Author: admin

April 19, 2023 – The Clarence Thomas Corruption Edition

Post author By admin
Post date April 19, 2023
No Comments on April 19, 2023 – The Clarence Thomas Corruption Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories Include:

Clarence Thomas and corruption at Supreme Court. (Politico)
Customers want less products made in China. (FT)
Cognizant Tech former execs challenge investigation. (Reuters)
SFO pushes on charging Glencore traders. (Bloomberg)

Tags Clarence Thomas, Cognizant Technologies, corruption, DOJ, Glencore, SFO, Supreme Court

31 Days to More Effective Compliance Programs

Day 12 of One Month to Better 3rd Party Management – Auditing of Third Parties

Post author By admin
Post date April 18, 2023
No Comments on Day 12 of One Month to Better 3rd Party Management – Auditing of Third Parties

Auditing third parties is critical to any best practices compliance program and an important tool in operationalizing your compliance program. This is a key manner in which a company can manage the third-party relationship after the contract is signed and which the government will expect you to engage in going forward. As stated in the 2020 Update, under the section entitled, Management of Relationships, is the following query: Does the company have audit rights to analyze the books and accounts of third parties and has the company exercised those rights in the past? This means you must not only have audit rights but also exercise them.

Three key takeaways:

1. Be prepared.

2. It is not an investigative interview but an audit interview.

3. Listen, listen, and listen.

Tags audit, auditing, best practices, compliance, compliance programs, Third parties

SBR - Authors' Podcast

Jon May ‘Who Says You Can’t’

Post author By admin
Post date April 18, 2023
No Comments on Jon May ‘Who Says You Can’t’

Welcome to the Sunday Book Review, the Authors Podcast! On this episode, Tom as he welcomes Jon May, a seasoned compliance expert and author of the book “Who Says You Can’t?” to this week’s episode of Sunday Book Review-Author’s Edition.

In this engaging podcast, Tom and Jon discuss their favorite cases, including John Adams’ defense of British soldiers in the Boston Massacre and the tactics used to establish their innocence. They also cover topics such as fraudulent activity, white-collar criminal defense, and discussing the delicate balance between protecting civil liberties and fighting criminal activity. Jon’s unique perspective and experience in the field make for an informative and thought-provoking discussion you won’t want to miss. Tune in now to gain insights into compliance and to learn more about Jon’s book and practice.

Tune into Sunday Book Review-Author’s Edition for an exceptional conversation about how to live according to values and make great things happen. This fascinating podcast will surely bring insights, discussion, and knowledge to the forefront. Don’t miss Sunday Book Review-Author’s Edition and get an insightful look into the power of living out your values.

Key Highlights Include

· Jon May’s Career and Compliance Interest

· Motivation for Writing and John Adams’ Defense

· Jury selection and criminal defense strategies

· Corporate executives and prosecution

Notable Quotes

1. “Over and over again, it is a master class in how to do a closing argument.”

2. “In each of my articles, I found a different tactical problem that I tried to develop the best practices for where they weren’t any best practices.”

3. “Adams found the perfect way of having the jurors see what was facing the soldiers, what how the mob looked to the soldiers looking through their eyes so that they could feel the chunks of ice being thrown.”

4. ” If Tom Fox said yes that I put it in a book, hey, you know, he has that much confidence in me.”

Resources

Jon May

On Creative Criminal Defense Consultants

Who Says You Can’t: Strategy and Tactics for Becoming a More Creative Criminal Defense Lawyer

Tom Fox

Tags Boston Masscre, FCPA, Jon May, Who Says You Can't

Innovation in Compliance

Building Trust Through Compliance with Girish Redekar

Post author By admin
Post date April 18, 2023
No Comments on Building Trust Through Compliance with Girish Redekar

Building trust is a key component of any successful business, but in today’s world, trust is increasingly linked to compliance. On this episode of Innovation in Compliance, Tom Fox hosts Girish Redekar, co-founder and CEO of Sprinto. Girish shares his insights on the overwhelming nature of compliance, the benefits of frameworks like SOC 2 and ISO 27001, and the importance of building trust through compliance.

Girish Redekar is the co-founder and CEO of Sprinto, a software company that provides an automated solution for achieving and maintaining compliance for other software companies. Girish is a software engineer by trade and has a wealth of experience in running and managing software businesses. Prior to founding Sprinto, he ran a software company called Recruiter Box, where he wrote a bulk of the early code and managed teams, as well as ran product marketing.

You’ll hear Girish and Tom discuss:

Going through the compliance process can help companies holistically view their organization and think about what it really takes to secure the data that they are handling on their customers’ behalf.
Sprinto translates SOC 2 and ISO programs into specific security practices to run in your company and automate those practices, which can make it ten times faster and a lot less overwhelming.
Frameworks like SOC 2 and ISO 27001 provide a standardized form of building a security program that both companies and customers can trust. “What that means is that if I claim that I am SOC 2 compliant and I can provide documentation to the same, you as my customer can actually trust the documentation and have some assurance that I do indeed run these security practices,” Girish remarks.
The compliance stack is a list of tools that you would use to become compliant, or maintain a security posture.
Sprinto’s security and compliance platform includes risk management, compliance management, vulnerability management, and incident management features.
A compliance command center allows you to look at all manner of security risks through “a single pane of glass”. The command center gives you one place where you can monitor what’s happening in your company and how to mitigate it.
Girish notes that people are often the weakest link in a company’s security and that security leaders worry about employees inadvertently sharing credentials or falling victim to social engineering attacks.
Concerns around cybersecurity are relatively similar across the globe.
Ransomware attacks were a major concern for security leaders in 2022, and cybersecurity insurance is becoming increasingly popular as a means of protecting against such attacks.

KEY QUOTES

“Think of SoC 2 and ISO… they’re no different than SATs. …you write SATs and you have like one score and then that you can use across colleges. SoC 2 and ISO are not very different than that.” – Girish Redekar

“It’s pretty fascinating that a standard should emerge out of just the way people want to build trust in the way they do business.” – Girish Redekar

“…the way I think about a compliance command center is nothing but a single pane of glass where you get to see exactly what your security and your compliance posture is, where the gaps are.” – Girish Redekar

Resources

Girish Redekar on LinkedIn | Twitter

Sprinto

Daily Compliance News

April 18, 2023 – The Wall Street Reckoning Edition

Post author By admin
Post date April 18, 2023
No Comments on April 18, 2023 – The Wall Street Reckoning Edition

Stories we are following in today’s edition of Daily Compliance News:

Sex + BMW=gross corruption in Norway. (The Guardian)
Wall Street reckoning coming over Jeffrey Epstein. (NYMagazine)
DeSantis threatens punitive action against Disney. (NYT)
SEC charges Brittrex. (Reuters)

Tags DeSantis, Disney, SEC, Wall Street

Data Driven Compliance

Anil Karmel on Revolutionizing Compliance with RegOps

Post author By admin
Post date April 18, 2023
No Comments on Anil Karmel on Revolutionizing Compliance with RegOps

Data Driven Compliance, hosted by Tom Fox, is a podcast featuring an in-depth conversation about the uses of data and data analytics in compliance programs. In this episode, host Tom Fox visits with Anil Karmel, co-founder of RegScale. They delve into the issue of compliance at scale. They discuss the concept of DevOps and how it can be applied to compliance through a discipline called “RegOps.” It emphasizes automating compliance to create a near-real-time process while providing a good user experience.

As a co-founder of RegScale, Karmel discusses their journey of cultural transformation in compliance, creating an API-centric platform to provide real-time evidence and automated reporting for compliance gaps. We highlight the need for a philosophical change in compliance and discuss the evolving regulatory and business landscape. Don’t miss out on this insightful podcast episode!

Key Highlights

· Scalable Compliance Solutions

· Reg Ops: Applying DevOps to Compliance

· Streamlining Compliance Reporting with Real-time Information

· RegScale: Solving Compliance Challenges for Enterprises

· Modernizing Compliance through Regulatory Operations Approach

Notable Quotes

“Realize this manual paper-based process of trying to demonstrate regulatory compliance is just not something that can be scaled manually.”

“It needs to be easier for the producer and consumer to produce and consume the content.”

“You can present the status of your compliance program, where your gaps are in near real-time, where the associated risks are, and the cost to remediate.”

“Unless there is this transformation of how we do our jobs by leveraging a regulatory operations approach to leverage the best of the machine and the best of the human, we’re already behind the eight ball.”

Resources

Anil Karmel on LinkedIn

RegScale

Tom Fox

Connect with me on the following sites:

Tags Anil Karmel, compliance, data driven compliance, Design Thinking, RegOps, UX

31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program for 3rd Parties-Managing 3rd Party After the Contract is Signed

Post author By admin
Post date April 17, 2023
No Comments on One Month to a More Effective Compliance Program for 3rd Parties-Managing 3rd Party After the Contract is Signed

The building blocks of any compliance program lay the foundations for a best practices compliance program. For instance, in the life cycle management of third parties, most compliance practitioners understand the need for a business justification, questionnaire, due diligence, evaluation, and contract compliance terms and conditions. However, as many companies mature in their compliance programs, the issue of third-party management becomes more important. It is also where the rubber meets the road of operationalizing compliance. It is also an area the DOJ specifically articulated in the 2020 Update that companies need to consider.

Managing your third parties is where the rubber meets the road in your overall third-party risk management program. You must execute this task. Even if you successfully navigate the first four steps in your third-party risk management program, those are in reality the easy steps. Managing the relationship is where the real work begins.

Three key takeaways:

Have a strategic approach to third-party risk management.
Rank third parties based on a variety of factors including compliance and business performance, length of the relationship, benchmarking metrics, and KPIs for ongoing monitoring and auditing.
Managing the relationship is where the real work begins.

Tags 3rd parties, compliance

Corruption, Crime and Compliance

DOJ Mandates Increased HR and Compliance Cooperation

Post author By admin
Post date April 17, 2023
No Comments on DOJ Mandates Increased HR and Compliance Cooperation

The relationship between compliance and HR can make or break a company’s culture of ethics and integrity. The DOJ’s revised Evaluation of Corporate Compliance Program requirements are pushing for greater cooperation and coordination between these two departments to create a robust and effective consequence management system. In this episode, Michael Volkov discusses the implications of these new requirements and emphasizes the need for HR and compliance to work together to achieve a culture of compliance and ethics.

Here are some key ideas you’ll hear Michael discuss in this episode:

The Justice Department is taking a prescriptive approach to mandating greater cooperation between compliance and HR, as there have been too many problems between these departments in the past.
HR and Compliance have joint responsibilities and obligations to achieve a culture of compliance and ethics.
An effective HR and compliance partnership can leverage resources to ensure the overall advancement and success of the company.
Companies must comply with the DOJ’s revised Evaluation of Corporate Compliance Programs and provide compliance with access to data generated across the organization. This is necessary to improve the effectiveness of the company’s compliance program.
DOJ is now requiring companies to maintain a robust and enhanced investigation root cause system to address the specific elements required for a culture of ethics and integrity.
An effective consequence management system can only occur when there is active cooperation and effective coordination between HR and compliance.
The new consequence management system includes financial penalties resulting from clawbacks and deferred compensation schemes that are tied to compliance behaviors and requirements.
DOJ is focusing on incentives and disincentives to enhance individual compliant conduct and overall accountability. Positive incentives include promotions, rewards, and bonuses and disincentives include deferment or escrow of compensation. CCOs need to champion the creation of this system.
CCOs must be seated at the senior executive level of business operations to fulfill DOJ’s expectations for overall consequence management in the disciplinary area.
Companies should consider cross-assignments of business managers to compliance and vice versa to promote career opportunities.
“I have always advocated on behalf of a committee approach or some kind of independent, objective reviewer or the institution that metes out disciplinary actions to ensure consistency,” Michael says.
Senior management must establish a framework for effective coordination and cooperation between HR, senior sales executives, legal, and compliance to achieve a culture of ethics and integrity.
This framework should be empowered to work on behalf of the company to establish organizational justice.

KEY QUOTES:

“The Justice Department is now taking on the role of marriage counselor, not with individual couples, but with the critical corporate relationship – Ethics and Compliance and Human Resources.” – Michael Volkov

“With regard to disciplinary actions, there’s nothing worse, folks, than a disciplinary system that treats similarly situated employees and executives in different ways based upon where they sit or what their sales performance is… Justice has to be blind and consistent here.” – Michael Volkov

“Organizations that throw large contingent payouts for lucrative business contracts or for hitting specific targets should consider the impact of these incentives on sales employees and their ability and incentive to adhere to ethical requirements.” – Michael Volkov

Resources:

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Evaluation of Corporate Compliance Programs

FCPA Compliance Report

Jon May On Defending Individuals in FCPA Cases

Post author By admin
Post date April 17, 2023
No Comments on Jon May On Defending Individuals in FCPA Cases

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, Tom Fox interview well-known curmudgeon and iconoclast Jon May. May, who is not a compliance officer, talks about his approach to the topic, which has caught Tom’s attention. The conversation traverses May’s professional background, discussing Miami’s wild west environment in the 1980s and corruption within the police department. The podcast takes a deep dive into corporate strategy, DOJ’s enforcement policies, and the changes in whistleblower laws. The author provides an exclusive hotline number for listeners to call him and wraps up by describing where to purchase his book! Take advantage of this engaging podcast with the brilliant Jon May, hosted by Tom Fox.

Key Highlights:

· Negotiating with Government in Corporate Criminal Conduct

· Navigating US Sentencing Guidelines for Defense Lawyers

· Pleading Guilty and Self-Disclosure for White-Collar Crimes

· Changing view of whistleblowers and self-disclosure regulations

· Balancing Crime Fighting and Civil Liberties

Notable Quotes

“It is the company’s recommendation that they obtain counsel before they are interviewed by the company or the company’s outside counsel.”

“I have, as you know, always been very critical of the government’s care and stick approach to convincing companies to self-disclose.”

“But showing the prosecutor that there’s a very different side requires a great deal of work.”

“You might not get 3 points. You might only get 2 points. But the amount of time you can save by litigating various aspects of sentencing could be years and years.”

Resources

Jon May

On Creative Criminal Defense Consultants

Who Says You Can’t: Strategy and Tactics for Becoming a More Creative Criminal Defense Lawyer

Tom Fox