In today’s edition of Daily Compliance News:
Author: admin
One clear best practices to gauge the compliance culture and evaluate the strength of controls, is to conduct periodic audits to ensure that controls are functioning well. Interestingly, compliance in many ways follows some of the paths laid out by corporate safety departments some 20-30 years ago when safety became much more high profile in U.S. corporations. The safety committee and safety audits became mainstays of any best practices in the area of safety for a company. These techniques inform any anti-corruption best practices compliance program. Indeed, audits were specifically delineated as far back as the 2012 FCPA Guidance to assist in the continuous monitoring of your compliance regime. Such an audit can be thought of as a systematic, independent and documented process for obtaining evidence and evaluating it objectively to determine the extent to which the compliance criteria are fulfilled. There are three factors which are critical for a compliance audit to have a chance for success: 1) an effective audit program which specifies all necessary activities for the audit; 2) having competent auditors in place; and 3) an organization that is committed to being audited.
Auditing is a more limited review that targets a specific business component, region or market sector during a timeframe to uncover and/or evaluate certain risks, particularly as seen in financial records. However, you should not assume that because your company conducts audits that it is effectively monitoring. In other words, the protocol is simple, everyone understands you need to audit, but try and cut costs or corners and you will pay for it in the long run.
Three key takeaways:
- Auditing takes a deep dive into your high-risk compliance areas.
- Internal audit should test your key compliance risk areas as a part of their regular auditor rotation.
- The findings uncovered in an audit must be used in your compliance regime going forward.
Welcome to the newest addition to the Compliance Podcast Network, Compliance and Coronavirus. As the Voice of Compliance, I wanted to start a podcast which will help to bring both clarity and sanity to the compliance practitioner and compliance profession during this worldwide health and healthcare crisis. In this episode, I am joined by Jonathan Armstrong, partner at Cordery Compliance in London and an international data privacy/data protection expert. We discuss the steps your organization can take now to reduce potential GDPR exposure during the Coronavirus health crisis.
For additional information see the Cordery Compliance client alert Coronavirus and Data Protection and visit the firm’s website, corderycompliance.com.
This podcast is sponsored by SAI Global. To learn how you can protect your business operations and workforce during these uncertain times, visit saiglobal.com/risk for free resources, expert guidance, and industry-leading technology.
Categories
Coronavirus and GDPR
In this episode of Life with GDPR, Jonathan Armstrong and Tom Fox consider the multiple data privacy/data protection risks which have arisen under the coronavirus health crisis. Some of the highlights in this episode include:
- How does coronavirus impact GDPR compliance?
- What issues arise with working from home?
- What is consent and why is it so critical now?
- What is the role of a DPIA in this process and why is it so critical?
- Can you monitor employees working from home?
- What about customer communications?
- What are some basic best practices to minimize risk at this point?
- What does this mean for companies and clients going forward?
Resources
Cordery Breach Navigator
Cordery Client Alert “Coronavirus and Data Protection”
Richard Lummis and Tom Fox begin a four-part series on leadership lessons from George Washington. We will look at lessons from Washington’s colonial and frontier period, focusing on the French and Indian War, leadership lessons from Washington’s generalship of the Continental Army, his leadership in both the Continental Congress and Constitutional Convention and we will end with leadership lessons from both terms of Washington’s presidency. In this second episode, we consider the leadership lessons demonstrated by Washington as General of the Continental Army.
Highlights of this podcast include:
- Introduction into Washington’s generalship of the Continental Army.
- First 3rd of the War-Boston and NY disasters to Trenton and Princeton.
- Valley Forge.
- Use of French General Rochambeau and commutation of Charles Asgill from death sentence.
- Resignation as General of the Armies.
Jerry Dent is the Practice Leader and Managing Director at Alvarez and Marsal. He joins host Vince Walden to talk about leadership and team communication during times of crisis. One positive thing that arose from the outbreak was that the US and Europe recognized they had a narrow window of preparation from studying the situation in China. Alvarez and Marsal were able to prepare to have an infrastructure that supported a remote environment. He gives examples of what his company is doing to maintain connectivity and productivity across all professional levels, and keep their employees engaged.
The challenge for those in legal and compliance would be the pivot from face-to-face meetings or sessions such as site inspections, interviews, and court appearances. Jerry has faith that quick adaptation will occur. Four risks that are critical due to the switch to a remote environment are: cyber predators, social media and employee conduct, data protection and privacy, and employee engagement and connectivity.
Jerry stresses that we have all been dealt the same hand, businesses included, so no one business has any huge advantage over another. During a crisis, it comes down to a company’s culture and communication to keep it afloat.
Resources
Jerry Dent on LinkedIn
AlvarezandMarsal.com
In today’s edition of Daily Compliance News:
In this month’s podcast series, I consider what techniques to use to create continuous improvement in your compliance program. As the DOJ stated in the 2019 Guidance “One hallmark of an effective compliance program is its capacity to improve and evolve.” Its implementation should help you to uncover and evaluate areas of risk and opportunities for improvement. Moreover as your business changes over time, in such areas as the environments in which it operates, the nature of its customers, the laws applicable to it and industry standards; your compliance program must change as well. All of this simply means business is dynamic and your compliance regime must be so as well.
Continuous improvement through continuous monitoring or other techniques will help keep your compliance program abreast of any changes in your business model’s compliance risks and allow growth based upon new and updated best practices specified by regulators. A compliance program is in many ways a continuously evolving organism, just as your company is constantly evolving.
Three key takeaways:
- Your compliance program should be continually evolving.
- Have a mechanism to incorporate lessons learned from oversight into your compliance program.
- The DOJ and SEC will give meaningful credit to thoughtful efforts to create a sustainable compliance program if a problem is later discovered.
For more information on Affiliated Monitors, visit their website, www.affiliatedmonitors.com.
Welcome to the newest addition to the Compliance Podcast Network, Compliance and Coronavirus. As the Voice of Compliance, I wanted to start a podcast which will help to bring both clarity and sanity to the compliance practitioner and compliance profession during this worldwide health and healthcare crisis. In this episode, I am joined by Vin DiCianni, founder and CEO of Affiliated Monitors. We discuss the need for proactive monitorships under the stimulus package and why compliance is even more important during this health crisis.
- Why is this important for the government, from federal to state to cities to municipalities?
- Why is this important for businesses seeking stimulus funding?
- How compliance and ethics will be even more important going forward.
- Why your organization should take a proactive approach now.
- Problem companies and those ethically challenged in the past will continue to do so.
This podcast is sponsored by SAI Global. To learn how you can protect your business operations and workforce during these uncertain times, visit saiglobal.com/risk for free resources, expert guidance, and industry-leading technology.
Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this podcast Matt Kelly and Tom Fox take a deep dive into the recent whistleblower award issued to an anonymous whistleblower, who happened to be a compliance professional.
Some of the highlights include:
- What are the requirements for a compliance professional to be eligible for a Dodd-Frank Whistleblower award?
- How many CCOs or internal audit types have been awarded Dodd-Frank Whistleblower awards?
- The SEC was previously investigating the company, how (or why) was there an award in this case?
- With nearly $400MM paid out in whistleblower awards, the program is clearly working.
- Is Jay Clayton’s attempt to eviscerate the Whistleblower Awards?
Resources
Matt Kelly blog post, Whistleblower Award to Compliance Professional
SEC Press Release
