.
  • French blocking statutes and GDPR regulations may pose potential challenges to US-based companies.
  • The French guide, while non-binding, provides practitioners with comprehensive instructions for conducting internal investigations.
  • The guide puts a strong emphasis on understanding the nuances of French labor law.
  • The guide also encourages informing interviewees of the voluntary nature of their participation in investigations.

 

KEY QUOTES:

“The French Investigative Guidance represents a significant shift in the internal investigations landscape.” – Anne Gaustad

 

“It’s crucial for American lawyers to grasp the nuances of French labor law and privilege issues.” – Bryan Sillaman

 

“Transparency in data collection during internal investigations is key to avoiding legal repercussions.” – Anne Gaustad

 

Resources:

Hughes Hubbard & Reed website

Anne Gaustad on LinkedIn

Bryan Sillaman on LinkedIn

Guide (in original French)

Categories
FCPA Compliance Report

FCPA Compliance Report – Brad Hibbert on Prevalent’s 2023 3rd Party Risk Management Report

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. Today, Tom visits Brad Hibbert, COO/CSO at Prevalent, as they discuss the surprising findings of Prevalent’s annual third-party risk management study. Discover why so many organizations still rely on spreadsheets and manual processes for managing third-party risks. Brad recommends an integrated approach to third-party risk management that considers the entire lifecycle of the relationship with third parties.

The podcast highlights the top five key findings of the report, including data breaches as the top concern, security driving the program, and the increased involvement of IT in the process. Learn how to minimize cyber exposure and risks associated with third-party management by breaking down silos, automating processes, and focusing on reducing risks associated with third parties. Listen to Brad’s practical advice on how to prioritize risks and plan your risk management program and visit prevalent.net for more compliance mandates and best practices. With exciting insights and actionable advice, this podcast is a must-listen for anyone interested in managing third-party risks.

Key Highlights:

·      Prevalent’s annual third-party risk management study

·      Integrated Third Party Risk Management

·      Top Challenges for Organizations in Data Security

·      Third Party Risk Management Survey and Findings

·      Minimizing Cyber Breaches

·      Effective Response to Breaches and Third-Party Programs

·      Managing Business Risks for Compliance

Notable Quotes:

“The top concern driving third-party risk management programs is security, with 71 percent indicating it as their main priority.”

“Data breaches continue to be a top concern, with 41 percent of the respondents indicating that they were impacted by a third-party data breach in the last 12 months and had to perform some remedial activity.”

“About 70 percent reported increased involvement from the IT group, while 71 percent indicated that infosec owns the program.”

“Identifying and mitigating risks before the company is impacted.”

“Customs put together this enforcement dashboard that contains all of these statistics on how they’ve been enforcing the UFLPA.”

Resources

Brad Hibbert on LinkedIn

Prevalent

3Rd Party Risk Management Report

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

 

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program in Training and Communications – 10 Compliance Training Program Design Objectives

Well-known compliance training guru Shawn Rogers has developed ten design objectives for establishing your compliance program training design objectives. It would be best if you considered doing the same for your organization. Your organization may value other objectives. What the government has told us since the original FCPA Resource Guide back in 2012 is that it expects a well throughout the approach. If you consider your design objectives early in the planning phase, it will not only meet this requirement but also become a roadmap for your program implementation easier. Finally, you can pivot more quickly in this new era as new compliance risks emerge.

Three key takeaways:

  1. What are your design objectives?
  2. They should be dynamic, not static.
  3. You should use them as touchpoints going forward.