Categories
Greetings and Felicitations

Understanding Lyme Disease – Episode 6, Capstone Wrap up


Scott Endicott and Ben Locwin with host Tom Fox are back for this concluding capstone episode in the Understanding Lyme Disease Podcast series. In this episode, they talk about the most current developments in Lyme Disease treatment, what’s new in diagnostic treatments and what is on the horizon for both treatments and Lyme Disease patients.
Resources
Scott Endicott | LinkedIn
Ben Locwin | LinkedIn | Twitter
American Lyme Disease Foundation www.aldf.com
 LymeDisease.org
International Lyme and Associated Diseases Educational Foundation ILADEF
International Lyme and Associated Diseases Society

Categories
Blog

Crisis Week: Part 3 – Compliance Resiliency

Perhaps the most prescient comment I heard during the height of the pandemic came from Jed Gardner, Group Director of Transformation at Linedata, which was that we have moved from disaster recovery to business continuity to business as usual. It appears that not only was the comment correct but now we are moving in the business world from crisis to crisis to crisis. This month’s Harvard Business Review magazine dedicated its Big Idea Series to the topic of crisis. Over this short week I am exploring what this new reality means for the compliance professional. Monday we looked at compliance as a trip wire to alert businesses a crisis is on the horizon, through the article A New Crisis Playbook for an Uncertain World. Tuesday, through the article Building a Culture That Can Withstand a Crisis, we considered the role of culture in dealing with a crisis.
Today we consider how to make sure your compliance program is resilient. Our starting point for today is the article 6 Types of Resilience Companies Need Today by Paul Polman and Andrew Winston. As every compliance professional knows, resilience must be built into every compliance program. The reason is simple, in today’s volatile and uncertain world, corporate compliance programs will face many crises. It could be a Foreign Corrupt Practices Act (FCPA) violation, but it could also range from a natural disaster which destroys property and disrupts operations, to the discovery of human rights abuses in a supply chain which breaks consumer trust earned over years. It can also range from an activist shareholder who presents a hostile takeover bid which shakes a business to the core to new competitors and technologies upending the industry. As we all know, a global pandemic or a new social justice movement can emerge to change everything.
In their article, the authors looked at decisions made by the multinational Unilever PLC to create both “traditional forms of resilience (financial flexibility, portfolio diversity, and organizational agility) and less-obvious forms (driven by purpose, trust, and stakeholders) that changed the company more deeply, we aim to show how leaders can best prepare for the world ahead.” I have adapted their prescriptions for the Chief Compliance Officer (CCO) and compliance professional.
The traditional building blocks of corporate resiliency include financial flexibility, portfolio diversity and organizational agility which the authors believe are “essential preparation for sudden shocks and long-term crises.” Compliance must contribute to getting and keeping businesses moving, as “only companies with already healthy balance sheets can weather such storms.” Obviously in your compliance portfolio there must be a variety of agents on the sales side which are fully vetted and approved. The same is now true on for vendors in the Supply Chain. That is one of the key features in the five steps in the lifecycle of third-party risk management. If one step cannot be fully utilized, it does not mean you cannot use that third-party, it just puts more pressure on the other steps. In other words, greater risk management resiliency. Compliance function agility lends itself to structural changes to build organizational-wide compliance resilience, with the compliance function getting faster feedback from regions about what is working and where more compliance resources need to be delivered. Through this approach you can identify possible problems before they become crises.
The authors real insight comes from what they see as the “larger opportunity is in making a company more broadly crisis-resistant for the long term, because doing so serves multiple stakeholders — not just shareholders. We argue that the strongest organizations today and in the future will thrive by giving more than they take from the world. We call this kind of company “net positive” because it seeks to improve the well-being of everyone it touches through its operations, value chain, products, services, and influence. Organizations that have a clear purpose, build strong relationships that reinforce each other, and amass a reservoir of trust will have deeper sources of strength when they need them most.” That sounds like exactly the function of a CCO and corporate compliance program.
Purpose
A company that knows its reason for being, and consistently backs it up, is both tougher and more flexible during a crisis. If this is not a mere add-on but strategy your company will be exponentially stronger. Here compliance plays a, if not the, key role in communicating a corporate strategy of not simply doing business ethically and in compliance but also following the outline laid out in the Business Roundtable’s Statement on the Purpose of a Corporation by listening to and incorporating information from all stakeholders in an organization. Of course, building out internal controls fully as laid out in the COSO 2013 Framework for Internal Controls can build out the backbone of this effort.
Trust
Trust is an absolute key for any compliance program. You must build trust through institutional justice and institutional fairness. But now take that same concept and apply it out to all your stakeholders. It may require a level of transparency your organization has not previously engaged in but through trust you will be able to foster an entire culture of not simply speak up but also listen up. As the authors note, “Transparency is a great tool to ensure consistency and engender trust. Rather than rebelling against tough questions and pressure, business leaders should embrace them and use them to build a stronger organization.”
Engage All Stakeholders
I have mentioned the Statement on the Purpose of a Corporation several times. Most compliance functions typically do not deal directly with all stakeholders. Now imagine if they led such an effort, from a corporate culture perspective. The authors believe, “Net-positive companies build better connections with stakeholders besides employees as well.” If compliance can help to engage a wide variety of stakeholders, those same stakeholders that are engaged through the compliance function, such as through due diligence and contracting; you will likely have a wider variety of stakeholder, “bound by purpose and all trusting and working in partnership with the company, provides a diverse bank of support.” All of this can act as a “large, spread-out root system — not just one anchor but many that can take a lot of pressure.”
When the biggest crises hit, compliance or otherwise, all six forms of resilience help you move quickly and effectively. The authors conclude, “No company can prepare for every outcome, but these six forms of resilience, put together, can provide a serious buffer. They also allow organizations to work in larger coalitions on the biggest issues, such as climate change and income inequality. Net-positive businesses don’t just endure or bounce back from crises; they also anticipate and prevent them.” All of these strategies are not simply in the compliance wheelhouse, but they are part of the ever-evolving best compliance regimes. They will make you a better company in times of great change, disruption and upheaval.

Categories
Daily Compliance News

November 24, 2021 the What Could Go Wrong edition


In today’s edition of Daily Compliance News:

  • Pemex takes over Shell refinery outside Houston. What could go wrong?(Houston Chronicle)
  • Regulators raise cap requirements for bank. (NYT)
  • Pharmacies found guilty in furthering opioid crisis. (WSJ)
  • Fat Leonard talks. (Stars and Stripes)
Categories
Compliance Kitchen

Export Control and the Movement of Contraband


The pandemic has not slowed down the movement of contraband.  The CBP sees record seizures of counterfeit luxury and pharma goods.

Categories
The Ethics and Compliance Library

No Rules, Rules


In this fourth and final episode for 2021 of The Ethics and Compliance Library, host Lauren Siegel explores “No Rules, Rules” by Reed Hastings and Erin Meyer. The book is all about Netflix’s culture, and you guessed it, the lack of rules they have. Many have read the public culture deck that Netflix shared a few years back, but many who have not read this book may not understand it. From generous severance packages to informed captains, the way that Netflix functions is unique. This book lays out how they have built their culture and how that has lead to their success and gives us an inside look at brand we all know so well. Siegel gives an overview and analysis of the book and then interviews Asha Palmer, Chief Ethics and Compliance Officer and EVP of Converge at Convercent by OneTrust. Her interview with Palmer brings the book to life for E&C leaders and challenges us all to think about the industry differently. As always, they continue the conversation in the Converge community.
Lauren Siegel on LinkedIn
The Convercent by One Trust, Converge Community

Categories
Daily Compliance News

November 23, 2021 the High Stakes edition


In today’s edition of Daily Compliance News:

  • What’s behind the Dimon/Musk feud?(WSJ)
  • The stakes for Holmes. (NYT)
  • Civil crackdown on corrupt BODs in China. (Bloomberg)
  • AMLO has little to show in the fight against corruption. (FT)
Categories
Blog

Crisis Week: Part 2 – Building a Compliance Culture to Withstand Crisis

Perhaps the most prescient comment I heard during the height of the pandemic came from Jed Gardner, Group Director of Transformation at Linedata, which was that we have moved from disaster recovery to business continuity to business as usual. It appears that not only was the comment correct but now we are moving in the business world from crisis to crisis to crisis. This month’s Harvard Business Review magazine dedicated its Big Idea Series to the topic of crisis. Over this short week I am exploring what this new reality means for the compliance professional. Yesterday we looked at compliance as a trip wire to alert businesses a crisis is on the horizon, through the article A New Crisis Playbook for an Uncertain World. Today we look at cultures that are built to sustain during a crisis.
Our starting point for today is the article, Building a Culture That Can Withstand a Crisis by John E. Katsos, Jason Miklian, and Patrick L. McClelland. This article is based upon an interview the authors did with Alice Laugher, the head of Committed to Good (CTG), a private company founded in Afghanistan and based in Dubai, that provides specialist staffing and logistics to the humanitarian community. Since the company’s founding in 2006, its clients have included most major humanitarian organizations; it now operates in 26 countries. In 2019 Laugher was awarded the prestigious Oslo Business for Peace Award. In the article, the authors visited with Laugher on “what she and her team have learned about uncertainty through working in crisis zones, and how this might help managers new to the type of crisis leadership our tumultuous time requires.” It turned out she had some very interesting insights for the compliance professional to help a company in times of crisis.
1.When a New Crisis Appears
The most current crisis CTG is facing is in Afghanistan. Here Laugher said, “We navigate a new normal every day. The situation, the rules, the regulations, and the needs of the local population shift constantly. Can you imagine running a business in a place where banks are not operating? Or where corporate accounts are frozen? There is still active fighting and hostility in parts of Afghanistan where we have staff. How do you deliver salaries and make payroll to thousands of employees scattered across the country in such an environment? When the Taliban took over, we were forced to reevaluate our core objectives, achievements, and progress.” She said it “test[s] how strong our relationships with our staff, clients, and partners really are. We ride the waves together. It’s as simple as that. We share the same goal: to build humanitarian projects so that aid can get to the people who need it no matter the danger or challenge involved in getting it there.”
Compliance Lesson
Everyone in your compliance function must be on the same page. If an ethical issue arises, everyone must know what the corporate response should be; that is, we will only do business ethically and in compliance with not simply our policies and procedures but our culture and mission. So, are you communicating that message? Here I recall Louis Sapirman when, when he was Chief Compliance Officer (CCO) at Dun & Bradstreet, used the phrase Do the Right Thingto communicate the culture and values of the organization as it navigated a Foreign Corrupt Practices Act (FCPA) enforcement action. Does your compliance function and indeed entire organization have such a succinct, forceful and clear statement of culture values?
2. Uncertainties During a Crisis
When asked about dealing with uncertainties during crisis, Laugher said, “Each country is radically different, but preparation goes a long way everywhere we operate. You have to navigate local laws, some of which may be unpublished. In one country, the tax law is from 1921, so it certainly cannot be found easily and downloaded from the internet! And meeting tax obligations — something that is considered a back-office task — has much more serious consequences in conflict zones.”
Compliance Lesson
Here the lesson is you must have local compliance support ready and able when called upon by the business team or the greater organization. If you cannot have your compliance team embedded in high-risk areas, you should have local compliance assets trained to provide such support. A Regional Compliance Committee can be of great assistance here as they will have an ear closer to the ground. Indeed, Laugher noted, “it’s so important to have local staff members as part of your core team. They can help navigate the nuances and sensitivities of their country, and they have a deep understanding of their environments, a level of insight that can’t be matched by outsiders no matter how much research they do.”
It’s Really About Culture
Laugher believes that the culture at CTG drives the entire organization. She stated, “We have a culture that encourages people to go the extra mile because of the value of the work that we are enabling. We believe in what we are helping to deliver. Our people share a fundamental desire to make a difference and help those in need. Everyone trusts that we will jointly make the right decision for security and safety based on local knowledge and information, while still getting the job done. CTG is not a “look to the CEO for the answer” culture. I don’t pretend to have all the answers. Instead, we work together to find solutions to complex problems.”
Compliance Solution
Once again you have to drive your compliance message throughout the organization. Even when you do not have the answer immediately, compliance should be seen as a function to go to when you need to solve a problem. This is not simply being Dr. No from the Land of No but affirmatively being seen as a business enabler. As Laugher stated, “We embed it in everything we do.” As a CCO you should do so as well.
4. The Speed of Change
Covid-19 highlighted the speed of change. In literally a few days, companies had to figure out how to do business remotely, literally across the world. CTG was no different. How are you going to respond to the speed of a crisis, such as one that might damage your organization’s reputation in literally days across the world? Laugher said, “We have several plans of action as part of our day-to-day business in each country. Nonetheless, a lot of times our emergency plans do have to be used. So, we must remain versatile at both the local and leadership levels, and our culture and the trust we have in our team approach are essential.”
Compliance Lesson
Long term preparation is the key. Not only should you have plans in place, but have you cultivated and built relationships? Do you have relationships with the local, regional and state communities you are working, do you have relationships with both your outside sales agents and Supply Chain vendors who all may well be a part of the solution you need to have to activate? But building those relationships take time, effort, and care. You cannot start during the throes of a crisis; you must do so now.
The bottom line that the time to prepare for a crisis is now. Learn to work together as a team. As a CCO you will have to rely on your entire compliance team, from the most junior to the most senior. Know everyone and everyone’s role before crisis hits. Know who your key resources and assets will be throughout your company if you need to call upon them. Built up that trust with internal and external stakeholders.

Categories
Compliance Kitchen

Cambodia Business Advisory


OFAC issues Cambodia Business Advisory on High-Risk Investments and Interactions.  Stop by for more detail.

Categories
The ESG Report

Board Role in ESG


 
Tom Fox speaks on the role of boards and management in ESG in this episode of the ESG Report. He was inspired by a recent article in the Harvard Law School Forum on Corporate Governance, written by Jurgita Ashley, Randi Van Morrison, et al., entitled ESG Governance: Board and Management Roles & Responsibilities
 

 
Oversight
The board has the responsibility of oversight in ESG matters, which can include issues running the gamut from human capital to climate change to the supply chain. “There is no consensus right now on key topics or issues encompassed under the ESG categories,” Tom tells listeners. Each stakeholder may have their own criteria about what they see as a priority, but they all want to see “demonstrable and verifiable results”. More companies want to see enhanced board oversight and management responsibility for business-relevant ESG issues, but there is no universally accepted approach on how to structure board oversight as it depends on varying factors across organizations. “Key for companies,” Tom remarks, “is to develop an oversight structure with accountability – which can include both corporate charters and corporate governance guidelines as well as internal processes and procedures – which are appropriate for your organization.” The next step is to develop corresponding disclosures to inform investors and stakeholders how the board is overseeing these issues, he continues. 
 
Board Oversight Approaches
Tom shares ways ESG oversight responsibilities can be allocated within the board, including:

  • Full board oversight – suitable for smaller companies or smaller boards. This approach raises the profile of ESG in the company; however, ESG issues may not be fully examined or addressed for lack of time on the board’s agenda.
  • Mix of full board and committee oversight – the full board has oversight on the most significant ESG matters, and other matters are dealt with by appropriate standing committees who report to the board. “This approach can help integrate ESG considerations into business functions,” Tom points out.
  • Standalone ESG committee – this approach allows for regular and in-depth discussions of ESG considerations but runs the risk of separating ESG from broader strategic and financial discussions. If you choose this approach, Tom advises, include chairs from other representative committees.
  • Multiple existing board committees for oversight of discrete ESG matters.

 
Reporting to the Board
Many compliance professionals struggle with what and how to report to the board regarding ESG. “I think the first thing to do is assess your Board of Directors’ ESG competencies,” Tom advises. Most board members will need to be trained on their role of ESG oversight. What you ultimately need to report, he points out, are the ESG metrics deemed most significant to the company. There’s also no universal rule on how often to report. The authors of the article agree, however, that “a regular reporting cadence is important in light of the directors’ fiduciary oversight at many companies.” 
 
Resources
Tom Fox email
FCPA Compliance and Ethics blog
Article: ESG Governance: Board and Management Roles & Responsibilities
 
 

Categories
FCPA Compliance Report

John Davis and James Tillen on WPP


In this Episode of the FCPA Compliance Report, I visit with Miller & Chevalier members John Davis and James Tillen. We take a deep dive into the WPP Foreign Corrupt Practices Act enforcement action. Highlights of this podcast include:

  1. What the basic facts?
  2. What were the missed red flags and M&A failures?
  3. When do compliance incentives become perverse?
  4. What were the investigative failures?
  5. What made the Chinese bribery scheme so unusual?
  1. The Peru bribery scheme was across national lines. Does that make it harder to detect?
  1. Where is the DOJ?
  2. Where is the SFO?
  3. How did WPP get a resolution with no monitor?

Resources
John Davis
James Tillen