The Compliance Kitchen returns with a wrap-up of the week’s top trade and economic sanction issues. In today’s episode, Silvia Surman looks at OFAC issues Russia-related sanctions licenses and allows for limited marine activities on SDN vessels; DOJ obtains a guilty plea for EAR violations due to unlicensed exports of chemicals to a Chinese SOE listed on the Entity List.
Author: admin
In this episode of the PodfestExpo 2023 Preview Podcasts series, I visit with Jessica Schiller Silverman, host of the podcast at A.L.I.V.E., and discuss her presentation at PodfestExpo on the four elements of your mental health. Some of the issues we tackle in this podcast are:
- How to find freedom from trauma.
- How Chris Krimitos brings out the best in everyone.
- How to be safe, seen, and supported at PodfestExpo 2023.
I hope you can join me at PodfestExpo 2023, hosted by Podfest Global. This year’s event will be January 26-29, 2023, at the Renaissance Orlando at Seaworld in Orlando, Florida. The line-up of this year’s event is simply first-rate, with some of the top names in podcasting.
Podfest Expo is a community of people interested in and passionate about sharing their voice and message with the world through the powerful mediums of audio and video. We’re proud to unite as many people as possible to learn, get inspired, and grow better together.
PodfestExpo is so much more than just a mere conference. While we pride ourselves on featuring the most engaging speakers, exciting topics, and in-depth content, the thing that sets PodfestExpo event apart from all others is the tight-knit community we’ve been building since 2013. You don’t just attend a Podfest event – you become part of the Podfest family.
Whether you’re new to podcasting or a veteran podcaster looking to innovate and improve your podcast, our easy-to-understand Conference Topics allow you to customize a daily agenda based on what you’re most interested in learning. No matter your skill level or experience, PodfestExpo 2023 has plenty to offer!
I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Podfest Expo is offering a discount on the registration price. Enter discount code Fox10.
PodfestExpo 2023 is a production of Podfest Global, which is the sponsor of this podcast series.
What happens when controls are continually overridden? Does that necessarily mean that companies are engaging in activities that violate the FCPA or some other law, such as Sarbanes-Oxley (SOX)? Cristina Revelo said she would start with questions like “How often would something be manually approved? How often are controls skipped, what is the level of approvals that you have, and what is your documentation? What are the reasons, and are you documenting how often a certain department requires those overrides?” While it could indicate a company lacks a culture of compliance or everything is an emergency, it might mean something else. It might mean that your internal controls must be evaluated and recalibrated. In the FCPA Resource Guide and the Update to the Evaluation of Corporate Compliance Programs, the Department of Justice calls this continuous monitoring leading to continuous improvement. Joe Oringel, a co-founder of Visual Risk IQ, calls it continuous controls monitoring.
However, many compliance professionals, particularly lawyers, think once control is in place, it’s set in stone and there forever. This derives from the unfortunate fact that, once again, many compliance professionals and most lawyers do not understand internal controls. Yet, internal controls, much like the rest of a compliance program, can and should be continually monitored and improved based on information such as the number of overrides. Such a review can be evidence of a management problem or a culture of non-compliance at the organization. However, it could be that perhaps the controls need to be adjusted.
Three key takeaways:
1. An internal control override is not necessarily bad if proper procedure is followed.
2. Internal controls are not set in stone.
3. The key is to have a process for monitoring the controls, taking input literally from each line of defense.
Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. We consider various ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer, and how to avoid being overwhelmed. In Part 1, I am joined by Jennifer May to consider compliance program effectiveness.
Highlights from this episode include:
· What is and is not effective?
· Identify silos and work through them.
· Compliance is not a closed-book test.
· Document Document Document
For more information, go to TheBroadcat.com

ABB is a three-time loser in foreign bribery enforcement but still agreed to pay $315 million to settle FCPA charges. The company also resolved SEC charges for $75 million.
ABB’s criminal history includes bid rigging and bribery violations in multiple countries. However, the DOJ cited ABB’s extraordinary cooperation and extensive remediation when they announced the settlement. In this week’s show, Michael Volkov explores ABB’s history of FCPA violations leading up to their most recent.
- ABB paid a settlement of $315,000,000 for its extensive criminal history record, including multiple violations of the Foreign Corrupt Practices Act and a prior conviction for price fixing. The settlement raised questions about the effectiveness of the Justice Department’s new FCPA enforcement program, which is designed to prevent benefits for recidivists.
- The case involved two ABB subsidiaries in South Africa and Switzerland, and the parent company agreed to a three-year deferred prosecution agreement. The company also resolved SEC charges for $75 million and faced foreign prosecutions in South Africa, Switzerland, and Germany.
- ABB was also involved in a bribery scheme between 2014 and 2017 to obtain confidential information and win lucrative contracts with South Korea’s state-owned energy company, ESCOM Holdings. They engaged multiple subcontractors who were linked to a high-ranking ESCOM official and made payments to these subcontractors despite their poor qualifications and lack of experience. In exchange for these bribery payments, ABB secured improper confidential information needed for bidding and securing valuable contracts.
- ABB established a relationship with an additional subcontractor. This subcontractor failed various portions of the ABB due diligence process, including its financial stability and qualifications. ABB required a specific waiver of due diligence requirements to be approved, which they did. On its face, the approval of a waiver creates significant red flags.
- ABB took important first steps in learning about the potential violation by immediately scheduling a meeting with the DOJ and committing to change. However, the settlement papers did not give any detail as to what made ABB’s cooperation extraordinary.
KEY QUOTE
“For companies that have to decide whether to disclose and may hesitate because of their criminal histories, the answer now is fairly clear that it is a better idea in many cases to voluntarily disclose, remediate and cooperate.” – Michael Volkov.
Resources
ABB Settles SEC Charges That It Engaged in Bribery Scheme in South Africa
Email Michael: mvolkov@volkovlaw.com

Welcome to the Hughes Hubbard Anti-Corruption and Internal Investigations Practice Group’s Podcast, All Things Investigations. In this podcast, host Tom Fox and returning guest Kevin Abikoff of the Hughes Hubbard Anti-Corruption & Internal Investigations Practice Group, highlight some of the key legal issues in white collar investigations, locally and internationally.
Kevin Abikoff is partner and Deputy Chair at Hughes Hubbard, and Chairman of the firm’s Anti-Corruption & Internal Investigations Practice Group. He specializes in securities and white-collar criminal litigation, enforcement, regulation and counseling with an emphasis on the representation of entities in anti-corruption (including FCPA) matters.
Key ideas we discuss in this podcast:
- The DOJ has instituted a new requirement for CCOs to certify that their programs are “reasonably designed” to detect and prevent violations of the law.
- The potential for liability as a CCO.
- How this new requirement may pressure CCOs to go beyond their usual duties in order to make the certification.
- Corporate governance as a remediation of the CCO certification requirement.
- The board of directors should be responsible for overseeing corporate compliance programs, rather than just nominally doing so.
- The DOJ listens to commentators and evolves in their own thinking.
KEY QUOTE
“Part of the narrative [for CCO certification] is that it gives CCOs a seat at the table. If you don’t have a seat at the table after you’ve gone through a FCPA enforcement action, I think there are bigger problems.” – Kevin Abikoff
Resources
Hughes Hubbard & Reed website
Kevin Abikoff on LinkedIn

Tom’s guest in this episode of the ESG Report is Dan Frechtling of Boltive, a company that helps keep the Internet safe from invasive media and enforces data privacy. Data privacy and cybersecurity are ESG issues because they are significant drivers of business risk and a growing concern among investors and CEOs. The public costs of poor corporate cybersecurity management are increasingly viewed as market failures.
Dan is the CEO of Boltive. His career began as a marketer, and he has spent years learning the power of marketing. Having experienced a significant event that changed his perspective about hyper-targeting and information sharing, he transitioned to cybersecurity where he learned about data privacy issues.
Here are some key points Dan and Tom talk about:
- Dan talks about his professional journey and background and his role at Boltive.
- Dan defines invasive media and describes the protection his company provides against it.
- Dale explains how Boltive’s solution for invasive media protects the audience from malware, redirects, and other malicious behaviors, by replacing them with revenue-generating ads.
- Compliance with terms of service and user experience is key in order for these solutions to work, Dan tells Tom.
- In cybersecurity, the intermediaries and third parties are often creating noncompliant and bad user experiences. Boltive solves this by creating a synthetic user experience so each step is recorded and traceable to see what went wrong.
- Knowing and identifying if your inventory is sensitive and understanding the flow of data makes complying with ever-changing privacy regulations easier.
- Dan explains why the digital ad ecosystem is so convoluted and the potentially harmful effects on customers.
- Dane highlights some of the compliance issues with online marketing.
- GDPR is the gold standard when it comes to privacy and data protection, but state laws should also be followed when they are more stringent than GDPR.
KEY QUOTE:
“Invasive advertising can really be many different forms and we see our role to protect brands and publishers and technology platforms so those ads don’t get inadvertently served, because the world of programmatic advertising is very lawless and algorithm-driven.” – Dan Frechtling
Resources
Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this special episode, I am joined by Mike Volkov, founder of the Volkov Law Group. We conclude with Part 2, looking back on the year 2022 in FCPA and Compliance. We consider the Monaco Memo, the key cases, and some of the important issues which arose in 2022 and how they might impact compliance in 2023.
In this episode, we consider the following:
· Building trust and credibility in the investigative process
· The ABB FCPA enforcement action
· The Honeywell FCPA enforcement action
· Why the heat is on compliance after the Monaco Memo
· Corporate incentives and discipline, including clawbacks
· The Glencore FCPA enforcement action and CCO Certification
Resources
Mike Volkov on LinkedIn
Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.
Stories we are following in today’s edition of Daily Compliance News:
- Middle East corruption is pervasive. (National Review)
- Amazon is under additional investigation. (WSJ)
- Musk’s new defense is ‘do as I do, not as I say.’ (Reuters)
- Ukraine MoD denies corruption. (Barron’s)
Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. Over this series, I visit with Jennifer May, Director of Compliance Advisory; Taylor Edwards, Director of Sales; Xinia Pirkey, Design Manager; Alex Klingelberger, Chief Executive Officer (CEO) and Jaycee Dempsey, Director of Customer Success. We consider a variety of ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer and how to avoid being overwhelmed. In Part 1, I am joined by Jennifer May to consider what is compliance program effectiveness.
We began with one of the most well-worn words in compliance that still challenges compliance professionals, that being ‘effectiveness’. May said that it is not about getting a hundred percent completion on some sort of training module, which unfortunately in many ways has become the benchmark or the metric used. Instead, it is about getting information to individuals so you can get the right outcomes. Effectiveness is not represented by clicks but rather it is about outcomes.
You should start by identifying your highest risk activities. Begin by asking questions, which might include “Are you having good (or bad) outcomes when it comes to those risky activities? And if you’re not, why are you not? Do your employees understand what it is that they are supposed to be doing and when they are supposed to be doing it? What are those behaviors and the outcomes that we want to change or need to change to get to the appropriate outcomes?”
By asking such questions and delivering training and communications on those topics and areas, you begin to see a shift in people. It is not about a click; the result is compliant behavior. Shifting the focus and conversation to what those outcomes are allows you to start thinking about training in a different way and you can start to see how effectiveness can begin to be impacted by solid training that focuses on outcomes.
May analogized it to a closed-book or open-book test. She does not believe employees should think of compliance as a “closed-book test.” Compliant behavior is not something that you should keep behind a curtain. Your information should be out there and available to any employee who needs it in the moment that they need it. If there is a risk to manage; that is when they will need it. But if your employees need such information “the next time and the next time, and every time subsequent to that, then that’s okay too. There’s no reason why keeping that compliance information hidden or keeping it locked away and making them remember it is going to make them more effective or, more appropriately, compliant in their behaviors. Providing that information upfront and always when they need it, is really the key.”
Obviously, compliance folks cannot be everywhere all at once. Your compliance function may be a single person or a small team. Further, they cannot morph themselves into covering every single risk and every single moment of the organization every time. That is why the closed-book test does not do them any good as they cannot “be standing over someone’s shoulder every time talking about why then need to do something, what they need to do and how they need to do it.” Keep an open book approach and make compliance information openly available whenever employees need it.
We concluded with a few thoughts on credibility for your compliance program, which May believes is a very important concept for compliance. and had an interesting take on that issue. She said that credibility “honors employees as professionals in the work that they are doing.” This ties into “being open about the resources that are available, encouraging them to use them, encouraging them to find them, and perhaps, most importantly, encouraging them to reach out when they have a question.” May sees all this as a part of that credibility. This leads to engagement on a level which is about what they do and demonstrating that you, as the compliance professional, are there to support them.
Join us in Part 2 where we look at program design.
Resources
For more information, check out Broadcat here.