Author: admin

Categories
Innovation in Compliance

Innovation in Compliance – Navigating Risk Management in the Automotive Industry with Tom Kline

Innovation comes in many forms, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom Fox is joined by Tom Kline, a seasoned automobile industry expert and risk management authority.

The two Toms delve into specific risks unique to car dealerships and how to manage customer and employee relations to avoid regulatory problems effectively. Kline shares his extensive experience from almost 35 years in the industry, detailing strategies like proactive online reputation management and creative contractual clauses designed to preempt legal issues from customer disputes. They also discuss the complexities of insurance policies in the automotive sector and the importance of understanding coverage as a risk mitigation tool. Kline introduces ‘Tuck the Octopus,’ a metaphor for handling the multifaceted challenges dealerships face, emphasizing customer service’s importance in fostering long-term loyalty.

Key highlights:

  • Key Risks in Automobile Dealerships
  • Managing Customer and Employee Complaints
  • Upstream Risk Management
  • Tuck the Octopus: A Creative Solution
  • Service Aspect of Dealerships

Resources:

Tom Kline on LinkedIn

Better Vantage Point

Tuck the Octopus

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

Daily Compliance News: November 19, 2024 – The Corruption of Comedy Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News—all from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

  • Has Trump’s corruption comedy? (Salon)
  • Competitors to challenge the Elliott affiliate’s bid. (Reuters)
  • Hacker sentenced for Bitcoin heist. (BBC)
  • Will immigration enforcement shut down US industries?  (FT)

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Check out the full 3-book series, The Compliance Kids, on Amazon.com.

Categories
Blog

Failure to Prevent Fraud: The Guidance

Guidance - wooden signpost, roadsign with one arrow

Last week, the much-anticipated Guidance regarding the UK’s new Failure to Prevent Fraud (FTPF) offense was released (the Guidance). This offense, embedded within the Economic Crime and Corporate Transparency Act 2023 (ECCTA), introduces a proactive requirement for organizations to take measurable steps in fraud detection and prevention. Much like the influence of the Bribery Act 2010 on corporate anti-bribery measures, the FTPF aims to reshape how organizations tackle fraud. Compliance professionals need to understand the core elements of this new offense, its global reach, and the practical steps they must implement to establish a robust fraud prevention framework.

Overview of the FTPF Offense

The FTPF offense holds large, incorporated bodies and partnerships liable if an associated person—defined similarly to the Bribery Act as employees, agents, subsidiaries, or other connected individuals—commits fraud to benefit the organization. Unlike some traditional liability structures, there is no need for senior management or directors to have knowledge of the fraud for the offense to apply. Instead, liability rests on the failure of the organization to have reasonable fraud prevention procedures in place.

Under the FTPF guidelines, organizations with over 250 employees, £36 million in turnover, or £18 million in total assets qualify as “large organizations.” This broad reach ensures the inclusion of all significant organizations across various sectors.

What Constitutes “Reasonable Procedures”?

The core of the FTPF offense lies in the expectation that organizations adopt “reasonable prevention procedures” to mitigate fraud risks. In guidance similar to that issued for the Bribery Act, the Home Office has outlined six key principles to inform these procedures. By adopting these principles, organizations can create a robust fraud prevention strategy that may also serve as a defense in the event of an FTPF prosecution. These principles and their applications will sound familiar to the anti-corruption compliance professional.

  1. Top-Level Commitment

The Guidance emphasizes that fraud prevention must start at the top. This principle requires those charged with governance, such as the board and senior executives, to actively promote an anti-fraud culture. Senior leaders should publicly commit to anti-fraud initiatives, participate in training, and regularly communicate the importance of ethical behavior throughout the organization. This sends a powerful message that fraud will not be tolerated and that compliance is a priority.

  1. Dynamic and Documented Risk Assessment

Organizations must conduct regular and dynamic risk assessments. This means continually assessing vulnerabilities to fraud, understanding how systems and structures might incentivize fraudulent behavior, and recognizing any cultural factors that might quietly tolerate fraud. The key is to develop a documented fraud risk assessment process. This should include identifying high-risk areas, reviewing internal controls, and monitoring for red flags that may indicate potential fraud.

  1. Proportionate, Risk-Based Procedures

The Guidance advocates for risk-based and proportionate procedures tailored to an organization’s specific risks and operational context. This principle ensures that prevention measures are realistic and directly address identified risks. Based on your company’s risk assessment findings, you must establish clear, enforceable policies on fraud prevention. For instance, organizations with high fraud risk should consider more robust internal controls, while low-risk entities may implement fewer but targeted controls.

  1. Due Diligence on Third Parties and Staff

Due diligence is a cornerstone of every compliance type, specifically fraud prevention. It requires organizations to scrutinize those performing services on their behalf. By understanding the backgrounds and affiliations of employees, agents, and subsidiaries, organizations can reduce the likelihood of associating with individuals likely to engage in fraud. Your company should implement a structured due diligence process for all new hires, contractors, and third-party partners. This might include background checks, financial reviews, and regular audits of high-risk partners.

  1. Effective Communication and Training

A policy is only effective if understood and practiced throughout the organization. The Guidance emphasizes embedding anti-fraud measures through communication and training. Your company should develop fraud prevention training programs for all employees, focusing on high-risk roles. Ongoing training and communications should reinforce policies, address emerging fraud risks, and equip employees to recognize and report fraud indicators.

  1. Ongoing Monitoring and Continuous Improvement

Finally, the guidance stresses the need for continuous monitoring and review of fraud prevention procedures. This principle ensures that procedures evolve in response to emerging fraud risks, changes in business structure, and lessons learned from incidents.

Your organization should set up regular audits and establish metrics for assessing the effectiveness of fraud prevention measures. Organizations should also review any incidents to identify weaknesses in current controls and revise them accordingly.

Extra-Territorial Reach and the UK Nexus

One of the more complex aspects of the FTPF offense is its extra-territorial scope, reminiscent of the Bribery Act’s reach. Under the FTPF, organizations outside the UK may still be subject to prosecution if fraud committed by an associated person has a UK nexus. This could mean that any part of the fraud, or the resulting gain or loss, has occurred in the UK, even if the organization is headquartered overseas.

Additionally, parent companies may be liable for fraud committed by their subsidiaries if the fraud benefits the parent or involves their clients. This extra-territorial reach ensures that subsidiaries, especially those operating internationally, adhere to the same standards as their parent companies.

Key Steps for Compliance Professionals

The FTPF offense goes into effect on September 1, 2025, giving organizations approximately nine months to prepare. Below is a roadmap to help compliance teams proactively address the requirements:

  1. Evaluate and Revamp Existing Procedures. Review current anti-fraud policies and practices against the Guidance. Identify gaps in due diligence, risk assessment, and top-level commitment.
  2. Conduct a Fraud Risk Assessment. If an organization has not recently performed a comprehensive fraud risk assessment, now is the time. This Fraud Risk Assessment should include all subsidiaries and associated persons, especially if the organization has a UK nexus.
  3. Update Training Programs. Fraud prevention training should be robust, engaging, and frequent. It should cover both general anti-fraud policies and specific red flags relevant to different roles. Training should also encourage employees to report suspected fraud.
  4. Set Up Continuous Monitoring Mechanisms. Implement regular audits and monitoring processes to identify potential fraud risks. Ensure that fraud incidents are analyzed to understand what went wrong and how similar issues can be prevented.
  5. Engage with Leadership. Work closely with leadership to reinforce the tone from the top. Schedule periodic updates to senior management on fraud prevention initiatives and engage them in visible support of anti-fraud efforts.

Lessons from the Bribery Act 2010

The similarity between the FTPF guidance and the Bribery Act 2010’s failure-to-prevent provisions suggests a familiar path for organizations implementing robust anti-bribery frameworks. Those frameworks can provide a strong foundation for meeting FTPF requirements, with adjustments tailored to fraud risks. However, the Bribery Act’s implementation highlighted common challenges, such as ensuring proportionality and maintaining engagement over time. Organizations should leverage lessons learned, balancing robust prevention measures with practical, context-appropriate implementations.

The introduction of the FTPF offense represents a new era for corporate fraud prevention. With its expansive definition of associated persons, extra-territorial reach, and focus on proactive measures, the FTPF compels organizations to be vigilant, proactive, and thorough. Compliance teams should view this offense as an opportunity to strengthen organizational resilience, mitigate fraud risks, and protect stakeholders. By aligning with the six principles in the guidance, organizations can meet regulatory expectations and foster a culture of integrity and trust that supports long-term success.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Policy Week: Charitable Donations

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we continue our week-long series on key anti-corruption policies. In this episode, we review policies on charitable donations.

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Check out the full 3-book series, The Compliance Kids, on Amazon.com.

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Policy Week: Gifts and Entertainment

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide you with bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we begin a week-long series on key anti-corruption policies. In this episode, we review gifts and entertainment.

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Check out the full 3-book series, The Compliance Kids, on Amazon.com.

Categories
Corruption, Crime and Compliance

Raytheon Pays $950 Million to Resolve Fraud, FCPA, ITAR and False Claims Act Violations

What happens when a major defense contractor faces scrutiny for ethics and compliance violations? In this episode of Corruption, Crime, and Compliance, Michael Volkov dives into the high-stakes world of corporate accountability, exploring Raytheon’s recent $428 million settlement with the U.S. Department of Justice. From fraudulent pricing to bribery and compliance lapses, we uncover the impact of these violations and the tough questions they raise about corporate governance, oversight, and ethical responsibility in high-stakes industries.

Hear Michael talk about:

  • Raytheon Company (Raytheon) — a subsidiary of defense contractor, RTX (formerly known as Raytheon Technologies Corporation) — agreed to pay over $950 million to resolve the Justice Department’s investigations into three areas of violation. 
  • The settlement addresses three main issues:
    • A major government fraud scheme involving defective pricing on certain government contracts
    • Violations of the Foreign Corrupt Practices Act (FCPA)
    •  the Arms Export Control Act (AECA) and its implementing regulations, the International Traffic in Arms Regulations (ITAR)
  • As part of the settlement, Raytheon entered into a three-year deferred prosecution agreement (DPA) and agreed to the filing of criminal information in the District of Massachusetts charging Raytheon with two counts of major fraud against the United States. Raytheon admitted to engaging in two separate schemes to defraud the Department of Defense (DOD) relating to the provision of defense articles and services, including PATRIOT missile systems and a radar system. 
  • Separately, Raytheon entered into a three-year DPA in connection with a criminal information in the Eastern District of New York charging Raytheon with two counts: conspiracy to violate the anti-bribery provision of the FCPA for a scheme to bribe a government official in Qatar and conspiracy to violate the AECA for willfully failing to disclose the bribes in export licensing applications with the Department of State as required by part 130 of ITAR.
  • The Justice Department’s FCPA and ITAR resolution is coordinated with the Securities and Exchange Commission (SEC). Both DPAs require that Raytheon retain an independent compliance monitor for three years, enhance its internal compliance program, report evidence of additional misconduct to the Justice Department, and cooperate in any ongoing or future criminal investigations. Raytheon also reached a separate False Claims Act settlement with the Justice Department relating to the defective pricing schemes.

Resources:

Michael Volkov on LinkedIn | X (Twitter)

The Volkov Law Group

Categories
FCPA Compliance Report

FCPA Compliance Report – Understanding the Corporate Transparency Act with Frank Tumminello

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this edition, Tom Fox welcomes Frank Tumminello for an in-depth discussion on the Corporate Transparency Act (CTA) and its business implications.

They delve into the reasons behind the CTA, a law established under the Anti-Money Laundering Act of 2020, and its importance in enhancing transparency and preventing criminal activities like tax evasion and money laundering. Despite being in effect for nearly a year, there needs to be more awareness, with only 15% of the 40 million affected companies having complied. Frank explains the Beneficial Ownership Information (BOI) report, its requirements, and the challenges businesses might face in staying compliant. They also touch upon the misconceptions and legal difficulties surrounding the CTA, as well as the efforts of FinCEN to facilitate compliance, including the potential for extended deadlines in hurricane-affected FEMA zones. Lastly, Frank introduces ‘File Forms,’ a platform designed to streamline BOI reporting, highlighting its features, success stories, and support to businesses navigating these new requirements.

Highlights in this episode:

  • Overview of the Corporate Transparency Act
  • Purpose and Misconceptions of the CTA
  • Beneficial Ownership Information Reporting
  • Constitutionality and Legal Challenges
  • FinCEN Updates and Compliance Efforts
  • File Forms: Features and Benefits

 Resources:

Frank Tumminello on LinkedIn

FileForms

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Categories
Adventures in Compliance

The Case-Book of Sherlock Holmes – Compliance Leadership Lessons in ‘The Adventure of the Sussex Vampire’

In this new season of Adventures in Compliance, host Tom Fox delves into the Sherlock Holmes collection The Case-Book of Sherlock Holmes by Arthur Conan Doyle. It is the final set of twelve Sherlock Holmes short stories by Arthur Conan Doyle, first published in the Strand Magazine between October 1921 and April 1927. This episode considers the short story, The Adventure of the Sussex Vampire. In this story, Sherlock Holmes investigates a case involving a master jewel thief and Holmes’s investigative techniques. This story provides several valuable leadership lessons for the 21st-century compliance professional.

Tom examines Conan Doyle’s short story through the lens of business ethics and corporate compliance. The tale, which initially suggests a supernatural element, is revealed to be a case of jealousy and attempted murder using poison darts. Fox draws several compliance lessons from Holmes’ approach: avoiding hasty conclusions, valuing investigation integrity, adopting holistic views, and maintaining clarity in communication. This episode is packed with insights for compliance professionals navigating complex ethical landscapes.

Highlights include:

  • The Sussex Vampire Story Unfolds
  • Business Leadership Lessons from the Sussex Vampire
  • Enhancing Compliance Leadership.

Resources:

The New Annotated Sherlock Holmes

Sherlock Holmes FAQ by Dave Thompson

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Check out the full 3-book series, The Compliance Kids, on Amazon.com.

For an audio/video version of the Compliance Kids book, Speaking Up is AWESOME, contact Tom Fox.

Connect with Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

Daily Compliance News: November 18, 2024 – The Top Wall Street Cop Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News—all from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

  • The new administration has massive corruption. (The New Republic)
  • Jay Clayton was picked to head SDNY. (FT)
  • Founder of Crypto mixer sentenced to 3 years in prison. (WSJ)
  • US says Bill Hwang should get 21 years.  (Reuters)

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Check out the full 3-book series, The Compliance Kids, on Amazon.com.

Categories
Blog

FT Business Book of the Year, Alison Taylor and Higher Ground

The Financial Times (FT) and Schroders Business Book of the Year Award is the most prestigious accolade in business publishing, recognizing exceptional insight, research, and storytelling in books addressing current business, economic, and financial issues.  The FT Business Book of the Year Award highlights books that significantly impact the understanding of global business issues, often bringing complex topics like economic theory, corporate culture, innovation, and ethics to a wider audience. It serves as a quality benchmark in business publishing, with many past winners going on to influence policy, business practices, and public discourse.

The Financial Times’ reputation ensures that nominated books are taken seriously by readers, reviewers, and business leaders worldwide.  The FT Business Book of the Year Award draws attention to emerging trends and thought leadership in business, with topics often reflecting current global challenges. For example, recent winners have focused on climate change, economic inequality, corporate responsibility, and technology’s impact on society. Ultimately, the FT Business Book of the Year Award plays a significant role in shaping the business conversation by identifying the most relevant and impactful works that capture the challenges and dynamics of modern commerce. To make the Long List of nominees, a book was among 16 selected out of over 600 entries.

If you are in the compliance field, you are probably lucky enough to know one of this year’s Long List nominees–Alison Taylor, whose book, Higher Ground-How Business Can do the Right Thing in a Turbulent World, has provided a fresh dialogue on the evolving role of business ethics in corporate governance. Alison once gave me the moniker The Rock and Roll Compliance Blogger. But even more importantly, Alison has long contributed to and, in many ways, led the ongoing dialogue in the corporate compliance community on compliance and ethics and sustainability and ESG on the other. Her central thesis questions why these two fields, both concerned with promoting responsible corporate behavior, remain siloed and isolated. Higher Ground bridges this gap, providing corporate leaders a roadmap for fostering a more integrated approach to ethical business practices.

Taylor opens *Higher Ground* with a case study on Starbucks—a company widely regarded as a leader in corporate responsibility. Known for benefits like health insurance for part-time employees, Starbucks has long been a model of progressive labor practices. But recently, the coffee giant has faced substantial backlash over labor rights issues as employees pushed for unionization, highlighting a disconnect between corporate policies and ground-level employee sentiment.

This disconnect between corporate identity and stakeholder perception illustrates a significant point for Starbucks: being a “good” business isn’t a shield against reputational risks. Despite its robust ESG credentials, Starbucks has been mired in controversy, underscoring that even the most well-intentioned corporations may face criticism if stakeholders perceive a misalignment between professed values and on-the-ground realities. Taylor’s analysis reminds compliance professionals that reputation and stakeholder trust can be fragile and influenced by factors beyond traditional ESG metrics.

Overcoming the Trap of Overpromising in Corporate Purpose

Taylor’s argument extends to the challenge of corporate overpromising, a pitfall many organizations find themselves in when attempting to cater to the demands of diverse stakeholders. As she points out, recent trends have created a polarized landscape where companies are criticized from both sides—either for being too focused on social responsibility (often labeled as “woke” by critics) or for not doing enough. Navigating this space requires corporate leaders to communicate clearly and make decisions based on what is realistically achievable.

In Higher Ground, Taylor encourages leaders to avoid becoming trapped by unsustainable promises. Instead, she advocates for identifying one to three critical issues that align with the company’s long-term strategic goals. Prioritizing these issues allows organizations to make meaningful progress while maintaining their efforts across many fronts. For compliance professionals, this approach emphasizes the need to set realistic, measurable goals in alignment with an organization’s core values.

Moving from Rules-Based to Principles-Based Compliance

One of the most resonant themes in Higher Ground for compliance officers is Taylor’s call to shift from a rules-based to a principles-based approach to compliance. While rules and regulations are fundamental to compliance programs, they can fall short when organizations face nuanced ethical dilemmas. Principles-based compliance, which emphasizes ethical judgment and a strong moral compass, allows organizations to respond more effectively to complex situations that cannot be anticipated by rules alone.

Taylor argues that fostering an ethical culture requires more than drafting policies and procedures. It involves setting up systems where employees feel empowered to speak up and exercise sound judgment. Compliance leaders should aim to cultivate an environment where employees are encouraged to use their ethical instincts and are rewarded.

Addressing the Generational Shift in Corporate Expectations

As Taylor observes, today’s workforce spans five generations, each with its values, priorities, and expectations from corporate leadership. Millennials and GenZers highly value authenticity, transparency, and social impact. They are also more inclined to speak up on climate change and diversity, often pushing their employers to take public stances.

This shift presents both challenges and opportunities for compliance leaders. Younger generations’ desire for accountability and transparency aligns well with the goals of modern compliance programs, which are increasingly centered around creating ethical, transparent workplaces. However, the push for corporate responsibility requires careful management to ensure that public commitments align with internal practices. Taylor emphasizes the need for open communication, a willingness to address employee concerns, and a commitment to genuine stakeholder engagement.

Balancing Impact and Purpose

Taylor posits that a meaningful corporate purpose is inseparable from measurable impact. While “purpose” has become a popular corporate buzzword, she cautions that it remains little more than marketing rhetoric without concrete actions and results. For companies to build true stakeholder trust, they must put impact at the core of their purpose, recognizing both their operations’ positive and negative effects on society.

This perspective offers valuable guidance for compliance leaders. Compliance programs must go beyond box-ticking exercises and contribute meaningfully to the organization’s ethical culture. By making decisions based on their actual impact on employees, customers, and the broader community, compliance teams can help build a more resilient and trustworthy corporate reputation.

Practical Steps for Building an Ethical, Responsible Organization

Higher Ground provides practical insights for organizations seeking to improve their ethical culture and align with evolving stakeholder expectations. Some actionable steps for compliance professionals include:

  1. Set Priorities. Instead of meeting every stakeholder’s demand, focus on one to three key issues where the organization can make a meaningful impact.
  2. Encourage Open Dialogue. Foster a culture of transparency where employees feel comfortable voicing ethical concerns, even when these concerns challenge leadership decisions.
  3. Embrace a Principles-Based Approach. Shift the focus from strict rule adherence to fostering ethical judgment and principled decision-making across the organization.
  4. Align Corporate Promises with Impact. Ensure public commitments are backed by actionable, measurable goals reflecting the organization’s values and capabilities.
  5. Engage Multiple Generations. Recognize each generation’s unique values in the workforce and create an inclusive environment that respects diverse perspectives on social and environmental issues.

In Higher Ground, Alison Taylor offers a comprehensive exploration of how businesses can bridge the gap between ethics and sustainability, building trust and integrity. By examining the role of corporations through the lens of stakeholder expectations, she challenges leaders to redefine success beyond shareholder value. Her call for a more nuanced approach to business ethics resonates strongly in today’s rapidly evolving regulatory and social landscape.

For compliance professionals, Taylor’s work is a timely reminder of the importance of staying connected to the broader organizational mission and ensuring that ethics programs are integrated into every facet of the business. Whether setting clear priorities, encouraging open dialogue, or embracing principles-based compliance, Higher Ground provides a roadmap for leaders committed to building ethical organizations in the 21st century.

If you want to explore these themes in more depth, please check out Higher Ground and join the thoughtful conversation that Taylor has started. Given the advent of the second Trump Administration, these discussions have taken on a new urgency.