Author: admin

Categories
2 Gurus Talk Compliance

2 Gurus Talk Compliance – Welcome to 2024 Edition

What happens when two top compliance commentators get together? They talk about compliance, of course. Join Tom Fox and Kristy Grant-Hart in 2 Gurus Talk Compliance as they discuss the latest compliance issues in this week’s episode! In this episode, Tom and Kristy take on a wide variety of topics, including the self-improvement of the Florida Man gone astray.

In the ever-evolving world of regulatory compliance and risk management, challenges are constant, and strategies must be dynamic. Tom highlights the SFO, culture assessments, Key Board issues for 2024 and the McDonald’s Doctrine. Kristy highlights the new law, FEPA, Supply Chains, AI, and checks in on Florida Man. Join Tom Fox and Kristy Grant-Hart as they delve deeper into these issues in this episode of the 2 Gurus Talk Compliance podcast.

Highlights Include:

  1. U.S. Prosecutors Can Charge Foreign Officials With Bribery Under New Provision (WSJ)
  2. New Actions from the White House Highlight the Difficulty of Tracing Forced Labor in Supply Chains (Supply Chain Brain Blog)
  3. Maryland looks to harness AI for government use with executive order (Washington Post)
  4. WorkLife’s definitive guide to what’s in and out for 2024 (WorkLife)
  5. Analysis of failure to exercise duty of oversight by a corporate officer. (D&O Diary)
  6. Key Board issues for 2024. (Compliance and Enforcement)
  7. Are emojis evil? (FCPA Blog)
  8. SFO hammered in the ENRC report. (WSJ)
  9. Why do you need to do a culture assessment? (CCI)
  10. Florida woman sues Hershey for $5 million over ‘deceptive’ Reese’s packaging (ABC News)

 Resources:

Kristy Grant-Hart on LinkedIn

Spark Consulting

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on Ethico and a free White Paper on top compliance issues in 2024, click here.

Categories
Blog

Policies and Procedures

There are numerous reasons to put some serious work into your compliance policies and procedures. They are certainly a first line of defense when the government comes knocking. The 2023 ECCP made clear that “Any well-designed compliance program entails policies and procedures that give both content and effect to ethical norms and that address and aim to reduce risks identified by the company as part of its risk assessment process.” This statement made clear that the regulators will take a strong view against a company that does not have well thought out and articulated policies and procedures against bribery and corruption; all of which are systematically reviewed and updated. Moreover, having policies written out and signed by employees provides what some consider the most vital layer of communication and acts as an internal control. Together with a signed acknowledgement, these documents can serve as evidentiary support if a future issue arises. In other words, the “Document, Document, and Document” mantra applies just as strongly to policies and procedures in anti-corruption compliance.

The specific written policies and procedures required for a best practices compliance program are well known and long established. According to the 2020 FCPA Resource Guide 2nd edition, some of the risks companies should keep in mind include the nature and extent of transactions with foreign governments (including payments to foreign officials); use of third parties; gifts, travel, and entertainment expenses; charitable and political donations; and facilitating and expediting payments. Policies help form the basis of expectations for standards of conduct in your company. Procedures are the documents that implement these standards of conduct.

Compliance policies do not guarantee employees will always make the right decision. However, the effective implementation and enforcement of compliance policies demonstrate to the government that a company is operating professionally and ethically for the benefit of its stakeholders, its employees and the community it serves.

There are five general elements to a compliance policy, which should stake out the following:

  • Identify who the compliance policy applies to;
  • Set out the objective of the compliance policy;
  • Describe why the compliance policy is required;
  • Outline examples of both acceptable and unacceptable behavior under the compliance policy; and
  • Lay out the specific consequences for failure to comply with the compliance policy.

The 2023 ECCP went further by requiring an assessment whether a company has established policies and procedures that incorporate the culture of compliance into its day-to-day operations, through a design which is appropriate to the organization, based upon that organization’s assessed risks.

Design––What is the company’s process for designing and implementing new policies and procedures and updating existing policies and procedures, and has that process changed over time? Who has been involved in the design of policies and procedures? Have business units been consulted prior to rolling them out?

Comprehensiveness––What efforts has the company made to monitor and implement policies and procedures that reflect and deal with the spectrum of risks it faces, including changes to the legal and regulatory landscape?

The 2023 ECCP Evaluation mandated there must be communication of your compliance policies and procedures throughout the workforce and relevant stakeholders such as third parties and business venture partners.

Accessibility––How has the company communicated its policies and procedures to all employees and relevant third parties? If the company has foreign subsidiaries, are there linguistic or other barriers to foreign employees’ access? Have the policies and procedures been published in a searchable format for easy reference? Does the company track access to various policies and procedures to understand what policies are attracting more attention from relevant employees?

Responsibility for Operational Integration––Who has been responsible for integrating policies and procedures? Have they been rolled out in a way that ensures employees’ understanding of the policies? In what specific ways are compliance policies and procedures reinforced through the company’s internal control systems?

Moreover, just as risks evolve, your policies and procedures should evolve. The 2023 ECCP asked the following questions:

  • How often has the company updated its risk assessments and reviewed its compliance policies, procedures, and practices?
  • Has the company undertaken a gap analysis to determine if particular areas of risk are not sufficiently addressed in its policies, controls, or training?
  • What steps has the company taken to determine whether policies/procedures/practices make sense for particular business segments/subsidiaries?
  • Does the company review and adapt its compliance program based upon lessons learned from its own misconduct and/or that of other companies facing similar risks?

The bottom line is that the DOJ expects updates to your policies and procedures needed to be reviewed on a regular basis and updated as your risks evolve.

Finally, the 2020 FCPA Resource Guide, 2nd edition, ends its section on policies with the following, “Regardless of the specific policies and procedures implemented, these standards should apply to personnel at all levels of the company.” It is important that compliance policies and procedures are applied fairly and consistently across the organization. Institutional fairness demands that if compliance policies and procedures are not applied consistently, there is a greater chance that an employee dismissed for breaching a policy could successfully claim he or she was unfairly terminated. Moreover, inconsistent application of your policies and procedures will destroy the credibility of your compliance program. This last point cannot be over-emphasized. If an employee is going to be terminated for fudging their expense accounts in Brazil, you had best make sure that same conduct lands your top producer in the U.S. with the same quality of discipline.

Categories
Kerrville Weekly News Roundup

Kerrville Weekly News Roundup: January 13, 2024

Welcome to the Kerrville Weekly News Roundup. Each week, veteran podcaster Tom Fox and his colleagues Andrew Gay and Gilbert Paiz get together to go over a couple of their favorite stories from the past week from Kerrville and the greater Hill Country. Sit back, enjoy a cup of morning coffee and listen in to get a wrap-up of the Kerrville Weekly News. We each consider two of our favorite stories and talk about the upcoming weekend’s events, which we will enjoy or participate in this weekend.

In this episode, Tom takes a solo turn to discuss the following stories that caught his attention over the past week.

  • Highways closure at I-10 and Loop 1604
  • WWII vet and Koran War POW celebrates 100th birthday
  • Serve Kerrville in emergency services or on Parks and Rec Committee
  • Winter weather coming to Kerrville

Resources:

Tom Fox on LinkedIn

Gilbert Paiz on LinkedIn

Andrew Gay on LinkedIn

Texas Hill Country Podcast Network

The Lead

Kerrville Daily Times

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 12 – Your Code of Conduct

What is the value of having a Code of Conduct? In its early days, a Code of Conduct tended to be lawyer-written and lawyer-driven to wave in a regulator’s face during an enforcement action as proof of ethical overall behavior. Is such a legalistic code effective? Is a Code of Conduct more than simply your company’s internal law? What should be the goal of the creation of your company’s Code of Conduct?

How important is the Code of Conduct? Consider the 2016 SEC enforcement action involving United Airlines, Inc., which turned on a violation of the company’s Code of Conduct. The breach of the Code of Conduct was determined to be an FCPA internal control violation. It involved a clear quid pro quo benefit paid out by United to David Samson, the former Chairman of the Board of Directors of the Port Authority of New York and New Jersey, the public government entity that has authority over, among other things, United’s operations at the company’s huge east coast hub in Newark, NJ.

Three key takeaways:

1. A Code of Conduct is a foundational document in any compliance regime.

2. The substance of your Code of Conduct should be tailored to the company’s culture, to its industry, and to its corporate identity.

3. “Document, Document, and Document” your training and communication efforts regarding your Code of Conduct.

Categories
Greetings and Felicitations

Podfest Expo 2024 Speaker Preview Series – Bob Wheeler on Tax Tools and Tips for Podcasters

In this episode of the PodfestExpo 2024 Speaker Preview Podcasts series, I visit with noted podcaster Bob Wheeler to discuss his presentation at PodfestExpo on tax tools and tips for podcasters. Some of the issues we tackle in this podcast are:

  • Tax tools and tips for podcasters.
  • Why is Bob so excited about the 10th anniversary event?
  • Why you should attend PodfestExpo 2024.

I’m hoping you’ll be able to join me at PodfestExpo 2024, which Podfest Global is hosting. This year’s event will be the 10th anniversary and will be held January 25–28, 2024, at the Wyndham in Orlando, Florida. The line-up of this year’s event is simply first-rate, with some of the top names in podcasting.

Podfest Expo is a community of people interested in and passionate about sharing their voice and message with the world through powerful audio and video mediums. We’re proud to unite as many people as possible to learn, get inspired, and grow better together.

PodfestExpo is so much more than just a mere conference. While we pride ourselves on featuring the most engaging speakers, exciting topics, and in-depth content, the thing that sets the PodfestExpo event apart from all others is the tight-knit community we’ve been building since 2013. You don’t just attend a Podfest event – you become part of the Podfest family.

Whether you’re new to podcasting or a veteran podcaster looking to innovate and improve your podcast, our easy-to-understand Conference Topics allow you to customize a daily agenda based on what you’re most interested in learning. No matter your skill level or experience, PodfestExpo 2024 has plenty to offer!

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Podfest Expo is offering a discount on the registration price. Enter the discount code, Listener.

Podfest Expo 2024 is a production of Podfest Global, which sponsors this podcast series.

Bob Wheeler on LinkedIn

The Money Nerve

Categories
Daily Compliance News

Daily Compliance News: January 12, 2024 – The All 3 Paid Me Bribes Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • The SEC hack is under investigation. (NYT)
  • Trump took payments from China as President. (WaPo)
  • Clyde & Co. was fined for breaching AML. (Reuters)
  • The world’s top 3 trading companies allegedly paid bribes. (Bloomberg)
Categories
Pawtastic Friends - The Paw Talk

Pawtastic Friends – The Paw Talk – Harley, King & Olivia

Welcome to Pawtastic Friends: The Paw Talk. In this podcast, host Tom Fox will visit with Michael and Melissa Novelli, co-founders of Pawtastic Friends, as well as those who work with them at Pawtastic Friends. Michael and Melissa are dedicated to helping shelter and rescue dogs in the Las Vegas area become more adaptable through enrichment training and activities such as yoga and aquatics training, as well as obedience and agility. This podcast is sure to tug on your heartstrings; just listen to how sweet this one dog is! Tune in now to hear more from Michael and Melissa Novelli as they discuss their passion for helping pups in need. Get ready for an exciting episode of Pawtastic Friends: The Paw Talk!

Michael Novelli and Melissa Novelli are co-hosts of the award-winning podcast “The Paw Talk” and are deeply involved in advocating for the importance of suitable foster homes and responsible dog ownership. Michael, with his experience in a rescue program and a boarding facility, emphasizes the need to control the pet population and discourages breeding dogs, especially pit bulls, due to the overpopulation of shelters. He also highlights the importance of consulting with veterinarians for proper care and recovery after surgeries. Melissa stresses the need for a proper recovery environment for dogs after surgery, the importance of crate rest, and taking precautions to prevent re-injury. She believes in providing suitable environments and responsible care for dogs to ensure their well-being. Join Tom Fox, Michael Novelli, and Melissa Novelli on this episode of The Paw Talk as they delve deeper into these important topics.

Dogs Featured:

  • Harley
  • King
  • Olivia

Quotes

“When I look and I see a dog that started over a year ago and has not had one lick of interest, I think to myself, what is wrong with this world? Something is wrong and we need to find a way to either fix it or start fresh because it’s heartbreaking.” – Melissa Novelli

“Chocolate is very toxic and can kill dogs. It’s one of the worst things that dogs can get a hold of because they can die from chocolate. It’s terrible and you don’t want to go through that.” – Michael Novelli

“King is pure royalty. He  is another dog that’s at the boarding facility. He’s been in the program for over a year waiting, just like Harley. He’s a youngster, probably about two years old now, and he is. always happy. His tail’s wagging. He gets so excited when he sees you.” – Melissa Novelli

 Resources:

Pawtastic Friends

Donate to Pawtastic Friends

Categories
Blog

Your Code of Conduct

What is the value of having a Code of Conduct? In its early days, a Code of Conduct tended to be lawyer-written and lawyer-driven to wave in regulator’s face during an enforcement action as proof of ethical overall behavior. Is such a legalistic code effective? Is a Code of Conduct more than simply your company’s internal law? What should be the goal in the creation of your company’s Code of Conduct?

How important is the Code of Conduct? Consider the 2016 SEC enforcement action involving United Airlines, Inc., which turned on violation of the company’s Code of Conduct. The breach of the Code of Conduct was determined to be a FCPA internal controls violation. It involved a clear quid pro quo benefit paid out by United to David Samson, the former Chairman of the Board of Directors of the Port Authority of New York and New Jersey, the public government entity which has authority over, among other things, United’s operations at the company’s huge east coast hub at Newark, NJ.

The actions of United’s former CEO, Jeff Smisek, in personally approving the benefit granted to favor Samson violated the company’s internal controls around gifts to government officials by failing to not only follow the United Code of Conduct but also violating it. The $2.4 million civil penalty levied on United was in addition to its 2016 Non-Prosecution Agreement (NPA) settlement with the DOJ, which resulted in a penalty of $2.25 million. The scandal also cost the resignation of Smisek and two high-level executives from United.

In the 2020 FCPA Resource Guide, 2nd edition, the DOJ and SEC stated:

A company’s Code of Conduct is often the foundation upon which an effective compliance program is built. As DOJ has repeatedly noted the most effective codes are clear, concise, and accessible to all employees and to those conducting business on the company’s behalf.

The 2023 ECCP specified “As a threshold matter, prosecutors should examine whether the company has a code of conduct that sets forth, among other things, the company’s commitment to full compliance with relevant Federal laws that is accessible and applicable to all company employees.” The Antitrust Guidance also specified “If the company has a Code of Conduct, are antitrust policies and principles included in the document?”

The 2020 FCPA Resource Guide, 2nd edition, the 2023 ECCP and Antitrust Guidance go on to make it clear that it is difficult to effectively implement a compliance program if it was not available in the local language so that employees in foreign subsidiaries can access and understand it. When assessing a compliance program, DOJ and SEC will review whether the company has taken steps to make certain that the Code of Conduct remains current and effective and whether a company has periodically reviewed and updated its code.

There are several purposes which should be communicated in your Code of Conduct. The overriding goal is for all employees to follow what is required of them under the Code of Conduct. You can do this by communicating those requirements, to providing a process for proper decision-making and then requiring that all persons subject to the Code of Conduct put these standards into everyday business practice. Such actions are some of your best evidence that your company upholds and supports proper compliance.

The substance of your Code of Conduct should be tailored to your company’s culture, and to its industry and corporate identity. It should provide a mechanism by which employees who are trying to do the right thing in the compliance and business ethics arena can do so. The Code of Conduct can be used as a basis for employee review and evaluation. It should certainly be invoked if there is a violation. Your company’s disciplinary procedures must be stated in the Code. These would include all forms of disciplines, up to and including dismissal, for serious violations of the Code. Further, your company’s Code should emphasize it will comply with all applicable laws and regulations, wherever it does business. The code needs to be written in plain English and translated into other languages as necessary so that all applicable persons can understand it.

The three most important things about your compliance program are “Document, Document, and Document.” The same is true in communicating your company’s Code of Conduct. You need to do more than simply put it on your website and tell folks it is there, available and that they should read it. You need to document that all employees, or anyone else that your Code of Conduct is applicable to, has received, read, and understands it. The DOJ expects each company to begin its compliance program with a very publicly announced, very robust Code of Conduct. If your company does not have one, you need to implement one forthwith.

However, your Code of Conduct is not a static document to be put on a shelf and never reviewed again. For just as your compliance program is a living entity; it should be constantly evolving, the same is true for your Code of Conduct. If your company has not reviewed or assessed your Code of Conduct for five years, do so in short order, as much has changed in the compliance world. Some of the questions you should begin with include:

• When was the last time your Code of Conduct was revised?

• Have there been changes to your company’s business model since the last revision to the Code of Conduct?

• Have there been changes to relevant laws relating to a topic covered in your company’s Code of Conduct?

• Are any provisions of the Code of Conduct outdated?

• What is the budget to revise your Code of Conduct?

After revision of your Code of Conduct, you should develop a plan to communicate the revised document. A rollout is always critical because it is important that revisions are communicated in a manner that encourages employees to review and use the Code of Conduct on an ongoing basis. Your company should use the full panoply of tools available to it to publicize the revised Code of Conduct. This can include a multi-media approach or physically handing out a copy to all employees at a designated time. You might consider having a company-wide compliance Code of Conduct roll out meeting where the revised Code is announced with great fanfare out across the company all in one day. Also remember, with all things compliance; the three most important aspects are “Document, Document, and Document”. However, for each delivery of revised Code of Conduct, you must document that each employee received it.

These points are a useful guide to not only thinking through how to determine if your Code of Conduct need updating, but also practical steps on how to tackle the problem. It is far better to review and update your Code of Conduct, than wait for a massive FCPA investigation to go through the process.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 11 – Moving Compliance Tone Down Through an Organization

The 2023 ECCP made it clear that a company must have more than simply good ‘Tone-at-the-Top’; it must move down through the organization from senior management to middle management and into its lower ranks. It stated, “Beyond compliance structures, policies, and procedures, it is important for a company to create and foster a culture of ethics and compliance with the law at all levels of the company. The effectiveness of a compliance program requires a high-level commitment by company leadership to implement a culture of compliance from the middle and the top.”

Employees often look to their direct supervisor to determine what the tone of an organization is and will be going forward. Many employees of large, multi-national organizations may never have direct contact with the CEO or even senior management. By moving the values of compliance through an organization into the middle, you will be in a much better position to inculcate these values and operationalize compliance with them.

Three key takeaways:

1. Tone at the top—direct supervisors become the most important influence on people in the company

2. Give your middle managers a toolkit around compliance so they can fully operationalize compliance

3. Organizational justice is an additional way to help operationalize compliance

Categories
The ESG Report

The ESG Report – Christian Harris on Safety as The ‘S’ in ESG

The ESG Report podcast is hosted by Tom Fox. Looking for innovative solutions to tackle climate change? Look no further than The ESG Report! In this episode, Tom speaks with Christian Harris from Slip Safety Services on Safety as The ‘S’ in ESG

Christian Harris is a seasoned safety professional with over a decade of experience, specializing in slip and fall prevention. His passion for safety was sparked by a personal incident, leading him to advocate for the integration of safety measures in business operations. Harris believes that safety should not be viewed merely as a means to prevent accidents but as an enabler of culture, high performance, and profit. He coined the term “safety-nomics” to highlight the positive impact of safety on business performance and uses the success story of Alcoa to illustrate the correlation between a strong safety culture and improved business outcomes. Join Tom Fox and Christian Harris on this episode of the ESG Report as they delve deeper into the importance of integrating safety measures into business operations.

Key Highlights:

  • Safety Shifts and Compliance in Energy
  • The Transformative Power of Safety Integration
  • The Significance of Safety in Business Performance
  • Identifying Slip and Fall Factors in Consumer Businesses
  • The Importance of Proactive Safety Culture

Resources:

Christian Harris on LinkedIn

 Tom Fox 

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

LinkedIn