The Compliance Life details the journey to and in the role of a Chief Compliance Officer. How does one come to sit in the CCO chair? What are some of the skills a CCO needs to success navigate the compliance waters in any company? What are some of the top challenges CCOs have faced and how did they meet them? These questions and many others will be explored in this new podcast series. Over four episodes each month on The Compliance Life, I visit with one current or former CCO to explore their journey to the CCO chair. This month, my guest is Scott Sullivan, the Chief Integrity and Compliance Officer at Newmont Mining. Scott Sullivan is a versatile and innovative governance, risk, compliance, ethics and legal executive with significant experience advising C-suite leaders and Boards of Directors in a global enterprise in a wide array of sensitive, high profile subject matter areas. He has extensive leadership in designing, implementing and enhancing world-class programs and favorably resolving regulatory crises for multinationals. He has managed ethics and compliance for a $5B global Fortune 500 corporation, directing a Business Integrity & Compliance function impacting 20,000 employees in over 55 countries with over 100 legal entities.
In this first episode, we consider what does empathy mean in the context of being a CCO? Why does a CCO need empathy? They are often seen as the Conscience of the Company, the Moral Compass, and Doing What is Right – consequences otherwise damaging to company, relationships, etc. When does a CCO have to say ‘No’? Your goal is rarely and it you say no, it means no. How does empathy relate to communications? A CCO needs to understand/walk in someone’s shoes.
Author: admin
Most companies fully understand the need to comply with the requirements around third-parties as they represent the greatest risks for bribery and corruption. However, most companies are not created out of new cloth but are ongoing enterprises with a fully up and running business in place. This means they may need to bring resources to bear to do so while continuing operating an ongoing business. This can be particularly true in the area of performing due diligence on third-parties. Many companies understand the need for a robust due diligence program to investigate third-parties but have struggled with how to create an inventory to define the basis of third-party risk and, thereby, perform the requisite due diligence required.
Getting your arms around due diligence can sometimes seem bewildering for the compliance practitioner. The information that you gathered in Steps 1-Business Justification and 2-Questionnaire of the third-party management process should provide you with the initial information to consider the level of due diligence needed. This leads to Step 3 of the third-party management process: due diligence. The 2020 Resource Guide stated, “as part of risk-based due diligence, companies should understand the qualifications and associations of its third-party partners, including its business reputation, and relationship, if any, with foreign officials. The degree of scrutiny should increase as red flags surface.”
Three key takeaways:
- Risk rank your third-parties and use this as a basis to begin with an adequate level of due diligence.
- Any red flags which appear must be cleared and there must be documented evidence of such clearance.
- There must be documented evidence of review of the due diligence.
Welcome to the newest addition to the Compliance Podcast Network, Compliance and Coronavirus. In this episode, I visit with Paul Sanders who is a Certified FocalPoint Business Coach and Corporate Trainer. We consider what that means for a business person during Covid-19. We are now in the reopening stage of business, literally across the county and explore how Paul sees the steps a business leader needs to take: Reset, Restart and Accelerate.For more information on Paul Mueller, check out his LinkedIn Profile here and check out his company website here.
Tom Fox and Lisa Ryan, this week’s guest, are both members of C Suite Radio and the National Speakers Association. Lisa spent 20 years in sales before embarking on her entrepreneurial journey in 2010. She brings a unique perspective to the subject of employee engagement, seeing it as an essential skill that leaders need to have.
An Essential Skill
In Lisa’s view, employee engagement is greater productivity, greater institutional justice, better health and safety, and many other ways of enhancing workers’ lives. As such, leaders should see improving engagement as an essential skill. “When that business owner can make that connection with their employees,” Lisa points out, “that employee is going to give a lot more effort.”
A Critical Part of Compliance and Corporate Culture
Tom comments, “If you focused on employee engagement, you would go a long way towards creating a viable and vibrant speak up culture and creating a two way street of communication.” Lisa agrees. She adds that people want to feel safe and know that if they approach their boss with a problem, their boss is going to take action on it. We’re wired for justice, she says. As such, engagement is a critical part of compliance.
“Company culture took a long time to develop, and it’s not changing overnight,” Lisa says. When a company makes the decision to focus on improving engagement, they must first assess where they are and then be committed to taking strategic steps towards their long-term goal. She shares how she helps clients to make those changes, and emphasizes that culture change must start at the top then go through every department of the organization.
On Curiosity
Tom says that one of the key characteristics compliance professionals must possess is curiosity.
He asks Lisa to talk about her blog post about curiosity around relearning an old skill. She responds, “Sometimes we have so much knowledge of the things that we can do and then we go and chase that next shiny object… that what we were doing before that was totally working, that was totally part of our skill set, just kind of fades off to the background… So there’s always that being a constant student, not only of the new technology, …but also knowing that there was a lot of that foundation that we came from that we don’t necessarily want to leave behind.”
Resources
LisaRyanSpeaks.com
Lisa@Grategy.com
Lisa Ryan on LinkedIn | Facebook | YouTube
In today’s edition of Daily Compliance News:
- DOJ/SEC update FCPA Resources Guide. (DOJ Press Release)
- Wither the 5-day office week? (WSJ)
- Beverly Hill hotel, bought with 1MDB money goes on sale. (NYT)
- Disney in existential crisis? (WaPo)
In the Episode, I am joined Compliance Line co-CEOs Nick and Gio Gallo to discuss the firm’s 2020 Ethics and Compliance Hotline Benchmark Report. We consider various issues related to the Report including what was the genesis of the Compliance Line 2020 Benchmark Report; from what sources and how did Compliance Line draw data to create the Report. We review the Executive Summary of the Report. We consider both the highlights of the Report from the Gallos perspective as well as some of the findings which surprised them. Finally we review the actionable steps Compliance Line suggests your company can take based upon the findings in the Report.
Resources
For more information on Compliance Line, check out their website here.
To obtain a copy of the Report, click here.
As President Trump allows Russia to pay bounties for the Taliban to kill American soldiers, self-isolating (again) Jay and Tom have a special Thursday July 4th edition to look at top compliance articles and stories which caught their eye this week.
- The Novartis FCPA settlement. Tom has a 5 part series Part 1-Introduction, Part 2-the Bribery Schemes,Part 3-Internal Controls, Part 4-Fines, Penalties and Recidivism; Part 5-Data Analytics. Matt Kelly with Radical Compliance. Mike Volkov has a 3 part series on Corruption Crime and Compliance. Matt and Tom take a deep dive on Compliance into the Weeds. After all this Novatris pays another $678MM for corruption inside the US, see DOJ Press Release.
- Why you need a plan for distributors under the FCPA. Bill Steinman opines in the FCPA Blog.
- Alexion settles FCPA enforcement action. Dick Cassin breaks the story in the FCPA Blog.
- Banks facing increased compliance risks. Mengqi Sun in the WSJ Risk and Compliance Journal.
- The DOJ 2020 Update to the Evaluation of Corporate Compliance Programs with a new emphasis on middle management. Dylan Tokar and Jack Hegal in the WSJ Risk and Compliance Journal.
- How badly did EY botch the Wirecard audit? Michael Rapaport guest posts on Francine McKenna’s The Dig.
- CCPA went live on July 1. Were you ready? Jessica Wilburn on Navex Global’s Ethics Matters.
- What is the role of compliance in the future of work? Neta Meidav in CCI.
- On Compliance and Coronavirus, I was joined this week by Ryan Schonfeld to discuss IT and physical security in the era of Coronavirus; Cindy Flynn on employment law issues and Bill Sanderson business change in the era of Covid-19.
- On the Compliance Podcast Network, Tom concluded his one month look at the role of HR in compliance on 31 Days to a More Effective Compliance Program and started a new month of looking at 3rdThis week saw the following offerings: Monday-the parameters of attorney/client privilege; Tuesday-Miranda warnings in internal investigations. On July 1, the new month brought the new topic of 3rd party risk management. Wednesday-the 3rdParty risk management process; Thursday-the business rationale. The month of July is being sponsored by Affiliated Monitors. Note 31 Days to a More Effective Compliance Program now has its own iTunes channel. If you want to binge out and listen to only these episodes, click here.
Tom Fox is the Compliance Evangelist and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.
The 2020 Update stated, “Prosecutors should also assess whether the company knows the business rationale for needing the third party in the transaction, and the risks posed by third-party partners, including the third-party partners’ reputations and relationships, if any, with foreign officials.” This standard articulates one of the most basic tools to operationalize your compliance program and should form the basis of your third-party risk management process. Indeed this is viewed as an internal control with the 2020 Update going on to pose the following question, “How does the company ensure there is an appropriate business rationale for the use of third parties?”
Another way to think about this issue is by considering the competence of a foreign business partner to provide services to your organization. Such considerations include a review of the qualifications of the third-party candidate for SME, the resources to perform the services for which they are being considered and the third-party’s expected activities for your company. More detailed inquiries include requiring the relevant business unit which desires to obtain the services of any third-party to provide you with a business rationale including current opportunities in territory, how the candidate was identified and why no currently existing third-party relationships can provide the requested services. Your next inquiry should focus on the terms of the engagement, including the commission rate, the term of the agreement, what territory may be covered by the agreement and if such relationship will be exclusive.
Remember, the purpose of the business rationale is to document the satisfactoriness of the business case to retain a third-party. The business rationale should be included in the compliance review file assembled on every third-party at the time of initial certification and again if the third-party relationship is renewed. This means “Document, Document, and Document”.
Three key takeaways:
- You should always have a business reason for using a third-party which is articulated by the business folks, not compliance.
- A Relationship Manager is the key going forward in operationalizing your compliance program through the life of the third-party relationship with your company.
- Always remember to “Document, Document, and Document”.
Welcome to this special podcast series “In Conversation with K2 Intelligence FIN: Navigating an Increasingly Complex Sanctions Landscape”. This series is sponsored by K2 Intelligence, LLC. This week I have visited with Adam Frey, Managing Director, and Eric Lorber, Vice President at K2 Intelligence Financial Integrity Network (FIN).
Over the week, we have reviewed the current sanctions landscape, discussed how to build a sanctions compliance program, walked listeners through what happens when you discover a sanctions breach or potential breach, considered new sanctions exposure. Today, Adam Frey and I conclude with Episode 5 by taking a look in that veiled land of the future by considering issues on the horizon and how to prepare for it.
Resources
For more information on K2 Intelligence FIN’s Sanctions Risk Advisory Services, click here.
For more information on Navigating the Sanctions Minefield: What Every Global Business Should Know, click here.
