Day: January 27, 2025

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 27 – The Compliance Function in an Organization

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 27, we explore the growing importance and responsibilities of the compliance function within corporations, emphasizing the need for adequate staffing, resources, and independence. The 2020 FCPA Resource Guide outlines key factors that the DOJ considers indicative of an effective compliance program, including the quality of personnel, authority, compensation, and reporting structure. We delve into the necessity of properly funding compliance initiatives and ensuring the organization empowers and sufficiently supports compliance professionals. The updated Corporate Enforcement Policy emphasizes the prevention of retaliation against compliance investigators and the need for a robust structure supporting the compliance program. We conclude with three key takeaways for enhancing compliance functions: evaluating their treatment in the budget process, ensuring management respects compliance decisions, and considering the implications of outsourced compliance services.

Key highlights:

  • DOJ’s Expectations for Compliance Programs
  • Funding and Resources for Compliance
  • Compliance Program Structure and Authority

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
The Ethics Experts

Episode 192 – Greg Shultz

In this episode of The Ethics Experts, Nick welcomes Greg Shultz.

Greg Shultz, Founder of Conformitise, is a global compliance and risk executive with over 24 years of experience, including 11 years living and working across the Asia Pacific region. His career has been defined by roles at leading financial institutions, including Morgan Stanley and BlackRock, where he designed and executed strategic compliance programs and spearheaded technology-driven initiatives to mitigate global risks and enhance regulatory frameworks.

Prior to financial services, Greg was at the United Nations, where he served on the investigation committee led by former Federal Reserve Chairman Paul Volcker during the Iraqi Oil-for-Food Programme Investigation. In this role, Greg played a pivotal part in uncovering corruption and fund misappropriation in one of the most complex humanitarian operations in history. This experience solidified his focus on fostering transparency, strengthening compliance, and managing strategic risk on a global scale.

Greg’s LinkedIn

Categories
Corruption, Crime and Compliance

2024 FCPA Enforcement and Compliance Review

Can the DOJ’s commitment to holding individuals and corporations accountable under the FCPA survive the changing political climate in 2025? Will the push for innovation in corporate compliance programs be enough to maintain momentum, especially with emerging technologies like artificial intelligence? In this episode of Corruption, Crime, and Compliance, Michael Volkov dives deep into the FCPA enforcement landscape of 2024, outlining key cases, changes in DOJ policies, and the evolving role of compliance programs. He highlights the significant rise in penalties and individual criminal prosecutions and the continuation of major corporate settlements such as Raytheon, Trafigura, Gunvor, and SAP. The episode also explores the DOJ’s new whistleblower program and its continued push for companies to enhance their compliance frameworks.

You’ll hear him discuss:

  • Key FCPA enforcement matters in 2024, including the Raytheon, Trafigura, Gunvor, and SAP cases.
  • The shift in DOJ’s approach, where individual prosecutions now play a larger role than ever before.
  • The rise in penalties: 2024 saw a significant jump, with a total of $1.7 billion in fines.
  • The return of travel, hospitality, and gifts as common bribery techniques, despite increased focus on compliance.
  • DOJ’s major industry sweeps, particularly targeting the energy commodity trading industry.
  • The emergence of new compliance challenges with a focus on artificial intelligence and emerging technologies in corporate settings.
  • The controversial SAP settlement and the DOJ’s approach to a lack of voluntary disclosure.
  • The impact of mergers and acquisitions on compliance processes and the integration of acquired companies.
  • DOJ’s new whistleblower program is designed to incentivize individuals to report misconduct.
  • How companies should approach merger and acquisition integration to ensure compliance and prevent risks.

Resources

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Categories
Riskology

Riskology by Infortal™: Episode 40 – International Expansion: Conquering Risk with Special Guest Frank Lavin

For the milestone 40th episode of Riskology by Infortal™ co-hosts Dr. Ian Oxnevad and Chris Mason are thrilled to welcome Frank Lavin, a Visiting Fellow at Stanford University’s Hoover Institution and a leading expert in international commerce.

This episode covers the challenges companies face when taking their business to new markets overseas.

Featured Guest: Frank Lavin

Frank Lavin works on Asia and trade policy as a Visiting Fellow at the Hoover Institution.

In the Reagan Administration, Lavin served on the National Security Council and the White House staff in addition to assignments in the State Department.

Lavin later served in the Bush (41) and Bush (43) administrations, in the latter as Ambassador to Singapore and Under Secretary for International Trade at the Department of Commerce.

In the private sector, Lavin served in senior finance positions in Hong Kong and Singapore with Bank of America and Citibank.

He is a columnist for Forbes.com and the author of several books, including “Inside the Reagan White House,” “The Smart Business Guide to China E-Commerce,” “Export Now,” and “Home Front to Battlefront.”

International Business Expansion

In a rapidly evolving global landscape, businesses aiming to expand internationally must adopt strategies that balance business opportunity with sound risk management.

Partnerships are also key to gaining a foothold in new markets, and utilizing local service providers can help bridge the cultural gap inherent in doing business in a new jurisdiction.

These partnerships can also help navigate the local business environment and mitigate risks associated with unfamiliar regulatory landscapes. Gaining insights based on local market intelligence, especially in regions with geopolitical fluctuations, is critical to your success.

It is important, however, to make sure you gain a deep understanding of who you are doing business with in new markets. Your new partners can make or break your reputation both at home and abroad. This requires conducting deep dive due diligence on key new partners to avoid any hidden risks.

Geopolitical Risk Considerations

In 2025, geopolitics will present an ever-expanding set of risk factors that require careful analysis and consideration before taking a leap into new markets.

Importantly, there are a lot of governmental and private sector resources available to help with the strategic planning process. Entities like the U.S. Commercial Service and state-level trade offices provide vital insights and connections that can facilitate market entry. Further, local banking and legal contacts can prove beneficial.

Finally, you should also consider conducting a geopolitical risk assessment of the planned expansion based on local, boots-on-the-ground intelligence.

By leveraging geopolitical risk analysis and the right market intelligence, companies can attain a competitive edge while minimizing risks associated with international expansion.

Key Takeaways:

  • Adopt a Light Footprint Strategy for International Expansion
    Instead of replicating your US operations in a new market, you should consider starting with scaled-down capital investment by outsourcing services such as logistics and distribution.
  • Utilize All Available Resources and Networks
    To facilitate international business expansion, leverage all available resources, including government agencies and private sector service providers. It may seem straightforward, but understanding the new market conditions before entering will strengthen your operating model and help you avoid significant risk.
  • Evaluate New Markets with a Risk-First Mindset
    Rank potential foreign markets in terms of risk when deciding where to expand your business first. You may want to first consider lower-risk market entry points and build from there.

Tune in to the latest episode of Riskology by Infortal™ to gain a deeper understanding of how to approach international business expansion.

 

Resources:

Infortal Worldwide

Email

Frank Lavin on LinkedIn

Dr. Ian Oxnevad on LinkedIn

Chris Mason on LinkedIn

Categories
Daily Compliance News

Daily Compliance News: January 27, 2025, The IG Massacre Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News—all from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Check out The FCPA Survival Guide on Amazon.com.

Categories
FCPA Compliance Report

FCPA Compliance Report – CTA at the Supreme Court – More Machinations, More Confusion

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, Tom welcomes back Jonathan Wilson to discuss recent turbulent developments regarding the Corporate Transparency Act (CTA) at the Supreme Court.

The conversation includes key legal battles in Texas involving injunctions against the CTA. They explore the Supreme Court’s recent stay on a previous injunction, the new Smith v. Treasury case, and its implications. The hosts analyze the confusion and uncertainty surrounding compliance with the CTA and offer strategic advice to businesses during this chaotic period. They conclude with insights on the political and judicial landscape, potential future rulings, and the importance of the CTA in combating money laundering.

Key highlights:

  • Supreme Court’s Recent Actions
  • Smith v. Treasury Case Overview
  • Discussion on Universal Injunctions
  • Future Implications and Legal Advice
  • Political Landscape and CTA Support

Resources:

Jonathan Wilson on LinkedIn

FinCEN Report

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Categories
Adventures in Compliance

Adventures in Compliance – Compliance Lessons from ‘The Adventure of the Lion’s Mane’

In this new season of Adventures in Compliance, host Tom Fox takes a deep dive into Arthur Conan Doyle’s Sherlock Holmes collection, The Case-Book of Sherlock Holmes. It is the final set of twelve Sherlock Holmes short stories, first published in the Strand Magazine between October 1921 and April 1927. In this episode, we consider a story more from the Natural World, The Adventure of the Lion’s Mane.

In this episode, Tom dives into ‘The Adventure of the Lion’s Mane,’ a lesser-known Holmes tale set in Holmes’ retirement on Sussex Beach. The story includes a mysterious and agonizing death of a science master, initially suspected to be a murder but revealed to be caused by a lion’s mane jellyfish. This episode draws crucial compliance lessons from the narrative, such as the importance of root cause analysis, adaptability in new roles, vigilance on external risks, methodical investigations, and effective communication.

We show how Sherlockian deduction parallels the skills needed for compliance professionals to address unseen threats, adapt to dynamic environments, and ensure meticulous documentation. Tom encourages compliance officers to emulate Holmes’ analytical rigor to build robust programs tackling unexpected challenges.

Highlights include:

  • Unraveling the Mystery
  • Compliance Lessons from The Adventure of the Lion’s Mane
  • Holmes’ Investigative Techniques
  • Understanding External Risks
  • Effective Investigation Strategies
  • The Importance of Communication

Resources:

The New Annotated Sherlock Holmes

Sherlock Holmes FAQ by Dave Thompson

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Connect with Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

Unseen Threats and Deduction: Compliance Lessons from The Adventure of the Lion’s Mane

Sherlock Holmes, the master of deduction, seldom worked without Dr. Watson. Yet in The Adventure of the Lion’s Mane, Holmes takes center stage in a quiet coastal town, solving a case that presents no apparent suspects, no human culprit, and a mystery rooted in the natural world. For corporate compliance professionals, this unusual story offers rich lessons about vigilance, adaptability, and the importance of robust investigative techniques. The story is unusual for several reasons, including Holmes’s first-person narrative. Also, the case involves an antagonist from the natural world instead of the human world.

Equally interesting are the lessons the story can teach the 21st-century compliance professional. Today, I will examine five key compliance lessons from Holmes’s encounter with the lion’s mane jellyfish. For additional information on the story and commentary, check out the podcast Compliance Lessons from The Lion’s Mane on the Compliance Podcast Network.

Unraveling Unseen Threats: The Importance of Root Cause Analysis

In this story, the victim collapses after screaming the cryptic words “The lion’s mane!” while bearing strange, whip-like marks on his body. At first, suspicion falls on human suspects, but Holmes’s methodical approach reveals the true cause: a Cyanea capillata jellyfish, an elusive and deadly natural threat. The case highlights a critical point for compliance professionals: risks may not always appear obvious, and solutions often require digging beneath the surface.

In the compliance world, it is often tempting to stop at the first explanation for misconduct, such as blaming individual employees or focusing on the visible symptoms of an issue. However, failing to identify the root cause leaves your organization vulnerable to repeated compliance failures. Whether dealing with third-party bribery risks, internal fraud, or systemic policy gaps, the Department of Justice has made clear in the 2024 Update to the Evaluation of Corporate Compliance Programs, that a root cause analysis is a cornerstone of effective compliance programs, re-emphasizing the need for both performing a root cause analysis and equally importantly using it to remediate your compliance program. It stated, “A hallmark of a compliance program that works effectively in practice is the extent to which a company can conduct a thoughtful root cause analysis of misconduct and timely and appropriately remediate to address the root causes.”

It stated what additional steps the company has taken “that demonstrate recognition of the seriousness of the misconduct, acceptance of responsibility for it, and implementing measures to reduce the risk of repetition of such misconduct, including measures to identify future risk.” The following questions were then posed:

Root Cause Analysis—What is the company’s root cause analysis of the misconduct at issue? Were any systemic issues identified? Who in the company was involved in making the analysis?

Prior Weaknesses—What controls failed? If policies or procedures should have prohibited the misconduct, were they effectively implemented, and have functions that had ownership of these policies and procedures been held accountable?

Adaptability in Unfamiliar Environments

Holmes’s seaside investigation takes him far from his usual London setting. Without the bustle of Baker Street or Watson’s steady presence, Holmes must rely entirely on his deductive skills and adaptability. This scenario mirrors the modern compliance officer’s challenge of addressing new and unfamiliar risks.

For example, your organization may expand into a new market or pivot its business model, exposing it to unfamiliar regulatory requirements or operational risks. In these situations, compliance professionals must act as business partners, guiding the organization through uncharted waters while ensuring compliance remains a priority.

You should begin with the question of who should perform the remediation; should it be an investigator or an investigative team that was part of the root cause analysis? Jonathan Marks believes the key is both “independence and objectivity.” An investigator or investigative team may be a subject matter expert and “therefore more qualified to get that particular recourse.” Yet, to perform the remediation, the key is to integrate the information developed from the root cause analysis into the solution.

Accounting for External Risks

The lion’s mane jellyfish, a force of nature, represents the kind of external risk that organizations often overlook. External risks, whether from geopolitical shifts, third-party misconduct, or environmental factors, can devastate even the most robust compliance programs if not properly managed.

Consider the recent focus on supply chain risks. An organization may have strong internal controls, but a third-party supplier engaging in unethical practices can still expose it to liability. Therefore, due diligence and ongoing monitoring are essential to an effective compliance program. Some of the key actions you can take include the following:.

Conduct comprehensive third-party due diligence before onboarding suppliers, agents, or contractors; regularly review external risks as part of your enterprise risk management (ERM) program; and implement tools and technologies to monitor external developments in real-time, such as sanctions lists or geopolitical instability.

The Power of Patience and Observation 

Holmes’s resolution hinges on his meticulous observation of minor details, marks on the victim’s body, the jellyfish’s natural habitat, and the timeline of events. He doesn’t rush to conclusions or allow others’ assumptions to sway him. Instead, he systematically gathers evidence and applies his knowledge to reach the correct conclusion. This approach underscores the importance of methodical, data-driven investigations for compliance professionals. Whether handling an internal whistleblower complaint or responding to a regulatory inquiry, rushing the process can lead to missed details or flawed conclusions.

You may also have deficiencies in internal controls. Failing to remediate gaps in internal controls “allows additional errors or misconduct to occur and thus could damage the company’s credibility with regulators” by allowing the same or similar conduct to reoccur. Finally, with both the 2024 ECCP and FCPA Corporate Enforcement Policy, the DOJ has added its voice to prior SEC statements that regulators “will focus on what steps the company took upon learning of the misconduct, whether the company immediately stopped the misconduct, and what new and more effective internal controls or procedures the company has adopted or plans to adopt to prevent a recurrence.”

Communication as a Compliance Superpower

One of Holmes’s strengths lies in his ability to explain complex phenomena in a way others can understand. In this story, he demystifies the jellyfish’s deadly nature for the local community, helping them grasp their danger and take appropriate precautions. Communication is equally critical. Whether presenting findings to the board, conducting employee training, or preparing reports for regulators, you must convey complex information clearly and compellingly. The best compliance programs are not just comprehensive; they are understood and embraced by everyone in the organization.

For compliance professionals, there are several actions you can take. First, tailor your communication style to your audience, whether it’s frontline employees, senior leadership, or regulators. Next, use data visualization, case studies, and real-world examples to make your message relatable and memorable. Finally, foster a culture of transparency, ensuring employees feel empowered to ask questions and report concerns without fear of retaliation.

Final Thoughts 

The Adventure of the Lion’s Mane is a tale of hidden threats, careful investigation, and the power of critical thinking—qualities that resonate deeply with the compliance profession. Holmes’s success lies in adapting to unfamiliar circumstances, uncovering an unseen danger, and effectively communicating his findings. Compliance officers need these skills to navigate the complex and ever-changing corporate risk landscape.

As you reflect on Holmes’s seaside investigation, consider how his methods can inspire your compliance practices. Are you conducting root-cause analyses with the same rigor? Have you adapted your program to account for external risks? And most importantly, are you equipping your organization with the tools and knowledge to prevent compliance failures before they occur?

By channeling Sherlock Holmes’s spirit of deduction and vigilance, you can strengthen your compliance program and ensure it is prepared to face even the most unexpected challenges. When the next hidden risk emerges, you will be ready to solve the mystery with precision and confidence, just like Sherlock Holmes.