Author: admin

Categories
This Week in FCPA

Episode 231 – the 50 Days to Inauguration edition


As TrumpLand continues to live in fantasy and denial, we are on the 50-day countdown to the Biden Inauguration. Tom and Jay are back after the Thanksgiving holiday to look at some of the top compliance articles and stories which caught their eye this week.

  1. Are compliance certifications worth it? Jeff Kaplan thinks so and says so in the FCPA Blog.
  2. Does Zoom portend more FTC enforcement actions? Matt Kelly thinks so in Radical Compliance.
  3. More issues in domestic corruption for pharma? Mike Volkov takes a look in Corruption Crime and Compliance.
  4. Avoiding COIs during the holidays. Rick Burt in Navex Global’s Risk and Compliance Matters.
  5. Did France make U-turn on corporate liability? Lawyers from Debevoise explore in NYU’s Compliance and Enforcement Journal.
  6. Swiss begin SBM Offshore corruption investigation? Jaclyn Jaeger in Compliance Week. (sub req’d)
  7. What is the scope of the FCPA Internal Controls provisions? Lawyers from Shearman & Sterling discuss in JDSupra.
  8. How can a Board of Directors use data? James Howard in the Harvard Law School Forum on Corporate Governance.
  9. A new month is here and a new guest on The Compliance Life. Kim Yapchai, Chief Counsel – Environmental, Social & Governance at Tenneco Inc. In this week’s first episode we consider Kim’s undergraduate degree in economics and how this informed her decisions which led her down the path to the CCO chair. Check out the series here.
  10. My podcast with Mikhail Reider-Gordon on Wirecard was so popular we spun it out into its own series, The Wirecard Saga. Check out the latest episodes here.
  11. On 31 Days to a More Effective Compliance Program, we consider Training and Communications. Tuesday– Introduction to Training and Communications.Wednesday– Social media is a 360-degree communication strategy; Thursday-Using social media to innovate in compliance; Friday– the D&B experience with social media and 360 degrees of communications. Note 31 Days to a More Effective Compliance Program now has its own iTunes channel. If you want to binge out and listen to only these episodes, click here.
  12. On Monday, join Tom, Neta Meidav, CEO, Vault Platform and Maxine Gee, Chief Risk Officer – UK Capital Markets and London Stock Exchange for a webinar on why culture drives compliance. Hosted by the London Stock Exchange. December 7 at 10 AM CT, 1600 GMT. Registration and information here.
  13. On Wednesday, interested in podcasting and the latest information on this great medium? Join Tom and Megan Dougherty, co-founder at One Stone Creative for review of One Stone Creative annual survey of all things business podcasting. December 9 at noon CT/1 PM ET. Details and registration here.
  14. On Thursday, join Tom, StoneTurn partner Stephen Martin and Stephanie Holmes, Director, Solution Consulting, Convercent for a Convercent/StoneTurn sponsored webinar on Using ECP Generated Data for Continuous Monitoring and Continuous Improvement. In this event you will learn what compliance metrics are available to you now. how you can use these metrics to inform each part of your compliance program and how to create a documented, auditable trail of compliance program improvements. It will be held on December 10, 12 noon CT. Details and registration here.
  15. Join K2 Integrity for two great events in December. On Dec. 14, they host a webinar on “Proliferation Financing: Risks, Threats, and Mitigation.” The webinar will explore critical issues around understanding and combatting the financing of WMD proliferation. https://bit.ly/2VujK1O. On December 17, DOLFIN and K2 Integrity’s financial crimes compliance experts will host their latest “Ask an Expert FINQuiry” webinar. Expect answers to questions on topics such as: the latest developments in AML/CFT, sanctions, fraud, anti-bribery and corruption, and export controls; financial integrity risks related to the global pandemic; and regionally focused financial crime risks. https://bit.ly/39zzhFP

Tom Fox is the Compliance Evangelist and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.

Categories
Life with GDPR

SARS and Liability Issues under GDPR

In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. Today, we consider the increase in subject access requests (SARs) and other liability issues under GDPR. Recently, the UK Data Protection Authority, the Information Commissioner’s Office (ICO), issued new guidance on handling SARs. The guidance follows responses from organization of all shapes and sizes however and is clearly an indication of what the ICO is thinking. Cordery also took part in the consultation process for this new guidance. Some of the highlights are:

  1. How much have SARs increased?
  2. Why are there excessive requests?
  3. What are the ways companies can slow things down?
  4. Why are 3rd party portals so problematic?
  5. How does big data make all this more difficult?
  6. Are companies looking at data protection in the due diligence phase of M&A?

Check out the Cordery Compliance, client alert on SARs, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Popcorn and Compliance

Darth Vader, Rogue One and the Myth of the Rogue Employee


In honor of David Prowse, the original actor portraying Darth Vader, I am running a podcast series this week on the intersection of compliance and Star Wars. Today, I consider at the only stand-alone entry in the Star War series, Rogue One. This movie tells the tale of the spies who stole the schematics from the original Death Star and transmitted it to Princess Leia and thereby the Rebel Alliance. Rogue One is the first film in the Star Wars Anthology series, a series of stand-alone spin-off films in the Star Wars franchise. It is not clear where the name of the movie came from; although my personal nomination is that in the attack led by Luke on the original Death Star, his squadron was Rogue Two so the movie title is a tribute to those Rebel Alliance X-wing fighters and their pilots. It informs the myth of the rogue employee.
As long as 25 years ago, Lynn S. Paine wrote about the myth of the rogue employee in the Harvard Business Review (HBR), in an article entitled “Managing for Organizational Integrity. In this article she wrote, “executives are quick to describe any wrongdoing as an isolated incident, the work of a rogue employee. The thought that the company could bear any responsibility for an individual’s misdeeds never enters their minds. Ethics, after all, has nothing to do with management. In fact, ethics has everything to do with management.” How prescient she was in her article.
For it is management who sets the tone throughout the organization, whether that is something along the lines of a wink and a nod towards ethics and compliance or the more ubiquitous miss your numbers for two quarters and you will be history, Paine noted, “More typically, unethical business practice involves the tacit, if not explicit, cooperation of others and reflects the values, attitudes, beliefs, language, and behavioral patterns that define an organization’s operating culture. Ethics, then, is as much an organizational as a personal issue.”
However, a company’s responsibility is more than simply to set the right tone then sit back and do nothing. The drafters of the Foreign Corrupt Practices Act (FCPA) recognized this when they included the requirement for internal controls to be included in the law. For, as Paine said, “Managers who fail to provide proper leadership and to institute systems that facilitate ethical conduct share responsibility with those who conceive, execute, and knowingly benefit from corporate misdeeds.”
Yet the myth of the rogue employee is more than a simple myth. It is also a dangerous myth. It is dangerous because it excuses negligent or intentional corporate behavior. Mike Volkov, in a blog post entitled “The Myth of the Rogue Employee, noted that illegal conduct such as that under the FCPA does not occur “in a vacuum.” He explained “There are other employees with whom the person interacts, there are financial controls in place to protect against such misconduct, there are reporting mechanisms for employees to report suspicious activity, and there is likely to be someone in the organization who is close enough to the bad actor, or responsible for the conduct of the bad actor, and who suspected or should have suspected that the actor was engaged in misconduct.” Moreover, the more sophisticated the scheme, the more actors are involved and the more controls are overridden or disregarded as he explained, “As the misconduct becomes more complicated, like in the case of bribery or antitrust violations, where such schemes require additional actors or raise red flags or where others are in a position to know or suspect that misconduct may have occurred”.
The three basic tenets of a best practices compliance program are to prevent, detect and remedy. By claiming employees who engage in bribery and corruption have ‘gone rogue’; companies are attempting to divest themselves of responsibility for actions from which they benefit, particularly if the bribery and corruption generated business sales and revenue.

Categories
The Walden Pond

Compliance Predictions for 2021 with Aaron Nicodemus of Compliance Week


Aaron Nicodemus is a staff writer and reporter at Compliance Week. He joins Vince Walden to discuss the recent report authored by COSO and to share new recommendations for managers and executives to manage compliance risks.

Internal audit professionals would be the compliance professionals most familiar with COSO, as they set the guidelines for Sarbanes-Oxley internal controls compliance. The report, titled “Compliance Risk Management: Applying the COSO ERM Framework,” was like a collaboration between accountants and attorneys, according to Vince. 
Compliance should not be viewed as a low-level function, Aaron remarks. Rather, it should be viewed as a strategic partnership with a business to run their operations and initiatives according to the rulebook, in order to avoid missteps and minimize risk. 
Resources
Aaron Nicodemus on LinkedIn | Twitter
ComplianceWeek.com
COSO report: Elevating compliance leads to more informed decision-making

Categories
Daily Compliance News

December 3, 2020-the Cohn Fights to Keep Money edition


In today’s edition of Daily Compliance News:

  • Tom Sporkin appointed to Managing Director Enforcement at CFPB. (net)
  • Chinese companies to face more scrutiny in new legislation. (NYT)
  • SF utility chief pulled over corruption allegations. (NYPost)
  • Gary Cohn fights Goldman clawbacks. (FT)
Categories
The Wirecard Saga

Discrepancies, Discrepancies, Discrepancies


Welcome to the latest edition to the Compliance Podcast Network, The Wirecard Saga. In this series, I am joined by Mikhail Reider-Gordon, Managing Director of Institutional Ethics & Integrity at Affiliated Monitors.  In this episode, we take a deep dive into the many and varied discrepancies in all aspects of the Wirecard fraud and investigation.
Some of the highlights include:

  • Weekly news wrap-up on Wirecard;
  • Markus Braun Stonewalls and Disassociates; Is he really the victim here?
  • Why do Dork delusions abound?
  • Why is the Bundestag IC so peeved?
  • Bellenhaus to Sing Like a Canary?
  • Why is there such an Accumulation of Abnormalities?
  • Auditors Fined for Clenching in the Clutch;
  • Audit Reforms Proposed;
  • More on the German and EU-wide political fallout;
  • Bafin Backfooted; and
  • Ocap seeks an allowance because it believes it is owed money!
Categories
31 Days to More Effective Compliance Programs

Social media is a 360-degree conversation


What is the message of compliance inside of a corporation and how it is distributed? In a compliance program, the largest portion of your consumers/customers are your employees. Social media presents some excellent mechanisms to communicate the message of compliance going forward. Many of the applications that we use in our personal communication are free or available at very low cost. So why not take advantage of them and use those same communication tools in your internal compliance marketing efforts going forward?
There is much to be learned by the CCO and compliance practitioner from the disciplines of marketing and social media. These concepts are useful to companies in getting their sales pitches out and can be of great help to you in collaborating and marketing throughout your company. These are only some of the tools that you can incorporate into your compliance program going forward and are a different way to think about who your customers are and how you are reaching them with your message of doing compliance.
Three key takeaways:

  1. Let your employees know what you stand for.
  2. Celebrate not only successes but even employees’ efforts.
  3. Give employees a tool kit for compliance using social media.
Categories
Compliance and Coronavirus

Tori Reichman on in the increase of cyber-bullying during COVID


Welcome to the one of the newest additions to the Compliance Podcast Network, Compliance and Coronavirus. In this episode, I am joined by Tori Reichman, the Vice President-Commercial at Vault Platforms. We discuss the importance of a creating trust around a speak up culture during COVID and the rise of cyber-bullying and what companies can do to stop this activity.
Resources
VaultPlatform.com
Vault Platform on LinkedIn | Twitter
Tori Reichman on LinkedIn
tori@vaultplatform.com
Create a healthy cyberculture: Stop bullying at work

Categories
Great Women in Compliance

Lynn Haaland, Caring and Compliance


Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley.
What’s it like entering a company suddenly in the limelight during a global pandemic?  Find out as Mary Shirley speaks with Lynn Haaland about her role at Zoom as Chief Compliance and Ethics Officer and Chief Privacy Officer as well has her fascinating experience working for the DOJ, on boards and Compliance program contributions at PepsiCo.
During this episode we also get to hear the Zoom origin story, as well about how Lynn lives one of the company’s  values of “caring”.
Join us for these topics and more!
Have you heard that Lisa and Mary have published a book?  Yes, you can get your very own copy of “Sending the Elevator Back Down: What We’ve Learned From Great Women in Compliance” (CCI Press, 2020) on Amazon right now!  Enjoyed your copy?  Don’t forget to leave a review!
Join the Great Women in Compliance community on LinkedIn here.

Categories
Compliance Into the Weeds

A Mayor, Covid-19 and Leadership


Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode Matt and Tom go into the weeds to look at the actions of Denver Mayor, Michael Hancock. Just before Thanksgiving he told folks to stay at home to avoid Covid-19 transmission and then promptly traveled to Mississippi for the Thanksgiving holidays. Some of the issues we consider are:

  • Is there always an inherent conflict in a human leader?
  • How do leaders rationalize misconduct?
  • What are the dangers when they do so?
  • Do as I say, not as I do. Are we all simply our parents?
  • What is the role of compliance?
  • How do Hancock’s actions fit into the Fraud Pentagon?

Resources
For more information see Matt’s blog post:
More Misadventures in Leadership 
For more information on the Fraud Triangle see Jonathan Marks’ blog post:
Fraud Pentagon