Categories
Corruption, Crime and Compliance

Five Steps to Enhance Your Sanctions Compliance Program

Is your business prepared to effectively manage and mitigate the risks associated with sanctions compliance in today’s global economic landscape? In today’s increasingly interconnected global economy, sanctions compliance is more critical than ever. Companies around the world face complex regulatory environments and unprecedented risks, requiring a comprehensive and proactive approach to sanctions compliance. In this episode of Corruption, Crime and Compliance, Michael Volkov explores the pressing need to elevate corporate sanctions compliance programs, as well as the renewed focus on enforcement by the Department of Justice, and the practical steps every company must take to meet these evolving challenges head-on.

You’ll hear Michael talk about:

  • Companies must enhance their sanctions compliance programs. Basic programs that simply rely on screening tools are no longer sufficient. Companies need to incorporate comprehensive measures to ensure compliance with evolving sanctions laws.
  • The Department of Justice (DOJ) has escalated the enforcement of national security crimes, demonstrating a renewed focus on sanctions compliance. This shift necessitates a proactive response from companies to mitigate potential risks.
  • The OFAC has outlined five crucial elements for an effective sanctions compliance program: management commitment, risk assessment, internal controls, testing and audit, and training. Companies should familiarize themselves with these elements and incorporate them into their existing compliance programs.
  • Risk assessment is a crucial first step in compliance. Companies must review their operations holistically, assessing all touchpoints with international markets to identify potential vulnerabilities and risks.
  • Geoblocking technology is a valuable tool in sanctions compliance. Working with IT departments to develop comprehensive geoblocking capabilities can help prevent interactions with prohibited individuals or entities.
  • Thorough screening and due diligence processes are imperative, moving beyond just the results of screening tools. This ensures that companies identify and mitigate potential risks associated with sanctioned entities or countries.
  • Companies must implement effective escalation controls to ensure that any red flags identified through screening or due diligence are properly addressed and resolved.
  • End-user verifications and documentation are critical components of a robust sanctions compliance program. These procedures help ensure that the company’s products or services are not being used by sanctioned entities.
  • Annual training for employees and personnel is essential. Tailoring this training to the company’s specific risk profile ensures that all staff understand their responsibilities and the potential risks associated with non-compliance.

 

KEY QUOTES:

“Your company’s survival may depend on your ability to navigate sanctions compliance in an increasingly complex global economy.” – Michael Volkov

 

“It’s not just about checking boxes. We have to understand our touchpoints to the international markets and assess the potential risks. That’s the foundation of an effective compliance program.” – Michael Volkov

 

“Training isn’t a one-and-done task. It’s an ongoing commitment to ensure our personnel understand and can navigate the complex world of sanctions compliance.” – Michael Volkov

 

Resources:

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Categories
All Things Investigations

All Things Investigations: Episode 28 – New French Anti-Corruption Investigative Guidance with Anne Gaustad and Bryan Sillaman

 

The new French Investigative Guidance, jointly introduced by the AFA (Agence Française Anticorruption) and PNF (Parquet National Financier), discusses the appropriate methodology for carrying out internal investigations, specifically concerning corruption-related instances. In this episode of All Things Investigations, law experts Anne Gaustad and Bryan Sillaman join hosts Tom Fox and Mike DeBernardis to provide a detailed overview of the guide, contrasting the similarities and differences with US guidelines, and the implications it holds for US companies.

Anne Gaustad is an accomplished French lawyer and an authority in white-collar crime and compliance matters. With over 15 years of professional experience, Anne’s practice focuses on cross-border investigations and compliance matters, notably regarding corruption, fraud, and money laundering. 

 

Bryan Sillaman is a seasoned American lawyer based in Paris. As a partner at Hughes Hubbard & Reed, Bryan has worked extensively on matters related to the US Foreign Corrupt Practices Act (FCPA), French anti-corruption law (Sapin II), and other international anti-corruption laws. 

 

You’ll hear Tom, Mike, Anne and Bryan discuss:

  • The French Investigative Guidance is not covered by secret professional or French legal privilege, making its contents publicly accessible.
  • The new guide was jointly issued by the AFA and PNF agencies to provide comprehensive guidance on conducting internal investigations.
  • While there are similarities to US guidelines, the French guide incorporates the civil law tradition, stringent labor requirements, data privacy considerations, and whistleblower regimes.
  • The French legal privilege holds an absolute character, and it’s a criminal violation for French lawyers to breach it.
  • The new guide underscores the importance of transparency in data collection during internal investigations.
  • French blocking statutes and GDPR regulations may pose potential challenges to US-based companies.
  • The French guide, while non-binding, provides practitioners with comprehensive instructions for conducting internal investigations.
  • The guide puts a strong emphasis on understanding the nuances of French labor law.
  • The guide also encourages informing interviewees of the voluntary nature of their participation in investigations.

 

KEY QUOTES:

“The French Investigative Guidance represents a significant shift in the internal investigations landscape.” – Anne Gaustad

 

“It’s crucial for American lawyers to grasp the nuances of French labor law and privilege issues.” – Bryan Sillaman

 

“Transparency in data collection during internal investigations is key to avoiding legal repercussions.” – Anne Gaustad

 

Resources:

Hughes Hubbard & Reed website

Anne Gaustad on LinkedIn

Bryan Sillaman on LinkedIn

Guide (in original French)

Categories
FCPA Compliance Report

FCPA Compliance Report – Brad Hibbert on Prevalent’s 2023 3rd Party Risk Management Report

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. Today, Tom visits Brad Hibbert, COO/CSO at Prevalent, as they discuss the surprising findings of Prevalent’s annual third-party risk management study. Discover why so many organizations still rely on spreadsheets and manual processes for managing third-party risks. Brad recommends an integrated approach to third-party risk management that considers the entire lifecycle of the relationship with third parties.

The podcast highlights the top five key findings of the report, including data breaches as the top concern, security driving the program, and the increased involvement of IT in the process. Learn how to minimize cyber exposure and risks associated with third-party management by breaking down silos, automating processes, and focusing on reducing risks associated with third parties. Listen to Brad’s practical advice on how to prioritize risks and plan your risk management program and visit prevalent.net for more compliance mandates and best practices. With exciting insights and actionable advice, this podcast is a must-listen for anyone interested in managing third-party risks.

Key Highlights:

·      Prevalent’s annual third-party risk management study

·      Integrated Third Party Risk Management

·      Top Challenges for Organizations in Data Security

·      Third Party Risk Management Survey and Findings

·      Minimizing Cyber Breaches

·      Effective Response to Breaches and Third-Party Programs

·      Managing Business Risks for Compliance

Notable Quotes:

“The top concern driving third-party risk management programs is security, with 71 percent indicating it as their main priority.”

“Data breaches continue to be a top concern, with 41 percent of the respondents indicating that they were impacted by a third-party data breach in the last 12 months and had to perform some remedial activity.”

“About 70 percent reported increased involvement from the IT group, while 71 percent indicated that infosec owns the program.”

“Identifying and mitigating risks before the company is impacted.”

“Customs put together this enforcement dashboard that contains all of these statistics on how they’ve been enforcing the UFLPA.”

Resources

Brad Hibbert on LinkedIn

Prevalent

3Rd Party Risk Management Report

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

 

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program in Training and Communications – 10 Compliance Training Program Design Objectives

Well-known compliance training guru Shawn Rogers has developed ten design objectives for establishing your compliance program training design objectives. It would be best if you considered doing the same for your organization. Your organization may value other objectives. What the government has told us since the original FCPA Resource Guide back in 2012 is that it expects a well throughout the approach. If you consider your design objectives early in the planning phase, it will not only meet this requirement but also become a roadmap for your program implementation easier. Finally, you can pivot more quickly in this new era as new compliance risks emerge.

Three key takeaways:

  1. What are your design objectives?
  2. They should be dynamic, not static.
  3. You should use them as touchpoints going forward.
Categories
Uncategorized

Farewell to Jim Brown: Compliance and the Regulation of AI

Jim Brown died last week. Although I just saw Brown at the end of his career and at the start of my NFL fandom, he was the best player I ever saw. He is certainly the greatest running back of all-time, even if others have exceeded his yards gained the hard way, on the ground. A multi-sport All-American at Syracuse University, in both football and lacrosse, (and in the HOF for both sports) Brown played for the Cleveland Browns under legendary coach, Paul Brown. According to his New York Times (NYT) obituary, “Brown was voted football’s greatest player of the 20th century by a six-member panel of experts assembled by The Associated Press in 1999. A panel of 85 experts selected by NFL Films in 2010 placed him No. 2 all time behind the wide receiver Jerry Rice of the San Francisco 49ers.” The legendary New York Giants linebacker Sam Huff said of Brown, ““All you can do is grab, hold, hang on and wait for help.”

Brown was equally famous for his life after football where he was an action movie star, most notably (for me) in The Dirty Dozen. More importantly he was a voice of social conscience as well. According to the NYT, “he founded the Negro Industrial and Economic Union (later known as the Black Economic Union) as a vehicle to create jobs. It facilitated loans to Black businessmen in poor areas — what he called Green Power — reflecting his long-held belief that economic self-sufficiency held more promise than mass protests.” He later founded “the Amer-I-Can Foundation to teach basic life skills to gang members and prisoners, mainly in California, and steer them away from violence. The foundation expanded nationally and remains active.”

But I will always remember the highlights of the greatest running back ever; breaking tackles and outrunning all defenders to daylight and the end zone.

The Call For Regulation

Brown’s social advocacy informs today’s post about the coming regulation of AI. Last week, we were all treated to the spectacle (yet again) of another tech entrepreneur testifying before Congress, asking them to do their job which they seem to be incapable of doing any longer—passing legislation. Writing the Harvard Business Review, in an article entitled “Who Is Going to Regulate AI? Blair Levin and Larry Downes noted that “OpenAI chief executive Sam Altman said it was time for regulators to start setting limits on powerful AI systems.” They then quoted from his testimony for the following “As this technology advances we understand that people are anxious about how it could change the way we live. We are too…If this technology goes wrong, it can go quite wrong, [with] significant harm to the world.” Altman agreed with lawmakers that government oversight will be critical to mitigating the risks.

 Who Will Regulate AI

There is no shortage of potential government actors who might step in to regulate AI. As the authors note, “First, there’s Congress, where Senate Majority Leader Chuck Schumer is calling for preemptive legislation to establish regulatory “guardrails” on AI products and services. The guardrails focus on user transparency, government reporting, and “aligning these systems with American values and ensuring that AI developers deliver on their promise to create a better world.” The vagueness of this proposal, however, isn’t promising.”

Next is the Biden Administration, which created a White House blueprint for an AI Bill of Rights, last October. Here the authors said, “The blueprint is similarly general, calling for developers to ensure “safe and effective” systems that don’t discriminate or violate expectations of privacy and that explain when a user is engaging with an automated system and offer human “fallbacks” for users who request them.”

Next at the Department of Commerce, the National Telecommunications and Information Administration (NTIA) has begun to explore the “usefulness of audits and certifications for AI systems. The agency has requested comments on dozens of questions about accountability for AI systems, including whether, when, how, and by whom new applications should be assessed, certified, or audited, and what kind of criteria to include in these reviews.”

Federal Trade Commission (FTC) Chair Lina Kahn is looking at AI regulation through an anti-competitive and consumer protection lens “in the direction of the new technology. Kahn speculates that AI could exacerbate existing problems in tech, including “collusion, monopolization, mergers, price discrimination, and unfair methods of competition.” Generative AI, the FTC chair also believes, “risks turbocharging fraud” with its ability to create false but convincing content.” Khan has also express concern of the inherent bias in AI and a discriminatory impact.

Finally, the Department of Commerce is considering creating “a sustainable certification process, or the political clout to get the tech industry to support NTIA’s efforts. Further, as the Department acknowledges, its inquiry is only part of the larger White House effort to create a trusted environment for AI services, an objective that would require previously unseen levels of coordination and cooperation across numerous government silos.”

What Should Compliance Do?

I certainly believe there will be  combination of government action, as the authors note in the “legislative, regulatory, or judicial’ sphere will be a “balancing act of maximizing the value of AI while minimizing its potential harm to the economy or society more broadly.” But as is well known, law advances incrementally while technology evolves exponentially. I agree with the authors that compliance professionals “should take their cue from the Department of Commerce’s ongoing initiative, and start to develop nongovernmental regulators, audits, and certification processes that identify and provide market incentives to purchase ethical and trusted AI products and services, making clear which applications are and are not reliable.”

Categories
Daily Compliance News

Daily Compliance News: May 22, 2023 – The Unexpected Consequences Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition:

  • Uber DEI head put on leave for ‘insensitivity’. (NYT)
  • Some unexpected consequences from mass layoffs. (FT)
  • DeSantis tries to disqualify a federal judge. (Reuters)
  • Epstein threatened to blackmail Bill Gates over an affair. (WSJ)
Categories
Sunday Book Review

Sunday Book Review: May 21, 2023 – The Employee Engagement Edition

In the Sunday Book Review, I consider books that interest the compliance professional, the business executive, or anyone curious. It could be books about business, compliance, history, leadership, current events, or anything else that might interest me. In today’s edition of the Sunday Book Review, we look at books on employee engagement:

  • The Truth About Employee Engagement: A Fable About Addressing the Three Root Causes of Job Misery by Patrick M. Lencioni
  • The Coaching Habit: Say Less, Ask More & Change the Way You Lead Forever by Michael Bungay Stanier
  • Carrots and Sticks Don’t Work: Build a Culture of Employee Engagement with the Principles of RESPECT by Paul L. Marciano
  • The Employee Experience Advantage: How to Win the War for Talent by Giving Employees the Workspaces they Want, the Tools they Need, and a Culture They Can Celebrate by Jacob Morgan
Categories
Daily Compliance News

Daily Compliance News: May 20, 2023 – The More Sweeps Coming Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition:

  • DeSantis doesn’t want Disney business; Disney obliges. (NYT)
  • Tesco CEO to resign for inappropriate behavior. (FT)
  • Montana TikTok Ban not enforceable? (WaPo)
  • More SEC sweeps are coming (Financial Advisor)
Categories
Because That's What Heroes Do

Because That’s What Heroes Do – Picard, Season 3, Episode 10 – The Last Generation

Get ready for an exciting new season of Because That’s What Heroes Do. In it, Tom and Megan review Picard, Season 3, Episode 10, The Last Generation. In this episode, the hosts discuss the thrilling events of the final episode, where the Enterprise and Titan battle the Borg cube. They analyze the Borg’s evolution and their actions’ ethical implications. The hosts speculate the future of the series, including new characters like Sydney, Jack, Raffi, and Seven of Nine, and the return of fan-favorite Q. With insightful commentary and comedic banter, Tom and Megan will keep you entertained throughout the entire episode. Take advantage of the exciting journey of Because That’s What Heroes Do!

Highlights:

  • The Evolution and Motives of the Borg
  • Changelings and assimilation compatibility in Star Trek
  • Seven, Raffi, and Jack are all on the Bridge
  • Farewell to the crew of Enterprise D
  • Reflections on Star Trek: Picard Season Three Finale

 Resources

Megan Dougherty 

LinkedIn

One Stone Creative

Twitter

Tom 

Instagram

Facebook

YouTube

Twitter

Categories
Kerrville Weekly News Roundup

Kerrville Weekly News Roundup: May 20, 2023

Welcome to the Kerrville Weekly News Roundup. Each week, veteran podcaster Tom Fox and his colleagues Andrew Gay and Gilbert Paiz get together to go over a couple of their favorite stories from the past week from Kerrville and the greater Hill Country. Sit back, enjoy a cup of morning coffee and listen in to get a wrap up of the Kerrville Weekly News. We each consider two of our favorite stories and talk about the upcoming weekend’s events which will enjoy or participate in this weekend.

In this episode, Tom and Andrew discuss the following stories which caught their attention over the past week.

·      Tom talks about the Hill Country Youth Ranch and the 100th anniversary of Camp Stewart. He concludes with shout out to the San Antonio Spurs for winning the rights to Victor Wembanyama.

·      Andrew talks about KPUB, Museum of Western Art celebrating 40 years and the power outage caused by a squirrel.

·      Gilbert talks about the election results and the Community Foundation of the Texas Hill Country which provides grants to non-profits.

Resources

Tom Fox on LinkedIn

Gilbert Paiz on LinkedIn

Andrew Gay on LinkedIn

Texas Hill Country Podcast Network

Community Foundation of the Texas Hill Country