Author: admin

Categories
FCPA Compliance Report

Pamela Fierst-Walsh on Responsible Sourcing


In the Episode, I have back Pamela Fierst-Walsh, Senior Advisor for Conflict & Critical Minerals, Bureau of Economic and Business Affairs, U.S. Department of State. Pamela joins me to discuss the responsible sourcing initiatives from the former Administration and where we may be headed under the Biden Administration.
Some of the highlights include:

  1. What are your job duties as a Senior Advisor for Conflict & Critical Minerals, Bureau of Economic and Business Affairs, U.S. Department of State?
  2. What is responsible sourcing?
  3. What is the public/private partnership around this issue?
  4. Why is this seen as a national security issue?
  5. Is there an Executive Order on domestic supply chains relying on critical mineral sourcing from foreign Adversaries?
  6. What is the process for considering this issue? Are there plans in the works to deal or remedy this?
  7. What, if any, changes do you expect under the Biden Administration?
Categories
Daily Compliance News

February 1, 2021, the Big Boys edition


In today’s edition of Daily Compliance News:

  • The Big Boys dance to a potential Exxon/Chevron Merger? (WSJ)
  • Facebook finally gets a CCO. (WSJ)
  • Did Trump Administration so eviscerate the SEC it can’t respond to GameStop. (WaPo)
  • Ghosn Lt. on trial in Japan. (FT)
Categories
31 Days to More Effective Compliance Programs

Day 31 | Using a root cause analysis for remediation


The 2020 Update re-emphasized the need for both performing a root cause analysis but equally importantly using it to remediate your compliance program. It stated, “a hallmark of a compliance program that is working effectively in practice is the extent to which a company is able to conduct a thoughtful root cause analysis of misconduct and timely and appropriately remediate to address the root causes.”
It went on to state, what additional steps the company has taken “that demonstrate recognition of the seriousness of the misconduct, acceptance of responsibility for it, and the implementation of measures to reduce the risk of repetition of such misconduct, including measures to identify future risk”).”
The key is that after you have identified the causes of problems, consider the solutions that can be implemented by developing a logical approach, using data that already exists in the organization. Identify current and future needs for organizational improvement. Your solution should be a repeatable, step-by-step processes, in which one process can confirm the results of another. Focusing on the corrective measures of root causes is more effective than simply treating the symptoms of a problem or event and you will have a much more robust solution in place. This is because the solution(s) are more effective when accomplished through a systematic process with conclusions backed up by evidence.
When you step back and consider what the DOJ was trying to accomplish with its 2020 Update, it becomes clear what the DOJ expects from the compliance professional. Consider the structure of your compliance program and how it inter-relates to your company’s risk profile. When you have a compliance failure, use the root cause analysis to think about how each of the structural elements of your compliance program could impact how you manage and deal with that risk.
Three key takeaways:

  1. The key is objectivity and independence.
  2. The critical element is how did you use the information you developed in the root cause analysis?
  3. The key is that after you have identified the causes of problems, consider the solutions that can be implemented by developing a logical approach, using data that already exists in the organization.
Categories
Sunday Book Review

January 31, 2021, the Leadership edition


In today’s edition of Sunday Book Review:

Categories
31 Days to More Effective Compliance Programs

Day 30 | What is a root cause analysis?


One of the biggest changes in the 2020 FCPA Resource Guide is the addition of a new Hallmark, entitled “Investigation, Analysis, and Remediation of Misconduct”, which reads in full:
The truest measure of an effective compliance program is how it responds to misconduct. Accordingly, for a compliance program to be truly effective, it should have a well-functioning and appropriately funded mechanism for the timely and thorough investigations of any allegations or suspicions of misconduct by the company, its employees, or agents. An effective investigations structure will also have an established means of documenting the company’s response, including any disciplinary or remediation measures taken.
In addition to having a mechanism for responding to the specific incident of misconduct, the company’s program should also integrate lessons learned from any misconduct into the company’s policies, training, and controls. To do so, a company will need to analyze the root causes of the misconduct to timely and appropriately remediate those causes to prevent future compliance breaches.
Ultimately, performing a root cause analysis is not simply a matter of sitting down and asking a multitude of questions. You need to have an operational understanding of how a business operates and how they have developed their customer base. Overlay the need to understand what makes an effective compliance program, with the skepticism an auditor should bring so that you do not simply accept an answer that is provided to you, as you might in an internal investigation. As Marks noted, “a root cause analysis is not something where you can just go ask the five whys. You need these trained professionals who really understand what they’re doing.”
Three key takeaways:

  1. A root cause analysis is now required if you have a reportable compliance failure.
  2. There is no one process for performing a root cause analysis. You should select the one which works for you and follow it.
  3. To properly perform a root cause analysis, you need trained professionals who really understand what they’re doing.
Categories
Daily Compliance News

January 30, 2021, the RoaringKitty edition


In today’s edition of Daily Compliance News:

  • RoaringKitty speaks. (WSJ)
  • Wells Fargo President pay cut. (WSJ)
  • OFAC ends probe of HB Fuller. (WSJ)
  • BaFin President canned. (WSJ)
Categories
The Affiliated Monitors Expert Podcast

How Ethical Culture is a Part of an Overall Ethics and Compliance Assessment


In this episode, I visit with Jay Rosen, VP of Business Development for Affiliated Monitors, Inc. (AMI). Corporate culture exists in the space between what an organization professes and what it does. In this series Jay and I will be exploring key aspects of corporate culture, including why it matters, what influences culture, the CCOs role in culture, assessing corporate culture and how to use that information to improve culture. In this episode, we consider how an ethical culture is a part of an overall ethics and compliance assessment.
 Highlights include:

  • Begin with framework for such an assessment, usually the compliance program itself.
  • Is your training both focused and effective?
  • Is there institutional fairness in your promotion and compensation programs?
  • Is there institutional justice around reporting, discipline and investigations?
  • Is your compliance program a paper program or is it fully operationalized?
  • Is there accountability in your organization?

For more information see Jay’s blog post How is ethical culture a part of an overall ethics and compliance assessment? on Corporate Compliance Insights.
For more information on Affiliated Monitors, Inc. check out their website here.

Categories
31 Days to More Effective Compliance Programs

Day 29 | Post-acquisition integration plan


Your company has just made its largest acquisition ever and your CEO says they want you to have a compliance post-acquisition integration plan on their desk in one week. Where do you begin? A good place to start would be the 2020 FCPA Resource Guide language:
Pre-acquisition due diligence, however, is normally only a portion of the compliance process for mergers and acquisitions. DOJ and SEC evaluate whether the acquiring company promptly incorporated the acquired company into all of its internal controls, including its compliance program. Companies should consider training new employees, reevaluating third parties under company standards, and, where appropriate, conducting audits on new business units.
The bottom line is that you must train the newly acquired employees, reevaluate third parties under your company standards, and conduct compliance audits on new business units. This process should be based your pre-acquisition due diligence and risk assessment. Moreover, the DOJ and SEC clearly view both the pre- and post-acquisition phases of M&A as tied together in a unidimensional continuum. If pre-acquisition due diligence is not possible, you should review the requirements and time frames laid out in Opinion Release 08-02 or the 2020 FCPA Resource Guide, which noted, “pursuant to which companies can nevertheless be rewarded if they choose to conduct thorough post-acquisition FCPA due diligence.” Whatever compendium of steps you utilize for post-acquisition integration, they should be taken as soon as is practicable.
The earlier you can deploy these steps the better off your company will be at the end of the day. An acquisition that fails for compliance reasons is a preventable disaster of the first order. One need only consider the Latin Node Inc. FCPA enforcement actions where the acquiring company had to write off its entire investment because it had wholly failed to engage in appropriate pre-acquisition due diligence.
 Three key takeaways:

  1. Planning is critical in the post-acquisition phase.
  2. Build upon what you learned in pre-acquisition due diligence.
  3. You literally need to be ready to hit the ground running when a transaction closes.
Categories
Innovation in Compliance

Integrity Matters: Assessing the Corporate Compliance Climate in 2021- Part 5-Preparing Your Company for What’s Next


Welcome to this special podcast series, Integrity Matters: Assessing the Corporate Compliance Climate in 2021, sponsored by K2 Integrity. This week I visit with Bob Brenner, Co-Managing Partner and Chief Legal Officer; Snežana Gebauer, Executive Managing Director and head of U.S. Investigations and Risk Advisory, Americas. Over the week, we will consider various regulatory and enforcement issues with the incoming Biden Administration. Topics include assessing the regulatory landscape resulting from the pandemic, what companies can expect from new administration priorities, anti-bribery/anti-corruption issues and enforcement in 2021. In this concluding Part 5, I am joined by Snežana Gebauer to consider a few key themes and how a company can prepare for what is coming down the road into 2021 and beyond.
For more information go to the K2 Integrity website.

Categories
This Week in FCPA

Episode 237 – the Impeachment Trial Redux edition


As Trump becomes the only person to have 2 impeachment trials, Tom and Jay are back to look at some of the top compliance articles and stories which caught their eye this week.

  1. Beny Steinmetz found guilty for corruption in Guinea mining concession. Imogen Foulkes in the com. Tom take a deep dive on the FCPA Compliance and Ethics Blog. Part 1-Background, Part 2-the Trial, Part 3-the Vale JV, Part 4-Final Thoughts.
  2. Do compliance officers need a peer review? Dick Cassin explores in the FCPA Blog.
  3. Should you have reps and warranties in your compliance terms and conditions? Bill Steinman considers in the FCPA Blog.
  4. 7 key changes to CA privacy laws. Andrew Burt in Navex Global’s Risk and Compliance Matters.
  5. A Significant ruling on HIPPA out of the 5th David Saunders and Allison Glover in NYU’s Compliance and Enforcement.
  6. Is an increase in SEC enforcement coming? Morgan Lewis lawyers in Harvard Law School Forum on Corporate Goverance.
  7. Why is FCA compliance so critical? Mike Debernardis in CCI.
  8. How to investigate a 60MM document case? Michael Dempsey in the BBC.
  9. On The Compliance Life, Gwen Hassan- Director of Compliance at CNH Industrial is back for her fourth and final episode. In it, Gwen explains her passion around fighting the international scrourge of human trafficking. Check out the episode here.
  10. This month, on 31 Days to a More Effective Compliance Program, I look back over 2020 and set out some of the key enhancements you need to do for your compliance program in 2021. Day 23 | Assessing compliance internal controls; Day 24 | Updates and feedback; Day 25 | CCO authority and independence; Day 26 | the role of compliance in an organization; Day 27 | operationalizing compliance though payroll; Day 28 | Continuous Improvement; Day 29 | Internal Reporting. Note 31 Days to a More Effective Compliance Program now has its own iTunes channel.
  11. A new AMI podcast is out, Integrity Through Compliance. It will have AMI’s expert observations and guidance in the fields of ethics, antitrust, healthcare, government contracting, corporate governance, cybersecurity, construction, telecommunications, consumer protection and more.In this first episode, AMI founder Vin DiCianni visits with AMI MD Jerry Coyne the future of telehealth & home healthcare during a pandemic and beyond. Check it out here.
  12. Join K2 Integrity and the AIBACP for a webinar on February 17—National Defense Authorization Act: AML Compliance Implications and Priorities for the Banking Industry. Information and Registration here.
  13. Compliance Week is accepting nominations for its Excellence in Compliance Award. Submit your nominee here.
  14. Join the Baker Tilly Fraud 1st Annual Fraud and Compliance Summit, Tuesday, Feb 23, 2021, to Thursday, Feb 25, 2021. Details and registration here.

Tom Fox is the Compliance Evangelist and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.