Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 8: Revising Your Policies and Procedures

More than simply having a Code of Conduct, compliance policies and procedures are required. As former Assistant Attorney General Lanny Breuer articulated, “Your compliance program is a living entity; it should be constantly evolving.” The 2012 FCPA Guidance stated, “When assessing a compliance program, DOJ and SEC will review whether the company’s Guiding Principles of Enforcement have taken steps to ensure that the Code of Conduct remains current and effective and whether a company has periodically reviewed and updated its code.”

After considering these issues, you should benchmark your current policies and procedures against those of other companies in your industry. If you decide to move forward, I suggest a process that can be fully documented to include revisions to your compliance policies and procedures. These points are a useful guide to not only thinking through how to determine if your policies and procedures need updating but also taking practical steps to tackle the problem. You should begin the process now if it has been more than five years since the last update. It is far better to review and update if appropriate than wait for a massive FCPA investigation to go through the process.

Three key takeaways:

  1. You should do so now if you have not revised your compliance policies and procedures in the past five years.
  2. Set a timeline and budget and stick to it in the compliance policy and procedure revision process.
  3. Document your process of revision to demonstrate a more complete operationalization of your compliance program.

Check out The Compliance Handbook, 4th edition, here for more information.

Categories
Hidden Traffic Podcast

Fighting Evil Is Not a Competitive Sport with Ian Mitchell

Human trafficking and exploitation are dark undercurrents flowing beneath our modern society, often hidden from view but with implications touching every industry and community. In this episode of the Hidden Traffic Podcast, Gwen Hassan sits down with Ian Mitchell, founder of The Knoble. Ian sheds light on the pivotal role banks play in leading the global fight against child sexual exploitation and related crimes. Together, he and Gwen explore the involvement of various sectors and the ways businesses and individuals can contribute to curbing these heinous acts.

Ian founded the nonprofit organization, The Knoble, when he recognized a potential overlap between his expertise in identifying fraudulent financial patterns and the fight against human trafficking. The Knoble aims to create a coalition across the financial industry to recognize and address “human crimes.” This term reflects The Knoble’s holistic approach to understanding and combating different types of exploitation by placing the human experience at the center of their mission. Their mission encompasses fighting various forms of human exploitation, including human trafficking, modern slavery, child exploitation, scams, and elder exploitation. 

 

The vast majority of human crimes, including child sexual exploitation and human trafficking, are financially motivated. Ian emphasizes the importance of uniting the financial services industry in the fight against human crimes. The idea is to harness the resources, expertise, and techniques traditionally used to combat financial fraud for the broader purpose of tackling various forms of exploitation. Financial institutions play a significant role in combating these crimes due to their robust programs against fraud and money laundering. Ian highlights the consistency in banking ecosystems across more than 14 countries. The similarities in transactional processes across these countries offer an advantage in setting up countermeasures against human trafficking and related crimes. 

 

The fight against human trafficking isn’t just reliant on institutions, but also on individuals. Corporations support through various project initiatives related to their business interests, while individuals are trained to identify and act against potential trafficking situations. Moreover, corporations play a pivotal role in addressing human crimes through corporate social responsibility. 

 

Mission Omega, co-founded by Ian, donates a portion of its revenue to The Knoble. This company’s objective includes training and employing survivors of human trafficking in fraud detection roles. The idea stemmed from understanding that many survivors couldn’t secure good jobs, leading to a high recidivism rate. By training them and offering them respectable jobs, they can not only deter them from returning to trafficking but also provide them with a new lease on life.

 

Resources

Ian Mitchell on the Web | LinkedIn | The Knoble

Email: ian@theknoble.com

Categories
Riskology

Infortal on Global Risk Outlook: Part 4 – Dr. Ian Oxnevad on Europe

“What you’re seeing is a need for greater risk analysis at the national level and an understanding of how that pertains to the European level writ large and how that’s going to affect your opportunities and your risks,” says returning guest Dr. Ian Oxnevad on this installment of the Riskology special series. In this episode, he and Tom discuss geopolitical risks and opportunities in Europe, as it pertains to political and economic instability, banking crises and regulatory challenges.

Dr. Ian Oxnevad is the Director of Geopolitical Risk Intelligence for Infortal Worldwide, with a background in political science and national security studies. He is also the host of The Riskology Podcast.

 

You’ll hear Ian and Tom discuss:

  • The need for greater risk analysis at both the national and European level. 
  • The economic uncertainty caused by geopolitical risks and the potential increase of corruption. 
  • Europe’s constant internal stressors, as well as external crises and pressures. The Russia-Ukraine war has put a strain on international trade and geopolitical relations by way of sanctions. 
  • The opportunities for US companies, specifically energy companies to supply energy to Europe in the midst of its trade shortage. 
  • US companies also need to understand the differences between the Euro and the US dollar, as well as the possibility of the US dollar weakening and the Euro being a stronger currency, and what that can mean for US companies doing business in Europe. 
  • The various regulatory risks for US companies operating in Europe, including GDPR and ESG, especially data protection and data privacy laws.
  • While the global fiscal policy between the US, Europe and the UK is collaborative, its effectiveness is still uncertain. The banking crisis is worsening and higher interest rates to combat inflation isn’t helping to curb it. 
  • COVID-19’s impact on international trade and the challenges and shortages it has made for Europe and the US. 

 

Resources

Infortal Worldwide | Email | Tel: 1.800.736.4999 | Podcast

Categories
Data Driven Compliance

The Uses of Data Driven Compliance: Part 4 – What to Ask For and How to Ask For It

Welcome to Data Driven Compliance. In this podcast, we discuss how to use data to improve and enhance the effectiveness of your compliance program, creating greater business efficiency, all leading to more return on investment for your compliance regime. Join host Tom Fox as he explores how data will drive your compliance program to the next level. This podcast is sponsored by KonaAI.

I recently had the opportunity to visit with Vince Walden, founder and CEO of KonaAI, for a podcast series on the uses of data driven compliance. Over these five podcasts, we will discuss generative AI and ChatGPT in compliance, the profiles of a corrupt payment, making the business case for data-driven compliance, what to ask for and how to ask for it, and some success stories. In Part 4, we discuss what data a CCO needs to ask for and how to do so.

Vince Walden brings knowledge and experience in continuous compliance monitoring and risk assessment processes. Walden’s perspective on the topic is that it should be approached as a journey, not a one-time program. He emphasizes the importance of proactive risk assessments and continuous monitoring, advocating for an iterative approach demonstrating constant improvement in compliance efforts. This perspective is shaped by his belief that meeting regulatory expectations requires a diligent and ongoing commitment to improvement.

Walden also suggests that data sources should be identified based on the results of the fraud risk assessment and that the ease of obtaining the data should be considered when prioritizing analytics projects. To delve deeper into what data a CCO should ask for and how to ask for it, join Tom Fox and Vince Walden on this Data Driven Compliance podcast episode.

Key Highlights:

  • Continuous improvement through risk assessments and monitoring
  • Effective risk assessment through diverse data sources
  • Uncovering hidden relationships through expense categories

Resources:

Connect with Vince Walden on LinkedIn

Check out Kona AI

Connect with Tom Fox on LinkedIn

Categories
Life with GDPR

Life With GDPR: WhatsApp Breach: Hospital’s GDPR Failures Exposed

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. The recent controversy surrounding Nigel Farage’s banking situation highlights the risks and compliance challenges faced by the banking industry in relation to data protection. In this episode, Tom and Jonathan discuss a data breach in a Scottish hospital during the COVID-19 pandemic.

The breach occurred when hospital staff shared patient details on WhatsApp, raising concerns about GDPR compliance. The hospital informed the ICO about the breach but chose not to notify affected patients, highlighting the need for appropriate advice and support when making such decisions. The conversation also explores communication challenges in internal investigations and the privacy and security risks of platforms like WhatsApp. It emphasizes the importance of organizations adapting to the preferences of digital native employees and conducting data protection impact assessments. The podcast also highlights the importance of effective policies, training, and proactive phishing training to prevent cyber-attacks and protect sensitive information.

 

Key Takeaways:

  • Data breach in Scottish hospital
  • The Challenges of Communication in Internal Investigations
  • Importance of Policies and Training
  • Phishing Training Effectiveness

Resources

For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here.

Connect with Tom Fox

Connect with Jonathan Armstrong

Categories
Sustainability

Sustainability: The Business Opportunity of the 21st Century: Sustainability as a Constitutional Right – The Held Decision from Montana

Are you ready to take on the business opportunity of the 21st century? We are at a moment of enormous global change and even greater business opportunity. Climate change is the single biggest commercial opportunity of our time. In this podcast, Sustainability guru Richard Blundell and I explore the opportunities open to businesses that embrace sustainability from the business perspective. Find out why sustainability is the greatest opportunity of the 21st century, and you can prepare your business to take advantage of the unprecedented global opportunity.

In this episode of the “Sustainability: The Business Opportunity of the 21st Century” podcast, Richard and I deeply dive into the groundbreaking ruling in the case of Held v. State of Montana. This landmark ruling acknowledges climate change as a result of human activity, particularly CO2 emissions from burning fossil fuels, and challenges the constitutionality of fossil fuel provisions that ignore greenhouse gas emissions and climate change in environmental reviews.

My view of this ruling is a significant acknowledgment of climate change and emphasizes the importance of embracing sustainability from a business perspective. Conversely, Richard sees this as a momentous ruling that sets a precedent, affirming the reality of climate change and its connection to human activity. Our extensive experience and knowledge in the field of sustainability shape our perspectives. Join us on this episode of the Sustainability podcast as we delve deeper into this landmark ruling and its implications for the future.

Key Highlights:

  • Climate Change Ruling Sparks Sustainable Business
  • Montana’s Landmark Ruling for Future Environmental Protection
  • Groundbreaking Ruling with Climate Change Roadmap
  • Montana’s Urgent Climate Change Mitigation Efforts
  • The Detrimental Effects of Climate Change on Children

Resources:

Richard Blundell

Held v. Montana

Tom Fox

Instagram

Facebook

YouTube

Twitter

Categories
Daily Compliance News

Daily Compliance News: September 14, 2023 – The What Could Go Wrong Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition of Daily Compliance News:

  • Head of China’s top insurer jailed for corruption. (BBC)
  • Musk headed to arbitration against Wachtell. (Reuters)
  • PE plunges into NIL. (FT)
  • Tech leaders school Congress on AI. (NYT)
Categories
Blog

Geopolitical Risks and Business Opportunities: Part 4 – Factors Impacting European Financial Integration

I recently had the opportunity to visit with Dr. Ian Oxnevad, Director of Geopolitical Risk Intelligence at Infortal Worldwide. This visit was for a podcast series sponsored by Infortal Worldwide entitled Global Risk Review. Dr. Oxnevad is a seasoned expert in geopolitical risk intelligence, with a Ph.D. in political science and a master’s degree in National Security Studies.

Ian Oxnevad is a seasoned expert in geopolitical risks impacting European financial integration and opportunities, with a profound understanding of Europe’s internal and external crises since 2008. We will consider factors affecting European financial integration in Part 4 of this five-part blog post series. Oxnevad’s perspective is that Europe has been grappling with constant internal stressors and external crises, such as banking crises and political upheavals, which pose significant risks to European financial integration. He underscores the need for enhanced risk analysis at the national level and geopolitical risk intelligence to navigate the uncertainties in Europe.

However, Oxnevad also identifies opportunities for US companies, particularly in the energy sector, to export to Europe, especially in the context of a stronger Euro. He further discusses the regulatory risks posed by GDPR and ESG laws in Europe and how US companies must manage these risks. In this blog post, we deeply dive into these complex and evolving geopolitical risks in Europe and their potential impact on financial integration and opportunities.

Europe has been facing many challenges impacting its financial integration and potentially altering the European Union (EU) and the Euro in a recent episode of the Riskology podcast hosted by Tom Fox and featuring Ian Oxnevad, the discussion centered around the geopolitical risks that Europe is currently grappling with and the opportunities that arise amidst these challenges.

One of the key factors affecting European financial integration is the ongoing Russia-Ukraine war. This conflict, coupled with rising energy prices, Middle East instability, and unchecked migration, puts pressure on the region’s financial integration and potentially changes the EU and the Euro as a monetary unit. These external pressures, along with internal populism, ongoing inflation, and high energy costs, are fueling resentment and could significantly impact European integration and its governing laws.

The Russia-Ukraine war has spilled energy inflation, creating monetary instability and supply chain issues. Annual inflation rose by 40% in June 2022 due to the invasion, and it remains high at 16.6% as of February this year. This inflationary pressure affects various aspects of the economy, including consumer spending capacity, production capacity, and manufacturing affordability. Governments have increased spending to offset these costs, further straining the Euro and limiting the ability to navigate these challenges through monetary means.

The pressures Europe faces are not limited to the EU as a whole but extend to the national level. This shift necessitates a greater focus on risk analysis at both levels, as the rules and regulations governing European integration may change suddenly and overnight. The emergence of populism across the EU, as seen in France and the Netherlands, indicates growing animosity towards incumbents and a desire for change. This political upheaval poses risks and uncertainties for businesses operating in Europe, as regulations, taxation, and even the monetary unit itself may be subject to change.

Despite these challenges, there are opportunities for US energy companies to export to Europe. The weakening of the dollar and the strength of the Euro make Europe an attractive export location for US goods and services, including energy. However, regulatory risks and challenges must be carefully considered. Europe’s robust data protection and privacy laws, such as the General Data Protection Regulation (GDPR), and its focus on environmental, social, and governance (ESG) factors present potential risks for US companies. Compliance with these regulations requires careful risk management and due diligence.

ESG initiatives, particularly the push for renewable energy, present countervailing risks. While there is a regulatory push for green energy, the inefficiencies and costs associated with these technologies and the reliance on minerals from regions with questionable labor practices create challenges. Balancing the environmental (E) aspect of ESG with the social (S) and governance (G) aspects requires careful consideration and geopolitical risk intelligence.

The banking sector is also facing turmoil, with institutions like Deutsche Bank and Swiss banks experiencing challenges. While it is unlikely that the German government would allow Deutsche Bank to fail, the stability of these institutions and their role in global monetary and fiscal policy is a concern. The European Central Bank, the Bank of England, and the US Federal Reserve play crucial roles in stabilizing the financial systems, but their ability to navigate these challenges remains to be seen.

In conclusion, the geopolitical risks impacting European financial integration and opportunities are complex and multifaceted. Europe’s response to the Russia-Ukraine war, rising energy prices, Middle East instability, and unchecked migration will shape the future of the EU and the Euro. Balancing the tradeoffs involved in managing these risks, such as the need for defense spending versus protecting consumers, requires careful analysis and risk intelligence. US companies can find opportunities in exporting to Europe, but they must navigate regulatory risks and consider the contradictions within ESG mandates. The banking sector’s stability and global institutions’ role in stabilizing the financial systems are also areas of concern. As Europe faces these challenges, it is crucial to consider the impact on financial integration and opportunities when making decisions.

Please join us tomorrow when we explore geopolitical risks and business opportunities in China and the greater Asia Pacific region.

You can check Dr. Oxnevad in the full five-part Riskology podcast series here.

Categories
Blog

What Data to Ask For and How to Ask for It

I recently had the opportunity to visit with Vince Walden, founder and CEO of KonaAI, for a podcast series on the uses of data driven compliance. KonaAI is the sponsor of those podcasts. This blog post series will flesh out the podcast show notes over the next five blog posts, and we will discuss generative AI and ChatGPT in compliance, the profiles of a corrupt payment, making the business case for data-driven compliance, what to ask for and how to ask for it and some success stories. In Part 4, we will explore what data to ask for and how to ask for it.

As always, I am joined by Vince Walden, founder and CEO of KonaAI. There is a quiet revolution happening in the realm of compliance. It’s one that, if harnessed correctly, can turn a typically reactive process into a proactive strategy. I am, of course, talking about data-driven compliance. By using the vast amounts of data your organization collects, you can uncover potential compliance risks before they become actual problems. This approach can be a game-changer for your role as a compliance officer and your organization’s overall risk management strategy. No longer will you be caught off guard. Instead, you’ll lead the charge with real-time insights and actionable data.

Imagine a world where compliance isn’t a headache but a strategic advantage. You’re not constantly putting out fires but predicting and preventing them. It might sound like a dream, but it doesn’t have to be. How so? Well, by adopting a data-driven approach to compliance. This innovative method allows you to identify, assess, and manage potential compliance risks based on actual data. It’s about staying one step ahead, making informed decisions, and truly adding value to your organization. It’s not just about avoiding penalties and meeting regulations anymore. It’s about creating an environment of continuous improvement and proactive risk management.

Let’s paint a picture. You’re in a game of chess. But in this game, you’re not just reacting to your opponent’s moves. You’re anticipating them, strategizing, and making proactive decisions. That’s the power a data-driven approach to compliance can bring to your role as a compliance officer. It’s more than just crunching numbers and keeping up with regulations. It’s about leveraging the power of data to identify and mitigate risks before they materialize. It’s about transforming compliance from a cost center into a strategic asset. So, if you’re curious about how to make this data-driven shift, buckle up because we’re about to dive deep into this transformative realm.

Compliance monitoring and risk assessment are crucial components of any effective compliance program. In a recent episode of the podcast “Data Driven Compliance,” hosted by Tom Fox and featuring Vince Walden, the topic of continuous compliance monitoring and risk assessment process was explored in depth. This article aims to comprehensively analyze the critical factors that impact this process, discuss the tradeoffs involved in balancing different factors, and explore the challenges associated with other approaches.

Vince highlighted the importance of starting with a fraud risk assessment. This initial step allows organizations to identify high-frequency and high-impact risks and implement mitigating controls. Compliance professionals can prioritize their efforts and focus on the most critical areas by assessing the likelihood and impact of various risks on a scale of one to ten.

Data sources play a crucial role in risk assessment. Financial accounting systems and third-party data are valuable sources of information for identifying and mitigating risks. Tracking and categorizing expenses in accounting systems is significant for identifying anomalies and assigning risk scores. Vince highlighted the significance of having a centralized system, such as the Kona platform, to streamline this process.

However, relying solely on analytics without integrating them into the fraud risk assessment would be best. He emphasized the need for alignment between data analysis and risk assessment to ensure efforts are focused on addressing the identified risks. Simply conducting data analytics without considering the underlying risks may not yield meaningful results.

One of the challenges in continuous compliance monitoring and risk assessment is the availability and accessibility of data. Some data sources may need help, requiring compliance professionals to prioritize based on the ease of data acquisition and its value. For example, if faced with choosing to conduct a data analytics project in Brazil or China, Walden suggested starting with Brazil due to the relative ease of obtaining data from that region.

Another challenge lies in the scope of compliance monitoring. Walden emphasized that compliance monitoring is not a one-time, all-encompassing effort. It is a journey that involves proactively assessing risks and monitoring them from location to location. Compliance professionals should focus on demonstrating continuous improvement rather than tackling all threats at once. This approach aligns with regulators’ expectations of an effective due diligence program.

In addition to the primary focus on risk assessment, Walden highlighted the importance of considering ancillary areas of inquiry. For instance, looking at places such as charitable donations or marketing spending can provide valuable insights into potential risks of bribery or corruption. The KonaAI tool can help correlate these ancillary data points and provide a more comprehensive view of compliance risks.

In conclusion, continuous compliance monitoring and risk assessment require a thoughtful and balanced approach. Organizations can identify and prioritize risks, starting with a comprehensive fraud risk assessment. Data sources, such as financial accounting systems and third-party data, play a crucial role in this process. However, aligning data analytics with the identified risks is essential to ensure meaningful results. Compliance professionals should also consider the data availability challenges and scope of compliance monitoring. Organizations can meet regulatory expectations and enhance their compliance programs by demonstrating continuous improvement and considering ancillary areas of inquiry.

Resources:

Connect with Vince Walden on LinkedIn

Check out KonaAI

Connect with Tom Fox on LinkedIn