Categories
The ESG Report

Simplifying ESG with Mandi McReynolds

Tom Fox welcomes Mandi McReynolds to this episode of the ESG Report. Mandi is the Head of Global Environment, Social and Governance at Workiva, a company whose ESG program allows them to communicate with internal and external stakeholders. In this conversation, she and Tom talk about Workiva’s role in ESG compliance.

The Backbone of ESG

Internal controls are the backbone of ESG, so including them in your framework will make your ESG program run more efficiently. This takes the collaborative effort of your compliance, finance and sustainability teams. In order to meet the needs of investors and stakeholders, these teams must collaborate and agree on the systems and processes they should use.

 

The Business Process

Risks can be managed more effectively with an ESG program that is well-implemented. It is important to understand this when thinking about the business process of ESG. “[However], you can’t be so ESG-woke that you take your company broke,” Mandi cautions Tom. You need to strike a balance between making sure that your company is operating and behaving ethically, and also delivering on its promises to its stakeholders. Investors need to see how you’re keeping your promises and commitments through transparent reporting, so you can demonstrate your commitment. These are all part and parcel of the business process of ESG. 

 

Looking Ahead

Tom asks Mandi what technological components of ESG will be more prevalent in the future. “We’re going to see more advancements in scenario planning,” she says. Companies are going to be thinking about tools and simulations they can use with data to shape their future direction. In the coming years, these tools will only continue to advance, and they’re going to be crucial in making sure companies live up to the standards they have established for themselves. “In order for companies to deliver on their commitments, they have to start telling consumers and stakeholders about where they are, where they’ve been, and where they’re going. In order to do that, I think we’re going to see incredible advances in technology in a very short amount of time,” Mandi remarks. 

 

Resources

Mandi McReynolds | LinkedIn 

Workiva

 

Categories
Blog

Danske Bank: Part 2 – Jurisdiction

We finally have the big one in money laundering. That, of course, is Danske Bank A/S (Danske Bank), a global financial institution headquartered in Denmark, which pled guilty this week and agreed to forfeit $2 billion to resolve the US investigation into its fraud on US banks. According to the Department of Justice (DOJ) Press Release, “Danske Bank defrauded U.S. banks regarding Danske Bank Estonia’s customers and anti-money laundering controls to facilitate access to the U.S. financial system for Danske Bank Estonia’s high-risk customers, who resided outside of Estonia – including in Russia.” Danske Bank also settled with the Securities and Exchange Commission (SEC) who said, in their Press Release, the Bank misled investors about its anti-money laundering (AML) compliance program in its Estonian branch and failed to disclose the risks posed by the program’s significant deficiencies.

One might reasonably ask why the US government is bringing this action. I think there are two key reasons. First, only the US has the cache to bring such a massive enforcement action against any bank, wherever they are domiciled, which threatens the world’s financial integrity through multiple years of facilitating money laundering. The second is that as the world’s principal financial leader, the US government sees itself as the protector and enforcer of that system. While many outside the US may decry these realities, it is clear that only the US can lead such an action. There certainly were other countries which participated, as both the DOJ and SEC Press Releases noted the cooperation of Denmark and Estonia in this enforcement action but at the end of the day, it had to be led by the US.

Jurisdiction

Even if the US feels that it should lead an enforcement effort in this affront to international law, there still must be jurisdiction to bring these enforcement actions. According to the SEC Complaint, “Danske is a Danish multinational banking and financial services corporation headquartered in Copenhagen, Denmark. At all relevant times, Danske was the largest bank in Denmark and a major retail bank in Northern Europe, with offices in countries outside Denmark.” However, I was somewhat surprised to learn that “Danske’s shares traded in Denmark on the OMX Copenhagen and in the United States over-the- counter (“OTC”) as American Depositary Receipts (“ADRs”) listed in U.S. dollars, and U.S. investors constituted a significant portion of Danske’s shareholders. Between 2009 and 2018, U.S. shareholders held as much as 18% of Danske’s stock.”

This stock sold in the US warranted regulatory protection of US investors. The SEC Complaint went on to note that Danske Bank “engaged in deceptive acts, including misleading Danish regulators and U.S. correspondent banks, to conceal its AML and KYC deficiencies. Danske stopped providing services to its high risk customers by April 2016 but failed to timely disclose to investors known misconduct and widespread AML failures.” These failures to inform investors took the form of “a variety of reports, including annual, interim, corporate governance, and risk management reports, in English on its corporate website for the benefit of and made available to, inter alia, actual and prospective U.S. investors. Certain of these reports contained representations to investors about Danske’s risk management processes and disciplines related to the banks systems and controls. Such systems and controls would include Danske’s policies and procedures to detect, prevent and mitigate risks to the bank from financial crime, including money laundering.” Finally, the harm from the illegal conduct hit US investors as “between September 2017 and November 1, 2018, Danske’s share price dropped by approximately 49% as the full extent of Danske’s misconduct became apparent.”

The only reference to US jurisdiction from the DOJ came in the Plea Agreement which obliquely noted Danske Bank “engaged in suspicious transactions through U.S. banks.”

We rarely take a deep dive into the jurisdiction which allows a Foreign Corrupt Practices Act (FCPA) or other similar action to be brought in the US. However, the Danske Bank AML enforcement action makes clear that simply because a company is domiciled outside the US, if it does business internationally, there may be multiple US jurisdiction points which could allow US authorities to bring an enforcement action.

Tomorrow, where did it all start and what were the AML compliance program failures?

Categories
FCPA Compliance Report

Scott Garland and Zach Hafer – Practice After the DOJ

Welcome to the award-winning FCPA Compliance Report, the most senior podcast in compliance. I have double trouble in this episode as I welcome Scott Garland and Zach Hafer. They worked together for many years at the US Attorney’s Office for the District of Massachusetts. Both are now in private practice, Garland as a Managing Director at Affiliated Monitors, Inc. and Hafer as a Partner at Cooley LLP in Boston.

Some of the highlights include:

In this podcast, we consider DOJ corporate enforcement through the mechanisms of DPAs and NPAs based upon Hafer’s tenure as the Criminal Chief. They discussed the need to balance approving prosecutions for general impact vs. based on the case’s merits. We also consider how, if at all, the Monaco Memo changes DOJ focus. Garland leads us through a discussion of compliance issues within a prosecutor’s office, why your compliance philosophy is so critical, and some of the biggest issues and situations they both confronted while in the US Attorney’s Office for the District of Massachusetts. We conclude this section with a discussion of receiving compliance advice: what worked and what did not.

We conclude with a discussion of transitioning from DOJ to private practice, and both Zach and Scott summarize some of the key questions they are getting from clients. Garland opines on key issues he sees for monitors after Monaco Memo, and we conclude with why proactive monitoring can be such a powerful tool.

 Resources

Scott Garland at Affiliated Monitors

Zach Hafer at  Cooley LLP

Categories
Sunday Book Review

December 18, 2022 – The Top Books on History Edition

In the Sunday Book Review, I consider four books that interest the compliance professional, the business executive, or anyone curious. It could be books about business, compliance, history, leadership, current events, or anything else that might interest me. In today’s edition of the Sunday Book Review, we consider some of the FT’s top books of 2022 on history:

Straits: Beyond the Myth of Magellan by Felipe Fernández-Armesto

Muslims and the Making of Modern Europe by Emily Greble

We the Miners: Self-Government in the California Gold Rush by Andrea G McDowell 

Maria Theresa: The Habsburg Empress in Her Time by Barbara Stollberg-Rilinger

Resources

Business Book of the Year – ShortList

Categories
Daily Compliance News

December 17, 2022 – The Lavish Life Style Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you four compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Stories we are following in today’s edition of Daily Compliance News:

  • When does a lavish lifestyle = Red Flags? (NYT)
  • Amazon agrees to business practice changes in the EU. (NYT)
  • DFS issues guidance for banks on crypto. (WSJ)
  • Crypto has made corruption worse. (The Guardian)
Categories
Because That's What Heroes Do

Thor-Love and Thunder

In this podcast series, two complete MCU fans, Tom Fox, founder of the Compliance Podcast Network, and Megan Dougherty, co-founder of One Stone Creative, indulge in a passion for all things in the Marvel Cinematic Universe by re-watching each movie and then podcasting on every movie in the MCU. If you want to indulge in your love for the MCU with two fans passionate about all things MCU, this is the podcast series for you. For this offering, we consider the movie Thor-Love and Thunder.

Some of the highlights include:

Ø  The story synopsis.

Ø  What are the key plot points?

Ø  What were some of our favorite cookies?

Ø  How does this movie fit into the overall MCU?

Ø  How is this movie a homage to prior non-MCU movies?

Categories
Daily Compliance News

December 16, 2022 – The Boyfriend Confesses Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you four compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Stories we are following in today’s edition of Daily Compliance News:

  • Eva Kaili’s boyfriend confesses. (Reuters)
  • A new round of Russian sanctions. (NYT)
  • Corporate ownership viewing rights. (WSJ)
  • Racism lawsuit against Tesla gaining ground. (Bloomberg)
Categories
Hidden Traffic Podcast

2022 in Review

Hidden Traffic Podcast host Gwen Hassan reviews the year’s developments in human trafficking prevention and shares what’s next on the podcast.


This year has seen a rise in human trafficking and climate change refugees. The United Nations International Labor Organization (ILO) reported that there are 50 million people across the world who are currently being held in some form of modern slavery. Notable news stories around human trafficking include the Uyghur Forced Labor Protection Act coming into play and allegations against Tesla for sourcing their cobalt from child labor.


A major issue in the corporate world coined the ‘Green Push,’ is the neglect of the ‘S’ in ESG.  You can’t make the world better environmentally by reducing carbon output and addressing climate change issues while also enslaving children, Gwen remarks.

Resources

Gwen Hassan on LinkedIn

Categories
Career Can D0

Leading Through Learning with Susannah Porr

In this episode of Career Can Do, Mary Ann Faremouth chats with Susannah Porr, Executive Director of NASPD. This organization represents the steel pipe and tubular products distribution industry and its related businesses. Susannah shares how the NASPD is helping its members advance their careers.

Members of the National Association of Steel Pipe Distributors, or NASPD, enjoy a wide variety of benefits, such as professional services, conferences and conventions, seminars and workshops, and industry publications. They host three conferences a year across the US, bringing in experts from various industries with different perspectives. The main issues discussed are ones that members will face in their industries, so the purpose of each conference is preparation.

 

NASPD’s education courses are essential for members who wish to gain a deeper understanding of their industry. NASPD also offers leadership development programs to help companies develop their employees.

 

Resources

Faremouth.com

Categories
Life with GDPR

Sullivan Conviction from GDPR Perspective

Jonathan Armstrong and Tom Fox return for another episode of the award-winning Life with GDPR. In this episode, we discuss the recent conviction of Joe Sullivan, former CISO at Uber, for his role in hiding a data breach that hit the company. Sullivan was convicted in the US in October 2022 in connection with an investigation into a ransomware attack on Uber in 2016. However, we look at the conviction from the GDPR and UK perspective and ask whether it portends potential liability for CISOs and CCOs in the EU and UK. For instance, does this mean there are likely to be more prosecutions against executives? And could we see similar prosecutions in Europe? For a more detailed discussion and links to the case, check out the Cordery Compliance News Alert on the case, which you can find in the link below.

Some of the highlights include:

1.     What were the facts?

2.     Was Sullivan guilty of negligence or intentional conduct?

3.     Why were prior Uber convictions so significant?

4.     What happens next?

5.     Could this lead to more prosecutions of executives?

6.     What does this mean under GDPR and in the UK?

Resources

For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here.