Author: admin

Categories
This Week in FCPA

Episode 215 – the Something’s Burning edition


As the Chinese Consulate burns papers after its closure, Tom and Jay brave the surge in Covid-19  cases by staying safe at home. They are back to look at top compliance articles and stories which caught their eye this week.

1.     More compliance guidance from OFAC. Dick Cassin reports in the FCPA Blog.

2.     First ComEd fined $200MM in Illinois, then Speaker of Ohio House charged in massive state corruption probes. Matt Kelly in Radical Compliance on Illinois. Julie Wernau and Katherine Blunt in WSJ on Ohio.

3.     Was Willie Nelson or Patsy Cline crazy? Bill Steinmann says it’s the FCPA year 2020 in the FCPA Blog.
4.     Mike Volkov goes Old Testament about Amazon OFAC sanctions. In Corruption Crime and Compliance.
5.     From 3 Lines of Defense to the 3 Lines Model as the IIA updates its model. Matt Kelly back with a rare double double for This Week in FCPA in Radical Compliance.
6.     Compliance really is a journey. Mary Shirley in CCI.
7.     How is Covid-19 impacting compliance? Jennifer Sun explores in CCI.
8.     The Ethical Revolution in Business. Philip Winterburn and Jane Mitchell in Converge.
9.     This month on The Compliance Life, I am joined by Scott Sullivan, Chief Integrity and Compliance Officer at Newport Mining. In Part 1, we discussed  the need for empathy in a CCO. In Part 2, we looked at reading the tea leaves and staying ahead of the (corp) wolf pack. This week in Part 3, we considered who a CCO needs on their compliance team.
10.  On the Compliance Podcast Network, Tom continues the topic of 3rd party risk management this month.This week saw the following offerings: Monday-the ROI of 3rd party compliance (Linda Justice as guest); Tuesday– 3rd parties as innovation partners (Eric Feldman as guest), Wednesday-3rd party risk expansion; Thursday-termination of 3rd parties; and Friday-distributor compensation. The month of July is being sponsored by Affiliated Monitors.  Note 31 Days to a More Effective Compliance Program now has its own iTunes channel. If you want to binge out and listen to only these episodes, click here.
11.  Great Upcoming Webinars:
K2 Intelligence Fin Webinar with AIBACP: Pandemics to Recession—Finding AML and ABC Synergies in Tough Times, July 30, 2020 at 1:30 PM – 2:30 PM EST; with JoAnn Taylor and Adam Frey. Registration and Information here.
ECI’s Best Practice Forum, a Q&A Session with Brian Rabbitt, Acting Assistant Attorney General for the Criminal Division on the FCPA Resource Guide, 2nd edition, Thursday, July 30, 2:00 – 4:00 p.m. EDT. Registration and Information here.
Tom Fox is the Compliance Evangelist and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.

Categories
Daily Compliance News

July 24, 2020-the From Russia with Love edition


In today’s edition of Daily Compliance News:

  • Wirecard and Russia. (Business Insider)
  • Novartis whistleblower collars $109MM. (Bloomberg)
  • Amazon bait and switch? (WSJ)
  • Did shadowy hedge funds almost bankrupt economy? (NYT)
Categories
The Affiliated Monitors Expert Podcast

Navigating the Risks of Prescribing Opioids for Chronic Pain in the COVID-19 Era


In this podcast, Jesse Caplan, Amy Fogelman, M.D and Deb Waugh explore the medical, legal and compliance challenges faced by practitioners and healthcare organizations in prescribing opioids for chronic pain during the COVID-19 pandemic. We will be looking at these challenges from three different perspectives – from a physician who is an expert in opioid prescribing standard of care; from a licensed clinical social worker who has designed and conducted hundreds of physician competency evaluations and training programs; and from an attorney who has represented healthcare organizations and healthcare regulatory agencies.

Categories
Compliance and Coronavirus

Carrie Penman and Sam Abadir on Business Continuity


Welcome to the newest addition to the Compliance Podcast Network, Compliance and Coronavirus. In this episode, I visit Sam Abadir, Director of Industry Solutions at Navex Global and Carrie Penman, Chief Risk and Compliance Officer at Navex Global. They recently co-authored the article 6 Tips to Go From Disaster Recovery to Business Continuity Planning. I recently caught up with them to ask them about their article and how companies can better plan for identifying risks that can lead to disasters.
Some of the highlights include:

  • What is the difference in disaster recovery v. business continuity?
  • Why is that important in this phase of the reopening?
  • What are six ways companies can shift to from planning for when a disaster strikes to identifying risks that can lead to disasters?

For me information and great articles check out Navex Global’s Risk and Compliance Matters

Categories
31 Days to More Effective Compliance Programs

Terminating a third-party


At some point, you will be required to terminate a third-party and there will be multiple legal, compliance and business issues to navigate through. If you are stuck doing it in the middle of a FCPA or U.K. Bribery Act investigation, there may well be some tension to do so and do so quickly. If you have not thought through this issue and created a process to follow before a crisis occurs, you may well be in for a very tough road. Yet the 2020 Update specifically asked that question in the section entitled Real Actions and Consequences, when it posed the query Has a similar third party been suspended, terminated, or audited as a result of compliance issues?
Although rarely considered, the termination of a third-party relationship can be as important a step as any other in the management of the third-party lifecycle. While having the contractual right to terminate is a good starting point, it is only the starting point. You not only need to have a compliance and legal plan in place but a business plan as well. If you do not, the cost in both monetary and potential business reputation can be quite high.
Three key takeaways:

  1. Termination of third-parties is an oft-neglected part of the third-party risk management process.
  2. Make certain you have the contractual right to terminate third-parties written into your compliance terms and conditions.
  3. Have a strategy in place for termination before a crisis arises.
Categories
12 O’Clock High-a podcast on business leadership

Leadership Lessons from Theodore Roosevelt-Ascension to Presidency


Richard Lummis and Tom Fox continue their a five-part series on leadership lessons from Theodore Roosevelt. We will look at lessons from Roosevelt’s early years in New York up to his cowboying days in Montana; the second phase of his public career, from NYC Police Commission to Assistant Secretary of the Navy, San Juan Hill and the Vice Presidency; his leadership from his Presidency; his life in the post-Presidency and the election of 1912 and we will end with leadership lessons from his post Bull Moose Party life, World War I and event surrounding his death. In this third episode, we consider the leadership lessons learned by Roosevelt in his ascension to the Presidency and his first and second terms as 26th President.
Highlights of this podcast include:
Roosevelt’s ascension to the Presidency after the assassination of President McKinley; his domestic policies including: trust busting, issues with railroads, starting the American conservation movement and regulation of food and drugs. We then turn to foreign policy and his arbitration of the Russo-Japanese War which won him the Nobel Prize, the Roosevelt Corollary to Monroe Doctrine and construction of the Panama Canal. We look at the clection of 1904 and his second term. We conclude with three key leadership lessons: 1. Surround yourself with other leaders; 2. Maintain an Open Channel with Adversaries; and 3. Be able to take criticism.
Resources
Doris Kearns Goodwin’s 10 Leadership Lessons from the White House
6 Leadership Hacks From The Rise of Theodore Roosevelt
10 top Leadership Principles of Teddy Roosevelt
The Roosevelts: Eight presidential lessons in leadership
Lessons in Leadership from 100 years ago
Theodore Roosevelt on Leadership
10 Theodore Roosevelt Leadership Lessons

Categories
Daily Compliance News

July 23, 2020-the Jail Time edition


In today’s edition of Daily Compliance News:

  • Ex-Wirecard CEO re-arrested. (NYT)
  • Microsoft accused of corporate bullying in EU. (WaPo)
  • DFS charges First American for data breach. (WSJ)
  • Jail time for ENI/Shell execs? (Reuters)Wirecard
Categories
The Affiliated Monitors Expert Podcast

What’s Your (M&A) Plan?


In this episode, I visit with Eric Feldman about planning out your post-acquisition merger strategy. Recent FCPA enforcement actions have stressed that an acquiring entity apply or ascertain that its Code of Conduct, policies and procedures regarding corruption are consistent with the acquired company’s policies and processes. If they are not consistent, the acquiring company should apply it’s Code of Conduct and anti-corruption policies and procedures to the newly acquired company within 18 months or “as quickly as is practicable”. Employees from the newly acquired entity must be trained on their new Code of Conduct and policy and procedure. There must also be a forensic audit to see if any FCPA issues pop up. This same language was brought forward into the 2020 FCPA Resource Guidance, 2nd edition.
If pre-acquisition due diligence is done correctly, it will identify risks associated with the target and a risk assessment of that company should follow as a part of your pre-acquisition due diligence along the line to your post-acquisition, to give you a roadmap of what areas of risk need to be addressed immediately. Some of the things you would specifically look for in an integration plan are around internal controls. Feldman noted, “Are you going to use the acquired entities internal controls or are you going to put your company’s internal controls regime in place? If so, how are you going to integrate them? How are you going to address any training and awareness gaps as it relates to ethics and compliance responsibilities of the employees, of the new company that are coming into your company? Do people understand the acquiring company’s anti-corruption posture and their ABC policies and procedures and all of that needs to be well documented into an integration plan.”
Near and dear to my heart is Document Document Document as it is very hard to demonstrate the pre and post-acquisition due diligence to an external entity like the DOJ without documentation. The real issue has to do with how you can demonstrate to a government regulator that you have done everything that you can do as a company to identify risk associated with corruption and misconduct. Moreover, if you do identify the misconduct, that you have taken the right steps to inform the government and make that disclosure.

Categories
31 Days to More Effective Compliance Programs

Third-Party Risk Expansion


What is third-party risk expansion and why is it a risk in compliance? Historically, people talked about simply an entity outside of your organization as a third party. However, that definition is broadening, to mean really that entity with which your company works. Obviously, this can be a supplier or vendor, it can be a service provider, a customer, a joint-venture (JV) partner and/or an intercompany affiliate. A broader view could include intercompany affiliates as third parties, even though many people would see them as just being another entity inside of a business. As the definition of third parties expands, this only makes life more complicated for anyone trying to do third party risk assessments and then the tiering just creates an exponential change.
Previously, a tier one supplier was a direct counterparties to your organization, directly through the sales channel. Next a tier two was one that your company’s tier one counterparty is working through. This means for risk managers assessing the various risks now have to go deeper and deeper. One way to do so is through trying to understand the connection between tiers one, two, three, four and so on. The problem is there are many risks that companies do not manage this risk because they cannot identify which companies are taking risks, alleged on their behalf. One of the most difficult issues for compliance professionals and risk managers is trying to get their arms around how to handle this issue.
You should begin with mapping out and understanding the third-parties whose exposure needs to be assessed by your organization. Obviously, this includes both direct and indirect third-parties but in terms of the tiering, the best way for anyone to understand the risk is to have really good communication with their tier one third-parties to be able to discuss the risks to both businesses.
Three key takeaways:

  1. Has your third-party risk management program expanded with your third-parties?
  2. Why is transparency a key for third-party risk management?
  3. What is the financial health of your third-parties?
Categories
Great Women in Compliance

Scott Davison on Jumping the Fence from Business to Compliance

Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley.
Six years ago, Mary met Scott while the two New Zealanders were working in the United Arab Emirates and Kuwait respectively for generator hire company, Aggreko. As the global Head of Compliance, Mary was Scott’s Compliance Officer and headed out to Kuwait to conduct Compliance training. Not only was Mary thrilled to meet a fellow Kiwi expat at the company, but she was very impressed by how welcoming Scott, then head of the Kuwait business, made her and went to extra effort to ensure that her business trip went smoothly.
Scott obviously took Compliance very seriously and a few years later, after both Kiwis had moved on from Aggreko, Scott reached out to Mary to let her know that in his new role as a Commercial Director, he would also be taking on the Compliance portfolio. We hear how Scott has transitioned from being solely in a business role and into a newly fledged Compliance professional.
Mary considered Scott to be an ideal GWIC guest because he was fully supportive of Compliance and entirely respectful of a woman running the function and additionally has been very vocal about singing the praises of capable women in Compliance and making introductions to connect women in the field to enlarge their networks. As a bonus, during this episode we get a chance to hear about leadership from someone who is truly a servant leader and breaks down hierarchical barriers to be fully inclusive from the top.
Join Mary and Scott as they re-live experiences in the Middle East and Scott shares his number one tip for men to best support female colleagues in the workplace.
Join the Great Women in Compliance community on LinkedIn here.