Categories
Corruption, Crime and Compliance

The Importance of a Consequence Management System

Transparency, ethics, and compliance are more than just corporate buzzwords; they’re foundational to building trust in today’s global organizations. Consequence management systems encompass elements like transparency, robust employee reporting, protective measures for whistleblowers, and effective internal investigations. These are all essential for maintaining organizational justice, trust, and integrity. In this episode of Corruption, Crime and Compliance, Michael Volkov underscores the value of collecting and analyzing employee reports, the pivotal role of Chief Compliance Officers, and the integration of compliance compensation with consequence management.

You’ll hear Michael talk about:

  • Global companies now recognize the significance of robust consequence management systems, which encompass vital processes from internal investigations to disciplinary actions. A pivotal aspect of these systems is transparency, especially when designing and implementing employee reporting.
  • When it comes to effective employee reporting, a system is more than just a hotline; it involves tracking and addressing concerns in real-time. To foster trust, such systems must operate promptly, fairly, and consistently, ensuring that reporters are protected against obstruction and/or retaliation.
  • Key components of an effective reporting system include:
    • Clear internal communication, which ensures employees feel heard.
    • Foundational support, which bolsters efficiency.
    • Collated reports from diverse sources, which offers insights into the company’s culture and potential risks.
    • Transparency and consistency, as sporadic disclosure can negatively influence employees’ perceptions of a company’s intentions.
  • A CCO’s commitment is reflected when issues are investigated and addressed swiftly and justly. They play a crucial role in collecting and analyzing employee reporting data, as well as educating senior management and boards on the significance of employee reports.
  • Companies need to establish written protocols for internal investigations to ensure that they are conducted fairly and impartially. These protocols should outline the steps that will be taken during an investigation, as well as the rights of the employees involved. The protection of employees and whistleblowers is paramount.
  • An internal oversight committee should be responsible for overseeing internal investigations. Regular reviews ensure that procedures are followed consistently and that there is a focus on quality. Additionally, all investigations should be properly documented and resolved in order to maintain integrity.
  • Compliance and consequence management systems should work together to meet the expectations of the DOJ, promoting corporate citizenship and financial success. 

 

KEY QUOTES

“A true employee reporting system includes reports to supervisors, walk-ins to human resources, walk-ins to legal and compliance, and an automated reporting system.” – Michael Volkov

 

“The real question is whether the company backs up its statement through specific actions. This cannot be accomplished through words, but really only through deeds, through actions. All too often, companies get ahead of themselves. They make these broad pronouncements. They sound good, they pat each other on the back, and they don’t build the essential foundations and infrastructure needed to establish an effective employee reporting system.” – Michael Volkov

 

“As a basic initial requirement, every company should adopt a written internal investigation protocol that is published internally, promoted internally to demonstrate a commitment to transparency, and those protocols and procedures should be followed to the T.” – Michael Volkov

 

Resources:

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Categories
FCPA Compliance Report

FCPA Compliance Report – Mike DeBernardis on the Cognizant Investigation Ruling

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, Tom Fox welcomes back fan favorite Mike DeBernardis, partner at Hughes Hubbard Reed. We take a deep dive into the trial court ruling in the Coburn and Schwartz claim that the Cognizant internal investigation which identified them was run by the DOJ and should be tossed for the lack of federal criminal procedural protections.

A recent district court decision on an FCPA case has significant implications for future investigations. The trial court emphasized the importance of a fully developed record and provided guidance for companies conducting internal investigations while cooperating with the government. The episode emphasizes the need for independent investigations, the distinction between government-directed investigations and cooperation with the DOJ, and the timeline of events that shows the importance of self-disclosure by the company. It also discusses the significance of independent decision-making in corporate investigations and the importance of documenting investigations to build a strong record. The restrictions placed on employee interviews during investigations are also addressed, with a suggestion for clear guidelines and procedures to ensure fair and effective interviews. Overall, the episode highlights the practical implications of the court decision and sets a standard for future investigations in FCPA cases.

 Key Highlights

·      FCPA Pretrial Work

·      Importance of Independent Decision-Making

·      Importance of Documenting Investigations

·      Restrictions on Employee Interviews

·      Investigation world cases

Resources

Mike DeBernardis

Hughes Hubbard Reed

Court Opinion in US v. Coburn

Tom Fox

Instagram

Facebook

YouTube

Twitter

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program: Day 10 – Sales Incentives and Compliance

In the DOJ’s 2023 ECCP, Incentives and Disciplinary Measures it stated:
Incentive System – Has the company considered the implications of its incentives and rewards on compliance? How does the company incentivize compliance and ethical behavior? Have there been specific examples of actions taken (e.g., promotions or awards denied) as a result of compliance and ethics considerations? Who determines the compensation, including bonuses, as well as discipline and promotion of compliance personnel?
When considering how a company could use incentives to further a compliance program and the role of HR in this process, we should also consider how incentives might lead to the converse, as they did in the now-infamous Wells Fargo fraudulent-accounts scandal. When you misalign these two concepts with a faulty sales strategy it can lead to a catastrophic failure, literally costing the company millions of dollars in fines, loss of business and depreciation of shareholder value. Whatever your incentive structure, there will be employees who try to game the system. Some will do it with the tacit or explicit approval of management. You, as the CCO, may be required to act.

Three key takeaways:

  1. Even a benign sales incentive program came become skewed.
  2. A sales incentive program can become high risk or illegal if not properly monitored.
  3. If there is alignment between the strategy, purpose and structure of an incentive system, it often makes the difference between a good and a bad one.

For more information, check out The Compliance Handbook, 4th edition here.

Categories
Daily Compliance News

Daily Compliance News: August 14, 2023 – The Odebrecht Strikes Again Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance brings to you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

  • Grupo Aval settles FCPA enforcement action. (WSJ)
  • What does SCt grant of cert mean? (NYT)
  • Health care corruption sweep in China. (South China Morning Post)
  • SBF headed to jail for witness tampering. Who is next? (Reuters)
Categories
Adventures in Compliance

Adventures in Compliance – Leadership Lessons from The Adventure of the Blue Carbuncle

Welcome to a review of all the Sherlock Holmes stories which are collected in the work, “The Adventures of Sherlock Holmes.” The appeared in the Strand Magazine from July 1891 to June 1892. Over 12 episodes, I will be reviewing each story and mine them for leadership, compliance and ethical lessons. “The Adventure of the Blue Carbuncle” was first published in the Strand Magazine in January 1892 and is included in the collection ‘The Adventures of Sherlock Holmes’.

Summary

The story begins on Boxing Day, when Holmes receives a peculiar old hat from Peterson, the commissionaire. The hat was found next to a Christmas goose, abandoned after its owner had a skirmish with some ruffians. Peterson also found a blue gem in the goose’s crop which turns out to be the “Blue Carbuncle,” a precious stone which was reported missing a few days earlier.

Intrigued by this series of events, Holmes and Watson embark on an investigative adventure. They start by tracing the goose back to a local poultry shop, which leads them to the supplier, who had given the goose as part of a group to a hotel. The hotel staff recognizes the goose and tells Holmes it was given to a Mr. Henry Baker.

When Henry Baker arrives to claim his hat and goose at Baker Street, Holmes realizes that Baker knows nothing about the Carbuncle. Further investigations lead Holmes to James Ryder, a hotel attendant, who confesses his crime after being confronted.

Ryder had persuaded a maid at the Countess of Morcar’s hotel to let him steal the Blue Carbuncle. Fearing detection, he had hidden the gem inside a goose at his sister’s poultry shop, but the bird had gotten mixed up with others, thus ending up with Baker.

At the end of the story, Holmes lets Ryder go, considering him a small, terrified man who will likely not survive a prison sentence. The Blue Carbuncle, a jewel of great value, is recovered, but the story concludes without stating whether it was returned to its rightful owner.

Leadership Lessons

  1. Attention to detail: Sherlock Holmes is known for his attention to detail, and this is evident in “The Adventure of the Blue Carbuncle.” He can solve the mystery by paying close attention to small details that others have overlooked. Leaders can learn from this by focusing on the details and not overlooking anything that could be important.
  2. Problem-solving skills: Holmes is a master of problem-solving, and this is demonstrated in the story as he unravels the mystery of the missing gemstone. Leaders can learn from this by developing their problem-solving skills and approaching challenges with a creative and analytical mindset.
  3. Teamwork: Although Holmes is the main detective in the story, he works with others, including Dr. John Watson, to solve the case. Leaders can learn from this by recognizing the importance of teamwork and building strong relationships with their colleagues.
  4. Adaptability: Throughout the story, Holmes demonstrates his ability to adapt to changing circumstances and adjust his approach as needed. Leaders can learn from this by being flexible and open-minded, and by recognizing that there may be multiple solutions to a problem.
  5. Honesty and integrity: Despite the temptation to keep the valuable gemstone for himself, Holmes returns it to its rightful owner, demonstrating his honesty and integrity. Leaders can learn from this by being honest and transparent in their dealings with others and by upholding their ethical principles.

Resource

The New Annotated Sherlock Holmes

Categories
Sunday Book Review

Sunday Book Review: August 13, 2023 – The Locked Room edition

In the Sunday Book Review, I consider books that would interest the compliance professional, the business executive or anyone who might be curious. It could be books about business, compliance, history, leadership, current events or anything else that might interest me. In today’s edition of the Sunday Book Review, I continue my summer exploration of books on crime. Today, we continue to explore our summer mystery series by looking at 5 top locked room mysteries.

  • The Locked Room by Ellie Griffith
  • Misery by Stephen King
  • A Dangerous Crossing by Rachel Rhys
  • And Then There Were None by Agatha Christie
  • Shutter Island by Dennis Lehane

Resource

Will Dean’s Top Ten Locked Thrillers in Crime Reads

Categories
10 For 10

10 For 10: Top Compliance Stories For the Week Ending August 12, 2023

Welcome to 10 For 10, the podcast which brings you the week’s Top 10 compliance stories in one podcast each week. Tom Fox, the Voice of Compliance brings to you, the compliance professional, the compliance stories you need to be aware of to end your busy week. Sit back, and in 10 minutes hear about the stories every compliance professional should be aware of from the prior week. Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for the compliance professional, all curated by the Voice of Compliance, Tom Fox. Get your weekly filling of compliance stories with 10 for 10, a podcast produced by the Compliance Podcast Network.

  • ABA agrees to new client due diligence rules. (WSJ)
  • US broadens sanctions against Belarus. (WSJ)
  • US, UK & Canada sanction Lebanon ex-central banker. (Reuters)
  • Lawyers say proposed PCAOB will threaten attorney-client privilege. (FT)
  • Federal judge says we need world ABC court. (WaPo)
  • More messaging app non-compliance fines. (WSJ)
  • Albemarle makes FCPA settlement reserve. (WSJ)
  • Catching pandemic fraudsters. (NYT)
  • Anti-corruption Presidential candidate is assassinated in Ecuador. (CNN)
  • Ex-Allianz manager to face $7bn criminal fraud claim. (Reuters)

You can check out the Daily Compliance News for four curated compliance and ethics related stories each day, here.

Connect with Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Kerrville Weekly News Roundup

Kerrville Weekly News Roundup: August 12, 2023

Welcome to the Kerrville Weekly News Roundup. Each week, veteran podcaster Tom Fox and his colleagues Andrew Gay and Gilbert Paiz get together to go over a couple of their favorite stories from the past week from Kerrville and the greater Hill Country. Sit back, enjoy a cup of morning coffee and listen in to get a wrap up of the Kerrville Weekly News. We each consider two of our favorite stories and talk about the upcoming weekend’s events which will enjoy or participate in this weekend.

In this episode, Tom, Gilbert and Andrew discuss the following stories which caught their attention over the past week.

·      Tom discusses Midnight Madness at Tivy High School and the 2023 Inductees to the KISD Sports Hall of Fame. Tom shouts out to the Museum of Western Art and the Billy Schenck works currently on exhibit.

·      Andrew lamented the chopping down of the Founder’s Tree by the Cailloux Foundation. He talked about the heat and need for rain and highlighted last week’s business expo.

·      Gilbert talked about this Tax-Free Weekend and the Community Foundation grants for local non-profits. He said he and his family would be shopping this week for school supplies in anticipation of Monday start of the new school year.

Resources

Tom Fox on LinkedIn

Gilbert Paiz on LinkedIn

Andrew Gay on LinkedIn

Texas Hill Country Podcast Network

Categories
Daily Compliance News

Daily Compliance News: August 11, 2023 – The New DD Rules Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance brings to you compliance related stories to start your day. Sit back, enjoy a cup of morning coffee and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership or general interest for the compliance professional.

  • ABA agrees to new client due diligence rules. (WSJ)
  • US broadens sanctions against Belarus. (WSJ)
  • US, UK & Canada sanction Lebanon ex-central banker. (Reuters)
  • Lawyers say proposed PCAOB will threaten attorney-client privilege. (FT)
Categories
Blog

Navigating Go-to-Market Security and Data Privacy

I recently had the opportunity to visit with Jason Patel, with Cheq.ai, a global leader in go-to-market security. We had the opportunity explore the importance of protecting businesses and customers, leveraging data for marketing strategies, and complying with privacy regulations like GDPR and CCPA.

Patel believes that one of the top mistakes companies make is underestimating the extent of compliance regulations, such as GDPR, and only making surface-level changes. Compliance is a cross-functional requirement that affects operations, marketing, revenue, and customer engagement. It is crucial for businesses to take full responsibility for data protection instead of relying solely on vendors. Lack of visibility and control over data once it enters someone else’s servers is a genuine concern.

When it comes to safeguarding businesses and customers, it is important to have a technology solution that sits in the browser, monitoring data collection and data sharing partners. Such a solution takes into account both company policies and end users’ preferences regarding data tracking and sharing. The goal is to provide a transparent layer that seamlessly operates until a change or new partner needs to be introduced.

Real-time compliance is critical due to the speed of data collection and the need to adapt to evolving technologies and practices. Compliance in this area involves understanding and engaging with end users without resorting to invasive tracking methods. It is about respecting user choices and immediately stopping data collection when requested. This not only ensures compliance but also builds trust and loyalty with customers.

I took a deep dive with Patel into the refinement of laws and regulations regarding businesses and the internet. As the internet becomes an increasingly integral part of society, regulations are being addressed in the digital ecosystem. Clarity on data transfer and identification in the ad tech space is essential. Questions are being raised about how vital services on the web should be governed and managed. Striking a balance between trading data for services and avoiding excessive data trading is a key consideration. Monitoring of these initiatives are critical for any compliance professional in the data privacy space.

Complying with privacy regulations is one of the key challenges of digital marketing organizations in mind. The focus is on controls-driven workflows rather than procedural workflows to maintain efficiency and minimize risks. The gold standard for data privacy protection is GDPR, which shares similarities with other legislation such as the CPRA in terms of data usage, disclosures, and consumer rights. Complying with GDPR can already cover a significant portion of the requirements for other legislations, making it a crucial framework to follow.

Opt-in and opt-out strategies are debated in the United States. While opt-out is preferable for businesses, an opt-in approach, similar to the GDPR model, is more comfortable for end users. The opt-in approach sets up a good compliance posture and encourages meaningful engagement with users. Indeed this standard would appear to be what the rest of the world is moving towards. Technology standards are moving towards responding to consumer choices before legislation catches up.

I see data privacy as a leading issue in the next few years, even up to it being addressed more explicitly at the Board level. Enforcement actions for privacy regulations are only going  to increase. GDPR and CCPA are prime examples of privacy regulations that have been implemented. It is essential for both B2C and B2B businesses to prioritize customer privacy to build trust and maintain a competitive edge. By doing so, such businesses can create a true business differentiator for themselves and compliance professionals can build more trust within corporate organizations. Even if the US Congress continues to be unable to pass national data privacy standard, the EU example of GDPR will continue to be the gold standard for the world and the one to which companies should aim to comply with going forward.

In this insightful conversation Jason Patel and myself have explored the world of go-to-market security, market intelligence security, and customer privacy enforcement. We consider the importance of protecting businesses and customers, complying with privacy regulations, and respecting user choices. By focusing on real-time compliance and engaging with end users, a company can navigate the complex landscape of data privacy and security. As data privacy continues to gain prominence, it is crucial for businesses to stay informed, adapt to evolving regulations, and prioritize the privacy rights of their customers.