Author: admin

Categories
FCPA Compliance Report

FCPA Compliance Report – Maria D’Avanzo on Privacy Issues in the US and Beyond

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. Join Tom Fox, the host of FCPA Compliance Report, as he speaks with Maria D’Avanzo, Chief Evangelist Officer at Traliant about privacy issues in the US and around the world. Discover the challenges businesses face due to the lack of national law in the US, with multiple state laws led by California. Compare this to the EU, where GDPR has been in place since 2018, and similar laws have been implemented in other countries such as Singapore, Australia, and Brazil. Learn how GDPR has changed the way businesses handle privacy by making it a part of business processes. Discover the importance of consulting with a good outside counsel, especially for global privacy policy implementation.

Explore how to handle cybersecurity incidents and disclosure of information, as regulations on this topic are still developing. Hear from Maria on how to address these incidents internally and the importance of an incident response plan. Find out how collaborating with the Chief Information Security Officer is crucial in developing a specific plan for these incidents, including a group effort from various departments.

Hear about instances where organizations share confidential information or data, leading to legal backlash and damage to reputation. This section discusses the Tesla case and suggests a broader conversation about company culture may be necessary to prevent such privacy infringements. Don’t miss out on this insightful podcast and tune in now to get important insights into privacy and cybersecurity from two industry experts!

Key Highlights

·      The Evolution of Privacy Issues Post-GDPR

·      Navigating Privacy Laws and Meeting Legal Standards

·      Cybersecurity Incident Disclosure Decision Making

·      Importance of Cybersecurity Incident Response Plan

·      The Impact of Sharing Sensitive Information

Resources

Maria D’Avanzo on LinkedIn

Traliant

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Training and Communications – The D&B Experience in Training and Communications

How did one company and one CCO actively use social media to make the company’s compliance culture more effective? The company was Dun & Bradstreet, Inc. (D&B), and its then CCO, Louis Sapirman, discussed D&B’s integration of social media into compliance with me.
As we advance, these tools can go a long way toward enhancing your compliance program. Recall the declination to prosecute Morgan Stanley received from the DOJ when one of its managing directors had engaged in FCPA violations. One of the reasons cited by the DOJ was 35 email compliance reminders sent over seven years, bolsters the annual FCPA training the recalcitrant managing director received. You can use your archived social media communications as evidence that you have continually communicated your company’s expectations around compliance. It is equally important that these expectations are documented.

Finally, always remember the social part of social media. Social media is a two-way communication. Not only are you setting out expectations, but also, these tools allow you to receive back communications from your employees. The D&B experience around the name change for its Code of Conduct is but one example. If you have several concerns expressed, it could alert you earlier to begin some detection and move toward prevention in your compliance program.

Three key takeaways:

  1. How do 360 degrees of communication work in compliance?
  2. Focus on the ‘social’ part of social media.
  3. Use internal corporate social media to have a conversation.

For more information, check The Compliance Handbook, 3rd Edition available here.

Categories
Innovation in Compliance

Improving Third – Party Risk Management with Paul Valente

In today’s interconnected world, businesses rely on third-party vendors for various products and services. While these partnerships bring great benefits, they also expose companies to a range of risks such as cyber threats, compliance issues, and reputational damage. In this episode, Tom Fox interviews Paul Valente, the co-founder and CEO of VISO Trust. Paul shares valuable insights into how businesses can mitigate risks posed by third-party vendors, the importance of continuous monitoring, and how VISO Trust’s platform helps companies manage risks effectively.

Paul Valente is the CEO and co-founder of VISO Trust, a company that provides automated third-party cyber risk management solutions. Prior to founding VISO Trust, Paul was the Chief Information Security Officer (CISO) at several companies, including Restoration Hardware, Lending Club, and ASAPP. He is a longtime technologist and security professional with experience in highly regulated industries.

 

You’ll hear Tom and Paul talk about:

  • Companies have more sensitive data on other companies’ infrastructure than they do internally, which increases risk and augments the need for a robust risk management strategy.
  • Boards have a duty of oversight to proactively monitor their third-party risk management programs. They should also keep abreast of emerging threats.
  • Automation is a key component in a third-party risk management solution for cybersecurity. The standard approach of using questionnaires to assess third-party security is slow, labor-intensive, and ineffective.
  • VISO Trust’s patented first-to-market Document Intelligence removes friction for vendors and provides a comprehensive risk assessment that tells customers everything they need to know to make qualified risk decisions about their third-party relationships.
  • Compliance requires auditability.
  • How VISO Trust helps companies manage risk after the contract is signed.
  • Risk management and cybersecurity data is often siloed within an organization. VISO Trust helps centralize the information by providing a dashboard where customers can have complete understanding of their overall third-party risk, and allowing them to make that data available across the organization.

 

KEY QUOTES:

“There’s companies today that have nothing internally – that are 100% cloud native. What that means typically is that there’s many copies of their data essentially with various other companies, perhaps all over the world… That just increases what we call a tax service … which just means more risk.” – Paul Valente

 

“I think [boards] need to be asking essentially what the risks are for their organization from a cybersecurity standpoint. They need to ask for those to be regularly reported on, regularly updated, and regularly tracked. …They also need to be aware themselves, both externally as well as relying on the executives within the company to keep them aware of emerging threats.” – Paul Valente

 

“…our dashboards essentially allow you to list all of your third-party relationships in one single place and easily report on the status of assessments as well as report on inherent risk.” – Paul Valente

 

Resources:

Paul Valente on LinkedIn | Twitter

VISO Trust

Categories
Compliance Week Conference Podcast

Adam Balfour and Brian McAlhaney on Raising Your Communications and Training

In this episode of the Compliance Week 2023 Speaker Preview Podcasts series, Adam Balfour and Brian McAlhaney from Bridgestone/Firestone discuss their Case Study at Compliance Week 2023,  entitled, “From Training to Learning: How We Use Lessons from Star Wars, Jurassic Park and Top Gun to Help Employees Learn About Ethics and Compliance.”

Some of the issues they will discuss in their presentation are:

  • How one company has re-framed their compliance program pillar of “Training and Communication” to “Learning and Engagement” and hear how your program can benefit from their learnings;
  • Tried and tested tips on adult learning, including using experiences, focusing on the impact on the learner, and more; and
  • How creative, effective, and engaging learning can help enhance your ethics and compliance program brand?

I hope you can join me at Compliance Week 2023. This year’s event will be May 15-17 at the JW Marriott in Washington, DC. The line-up of this year’s event is simply first-rate, with some of the top ethics and compliance practitioners around.

Gain insights and make connections at the industry’s premier cross-industry national compliance event offering knowledge-packed, accredited sessions and take-home advice from the most influential leaders in the compliance community. Back for its 18th year, compliance, ethics, legal, and audit professionals will gather safely face-to-face to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs. And many others to:

  • Network with your peers, including C-suite executives, legal professionals, HR leaders, and ethics and compliance visionaries.
  • Hear from 75+ respected cross-industry practitioners who are CEOs, CCOs, regulators, federal officials, and practitioners to help inform and shape the strategic direction of your enterprise risk management program.
  • Hear directly from the two SEC Commissioners, gain insights into the agency’s enforcement areas, and walk away with guidance on remaining compliant within emerging areas such as ESG disclosure, third-party risk management, cybersecurity, cryptocurrency, and more.
  • Bring actionable takeaways from your program from various session types, including ESG, Human Trafficking, Board obligations, and many others, for you to listen, learn and share.
  • Compliance Week aims to arm you with information, strategy, and tactics to transform your organization and career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. Listeners of this podcast will receive a discount of $200 by using code TF200 on the link here.

Categories
Daily Compliance News

Daily Compliance News: May 2, 2023 – The Big Brother at the Workplace Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition:

  • Auchan is under investigation by PNF. (FT)
  • US SCt to review whistleblower retaliation claim. (Reuters)
  • White House looking into Big Brother at the workplace. (Bloomberg)
  • Adidas sued over the Kanye West deal. (BBC)
Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program in Training and Communications – Introduction

In this month’s offering of 31 Days to a More Effective Compliance Program, you will learn about training and communication techniques that the CCO can use to provide a well-rounded role as a CCO and facilitate a much more holistic approach to compliance in your organization. Best of all, the techniques discussed are available at little to no cost. You can do things in your method of running the CCO positions and innovations that you can bring to the compliance function in your organization.

A 360-degree view of compliance is an effort to incorporate your compliance identity into a holistic approach so that compliance is always in touch with and visible to your employees. It is about creating a distinctive brand philosophy of compliance centered on the customers of your compliance program (i.e., your employees). It helps to anticipate all the aspects of your employee’s needs around compliance, especially when compliance is perceived as new, something that comes out of the home office, or as the Land of No. It allows you to build a new brand image for your compliance program.

The objective is to build trust for the 360-degree process by determining if the goal was achieved. You can utilize surveys or focus groups to assess the impact on your target audience. Focusing on your customers of compliance allows you to identify gaps and improve the communication process for your compliance program.

Three key takeaways:

  1. Remember the definition of 360 degrees of compliance communications. It is an effort that moves the compliance identity into a holistic approach so compliance is always in touch and visible to your employees.
  2. What is your objective? What are you trying to do with your 360-degree view of compliance communications, and how are you using that mechanism to deliver the objective your compliance program desires?
  3. You need to evaluate if the message has been delivered, has been heard, and is being implemented.

For more information, check The Compliance Handbook, 3rd Edition, available here.

Categories
Career Can D0

Overcoming Fear and Taking Action with Irene Riad

Do you ever feel like you’re not sure what your passion is? Irene Riad, an EQ and ICF certified coach, believes that finding your authentic self is the key to finding your passion in your career. In this episode of Career Can Do with host Mary Ann Faremouth, Irene shares how we can become stronger in our careers by using the wisdom of our life’s significant setbacks. She also discusses her unique seven-step renewal process, and how it can help you lead with power in your career.

When we face setbacks, we are wounded, but that wound ultimately saves us, Irene says. It teaches us how strong we can be moving forward. “It heals by actually taking small action that when you look at the wound, it just has become something that has lifted you further, allowed you to do something with more depth,” she tells Mary Ann. She helps her clients understand that they are not broken, even when faced with setbacks.

 

Irene’s seven-step RENEWAL process is a powerful tool. These steps include recognizing the voice within you, engaging with safety and choice, and leading towards your bigger picture. She also sees life as a mosaic made up of different pieces from our life experiences. She and Mary Ann agree that by looking within ourselves first, we can find our passion and lead with power. Mary Ann comments, “I think [that] we have to look within ourselves first. We have to love what we’ve experienced, really become our best selves, to be able to make the biggest contribution in our career, to be able to lead with power in a way that is going to best for us, [and] make a valuable contribution to the world.”

 

In the job search process, it’s as important to regulate your emotions as it is to send out your CV. Irene suggests that not being attached to an outcome frees you up to find better opportunities. It’s also important to “befriend” your fear, Irene tells Mary Ann.  She encourages listeners to be open to new experiences and take action, even if it feels uncomfortable, in order to find better opportunities. Don’t be afraid to take on new roles, even if they are not necessarily what you are looking for in the long term. Taking a job and gaining experience can help you understand yourself better and may lead to other opportunities. 

 

Resources

Irene Riad on the web | LinkedIn 

Faremouth.com 

 

Categories
Corruption, Crime and Compliance

Making a Culture of Ethics and Compliance a Reality

Corporate culture is the most valuable intangible asset that a company owns. In this week’s episode of Corruption, Crime and Compliance, Michael Volkov discusses the importance of corporate culture for ethics and compliance programs. He emphasizes the need for business leaders to understand the significance of corporate culture on the ground level and outlines steps and tasks needed to build and maintain a positive culture.

You’ll hear Michael discuss:

  • Corporate culture is an embodiment of a company’s values and interactions with key stakeholders. Every company has a distinct culture that defines its purpose and motivations.
  • Senior leadership plays a critical role in embedding the culture and enforcing the message. Managers and employees take their cues from corporate leaders.
  • Companies have to hold leaders accountable for wrongdoing or failure to supervise. Leaders who promote ethical cultures should be rewarded, while those who engage in misconduct should suffer discipline up to termination and recoupment of financial benefits.
  • Transparency and publicizing corporate rewards and discipline are crucial to building trust, increasing employee engagement, and promoting a positive culture. A company’s most significant reflection of its culture is employee perception and rates of misconduct.
  • CCOs have to redefine their media tasks and responsibilities to reflect the emphasis on corporate culture. They have to define specific ways to measure a company’s culture, regularly report on these measures, and monitor indicators of culture misconduct, reporting issues, financial concerns, and HR issues.
  • Monitoring, intervention, and remediation require a real-time focus and constant questioning of trends, interventions, and measurement of results. 
  • Working collaboratively with HR, legal, and finance can bring about real culture improvements with a joint mission focused on ethics and compliance.

 

KEY QUOTES

“Your corporate culture, your culture of ethics and compliance is your best control. It’s your most effective and most important control, and it’s your most valuable intangible asset.” – Michael Volkov

 

“A robust reporting system with active participation is a positive, not a negative, reflection of a company’s culture.” – Michael Volkov

 

“Companies that wait for a scandal to occur before acting have failed to do their job. Proactive compliance means prevention and focusing on your company’s culture.” – Michael Volkov

 

Resources:

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Categories
Daily Compliance News

May 1, 2023 – The Corporate Rot Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition:

  • Bringing new tech solutions to compliance. (WSJ)
  • ChatGPT is back in Italy. (WSJ)
  • US to allow auction of CITGO. (Reuters)
  • Spotting corporate rot. (FT)

Categories
Compliance Week Conference Podcast

Joy Hayes on Using Mentorships to Navigate a Career in Compliance

In this episode of the Compliance Week 2023 Speaker Preview Podcasts series, Joy Hayes discusses some of her panel at Compliance Week 2023, “Mentorships Turned Partnerships: Navigating the Compliance Road Hand-in-Hand.”

Some of the issues she will discuss in her presentations are:

  • Women talking about their experiences, lessons, and learnings from two-way mentor/mentee relationships;
  • Steps needed to build these trusted partnerships, benefitting both parties as they navigated their professional careers; and
  • Stories of how women’s support of each other impacted both of their professional development journeys, with takeaways on how you can cultivate and invest in similar types of relationships

I hope you can join me at Compliance Week 2023. This year’s event will be May 15-17 at the JW Marriott in Washington, DC. The line-up of this year’s event is simply first-rate, with some of the top ethics and compliance practitioners around.

Gain insights and make connections at the industry’s premier cross-industry national compliance event offering knowledge-packed, accredited sessions and take-home advice from the most influential leaders in the compliance community. Back for its 18th year, compliance, ethics, legal, and audit professionals will gather safely face-to-face to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs. And many others to:

  • Network with your peers, including C-suite executives, legal professionals, HR leaders, and ethics and compliance visionaries.
  • Hear from 75+ respected cross-industry practitioners who are CEOs, CCOs, regulators, federal officials, and practitioners to help inform and shape the strategic direction of your enterprise risk management program.
  • Hear directly from the two SEC Commissioners, gain insights into the agency’s enforcement areas, and walk away with guidance on remaining compliant within emerging areas such as ESG disclosure, third-party risk management, cybersecurity, cryptocurrency, and more.
  • Bring actionable takeaways from your program from various session types, including ESG, Human Trafficking, Board obligations, and many others, for you to listen, learn and share.
  • Compliance Week aims to arm you with information, strategy, and tactics to transform your organization and career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. Listeners of this podcast will receive a discount of $200 by using code TF200 on the link here.