Author: admin

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Lessons on Pre-Acquisition Due Diligence in M&A from John Deere

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Inadequate pre-acquisition due diligence can put your company in serious legal, compliance, and reputational jeopardy.

Categories
Daily Compliance News

Daily Compliance News: October 15, 2024 – The Outside Counsel Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • How culpable are outside counsel for corp wrongdoing? (FT)
  • Beny Steinmetz arrested yet again. (Politico)
  • Will US SCt declare NLRB unconstitutional? (Reuters)
  • Nigeria refuses to grant health related bail release for Binance compliance officer. (Bloomberg)

Categories
Innovation in Compliance

Innovation in Compliance: Tech Evolution in Real Estate Law: A Conversation with Christy-Ann Jordaan

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. This month’s sponsor of Innovation in Compliance is Athennian.

In this episode, Tom welcomes Christy-Ann Jordaan, a Paralegal with extensive experience in the commercial real estate sector.

Christy discusses her career journey, starting from her early days in law firms to her current role at BOSA Properties in Vancouver. She elaborates on the evolution of technological solutions in the legal field, emphasizing the benefits of automating manual tasks and enabling self-service information access. Christy highlights how these innovations have improved efficiency, reduced workload, and enhanced service quality. She shares insights into the implementation of Athennian, a digital solution for managing corporate records, which has transformed their operations by centralizing data and enabling secure access. Looking ahead, Christy is excited about future tech advancements, including AI-powered corporate record management. Listeners are encouraged to connect with her on LinkedIn or explore BOSA Properties’ website for more information about the company’s endeavors.

Key Highlights:

  • Christy’s Professional Journey
  • Technological Evolution in Legal Work
  • Athennian Solution: A Game Changer
  • Future Tech Solutions and AI

 Resources:

Christy-Ann Jordaan on LinkedIn

Bosa Properties

Athennian

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

TD Bank: Part 2 – When Profits Trump Compliance: A Recipe for Corporate Disaster

We continue our exploration of the resolution of the AML/BSA enforcement action involving TD Bank US (the Bank), which is wholly owned by TD Bank Group, a publicly traded (NYSE: TD) international banking and financial services corporation headquartered in Toronto, Canada. TD Bank Group is one of the thirty largest banks in the world and the second-largest bank in Canada.

The enforcement action came in with a $3 billion penalty against the Bank, which has pled guilty to charges relating to the Bank Secrecy Act (BSA), which requires financial institutions to maintain programs to detect and report suspicious activity by their customers. The Bank also settled a series of civil investigations by the Treasury Department’s Financial Crimes Enforcement Network (FinCEN), the Federal Reserve, and the Office of the Comptroller of the Currency (OCC), which mandated a Monitor to oversee the building out of the Bank’s compliance program and imposed an asset cap limiting the growth of the Bank’s U.S. retail business as a result of the breakdown of its controls.

This TD Bank case is right up there with Siemens, Petrobras, Odebrecht, Goldman Sachs, and Volkswagen as some of the most basic violations of corporate law we have ever seen. All of the above cases involved bribery and fraud, and the Bank case involved a violation of the most basic requirement of the BSA and the most basic tenets of an anti-money laundering compliance program. Moreover, the Bank’s conduct was not 20 years ago or even 10 years ago, as the conduct began in 2018, and the illegal conduct was right up to this past year. What led to these failures?

Failures at the Top

For the Bank, it all started at the top, where the very senior executives at the Bank decreed that no additional funds would be made available for compliance, compliance updates, or new technological solutions designed to make fulfillment of compliance obligations more efficient. This funding strangulation was termed the “flat cost paradigm” across the Bank’s operations. As a result, the Bank “willfully failed to remediate persistent, pervasive, and known deficiencies in its AML program, including (a) failing to substantively update its transaction monitoring system, which is used to detect illicit and suspicious transactions through the Bank, between 2014 and 2022 despite rapid growth in the volume and risks of the Bank’s business and repeated warnings about the outdated system.”

According to the TD Bank US Holding Company Information, this policy was pursued by the Bank Audit Committee and by the Bank’s Chief Anti-Money Laundering Officer during the relevant period, and the Bank’s BSA Officer both knew there were long-term, pervasive, and systemic deficiencies in the Defendants’ U.S. AML policies, procedures, and controls. This led to the Bank monitoring only approximately 8% of the volume of transactions because it omitted all domestic automated clearinghouse transactions, most check activity, and numerous other transaction types from its automated transaction monitoring system. Due to this failure, the Bank did not monitor approximately $18.3 trillion of transactions between January 1, 2018, through April 12, 2024.

It is not as if the Board of the Bank and its Canadian overlords were unaware of these deficiencies. As far back as 2013, FinCEN and the OCC brought enforcement actions against the Bank for its failures in its AML program. The Bank’s Board of Directors specifically signed off on the resolution of this enforcement action. IN 2018, the OCC characterized the Bank’s “planning, delivery, and execution of AML technology systems and solutions as insufficient. Specifically, the OCC highlighted the delays in implementing multiple AML technology projects and found those delays to be directly linked to nearly all of TDBNA’s outstanding AML program issues.”

Internal Audits at the bank also identified specific deficiencies in the bank’s AML and BSA compliance programs. In 2018, Internal Audit determined that the Bank’s high-risk jurisdiction transaction monitoring scenarios were using an outdated list of high-risk jurisdictions, meaning the bank’s scenarios were not designed to generate alerts on the jurisdictions currently deemed to be high-risk. Again, in 2020, Internal Audit identified AML compliance deficiencies related to the governance and review of transaction monitoring scenarios.

External third-party consultants also identified deficiencies in the Bank’s AML/BSA programs. One consultant “commented that “increased volumes and regulatory requirements” would pressure AML operations to meet demands and deadlines. The same consultant concluded that the Bank’s required testing of its transaction monitoring scenarios— which assessed whether scenarios were adequately capturing suspicious activity— took twice as long as the industry average.” A second consultant noted the Bank had “sub-optimal [transaction monitoring] scenarios” due, in part, to “outdated parameters” that generated a large volume of alerts that limited the Bank’s ability to focus on high-risk customers and transactions.” Finally, a third consultant “identified numerous limitations in the Bank’s transaction monitoring program, including technology barriers to developing new scenarios or adding new parameters to existing scenarios.”

Knowledge at the Bottom

Perhaps the craziest thing about the Bank’s failures in AML/BSA was that everyone was in on the joke: the Board, senior management, Bank employees, and ‘the bad guys.’ One conversation went like this:

AML Technologist: what do the bad guys have to say about us Lol

AML Manager: Easy target

AML Technologist:  damnit

AML Manager: Old scenarios; old CRR; tech agility is poor to react to changes

AML Manager: Bottomline: we have not had a single new scenario added since we first implemented the SAS

Another example cited in the Information was the following: “Other employees, both in AML and retail, consistently commented on the Bank’s instant messaging platform about the Bank’s motto, “America’s Most Convenient Bank,” and directly linked it to the Bank’s approach to AML. For example, a US-AML employee noted that a reason the Bank had not stopped one of the below-referenced money laundering typologies was because “we r the most convenient bank lol.”

Finally, this example from the information section states that “employees at multiple levels understood and acknowledged the likely illegality of David’s activity. In August 2020, one TDBNA store manager emailed another store manager and remarked, “You guys need to shut this down, LOL.” In late 2020, another store manager implored his supervisors (several TDBNA regional managers) to act, noting that “[i]t is getting out of hand, and my tellers are at the point that they don’t feel comfortable handling these transactions.” In February 2021, one TDBNA store employee saw that David’s Network had purchased more than $1 million in official bank checks with cash in a single day and asked, “How is that not money laundering,” to which a back-office employee responded, “oh it 100% is.” “

In his remarks, Attorney General Merrick Garland cited three examples where Bank employees knew money laundering was ongoing.

  1. In February 2021, one TD Bank store employee saw that David’s network had purchased over $1 million in official bank checks with cash in a single day. The employee asked, “How is that not money laundering?” A back-office employee responded, “Oh, it 100% is.”
  2. In a second, separate money laundering scheme, five TD Bank employees conspired with criminal organizations to open and maintain accounts at the bank that were used to launder $39 million to Colombia, including drug proceeds.
  3. In yet a third scheme, a money laundering network maintained accounts at TD Bank for at least five shell companies. It used those accounts to move over $100 million in illicit funds through the bank.

The bottom line is that everyone knows that the Bank facilitated money laundering and BSA violations. Why? The Bank consciously decided not to fund the compliance function or pay for any upgrades or updates, all in the name of its ‘flat cost paradigm.’

I will explore this matter in some depth over the next several blog posts. Tomorrow, I will consider money-laundering schemes.

Resources

 OCC

OCC Press Release

Consent Order 

Civil Money Penalty 

DOJ

TD Bank US Holding Company Information

TD Bank N.A. Information

TD Bank US Holding Company Plea Agreement and Attachments

TD Bank N.A. Plea Agreement and Attachments

Merrick Garland Remarks

Nicole Argentieri Remarks

Categories
Corruption, Crime and Compliance

DOJ Updates Evaluation of Corporate Compliance Programs

How prepared is your company to handle the evolving risks of artificial intelligence and other emerging technologies in its compliance program?

In this episode of Corruption, Crime and Compliance, Michael Volkov delves into the Department of Justice’s 2024 updates to its evaluation of corporate compliance programs. As the DOJ continues to set global standards, Michael discusses key updates related to risk management, especially around AI and other technologies. He also covers important shifts in training, whistleblower protections, third-party management, and data analytics, offering a comprehensive overview of what businesses need to consider for effective compliance.

You’ll hear him discuss:

  • The DOJ raises the bar for corporate compliance, including technology risk management through their updated Compliance Guidance (2024).
  • Companies must evaluate AI in both business and compliance contexts, ensuring controls for trustworthiness and legal alignment.
  • Firms need to incorporate lessons from other companies and adapt policies and procedures to reflect emerging tech.
  • Employee training must now be interactive, tailored, and measured for effectiveness.
  • With their focus on whistleblower protection, the DOJ emphasizes tracking employee comfort in reporting issues and ensuring protection from retaliation.
  • Companies are encouraged to continuously monitor third-party relationships beyond the onboarding phase.
  • Stronger processes are needed for compliance audits and integration after mergers.
  • DOJ pushes for the use of data analytics tools in compliance and better coordination between HR and compliance teams.

Resources:

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

DOJ Evaluation of Corporate Compliance Programs

Categories
Riskology

Riskology by Infortal: Episode 34 – The Hezbollah Pager Attack & Supply Chain Compliance

Tune in for the latest episode of Riskology by Infortal™, where special guest Tom Fox of the Compliance Podcast Network and hosts Dr. Ian Oxnevad and Chris Mason dive into the business and compliance implications of Israel’s counterterrorism operation involving Hezbollah’s electronic devices.

Hezbollah’s Supply Chain Failure and Israel’s Counterterrorism Success 

Israel’s counterterrorism operation in Lebanon on Hezbollah’s electronic devices serves as a stark reminder of the compliance risks that global businesses face.  Even though Hezbollah is a terrorist group, the pager operation provides lessons for normal businesses.  

In this particular case, a Taiwanese company called Gold Apollo licensed its name to a Hungarian company, which then manufactured and sold pagers to Hezbollah. This relationship, initially straightforward, became complex as the Hungarian company sought to evolve and use the Taiwanese company’s name to make its own proprietary designs. Ultimately, these pagers found their way into the hands of Hezbollah members.

This case raises several compliance concerns. The lack of thorough due diligence by the Taiwanese company allowed for potential misuse of their products. The complexities of tracking ownership and responsibility in global supply chains mean that even legitimate companies can become inadvertently involved in geopolitical conflicts. This event underscores the necessity for robust compliance frameworks to prevent such issues.

Supply Chain Vulnerabilities and Advanced Technology

The use of pagers to coordinate an attack highlights vulnerabilities within supply chains, especially when advanced technology is involved. It was speculated that a Hungarian company acted as a front for Mossad or other intelligence agencies. This kind of covert operation not only increases the complexity of supply chains but also the risk profile for all companies involved.

Additionally, payments originating from unnamed Middle Eastern countries were flagged by banks in Taiwan, highlighting another layer of failure. These offshore payments triggered additional scrutiny and delays, emphasizing the importance of financial transparency and thorough documentation in global transactions. While initially flagged, the transactions were ultimately serviced.

Reputational and Operational Risk Implications

All organizations use electronics tied to complex, cross-border supply chains. Understanding the makeup and oversight of the underlying supply chain should be an important consideration for selecting vendors.

Large corporations, small non-profits and even government bureaucracies can be indirectly exposed to significant reputational and operational risk if supply chains are not managed correctly, as the pager attack scenario illustrates. 

At the end of the day, it pays to know who you do business with, and this requires up front due diligence.

Resources:

Infortal Worldwide

Email

Chris Mason on LinkedIn

Dr. Ian Oxnevad on LinkedIn

Tom Fox on the Web | LinkedIn

Categories
Daily Compliance News

Daily Compliance News: October 14, 2024 – The Do GC’s Face Peril Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • Is routine legal advice risky? If you advise paying a bribe. (Law.com)
  • Deloitte fooled by fraudster in Texas (Houston Chronicle)
  • Moog settles FCPA claim. (WSJ)
  • TD Bank fined $3bn (WSJ)

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Lessons on GTE from John Deere

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

The foundation of any effective whistleblower program is a clear, robust policy that is communicated effectively across the organization.

Categories
Adventures in Compliance

Adventures in Compliance: Introduction to The Case – Book of Sherlock Holmes

In this new season of Adventures in Compliance, host Tom Fox takes a deep dive into the Sherlock Holmes collection The Case-Book of Sherlock Holmes by Arthur Conan Doyle. It is final set of twelve Sherlock Holmes short stories by Arthur Conan Doyle first published in the Strand Magazine between October 1921 and April 1927.

In the 1920’s Conan Doyle once again returned to his great creation for 12 more stories (and final) which were first published in The Strand, and then published collectively as The Case-Book of Sherlock Holmes in 1927. To some, they suggest a new narrative style, as 9 are told by Watson as the reader would expect, but one is narrated in the third person, and two by Holmes himself. Watson is at pains in the opening narrative to “Thor Bridge” to explain the change: ‘In some [cases] I was myself concerned and can speak as an eye-witness, while in others I was either not present or played so small a part that they could only be told as by a third person.’ … Conan Doyle’s struggle to ring the changes on what had become for him a tired formula reflected his personal literary journey.

Three stories of the collection are not narrated by Dr. Watson, unlike most Sherlock Holmes stories. “The Mazarin Stone” is narrated in the third person, since it was adapted from a stage play in which Watson hardly appeared. “The Blanched Soldier” and “The Lion’s Mane” are both narrated by Holmes himself, the latter being set after his retirement This collection marks the final appearances of Sherlock Holmes and contains some of the more peculiar and dark stories in the series.

Sherlock Holmes and The Casebook of Sherlock Holmes – Story List

  1. The Adventure of the Mazarin Stone
  2. The Problem of Thor Bridge
  3. The Adventure of the Creeping Man
  4. The Adventure of the Sussex Vampire
  5. The Adventure of the Three Garridebs
  6. The Adventure of the Illustrious Client
  7. The Adventure of the Three Gables
  8. The Adventure of the Blanched Soldier
  9. The Adventure of the Lion’s Mane
  10. The Adventure of the Retired Colourman
  11. The Adventure of the Veiled Lodger
  12. The Adventure of Shoscombe Old Place

In this episode, host Tom Fox provides an overview of the collection, details about its publication, and highlights the impact of Conan Doyle’s personal life on his work. Over the next 12 episodes, we will explore ethical and compliance lessons from Holmes’ stories.

Resources:

The New Annotated Sherlock Holmes

Sherlock Holmes FAQ by Dave Thompson

For an audio/video version of the Compliance Kids book, Speaking Up is AWESOME, contact Tom Fox.

 Connect with Tom Fox

Instagram Facebook YouTube Twitter LinkedIn

Categories
FCPA Compliance Report

FCPA Compliance Report: From Inputs to Outputs – Roxanne Petraeus and Susan Divers on Rethinking Compliance

Welcome to the award-winning FCPA Compliance Report, the longest running podcast in compliance. In this edition of the FCPA Compliance Report, host Tom Fox is joined by Roxanne Petraeus and Susan Divers from Ethena to discuss innovative perspectives on compliance training, specifically focusing on the 2024 update to the Evaluation of Corporate Compliance Programs.

Roxanne, drawing from her military background, emphasizes the importance of practical and effective compliance training that resonates with employees rather than traditional ‘check-the-box’ methods. Susan highlights the shift towards emphasizing outputs over inputs, urging for compliance programs that are not just on paper but practiced and understood by all employees.

The discussion delves into the new expectations from the DOJ regarding the use of AI and data analytics in compliance, positioning compliance officers as pivotal to maintaining organizational justice and fairness. They also explore strategies for persuading senior management to prioritize compliance through emphasizing organizational culture and reputation. The conversation concludes with the role of leadership in fostering a compliant culture and practical steps for reaching out to Ethena for further insights.

Highlights in this Episode:

  • Deep Dive into the 2024 Compliance Program Update
  • Roxanne’s Journey and Ethena’s Mission
  • Susan’s Transition to Ethena
  • Outputs Over Inputs: A New Compliance Focus
  • The Role of AI in Compliance
  • Leadership and Compliance Strategy

 Resources:

Roxanne Petraeus on LinkedIn

Susan Divers on LinkedIn

Ethena

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For an audio/video version of the Compliance Kids book, Speaking Up is AWESOME, contact Tom Fox.