Author: admin

Categories
Great Women in Compliance

Great Women in Compliance: Stephanie Weldy on The Art of Behavior Design

In this week’s episode, Hemma visits with Stephanie Weldy to discuss the science behind behavior design, with practical models and methods to unpack and design for influencing desired behaviors. Stephanie is an expert at the intersection of behavior design and employee wellness and chief of staff for Dr. BJ Fogg, renowned author of Tiny Habits, creator of Fogg Behavior Design, and a Stanford University behavior scientist. Tune it to learn how to design behaviors for impact at work and home and how to think about influencing behaviors in the context of your compliance function and beyond.

Highlights include: 

  • How to help people do what they already want to do and help them feel successful
  • The Fogg Behavior Model – Designing the coincidence of motivation, ability, and prompts to encourage enduring behaviors (B=MAP)
  • A system for drafting corporate compliance programs that have the impact of influencing human behaviors
  • Unpacking and analyzing existing habits or behaviors and designing modifications
  • Why New Year’s resolutions or policy aspirations might fail and how to leverage the ‘Motivation Wave’

Biography:

Stephanie Weldy, M.Ed., is an expert at the intersection of Behavior Design and employee well-being. She works with BJ Fogg, PhD, Stanford Behavior Scientist and NYT bestselling author of Tiny Habits, to teach industry innovators how to use Behavior Design in the products and services they are building to help people be healthier and happier.

Stephanie previously led comprehensive wellness programs in higher education, non-profit, and government settings. Stephanie practices what she teaches daily as a working mom to two tiny humans (ages 3 and 5).

She has a master’s degree in education in community Health and is a certified Wellcoach and Tiny Habits® coach.

Resources:

Join the Great Women in Compliance community on LinkedIn here.

Categories
The Hill Country Podcast

The Hill Country Podcast: Comings and Goings at The Museum of Western Art

Welcome to award-winning The Hill Country Podcast. The Texas Hill Country is one of the most beautiful places on earth. In this podcast, Hill Country resident Tom Fox visits with the people and organizations that make this the most unique area of Texas.

This week Tom welcomes back Dr. Darrell Beauchamp to delve into the vibrant world of Western art through the exhibits of the Museum of Western Art in Kerrville, Texas.

This episode highlights notable past shows like the Scott Christensen and Quang Ho exhibit, deemed the summer blockbuster by art critics, and dives into current and upcoming exhibitions such as Al Glann’s ‘Poetry in Motion’ and Kevin MacPherson’s ‘Reflections on a Pond.’ Dr. Beauchamp discusses the appeal of Glan’s innovative use of negative space and the immersive experience of MacPherson’s 365-day painting series. The conversation covers more than just exhibitions, providing insights into the thriving artistic community and the cultural significance of artists like Jason Scull and Noe Perez, whose work captures the essence and wildlife of South Texas. Tune in for a rich tapestry of artistic narratives that echo through the Hill Country, inviting both physical and virtual visitors to the Museum of Western Art.

Key Highlights:

  • Current and Upcoming Museum Exhibits
  • Spotlight on Scott Christensen and Quang Ho
  • Al Glann’s Artistic Journey and Podcast Insights
  • Upcoming Events at the Gallery
  • Kevin MacPherson’s Reflections on a Pond
  • Jason Scull and Noe Perez

Resources:

Museum of Western Art

Other Hill Country Focused Podcasts

Hill Country Authors Podcast

Hill Country Artists Podcast

Texas Hill Country Podcast Network

Categories
Daily Compliance News

Daily Compliance News: October 23, 2024 – The Fired for Multitasking Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • EY fires staff who took multiple online training courses at the same time. (FT)
  • Harris looking at crypto friendly types to head SEC. (Unchained)
  • Investigation into Brazilian fighter jet sale. (ClearanceJobs)
  • Former A&F CEO arrested for sex trafficking. (WSJ)

Categories
Compliance Tip of the Day

Compliance Tip of the Day: TD Bank Lessons Learned – New and Emerging Risks Demand Action

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

If you develop new products and services, you must assess those offerings as new compliance risks to manage.

Categories
Blog

Compliance Lessons from Boris Karloff’s Frankenstein

Ed. Note: This week, leading up to Halloween, I will examine lessons for compliance professionals through the lens of the great Universal Movie Monsters: Frankenstein, Wolfman, Dracula, and The Mummy. First up is Boris Karloff’s film version of Frankenstein. 

============================================================

The 1931 classic Frankenstein, starring Boris Karloff as the iconic monster, offers more than gothic horror. It provides a rich framework for understanding corporate compliance. The film, adapted from Mary Shelley’s novel, tells the story of Dr. Henry Frankenstein, whose ambition to play God results in the creation of a monstrous figure. While focusing on the horror elements is easy and fun, a closer analysis reveals valuable lessons for compliance professionals and business leaders alike.

We will explore how this film version of Frankenstein mirrors real-world compliance challenges and how its themes of ambition, unchecked power, and ethical negligence offer critical insights into today’s corporate environment. We will also consider how Frankenstein offers a range of corporate compliance lessons that resonate with the key points raised by Nicole Argentieri in her recent speech to the Society of Corporate Compliance and Ethics (SCCE) and the 2024 Evaluation of Corporate Compliance Programs (2024 ECCP).

The Perils of Ignoring Ethical Oversight: Frankenstein’s Creation and Corporate Risk

Dr. Frankenstein’s pursuit of creating life was a scientific marvel, but his failure to consider his work’s moral and ethical implications led to his downfall. His ambition closed his eyes to the responsibilities that come with power and innovation. This reflects a critical issue for corporate compliance: the danger of ignoring ethical oversight in the rush to achieve business objectives.

In her SCCE speech, Nicole Argentieri highlighted the importance of ethical decision-making and the need for leadership to embed compliance into every facet of business operations. The 2024 ECCP emphasizes that compliance officers must have the authority and autonomy to act independently and influence decision-making at the highest levels of an organization. Just as Frankenstein lacked the oversight to rein in his dangerous experiment, a lack of oversight in corporate governance can result in catastrophic outcomes.

The clear lesson for compliance professionals is that organizations must prioritize ethical oversight and ensure compliance is involved in strategic decision-making. As the 2024 ECCP advises, having a strong compliance function with direct access to the board of directors can prevent “Frankenstein-like” risks from spiraling out of control. Ethics cannot be an afterthought; just as Frankenstein learned too late that his creation needed more than raw ambition, organizations must recognize the importance of ethical governance before it’s too late.

Risk Management: Expecting the Unexpected

One key reason for Frankenstein’s failure was his inability to anticipate the risks his creation posed. He believed he could control the creature, but without proper planning, things quickly spiraled out of control. This is a critical lesson in risk management for any organization. The creature was the manifestation of uncalculated risk—an outcome born of Dr. Frankenstein’s failure to consider the “what ifs.”

Argentieri’s speech and the 2024 ECCP emphasize the importance of addressing emerging risks and implementing proactive risk management strategies. As business models evolve, new risks emerge, and compliance professionals must be vigilant in identifying and addressing them before they become uncontrollable.

Compliance professionals should continuously evaluate and adjust their risk management strategies. This aligns with Argentieri’s recommendation that compliance programs must be agile and anticipate emerging risks, especially in areas such as new technologies, cybersecurity, and third-party relationships. A comprehensive risk management process that includes scenario planning and stress testing can prevent corporate “creatures” from escaping the lab and causing damage.

Accountability and Governance Failures

Dr. Frankenstein operated without accountability, answerable only to himself. His lack of governance resulted in a situation without checks and balances on his actions, and his poor judgment led to tragic consequences. The creature’s actions, while horrifying, can be traced back to Frankenstein’s governance failures.

Argentieri emphasized in her SCCE speech that the DOJ expects organizations to maintain a strong compliance culture backed by a governance structure that holds individuals accountable for their actions. The 2024 ECCP builds on this expectation, stressing that compliance programs must ensure accountability at all levels—from executives to front-line employees.

Effective compliance programs must have strong governance structures to hold individuals accountable for their decisions. This is more than just ensuring policies are in place; it’s about creating a culture where employees at every level understand their ethical responsibilities. Just as Frankenstein should have been accountable for the consequences of his experiment, corporate leaders must be held accountable for the risks and decisions they make within the company.

The Ethical Consequences of Secrecy

In Frankenstein, secrecy plays a critical role in Dr. Frankenstein’s downfall. He isolates himself from his peers, hiding the details of his experiments out of fear that others will not understand or approve. This secrecy prevents him from receiving the input and guidance that could have prevented disaster.

Similarly, corporate secrecy can breed ethical violations. In her speech, Argentieri discussed the importance of transparency in compliance efforts, particularly when addressing misconduct. The 2024 ECCP emphasizes open communication within organizations, noting that secrecy or a culture of silence can lead to deeper ethical violations, regulatory breaches, and, ultimately, significant legal consequences.

Compliance professionals must constantly work to foster a culture of transparency and open communication within their organizations. Indeed, the DOJ sees compliance professionals as the holders of institutional justice and institutional fairness in their organizations. Employees should feel empowered to raise concerns without fear of retaliation. Compliance professionals should encourage whistleblowers, monitor for red flags, and ensure that no department operates in secrecy. In the same way, that Dr. Frankenstein’s isolation led to his downfall, a corporate culture of secrecy can result in unethical behaviors festering in the shadows.

Remediation and the Need for Swift Action

One of the more tragic elements of Frankenstein is Dr. Frankenstein’s inability—or refusal—to remediate his mistakes. Instead of acknowledging the harm his creation causes and taking steps to stop it, he spends much of the film trying to avoid responsibility. This refusal to act only exacerbates the problem, leading to even more destruction.

In her SCCE speech, Argentieri emphasized the importance of remediation when compliance issues arise. The 2024 ECCP reinforces this point, stating that companies must take swift action when misconduct occurs to address the immediate issue and prevent future violations. A failure to remediate can lead to a loss of trust from regulators, stakeholders, and the public.

Companies must act swiftly to remediate any ethical or compliance violations. This means conducting thorough investigations, holding wrongdoers accountable, and implementing corrective measures to prevent similar issues in the future. Dr. Frankenstein’s inaction led to tragic consequences, and in the corporate world, failure to remediate can result in reputational damage, legal penalties, and a loss of public trust.

Creating a Culture of Compliance and Ethical Awareness

Ultimately, Dr. Frankenstein’s downfall can be traced to his failure to create an environment that valued ethical considerations and accountability. He was driven by ambition without the ethical grounding to manage his creation responsibly.

Argentieri’s speech stressed the importance of building a culture of compliance and ethical awareness within organizations. The 2024 ECCP echoes this, highlighting that culture is the foundation of an effective compliance program. A company’s culture should not only encourage compliance but make it clear that ethical behavior is a core value of the organization.

Compliance professionals should focus on building a strong ethical culture within your organization. Compliance programs are most effective when employees at all levels buy into the company’s ethical mission. Training programs, consistent messaging from leadership, and visible consequences for unethical behavior are all crucial components of creating this culture.

The Boris Karloff version of Frankenstein may be categorized as a horror film, but its compliance lessons are relevant to any organization today. From respecting ethical boundaries to the importance of accountability, risk management, and training, the film underscores the dangers of unchecked ambition and the value of thoughtful, well-designed compliance frameworks. As compliance professionals, we must ensure that our organizations don’t become modern-day Frankenstein’s, creating monsters we cannot control.

Join us tomorrow as we consider the corporate branding lessons for the compliance professional from the Bela Lugosi movie version of Count Dracula.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: TD Bank Lessons Learned: Putting Profits Over Compliance Will Always End Poorly

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Cutting costs in compliance and reducing head count will always be a path to wreck and corporate ruin.

Categories
Innovation in Compliance

Innovation in Compliance: Monica Goyal on Tech-Driven Solutions for Law Firms

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. This month’s sponsor of Innovation in Compliance is Athennian.

In this episode, Tom welcomes Monica Goyal, the Vice President for Legal Innovation and Lawyer at Caravel LLC and Briefly LLC, to explore the transformative potential of technology in the legal industry.

Monica has a non-traditional journey to the legal profession, beginning with her educational background in electrical engineering and firsthand experience in Silicon Valley. From this perspective and after law school and work in the legal field, she observed multiple process inefficiencies. She discusses how advanced technologies like generative AI and data analytics can address these inefficiencies, improving corporate governance, contract management, and the overall delivery of legal services.

Monica highlights the importance of legal innovation officers in law firms and the role of Caravel Law’s unique model in providing backend support to legal professionals, allowing them to escape administrative tasks and focus on core legal work. She also touches on the innovative concept of fractional in-house counsel, which serves businesses needing more support than external counsel without the full expense of a general counsel. Listeners will gain insights into the growing necessity for legal tech skills and the benefits of tools such as Athennian for document automation. Monica underscores the value of emerging technologies and encourages further exploration of resources like Caravel and Briefly for legal professionals.

Key Highlights:

  • Monica Goyal’s Unique Journey into Law
  • Innovations in Corporate Legal Departments
  • Communicating Tech Solutions to Legal Professionals
  • Caravel’s Unique Business Model
  • Management with Athennian

Future of Legal Tech and Data Analytics

Resources:

Monica Goyal on LinkedIn

Caravel LLC

Athennian

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

Daily Compliance News: October 22, 2024 – The Sketchy as Hell Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • An analysis of Supreme Court’s legalization of corruption. (NYT)
  • TikTok sacks intern for sabotage. (BBC)
  • Preventing bad behavior at work. (FT)
  • Extreme forum shopping. (CoinDesk)

Categories
Everything Compliance - Shout Outs and Rants

Shout Outs and Rants – Episode 143

  1. Matt Kelly rants about the Boston’s National Women’s Soccer League team (now deleted) advertising campaign announcing the new team with the tagline ‘too many balls’.
  2. Jonathan Marks shouts out the WNBA and the person who solved the Golden Owl puzzle.
  3. Karen Moore rants about non-civility in the Supermarkets of America’s Parking Lots.
  4. Tom Fox shouts out to GOP dominated Texas Legislature for subpoenaing Robert Roberson for an appearance before the House, one day before his scheduled execution and the Texas Supreme Court for staying his execution until he could appear.

The members of the Everything Compliance are:

The host and producer, rantor (and sometime panelist) of Everything Compliance is Tom Fox the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the award-winning Compliance Podcast Network.

Categories
Blog

TD Bank, Part 7 – Caremark Claims – Officers

Next, I explore the TD Bank AML/BSA enforcement action by looking at the expansion of the Caremark Doctrine. In the McDonald’s case, the Delaware Court of Chancery took the Caremark Doctrine further by applying the Duty of Loyalty to officers and Directors. In that case, styled In re McDonald’s Corporation Stockholder Derivative Litigation (McDonald’s herein), the Delaware Court of Chancery for the first time extended the Caremark Duty to officers, in addition to Directors. Here, the Court stated, “Diverse authorities indicate that officers owe a fiduciary duty of oversight as to matters within their areas of responsibility. Those authorities include the reasoning of the original Caremark opinion, the Delaware Supreme Court’s holding that the duties of officers are the same as those of directors, decisions from other jurisdictions and academic commentary, and the additional duties that officers owe as agents. This decision confirms that officers owe a duty of oversight.”

Expansion of Caremark to Officers

Caremark created an affirmative duty for the Board to engage in oversight. The Caremark court formulated a “more functional terminology that species of claim can be called an “Information- Systems Theory” of Board liability, also known as “Prong-One” Board liability. In this case, a plaintiff typically pleads a ‘Red Flag Theory’ or Prong-Two Caremark claim by alleging that the board’s information systems generated red flags indicating wrongdoing and that the directors failed to respond. In McDonald’s, the Court expanded both Prong-One and Prong-Two liability to officers.

The Court of Chancery listed three key sources for expanding this duty from Boards to officers.

  1. Management runs a company. While the Board oversees management, “most corporations are managed ‘under the direction of’ the board.” However, “the officers are charged with, and responsible for, running the corporation’s business.” Therefore, “Because of this reality, “[m]onitoring and strategy are not exclusively the dominion of the board. Nondirector officers may be more capable of making oversight and strategic decisions daily.”
  2. Boards depend on information from management. Here, the court noted that “For relevant and timely information to reach the board, the officers who serve as the day-to-day managers of the entity must make a good faith effort to ensure that information systems are in place so that the officers receive relevant and timely information that they can provide to the directors.” From this, “it follows that officers must have a duty to make a good faith effort to establish an information system as a predicate to fulfilling their obligation to provide information to the board.”
  3. Compliance systems are required under the USSG. The US Sentencing Guidelines (USSG) mandate that “high-level personnel of the organization shall ensure that the organization has an effective compliance and ethics program, as described in this guideline.” This requirement includes, “Specific individual(s) within high-level personnel shall be assigned overall responsibility for the compliance and ethics program.” The USSG goes on to define an organization’s “high-level personnel as “individuals who have substantial control over the organization or who have a substantial role in the making of policy within the organization, which includes “a director; an executive officer, an individual in charge of a major business or functional unit of the organization, such as sales, administration, or finance; and an individual with a substantial ownership interest. This has the added benefit of putting compliance professionals directly in the path of liability created by this decision.

Interestingly, even as the Delaware courts had not explicitly expanded the duty of oversight to officers, the court found some support in bankruptcy court decisions. The Delaware court found that Prong-One Information Systems and Prong-Two Red Flag claims were available against officers under certain circumstances. The Delaware court concluded this section: “All preceding authorities start from the premise that officers owe the same duties as directors. Because directors owe a duty of oversight, these authorities reason that officers owe a duty of oversight. That logic is sound.”

The Delaware court also noted that officers have fiduciary duties to the corporation akin to those duties that agents owe their principals. The court pointed to a prior Delaware decision in Hampshire, which “recognized a standard of conduct at the officer level that included a duty to act carefully, loyally, and in good faith to gather and provide information, with the standard of liability for the care dimension of the duty measured by gross negligence. By recognizing the duty to provide information, Hampshire lays the foundation for an officer-level duty consistent with an Information-Systems Theory. The Court also found there is officer accountability to the Board, which supports this extension of the duty of oversight to officers.

Officer Actions

From the Information in the TD Bank matter, we have the following, “During the relevant period, Defendants willfully failed to maintain an adequate AML program at the Bank. At various times, high-level executives including those in Global AML Operations, in senior executive management, and on the TDBUSH Audit Committee—specifically including an individual who became Defendants’ Chief Anti-Money Laundering Officer (“Chief AML Officer”) during the relevant period (Individual-1) and the Bank’s BSA Officer (Individual-2)—knew there were long-term, pervasive, and systemic deficiencies in the Defendants’ U.S. AML policies, procedures, and controls.

 The Defendants did not substantively update the Bank’s automated transaction monitoring system from at least 2014 through 2022— including addressing known gaps and vulnerabilities in the TDBNA’s transaction monitoring program—despite increases in the volume and risk of its business and significant changes in the nature and risk of transactional activity. In addition, during the relevant period, TDBNA monitored only approximately 8% of the volume of transactions because it omitted all domestic automated clearinghouse (“ACH”) transactions, most check activity, and numerous other transaction types from its automated transaction monitoring system.

 Due to this failure, the Bank did not monitor approximately $18.3 trillion in activity between January 1, 2018, and April 12, 2024. At the same time, Bank senior executives repeatedly prioritized the “customer experience over AML compliance. They enforced a budget mandate, referred to internally as a “flat cost paradigm, that set expectations that all budgets, including the AML budget, would not increase year over year.

Is all of this enough to invoke Caremark liability for officers? Perhaps when you consider the additional facts as reported in the Information Bank, senior executives repeatedly prioritized the “customer experience over AML compliance and enforced a budget mandate, referred to internally as a “flat cost paradigm, that set expectations that all budgets, including the AML budget, would not increase year-over-year. The Defendants’ failures to appropriately fund the Bank’s AML program and to adapt its transaction monitoring program resulted in a willfully deficient AML program that allowed three money laundering networks to exploit the Bank and collectively transfer over $670 million through TDBNA accounts. At least one scheme had the assistance of five store insiders at TDBNA.

 At one point, the Information reported that the AML compliance program budget was reduced by 2021 to an amount lower than budgeted for the program in 2018. Further, both the Chief Anti-Money Laundering Officer (“Chief AML Officer”) and the Bank’s BSA Officer (Individual-2) touted their ability to stay within the budgetary constraints in their self-assessments as positive. Finally, Individual-1 referred to the Bank’s “historical underspend on compliance in an email to the Group senior executive responsible for the enterprise AML budget, yet the US-AML budget essentially stayed flat. GAML and US-AML employees explained to the Offices that budgetary restrictions led to systemic deficiencies in the Bank’s transaction monitoring program and exposed the Bank to potential legal and regulatory consequences. In other words, the Bank’s AML officers were well aware of the shortcomings in the Bank’s AML program yet did nothing to remediate or ameliorate these deficiencies.

 The bottom line is that if there is ever going to be a case to validate the expansion of the Caremark Doctrine to include officers, this is likely the case.