Author: admin

Categories
Blog

2024 ECCP on Accessing Data

In the recently released 2024 Update to the Evaluation of Corporate Compliance Programs (2024 ECCP), the Department of Justice (DOJ) has brought new challenges and opportunities for compliance professionals. One of the most significant changes revolves around data access and the role data plays in an effective compliance program. In this blog post, we’ll explore the key takeaways from the updated guidance and what compliance professionals must do to meet these new expectations, especially when gaining and maintaining access to the right data. This is no longer just about best practices; it is now table stakes. Matt Kelly and I explored this question in this week’s Compliance into the Weeds edition.

Now More Than Ever

One of the most notable aspects of the DOJ’s 2024 update is its focus on data access for compliance professionals. The DOJ has made it clear that if you do not have sufficient access to data, you cannot adequately monitor compliance, detect issues, or remediate problems. Compliance officers are no longer given a pass when they say, “I didn’t have access to the data.”

How did we get here? Part of this shift can be attributed to companies that have demonstrated excellence in leveraging data to bolster their compliance programs. Through the heat of DOJ investigations, these businesses have proven that with the right data, compliance officers can detect misconduct more quickly and prevent violations altogether. At the same time, the DOJ recognizes that many companies still struggle to provide their compliance teams with the data they need to do their jobs effectively.

Data Access: From Best Practice to Table Stakes

In prior years, having a robust data analytics program for compliance was considered a gold standard. It was an aspirational goal that companies could work toward. However, as the DOJ has seen companies implement highly effective data programs, what was once a best practice is now table stakes. If your compliance program can’t access the right data in real-time or near-real-time, you’re not just behind the curve—you’re putting your organization at risk.

Compliance officers can now point to this updated guidance and tell senior management: “This isn’t optional anymore.” You need the resources, tools, and support to access and analyze data effectively. The DOJ’s guidance clarifies that if your company faces an investigation, the inability to access relevant data won’t just be an inconvenience; it will be seen as a compliance failure.

The Six Key Questions: A Roadmap for Data Access

The 2024 ECCP includes six specific questions related to data access, which serve as a roadmap for what compliance officers need to ask within their organizations. While a DOJ prosecutor may not ask all six in any given case, companies should be prepared to answer them all. We will break down how compliance professionals should approach each of these questions.

Does Compliance Have Sufficient Access to Data?

The first question asks whether compliance and control personnel have direct or indirect access to relevant data sources for timely and effective monitoring or testing. In other words, can the compliance team get the information they need when they need it?

This can be a major hurdle for many companies, especially those with complex IT ecosystems. If you’ve gone through multiple mergers and acquisitions, chances are you’re dealing with a variety of legacy systems that don’t “talk” to each other. Compliance officers might find themselves chasing down data from various silos across different business units, which can delay their ability to spot red flags.

What You Should Do

  • Map out your data sources. Know where all relevant data resides, from ERP systems to HR software and procurement platforms.
  • Identify bottlenecks. If your compliance team encounters roadblocks when accessing data, document those challenges and bring them to senior management.
  • Collaborate with IT. Ensure that IT systems are integrated and compliance has the tools to pull and analyze data without delay.

Are There Impediments to Accessing Data?

The second question focuses on barriers preventing compliance from accessing data. These barriers could be structural, such as outdated or incompatible systems, or they could be cultural, such as senior management not prioritizing compliance’s data needs.

What You Should Do

  • Address structural and cultural issues: If your company uses disparate systems, work with IT to create a data lake or central repository for key compliance data. Culturally, ensure that leadership understands the importance of compliance’s access to data and empowers the team accordingly.

Does Compliance Have the Tools to Analyze Data?

Once you can access the data, do you have the tools to analyze it effectively? This question goes beyond simply having access to the data—it’s about whether you have the analytics capabilities to make sense of it.

What You Should Do

  • Invest in the right tools. Data access means nothing if you can’t analyze the information. Invest in data analytics platforms, allowing your compliance team to automate risk assessments, flag potential issues, and generate real-time reports.
  • Train your team. Ensure that compliance personnel are trained on how to use these tools effectively. Analytics without insight is just noise.

Is Data Maintained Properly?

The fourth question concerns data maintenance. Is data stored securely, and is it accurate and reliable? The DOJ wants to ensure that companies don’t just pull data from disparate sources without validating its accuracy.

What You Should Do

  • Validate your data. Work with IT to ensure that data is accurate and up-to-date. Compliance teams need to know that the information they are using is reliable.
  • Establish data governance protocols. Set clear guidelines for data maintenance, including how data should be stored, accessed, and updated.

Is the Company Leveraging Data Analytics to Improve Compliance?

This question is at the heart of the DOJ’s updated guidance. It asks whether companies are using data analytics to create efficiencies in compliance operations and to measure the effectiveness of their compliance programs.

What You Should Do

  • Integrate data analytics into your compliance program. Use data to identify risk patterns, monitor employee behavior, and assess the effectiveness of your compliance efforts.
  • Review your analytics strategy regularly to ensure that you’re continually improving how you use data analytics to enhance your compliance program.
  1. How Precise is Your Data?

Finally, the DOJ asks about the precision of your data. This question goes beyond accuracy—it’s about whether you’re getting the right data at the right level of detail.

What You Should Do

  • Refine your data collection efforts. Ensure you collect precise, relevant data that aligns with your compliance needs. Broad, imprecise data won’t help you detect or prevent misconduct.

Communicating the Importance of Data Access to Senior Management

One of the most important takeaways from the 2024 ECCP update is that compliance officers now have a concrete basis to advocate for better data access. This is no longer about wish lists or best practices—it’s a regulatory expectation. Compliance officers must have honest conversations with senior management and the board about the company’s current data capabilities and where improvements are needed.

Companies often invest in technology when a problem arises, only to pull back once the issue is resolved. This cycle leaves compliance teams under-resourced and needing help to keep pace with evolving risks. The 2024 ECCP gives compliance officers the leverage to push for sustained investments in data access and analytics.

The DOJ’s 2024 update to the Evaluation of Corporate Compliance Programs underscores the critical importance of data access and analytics for modern compliance programs. It is no longer enough to have policies in place; compliance officers need the right data at the right time and the tools to analyze it effectively. The questions posed by the DOJ should serve as a guide for structuring your data access strategy and ensuring that your compliance program is up to the task.

By taking proactive steps to improve data access and analytics, compliance professionals can meet regulatory expectations and build stronger, more resilient programs that can detect and prevent misconduct before it escalates into a serious issue.

Categories
Career Can D0

Breaking The Degree Myth When Hiring with Dr. Donald McNeeley

What if the future of hiring focused more on real-world impact than a college degree? In this episode of Career Can Do, Mary Ann Faremouth chats with Dr. Donald McNeeley, Executive Chairman of Chicago Tube and Iron and a professor at Northwestern University, about how hiring practices are evolving and what it means for both employers and candidates.

Dr. McNeeley makes a thought-provoking point: someone without a degree could hit the ground running and make a significant impact from day one, while a degree-holder might take years to deliver real results. He argues that when it comes to hiring, experience and practical skills should take center stage, especially in fields like sales where immediate contribution matters.

He encourages employers to keep an open mind when it comes to qualifications. Sure, some positions need specific certifications, but many don’t. By focusing on what candidates can actually do rather than rigid requirements, companies can attract top talent. As Dr. McNeeley quotes Richard Branson, “Train people well enough so they can leave. Treat them well enough so they don’t want to.”

Dr. McNeeley also questions the effectiveness of standardized tests in college admissions, highlighting their cultural biases and lack of real-world predictive power. For him, emotional intelligence (EQ) should be prioritized over intellectual ability (IQ). “Empathy isn’t just a nice-to-have in leadership,” he notes. “It’s essential for collaboration and innovation.”

So, what’s the takeaway for job seekers and employers? For candidates, staying humble, seeing your career as a marathon, and finding mentors is key. For employers, creating a fun and engaging work environment boosts morale and retention—sometimes simple social events can make all the difference.

Resources:

Faremouth.com

Categories
Daily Compliance News

Daily Compliance News: October 1, 2024 – The Not a Bribe in NYC Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • Eric Adams files for dismissal of bribery allegations. (Bloomberg)
  • Atlas Metric secures funding to simplify ESG reporting. (TechEU)
  • Creating business ethics in Guatamala. (Atlantic Council)
  • Hearing on Boeing/DOJ guilty plea set. (Reuters)

Categories
Compliance Tip of the Day

Compliance tip of the Day: Embracing Continuous Improvement in Compliance Programs

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we explore why the DOJ’s emphasis on continuous improvement in compliance programs is a call to action for all of us.

Categories
Innovation in Compliance

Innovation in Compliance: Evie Wentink on Rethinking Compliance

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast.

In this episode, Tom welcomes back Evie Wentink to discuss the importance of rethinking ethics and compliance practices.

Evie shares insights from her recent LinkedIn articles on best practices for ethics hotlines and the importance of finding creative ways to engage employees in compliance topics. She reads a whimsical Dr. Seuss-inspired piece on reaching ethics hotlines and emphasizes the need for compliance messaging to be approachable and engaging. Additionally, Evie discusses the challenges compliance professionals face with limited budgets and offers practical solutions such as leveraging LinkedIn for networking and creating low-cost, effective compliance awareness tools.

The conversation also touches on the significance of changing the narrative around ethics and compliance for younger generations. Evie shares her experiences discussing compliance with her children and highlights the need for better education in schools to prepare future employees. She concludes by mentioning her new website, Ethical Edge Experts, and various platforms she’s using to spread compliance awareness. Tom and Evie agree on the necessity of continuous dialogue and innovation in the compliance field.

Key Highlights:

  • Rethinking Compliance Practices
  • Creative Messaging for Ethics Hotlines
  • Leveraging Low-Cost Resources
  • Engaging Managers in Compliance

Resources:
Evie Wentink on LinkedIn

Evie’s Top 10 Compliance Back to Basics

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

The 2024 ECCP – Using Data Analytics to Determine Employee Engagement, Trust, and Corporate Culture

In her recent speech at the Society of Corporate Compliance and Ethics 23rd Annual Compliance & Ethics Institute. Principal Deputy Assistant Attorney General Nicole M. Argentieri spoke about the CWA and reviewed its early developments. (A copy of her remarks can be found here.) There was also updated information on the DOJ approach to whistleblowers and anti-retaliation found in the 2024 Update to the Evaluation of Corporate Compliance Programs (2024 ECCP). She addressed the growing importance of using data analytics to evaluate key aspects of a company’s corporate culture, particularly employee engagement, trust, and overall corporate ethics.

Assessing corporate culture is essential for compliance professionals. Culture is a powerful determinant of whether employees will adhere to company policies, report misconduct, and act ethically. The DOJ has made it clear through the 2024 ECCP that an organization’s culture of compliance is as critical as the controls themselves. Compliance programs must go beyond preventing misconduct and cultivate a culture where ethics and transparency are prioritized.

Employee engagement and trust are at the heart of this culture. Engaged employees are more likely to comply with rules and report issues. However, if there is a lack of trust—whether in the company’s leadership, policies, or reporting mechanisms—the risk of ethical lapses and misconduct increases. Data analytics can offer compliance professionals actionable insights into these hard-to-measure elements of corporate culture.

Leveraging Data Analytics for Cultural Insights

Traditionally, companies have relied on surveys, focus groups, and audits to assess employee engagement and trust. Despite their value, these methods frequently have limitations due to low response rates, biases, and a point-in-time perspective. On the other hand, data analytics offers ongoing, real-time insights across various indicators. Let’s explore how data analytics can help evaluate employee engagement, trust, and corporate culture:

Employee Engagement Data

Employee engagement can be a key indicator of whether a compliance program is likely to succeed. High levels of engagement suggest that employees are motivated, aligned with corporate values, and likely to act in the company’s best interest.

Metrics to Consider

  • Employee Feedback Platforms. Tracking data from feedback platforms (such as pulse surveys or anonymous feedback tools) can provide insights into employee sentiment about their work environment and leadership.
  • Participation in Training Programs. Data on employee participation in compliance training—especially voluntary programs—can offer insights into employees’ engagement with the company’s compliance initiatives.
  • Use of Corporate Tools. Monitoring internal systems such as compliance hotlines, whistleblower portals, and internal messaging boards can help assess whether employees feel empowered to engage with compliance resources.

By monitoring engagement trends over time, compliance officers can detect shifts in employee engagement and intervene if levels drop. For instance, increasing non-compliance with mandatory training could be a red flag for broader cultural issues.

Trust in Leadership and Compliance Programs

Trust is a critical component of a successful corporate compliance culture. If employees do not trust leadership or the compliance function, they are less likely to report misconduct and more likely to turn a blind eye to ethical violations.

Metrics to Consider

  • Whistleblower Reporting. Data on the number of whistleblower reports can be telling. A lack of reports may not necessarily indicate a lack of issues—it could signal a fear of retaliation or distrust in the reporting process.
  • Retention Rates in High-Risk Areas. Monitoring employee turnover in areas that are considered high-risk (e.g., finance, procurement, or overseas offices) can help determine whether ethical concerns are driving departures.
  • Survey Data on Trust Levels. Regular employee surveys on perceptions of leadership and the compliance program can offer a pulse on trust. The key is to go beyond traditional engagement surveys and ask questions about ethical concerns and trust in compliance leadership.

Combining survey data with data from whistleblower systems and employee retention analytics can offer a more nuanced view of whether employees trust leadership. A low reporting rate and high turnover in high-risk areas may indicate deeper cultural problems requiring intervention.

Monitoring Employee Behavior and Risk Indicators

One of the most significant ways data analytics can support compliance efforts is by detecting behavioral patterns that may indicate a lapse in corporate culture or potential compliance risks.

Metrics to Consider

  • Expense and Travel Data. Analyzing expense reports and travel data patterns can reveal inconsistencies or potential misconduct, such as fraudulent claims or unauthorized spending.
  • Email and Communication Analysis. Some companies use natural language processing (NLP) tools to analyze internal communications for warning signs of ethical issues. This can include detecting language that suggests rule-breaking, covering up misconduct, or expressing discontent with corporate policies.
  • Business Unit Performance vs. Compliance Reporting. Comparing performance data across business units with the frequency of compliance-related issues can provide insights into whether high-performing units are cutting corners to achieve their results.

Behavioral analytics can help compliance professionals detect patterns before they escalate into larger issues. For example, if a particular business unit shows exceptional financial performance but is under-reporting compliance concerns, this could signal a risky culture of non-compliance.

Driving a Data-Driven Culture of Compliance

Implementing data analytics in your compliance program requires the right technology, processes, and, most importantly, corporate buy-in. As the DOJ highlighted in its recent updates to the 2024 ECCP, compliance personnel must have adequate access to relevant data sources and the resources to interpret and act on that data. Companies should invest in the same level of technology for their compliance functions as they do for their business operations.

Some of the keys every compliance program should consider to help implement a data-driven culture of compliance include the following strategies:.

  • Build Cross-Functional Partnerships. Compliance teams should collaborate with human resources, IT, and business operations to gain access to the data they need. A cross-functional approach ensures compliance data is integrated into the company’s broader performance metrics.
  • Foster Transparency in Data Use. Be clear with employees about how their data will be used, particularly in sensitive areas such as monitoring communication. Emphasizing the ethical use of data can help build trust.
  • Regularly Reassess Your Metrics. As with any compliance program, the metrics used to evaluate corporate culture should evolve. New risks, technologies, and business challenges should inform your data strategy.

Strengthening Compliance through Analytics

The DOJ made clear in the Argentieri speech and the 2024 Update to the Evaluation of Corporate Compliance Programs that a data-driven approach to understanding employee engagement, trust, and corporate culture is essential for compliance success. Data analytics offers compliance professionals powerful tools to assess whether employees are following the rules and truly engaged in creating an ethical and compliant corporate environment.

As we look toward the future, companies prioritizing data analytics in their compliance programs will be better equipped to prevent misconduct, identify cultural risks, and foster a workplace that values ethics and transparency. For compliance officers, the time is now to embrace data analytics and use it to reinforce the foundation of a strong corporate compliance program.

Categories
Corruption, Crime and Compliance

Deep Dive into Deere SEC FCPA Settlement

The SEC’s recent settlement with Deere & Company for $9.9 million for FCPA violations is another textbook example of bribery schemes, which revealed the absence of a culture of compliance, and the circumvention of basic entertainment, hospitality and travel expense controls.

In this episode of Corruption, Crime, and Compliance, Michael Volkov breaks down the SEC’s $9.9 million settlement with Deere & Company following widespread FCPA violations by its subsidiary, Wirtgen Thailand. Michael discusses how the bribery schemes, involving government officials in Thailand, reveal significant failures in compliance oversight and corporate governance, while also highlighting the critical lessons for businesses aiming to avoid similar pitfalls.

Key Insights:

  • Deere’s subsidiary, Wirtgen Thailand, secured government tenders through cash bribes, entertainment at massage parlors, and lavish trips for officials from the Royal Thai Air Force (RTAF), Department of Highways (DOH), and Department of Rural Roads (DRR).
  • Wirtgen disguised entertainment and bribe payments in expense reports with vague descriptions and round-number amounts, which were improperly approved by regional managers.
  • Wirtgen organized extravagant trips disguised as factory visits for Thai officials, which included sightseeing and luxury hotels in Europe. These trips were arranged to win government tenders but involved no legitimate business activities.
  • Bribes were also funneled through a third-party consultant via sham commission agreements. This consultant acted as a middleman, facilitating bribe payments to government officials to secure high-value tenders.
  • Deere’s failure to fully integrate Wirtgen into its compliance program after acquisition allowed the bribery schemes to continue. This highlights the risks of not harmonizing compliance protocols in newly acquired subsidiaries.
  • In response to the SEC investigation, Deere terminated employees involved in the misconduct, revamped its compliance program, and introduced initiatives like a bi-monthly compliance newsletter and enhanced anti-bribery training.

Resources:

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Categories
Adventures in Compliance

Adventures in Compliance: Special Episode – Old Time Radio Meets The Silver Screen – Adam Graham on The Movie The Hound of The Baskervilles

We take things in a different direction today with our first Special Episode in the Adventures in Compliance podcast. Today, Tom Fox is thrilled to bring back Adam Graham for a short, two-part special series where we begin to review some of the movie representations of Sherlock Holmes. Tom met Adam Graham at PodFest Expo 2024 and he is a huge old-time mystery radio show aficionado, including, of course, Sherlock Holmes.

Today, we begin with a look at the first Basil Rathbone/Nigel Bruce Holmes adventures, which is also the first of two productions by Universal Pictures, The Hound of the Baskervilles.

Graham shares insights on the 15th anniversary of his podcast and his background as an independent podcaster. The discussion focuses on the enduring appeal of Sherlock Holmes, the strong performances of Basil Rathbone and Nigel Bruce, and the rich atmosphere of films like The Hound of the Baskervilles and The Adventures of Sherlock Holmes (our next episode).

The conversation highlights the contrasts between the portrayals of Dr. Watson by Nigel Bruce in films and other adaptations. They praise the remarkable cinematography, the storytelling, and the significance of character actors like George Zucco as Moriarty. They also discuss the range shown by Rathbone and Bruce in the dynamic roles they played. The episode concludes with Adam sharing details about his upcoming 15thanniversary of his podcast, the Great Detectives of Old Time Radio Podcast and inviting listeners to learn more about old time radio detectives on his website.

Key Highlights:

  • Analyzing The Hound of the Baskervilles
  • Basil Rathbone as Sherlock Holmes
  • Nigel Bruce’s Portrayal of Dr. Watson
  • Universal Pictures are the Right Studio for Holmes
  • Final Thoughts and Announcements

Resources:

The New Annotated Sherlock Holmes

Sherlock Holmes FAQ

Adam Graham

Great Detectives of Old Time Radio

Sherlock Holmes on Great Detectives of Old Time Radio

Connect with Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Highlights from Argentieri Speech

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we look at the key highlights for compliance professionals from the recent speech by Nicole Argentieri announcing the 2024 Update to the Evaluation of Corporate Compliance Programs.

Categories
FCPA Compliance Report

FCPA Compliance Report: Vince Walden on Leveraging Data Analytics for Effective Compliance Monitoring

Welcome to the award-winning FCPA Compliance Report, the longest running podcast in compliance.

In this edition of the FCPA Compliance Report, Tom Fox welcomes back Vince Walden, founder of KonaAI. Vince reports on the 2024 Update to the Evaluation of Corporate Compliance Programs. (Today’s episode is a cross-posting from Data Driven Compliance.)

Walden, a distinguished expert in compliance data analytics, actively participates in industry forums such as the Society of Corporate Compliance and Ethics annual summit in Grapevine, Texas. He advocates for compliance professionals to have ample access to relevant data sources, enabling them to monitor and test policies, controls, and transactions effectively. Walden stresses the importance of AI developers being vigilant about potential biases and public harm, aligning with the Department of Justice’s stance on accountability. He advises compliance practitioners to collaborate with internal audit and finance teams to ensure they have the necessary transactional data for comprehensive risk assessments, highlighting successful, cost-effective implementations like those at Albemarle as models for gradual, data-driven compliance program adoption.

Highlights in this Episode

  • Data-Driven Compliance for Cost Savings
  • Enhancing Compliance through Advanced Data Analysis
  • Identifying High-Risk Areas for Data Analytics
  • Proactive Risk Mitigation through Real-Time Monitoring
  • ROI-driven Compliance Programs with Data Analytics

Resources

Vince Walden on LinkedIn

KonaAI

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the Ethico Toolkit for Middle Managers, available at no charge by clicking here.