Categories
All Things Investigations

All Things Investigations – Beyond the DPA: Maintaining an Effective Compliance Culture Post-Release

Welcome to the Hughes Hubbard Anti-Corruption & Internal Investigations Practice Group’s podcast, All Things Investigation. In this podcast, Hughes Hubbard & Reed LLP partner Mike Huneke and I speak with Mei Li Zhen, Head of Ethics & Compliance, Commercial Operations & Subsidiaries, Airbus, about her role in the organization’s compliance department.

Mei Li Zhen and Michael Huneke are two accomplished professionals with extensive backgrounds in compliance programs and company culture, having both transitioned from external counsel to in-house counsel roles at Airbus. With her experience working with diverse international backgrounds, Zhen believes that a strong, company-wide, embraced compliance program is not just about avoiding fines but is a competitive advantage that attracts young talent and gains the trust of investors and governments. She sees integrity as beneficial for the bottom line and emphasizes the importance of everyone in the organization feeling responsible for behaving with integrity. Huneke, a US-qualified lawyer working in France, shares a similar perspective. He sees a strong compliance program as a self-reinforcing cycle that attracts the right talent and enhances the business’s reputation and reliability. Like Zhen, Huneke believes that compliance should permeate the entire company culture, with every employee feeling accountable for maintaining integrity in their daily activities.

Key Highlights:

  • Airbus’ Global Commitment to Compliance and Trust
  • Ethics Ambassadors Shaping Airbus Compliance Culture
  • Enhancing Team Trust through Transparent Communication
  • Establishing Trust Through Empathetic Communication Practices
  • Ethical Compliance Leadership in the Aerospace Industry

Resources:

Hughes Hubbard & Reed LLP Website

Mei Li Zhen on LinkedIn

Categories
Corruption, Crime and Compliance

Eddie Green, CEO of SnippetSentry, on Communications Preservation Risks

Companies have a vested interest in preserving internal communications for a variety of reasons, including to hold actors accountable and to protect the organization from potential private and government claims or investigations that may have serious direct or collateral consequences. Companies that want to use ephemeral messaging systems can do so, but they have to understand the risks involved and tailor appropriate controls and procedures to avoid potential damage.

DOJ’s  Evaluation of Corporate Compliance Programs (“ECCP”) released in March 2023 authorized companies to use ephemeral messaging but emphasized several important risk considerations and controls needed to preserve robust record-keeping requirements. DOJ’s ECCP identifies three significant areas for consideration: employee use of personal devices, availability of communications platforms (e.g., Jabber, Slack, Teams, Google, Zoom), and messaging applications, including ephemeral messaging. DOJ’s ECCP noted that a company’s policies governing messaging applications “should be tailored to the corporation’s risk profile and specific business needs and ensure that, as appropriate and to the greatest extent possible, business-related electronic data and communications are accessible and amenable to preservation by the company.”

In this podcast, Michael Volkov and Eddie Green, CEO of SnippetSentry, discuss current communications preservation requirements and technical solutions to meet them.

You’ll hear them discuss:

  • Companies are rapidly embracing and elevating the importance of robust ethics and compliance programs to promote positive corporate citizenship. This shift reflects a growing awareness of the significance of ethical practices in today’s business landscape.
  • Eddie discusses the significance of preserving communications data in today’s business landscape, given the evolving nature of communication technologies and the need for proactive data preservation strategies.
  • SnippetSentry’s service allows users to seamlessly connect their phones to ensure all texts are archived without altering their day-to-day operations, allowing the seamless integration of compliance measures into existing workflows.
  • The evolution of email preservation serves as a blueprint for understanding the importance of preserving text messages in modern business communication. Reflecting on past practices can provide valuable lessons for adapting to the changing landscape of communication data preservation.
  • Compliance mandates, such as those set by the SEC, emphasize the necessity of preserving text records to ensure regulatory adherence and mitigate risks, underscoring the critical role of data preservation in maintaining transparency and accountability in business operations.
  • The collaboration between compliance, IT, and information security professionals is crucial in developing policies and procedures to safeguard data and mitigate communication risks.
  • Financial institutions and other industries are increasingly adopting sophisticated data preservation strategies to protect intellectual property and ensure regulatory compliance. This proactive stance reflects a growing recognition of the importance of data security and compliance in safeguarding business interests.

Resources:

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Eddie Green on LinkedIn | SnippetSentry

Categories
Adventures in Compliance

Adventures in Compliance: Special Episode – The Adventures of The Elusive Agent – Hosted by Adam Graham

We take things in a different direction today with our first Special Episode of the Adventures in Compliance podcast. I was thrilled to meet Adam Graham at PodFest Expo 2024.

Adam is a huge old-time mystery radio show aficionado, including, of course, Sherlock Holmes. Today, I am interviewed by Adam on the radio play, The Adventures of the Elusive Agent. This episode is much longer than the normal show, as Adam includes the entire radio production. His interview with me on the compliance lessons learned from The Adventures of the Elusive Agent begins at 68:56.

So sit back and enjoy The Adventures of the Elusive Agent and then take away some compliance lessons from the radio show.

Key Investigative Lessons 

  • Intricate Investigations in Compliance
  • Compliance Lessons from Sherlock Holmes Podcast
  • Ethical Lessons from Sherlock Holmes

Resources:

The New Annotated Sherlock Holmes

Sherlock Holmes FAQ

Adam Graham

Great Detectives of Old Time Radio

Sherlock Holmes on Great Detectives of Old Time Radio 

Episode-The Elusive Agent

Connect with Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Tip of the Day

Compliance Tip of the Day: The Importance of Culture

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In this episode, we explain the importance of corporate culture in the highest-risk areas for your organization. If you are an airline manufacturer, it’s the safety of your airplanes.

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Daily Compliance News

Daily Compliance News: March 11, 2024 – The Policy Sprint Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • DOJ should have a policy sprint to get the whistleblower program ready.  (WSJ)
  • MOD paid millions into a Saudi account. (The Guardian)
  • DOL changes for contract workers were blocked by the court. (Reuters)
  • Sexism in the city. (BBC)

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
FCPA Compliance Report

FCPA Compliance Report – Mike Lindsey on The CTA and NSBU Decision

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this edition of the FCPA Compliance Report, Tom welcomes back Mike Lindsey to discuss the Corporate Transparency Act. In a first for the FCPA Compliance Report, after the episode was recorded but before it was posted, the CTA was declared unconstitutional by a Trump appointed US District Judge. We recorded an addendum to consider this court decision invalidating the law.

Mike Lindsey, a distinguished corporate and transactional lawyer based at Steinbrecher & Span, has built a solid reputation as an authority on the CTA. Lindsey’s insights into the CTA are influenced by his emphasis on privacy and data security, highlighting the risks correlated with a centralized database potentially accessible via the dark web. From his perspective, the CTA serves as a critical federal law designed to increase transparency around beneficial ownership of corporations and inhibit illegal activities such as money laundering, tax evasion, and fraud. However, Lindsey also questions its effectiveness in disclosing ownership by entities like the Iran Revolutionary Guard. Despite this, he sees the CTA as a ground-breaking move for privately held companies, requiring them to report beneficial owners, something uncommon among small businesses in the United States. Ultimately, Lindsey views the CTA as an essential measure towards impeding financial crimes and enhancing accountability in corporate structures.

We also discuss the trial court decision in the case of the National Small Business Union, which invalidated the CTA and what it might mean for the law going forward. 

Key Highlights:

  • Beneficial Ownership Disclosure Law
  • Key Players in Corporate Decision-Making
  • CTA Compliance Impact on Small Businesses
  • Federal Database Security Concerns
  • Illicit Financial Activities and National Security Measures
  • National Small Business Union decision

Resources:

Mike Lindsey on LinkedIn

Steinbrecher & Span

National Small Business Union

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

 

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Blog

Ten Top Lessons from Recent FCPA Settlements – Lesson No. 8, Enhancing Your Compliance Program

Over the past 15 months, the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have made clear, through three Foreign Corrupt Practices Act (FCPA) enforcement actions and speeches, their priorities in investigations, remediations, and best practices compliance programs. Every compliance professional should study these enforcement actions closely for the lessons learned and direct communications from the DOJ. They should guide not simply your actions should you find yourself in an investigation but also how you should think about priorities.

The three FCPA enforcement actions are ABB from December 2022, Albemarle from November 2023, and SAP from January 2024. Taken together, they point out a clear path for the company that finds itself in an investigation, using extensive remediation to avoid monitoring and providing insight for the compliance professional into what the DOJ expects in an ongoing best practices compliance program.

Over this series of blog posts, I will lay out what I believe are the Top Ten lessons from these enforcement actions for compliance professionals who find themselves in an enforcement action. Today, we continue with Number 8, Enhancement of Compliance. The DOJ has clarified that any company undergoing an FCPA enforcement action must significantly enhance its compliance program with a budget, headcount, and expertise in reporting, investigations, and consequence management processes.

Albemarle

The Albemarle NPA cited several remedial actions by the company that helped Albemarle obtain superior results regarding the discounted fine and penalty. These steps were taken during the pendency of the DOJ investigation so that when the parties were ready to resolve the matter, Albemarle had built out an effective compliance program and had tested it. The NPA provided that Albemarle

  • Strengthening its anti-corruption compliance program by investing in compliance resources, expanding its compliance function with experienced and qualified personnel, and taking steps to embed compliance and ethical values at all levels of its business organization;
  • Transformed its business model and risk management process to reduce corruption risk in its operation and to embed compliance in the business, including implementing a go-to-market strategy that resulted in eliminating the use of sales agents throughout the Company, terminating hundreds of other third-party sales representatives, such as distributors and resellers, and shifting to a direct sales business model;
  • Provided extensive training to its sales team, restructuring compensation and incentives so that compensation is no longer tied to sales amounts;
  • Used data analytics to monitor and measure the compliance program’s effectiveness and
  • It engaged in continuous testing, monitoring, and improvement of all aspects of its compliance program, beginning almost immediately after identifying misconduct.

The NPA noted that Albemarle engaged in holdbacks, as they did not pay bonuses to certain employees involved in the conduct or those with oversight. The NPA said, “During its internal investigation, the Company withheld bonuses totaling $763,453 from employees suspected of wrongdoing.” The illegal behavior involved people who “(a) had supervisory authority over the employee(s) or business area engaged in the misconduct; and (b) knew of, or were willfully blind to, the misconduct.” This effort was important because it allowed Albemarle to get an extra fine reduction of a dollar for every dollar they spent on the investigation.

Indeed, Deputy Attorney General Lisa Monaco cited the Albemarle FCPA resolution: “The company received a clawback credit for withholding bonuses for employees who engaged in misconduct. Not only did Albemarle keep the bonuses that would have gone to wrongdoers, but the company also received an offset against its penalty for the same amount. That’s money saved for Albemarle and its shareholders—and a concrete demonstration of the value of clawback programs.”

SAP

SAP did an excellent job in its remedial efforts to build out its compliance program. In addition to the prior discussions of SAP’s remedial efforts, the DOJ also pointed out the company’s Enhancement of Compliance. Here, the company significantly increased the budget, resources, and expertise devoted to compliance, restructuring its Offices of Ethics and Compliance to ensure adequate stature, independence, autonomy, and access to executive leadership; enhancing its code of conduct and policies and procedures regarding gifts, hospitality, and the use of third parties; and improving its reporting, investigations, and consequence management processes.

Next were the holdback actions SAP engaged in. The DPA noted SAP withheld bonuses totaling $109,141 during its internal investigation from employees who engaged in suspected wrongdoing in connection with the conduct under investigation or who both (a) had supervisory authority over the employee(s) or business area engaged in the misconduct and (b) knew of, or were willfully blind to, the misconduct, and further engaged in substantial litigation to defend its withholding from those employees, which qualified SAP for an additional fine reduction in the amount of the withheld bonuses under the DOJ’s Compensation Incentives and Clawbacks Pilot Program.

ABB

According to the ABB Plea Agreement, ABB “took a lot of corrective actions,” such as hiring experienced compliance staff and, after figuring out what caused the behavior described in the Statement of Facts, spending a lot more money on compliance testing and monitoring across the whole company; putting in place targeted training programs and extra case-study sessions on-site; and continuing to test and monitor to as This final point was expanded on in the SEC Order, which reported that all employees involved in the misconduct were terminated.

Additionally, ABB essentially created its monitoring program to test its compliance program and report to the DOJ. In a section entitled “Written Work Plans, Reviews, and Reports,” ABB agreed to conduct a first review and prepare a first report, followed by at least two follow-up reviews and reports. But more than simply reporting, ABB decided to create and submit for review a work plan for this ongoing testing of its compliance program, as the program was detailed in the DPA. The DPA specified, “No later than one (I) year from the date this Agreement is executed, the Company shall submit to the Offices a written report setting forth:

  • a complete description of its remediation efforts to date;
  • a complete description of the testing conducted to evaluate the effectiveness of the compliance program and the results of that testing; and
  • It proposes to ensure that its compliance program is reasonably designed, implemented, and enforced so that the program is effective in deterring and detecting violations of the FCPA and other applicable anti-corruption laws.”

The bottom line is that all these companies worked very hard to significantly enhance their compliance programs, with a budget, headcount, and expertise in their reporting, investigations, and consequence management processes. None of the actions by these companies were particularly new or even innovative, as with the innovations around data analytics programs. Indeed, these strategies have been available from the DOJ since at least the first edition of the FCPA Resource Guide in 2012. It was, however, the work of each company to understand the deficiencies in their compliance programs and their superior efforts to upgrade them.

Categories
Compliance Week Conference Podcast

Compliance Week 2024 Speaker Preview Podcasts – Michael Rinard on the Intersection of Compliance and IT

In this episode of the Compliance Week 2024 Speaker Preview Podcasts series, Michael Rinard discusses his panel presentation at Compliance Week 2024, “Opportunities at the Intersection of Compliance and IT.” Some of the issues he will discuss in this podcast and his presentation are:

  • Compliance, CISOs, and Cyber security
  • Getting Board engagement
  • Seeing old friends, meeting new friends, and learning about new best practices at Compliance Week 2024.

I hope you can join me at Compliance Week 2024. This year’s event will be held April 2-4 at the Westin Washington, DC, Downtown. The line-up is first-rate, with some top ethics and compliance practitioners around.

Gain insights and make connections at the industry’s premier cross-industry national compliance event, offering knowledge-packed, accredited sessions and take-home advice from the most influential leaders in the compliance community. Back for its 19th year, join 500+ compliance, ethics, legal, and audit professionals who gather to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs. Compliance, ethics, legal, and audit professionals will gather safely face-to-face to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs, among many others, to:

  • Network with your peers, including C-suite executives, legal professionals, HR leaders, and ethics and compliance visionaries.
  • Hear from 80+ respected cross-industry practitioners, including CEOs, CCOs, regulators, federal officials, and practitioners, to help inform and shape the strategic direction of your enterprise risk management program.
  • Hear directly from panels on leadership, fraud detection, confronting regulatory change, abiding by cross-border rules and regulations, and the always-favorite fireside chats.
  • Bring actionable takeaways from various session types, including cyber, AI, Compliance, Board obligations, data-driven compliance, and many others, to your program for you to listen, learn, and share.
  • Compliance Week aims to arm you with information, strategy, and tactics to transform your organization and career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Compliance Week is offering a $200 discount on the registration price. Enter the discount code TFOX2024 for $200 off.

The Compliance Podcast Network produces the Compliance Week 2024 Preview Podcast series. Compliance Week sponsors this series.