Categories
31 Days to More Effective Compliance Programs

Day 8 – Internal Controls and Compliance

What are internal controls? The best definition I have come across is from Jonathan Marks, who defined internal controls as:
Internal control is an action or process of interlocking activities designed to support the policies and procedures detailing the specific preventative, detective, corrective, directive, and corroborative actions required to achieve the desired process outcomes or objectives(s). This, along with continuous auditing, continuous monitoring, and training, reasonably assures: 

  • The achievement of the process objectives linked to the organization’s objectives;
  • Operational effectiveness and efficiency;
  • Reliable (complete and accurate) books and records (financial reporting);
  • Compliance with laws, regulations, and policies; and 
  • The reduction of risk fraud, waste, and abuse, which,
  • Aids in the decline of process and policy variation, leading to more predictive outcomes.

The DOJ and SEC, in the 2020 FCPA Resource Guide, stated:
Internal controls over financial reporting are the processes used by compa­nies to provide reasonable assurances regarding the reliabil­ity of financial reporting and the preparation of financial statements. They include various components, such as a controlled environment that covers the tone set by the organi­zation regarding integrity and ethics, risk assessments, and con­trol activities that cover policies and procedures designed to ensure that management directives are carried out (e.g., approvals, authorizations, reconciliations, and segregation of duties); information and communication; and monitoring. … The design of a company’s internal controls must take into account the operational realities and risks attendant to the company’s business, such as the nature of its products or services, how the products or services get to market, the nature of its workforce; the degree of regulation; the extent of its government interaction; and the degree to which it has operations in countries with a high risk of corruption.

This was supplemented in the 2020 Update with a pair of pointed questions: whether a company has made a significant investigation into its internal controls and whether they have been tested, then remediated based upon the testing?

The bottom line is that internal controls are just good financial controls. The internal controls that detail requirements for third-party representatives in the compliance context will help detect fraud, which could lead to bribery and corruption. As an exercise, map your existing internal controls to the Ten Hallmarks of an Effective Compliance Program or some other well-known anti-corruption regime to see where gaps may exist. This will help you to determine whether adequate compliance internal controls are present in your company. From there, you can move to see if they are working in practice.

Three key takeaways:

  1. Effective internal controls are required under the FCPA
  2. Internal controls are a critical part of any best practices compliance program
  3. There are four significant controls for the compliance practitioner to implement initially. (a) Delegation of authority (DOA); (b) Maintenance of the vendor master file; (c) Contracts with third parties; and (d) Movement of cash/currency.
Categories
Sunday Book Review

January 8, 2023 – The Top AI and Machine Learning Books for 2023 Edition

In the Sunday Book Review, I consider books that interest the compliance professional, the business executive, or anyone curious. It could be books about business, compliance, history, leadership, current events, or anything else that might interest me. In today’s edition of the Sunday Book Review, we consider some of the top AI and machine learning books that every compliance professional should read in 2023:

·       Future Ready: The Four Pathways to Capturing Digital Value by Stephanie L. Woerner, Peter Weill, and Ina M. Sebastian

·        Digitalization of Financial Services in the Age of Cloud by Jamil Mina, Armin Warda, Rafael Marins, and Russ Miles

·       Power and Prediction: The Disruptive Economics of Artificial Intelligence by Ajay Agrawal, Joshua Gans, and Avi Goldfarb

·        Practicing Trustworthy Machine Learning by Yada Pruksachatkun, Matthew Mcateer, and Subhabrata Majumdar

Resource

The Enterpriser’s Project- 10 must-read tech books for 2023

Categories
Sports and Compliance

Damar Hamlin – Lessons in Leadership and Crisis Management

Welcome to the Sports and Compliance podcast. For the longest time, I have wanted to have a podcast on the intersection of Sports and the World of Compliance and Ethics, both for those stories as they play out on the Sports Page and for the lessons they provide to business executives and compliance professionals. In this podcast series, I am joined by one of the top compliance commentators, Stephen Martin, CCO at Skillsoft. Together, we will use our love of sports and competition to discuss current ethical issues in sports, look at compliance through a sports lens, and determine how the world of sports and its stories can guide the compliance professional.

In this episode, we are joined by Lisa Fine, co-host of the Great Women in Compliance podcast, Buffalo, NY native, and uber Buffalo Bills fan. We deep dive into the Damar Hamlin injury from the compliance and leadership perspectives. Our topics include:

  • Lisa’s reflections on the annus horribillus Buffalo had in 2022 and how the Bills are, in many ways they are the city’s glue.
  • How did we all feel watching it in live time?
  • What were the NFL’s policy and procedural failures in crisis response and management?
  • The leadership demonstrated by the coaches and players in the face of being told to return to play.
  • Why verifying information before reporting it is so critical?
  • The role of ESPN.
  • The role of the stadium EMS personnel.
  • This story has united the entire country in a way not seen for some time.
Categories
Daily Compliance News

January 7, 2023 – The $436MM Trips Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories today include:

  • Will TikTok ever be in compliance? (Reuters)
  • Cruise lines were ordered to pay $436MM for violating Helms-Burton Act. (WSJ)
  • Special Counsel hires anti-corruption prosecutors. (Bloomberg)
  • Blogging for Engineers 101. (NYT)
Categories
Wirecard

IT Shopping on eBay

Welcome to Season 3 of Lies, Spies & Corporate Crimes: The Wirecard Saga. The Wirecard Saga has become the world’s leading source of all things Wirecard. In Lies, Spies & Corporate Crimes: The Wirecard Saga, Mikhail Reider-Gordon, Managing Director of Institutional Ethics & Integrity at Affiliated Monitors, looks at the biggest financial scandal in post-war Germany from a variety of angles. In this episode, Mikhail continues her exploration of those persons, entities, and governments who have been damaged, some beyond repair, by Wirecard and the nuclear fallout from its scandal.

Some of the highlights include:

  • Claims of exculpatory evidence concealed
  • Much is irrelevant to this trial
  • Shopping on eBay
  • Cash to the HedgeHog
  • Shareholder lawsuit struck down
  • Germany’s FIU forgets 100,000 STRs
  • BaFin ups their social media presence
  • Apas punts
Categories
Greetings and Felicitations

Podfest Expo 2023 – Alex Sanfilippo on 5 Ways to Grow Your Podcast

In this episode of the PodfestExpo 2023 Preview Podcasts series, I visit Alex Sanfilippo, podcast host, and maven. We discuss his presentation at PodfestExpo on 5 key ways to grow your podcast. Some of the issues we tackle in this podcast are:

  • Action items you can take away immediately to grow your pod.
  • Pick a few key sessions at Podfest and deeply dive into them.
  • How to grow your pod on a budget.

I hope you can join me at PodfestExpo 2023, hosted by Podfest Global. This year’s event will be January 26-29, 2023, at the Renaissance Orlando at Seaworld in Orlando, Florida. The line-up of this year’s event is first-rate, with some of the top names in podcasting.

Podfest Expo is a community of people interested in and passionate about sharing their voice and message with the world through the powerful mediums of audio and video. We’re proud to unite as many people as possible to learn, get inspired, and grow better together.

 PodfestExpo is so much more than just a mere conference. While we pride ourselves on featuring the most engaging speakers, exciting topics, and in-depth content, the thing that sets PodfestExpo event apart from all others is the tight-knit community we’ve been building since 2013. You don’t just attend a Podfest event – you become part of the Podfest family.

Whether you’re new to podcasting or a veteran podcaster looking to innovate and improve your podcast, our easy-to-understand Conference Topics allow you to customize a daily agenda based on what you’re most interested in learning. No matter your skill level or experience, PodfestExpo 2023 has plenty to offer!

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Podfest Expo is offering a discount on the registration price. Enter discount code Fox10.

PodfestExpo 2023 is a production of Podfest Global, which is the sponsor of this podcast series.

Categories
Creativity and Compliance

Stay Weird

Where does creativity fit into compliance? In more places than you think. Problem-solving, accountability, communication, and connection – all take creativity. Join Tom Fox and Ronnie Feldman on Creativity and Compliance, part of the award-winning Compliance Podcast Network.

Ronnie’s company, Learnings and Entertainment, utilizes people’s entertainment devices to consume information in their everyday, non-work lives and apply it to important topics around compliance and ethics. It is not only about being funny. It is about changing the tone of your compliance communications and messaging to make your compliance program, policies, and resources more accessible.

In this episode, Tom and Ronnie discuss why staying weird in your compliance training and communications is important. By staying weird and using your imagination, you will enhance the user experience and improve your employee engagement with training. Ronnie says it all starts with the business case for compliance training and communications, and with the plethora of training and communications all employees are subjected to, you will have better results going forward by keeping the compliance training and communications fresh.

Resources:

Categories
Daily Compliance News

January 6, 2023 – The Banning Non-Competes Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition of Daily Compliance News:

·       Judge accepts Danske Bank’s guilty plea. (Reuters)

·       Coinbase agrees to $100MM. (WSJ)

·       FTC moves to ban non-competes. (WaPo)

·       Morocco caught up in the EU bribery scandal. (Euronews)

Categories
Greetings and Felicitations

Podfest Expo 2023 – Angela Proffitt on Affiliate Marketing

In this episode of the PodfestExpo 2023 Preview Podcasts series, I visit Angela Proffitt, founder of the Business Unveiled podcast. We discuss her presentation at PodfestExpo on affiliate marketing. Some of the issues we tackle in this podcast are:

  • The different types of affiliate marketing.
  • Moving from a B2C to a B2B world.
  • How to expand your connections at Podfest Expo.

I hope you can join me at PodfestExpo 2023, hosted by Podfest Global. This year’s event will be January 26-29, 2023, at the Renaissance Orlando at Seaworld in Orlando, Florida. The line-up of this year’s event is first-rate, with some of the top names in podcasting.

Podfest Expo is a community of people interested in and passionate about sharing their voice and message with the world through the powerful mediums of audio and video. We’re proud to unite as many people as possible to learn, get inspired, and grow better together.

 PodfestExpo is so much more than just a mere conference. While we pride ourselves on featuring the most engaging speakers, exciting topics, and in-depth content, the thing that sets PodfestExpo event apart from all others is the tight-knit community we’ve been building since 2013. You don’t just attend a Podfest event – you become part of the Podfest family.

 Whether you’re new to podcasting or a veteran podcaster looking to innovate and improve your podcast, our easy-to-understand Conference Topics allow you to customize a daily agenda based on what you’re most interested in learning. No matter your skill level or experience, PodfestExpo 2023 has plenty to offer!

 I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Podfest Expo is offering a discount on the registration price. Enter discount code Fox10.

 PodfestExpo 2023 is a production of Podfest Global, which is the sponsor of this podcast series.

Categories
31 Days to More Effective Compliance Programs

Day 5 – The Board and Operationalizing Compliance

The most significant development for Boards and compliance continues to come from the Delaware courts, which have been expanding the civil law obligations of Boards through a series of court decisions involving the expansion of the Caremark Doctrine for the past several years. These developments began with the Marchand (Blue Bell Ice Cream) decision which required Boards to manage the risks their organizations face. Next was Clovis Oncology which required ongoing monitoring by the Board. Finally, the Boeing case stands for the continuing proposition that a Board cannot simply have the trappings of oversight, it must do the serious work required and have evidence of that work (Document, Document, and Document).


The decision in Boeing is yet a further expansion of the Caremark Doctrine, once again beginning with MarchandBoeing also states that a company must assess its risks and then manage them right up through the Board level. Finally, a Board must be aggressive in their approach and not passively take in what management has presented to them.
The DOJ has also made clear its thoughts on the role of the Board of Directors. The role of the Board is different than that of senior management. The 2020 Update and DOJ Antitrust Division’s 2019 Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations were even more explicit in announcing their expectation for robust Board oversight of a corporate compliance function.

Name any of the most recent corporate scandals; Wells Fargo, Theranos, Volkswagen, Boeing, FTX, etc., and there was no compliance expertise on the Board. It is now enshrined as a best practice for companies to have a seasoned compliance professional on the Board. I would also add that the DOJ may soon expect a Compliance Committee separate from the Audit Committee.
The DOJ continually speaks about the need for companies to operationalize their compliance programs. Businesses must work to integrate compliance into the DNA of their organization. Having a Board member with specific compliance expertise or heading a Compliance Committee can provide a level of oversight and commitment to achieving this goal. The DOJ enshrined this requirement in the FCPA Corporate Enforcement Policy. This means that when your company is evaluated by the DOJ, under the factors set out in the 2020 Update and FCPA Corporate Enforcement Policy, to retrospectively determine if your company had a best practices compliance program in place at the time of any violation, you need to have not only the structure of the Board-level Compliance Committee but also the specific subject matter expertise on the Board and on that committee.

This means that every Board of Directors needs a true compliance expert. Almost every Board has a former Chief Financial Officer, former head of Internal Audit, or persons with a similar background. Often, these are also the Audit Committee members of the Board. Such a background brings a level of sophistication, training, and SME that can help all companies with their financial reporting and other finance-based issues. So why is there no such SME at the Board level from the compliance profession?

Three key takeaways:

1. The 2020 Update required active Board of Director engagement and oversight around compliance.
2. Board communication on compliance is two-way, both inbound and outbound.
3. The Delaware courts have been expanding Board’s roles through the expansion of the Caremark Doctrine.