Author: admin

Categories
Compliance Into the Weeds

Compliance into the Weeds: Does a CCO Need to be a Lawyer?

The award winning, Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds!

In this episode, Tom Fox and Matt Kelly take a deep dive into the question of whether a law degree is necessary for Chief Compliance Officers (CCOs).

Tom and Matt begin with a discussion of a recent compensation survey by Barker Gilmore that reveals CCOs with law degrees earn significantly more than their counterparts without JDs. They explore historical and practical reasons for this pay disparity and debate the actual necessity of a law degree for fulfilling modern compliance functions. Additionally, they identify key skills and functions essential for effective compliance and consider alternative career paths and educational backgrounds suited for aspiring compliance professionals.

Key Highlights:

  • The Value of a Law Degree for Compliance Officers
  • Breaking Down the Pay Disparity
  • Modern Compliance Demands
  • Career Paths and Skills for Compliance Officers

Resources

Matt in Radical Compliance

Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

Bank of America’s Corporate Culture Crisis: Part 3 – The Role of Internal Controls

Compliance professionals constantly seek to understand how systemic issues within corporate hierarchies can lead to severe consequences. The recent revelations about Bank of America’s (BoA) persistent workplace culture problems are a powerful reminder of compliance’s critical role in safeguarding employees and the organization.

This week, I will explore the BoA failure around workplace culture from various perspectives articulated by the Everything Compliance gang, including Karen Woody, Jonathan Armstrong, Matt Kelly, Karen Moore, and Jonathan Marks. This exploration will include the failure of internal controls, failures by the Board and senior management, culture failures around highly driven, self-selecting employees, and the cultural miasma that is BoA from a perspective from across the pond. In Part 3, we will consider the role of internal controls.

Internal controls are often seen as the backbone of an organization’s ability to operate efficiently, ethically, and within the bounds of the law. They serve as the safety net that catches errors deters fraud, and ensures that policies are not just theoretical but are put into practice. However, the recent revelations in the Wall Street Journal (WSJ) surrounding the culture of overwork at a major financial institution, where junior bankers were expected to work excessively long hours, shine a spotlight on a critical failure in internal controls—not in their design, but in their execution and monitoring. This blog post will explore the lessons compliance professionals can learn from this situation, focusing on implementing, actively managing, and enforcing internal controls.

Understanding the Control Environment

The control environment is at the heart of any robust internal control system. This includes the corporate culture, employee attitudes toward internal controls, and the tone set by senior management. It’s the foundation upon which all other aspects of internal control are built. When the control environment is weak or toxic, as in the situation under discussion, the entire control structure can crumble.

In this case, BoA had ostensibly implemented controls to prevent overwork—junior bankers were required to self-report their working hours. If they exceeded a certain threshold, this would trigger a review by HR. However, this control was ineffective because those responsible for enforcing it did not take it seriously. Managers instructed their subordinates not to report excessive hours, bypassing control entirely. Additionally, think about the basic conflict of interest (READ: Absurdity) in having the person the control was supposed to monitor input the information for the control to activate.

For the compliance professional, this emphasizes that your control environment is only as strong as the commitment of those enforcing it. Senior management must set the tone and ensure that it resonates throughout the organization. When internal controls are ignored or undermined, it’s often a sign that the control environment is flawed.

The Role of Monitoring and Remediation

Internal controls are not static; they require ongoing monitoring and, when necessary, fine-tuning or remediation. In the BoA situation, the institution needed to adequately monitor the effectiveness of its controls. Even after the tragic death of a junior banker, which should have been a clear signal that the controls in place were not working, there was no significant overhaul or improvement in the control environment.

Monitoring is a critical component of internal control, as it allows an organization to detect weaknesses and address them before they lead to significant issues. In this case, the failure to monitor and remediate allowed a toxic culture to persist for years, ultimately leading to repeated tragedies.

For the compliance professional, the lesson is clear: regular monitoring of internal controls is essential. When weaknesses are identified, they must be addressed promptly and effectively. A failure to remediate control weaknesses leaves an organization vulnerable to risks and can signal to employees that the controls—and the culture—are not taken seriously.

The Flaws of Self-Reporting as a Control

One of the most striking aspects of this case is the reliance on self-reporting as a key control mechanism. While self-reporting can be helpful, it is far from foolproof, especially in environments with significant pressure to conform to unrealistic expectations. In this instance, the control requiring junior bankers to self-report their hours was ineffective because the reporting was neither enforced nor monitored.

The problem with self-reporting as a control is that it places the onus on the individuals being controlled, which can create a conflict of interest. Employees may feel pressured to underreport or falsify their time to meet expectations or avoid repercussions. With independent verification and oversight, self-reporting is likely to be reliable.

For the compliance professional, the starkness of the lesson could not be more profound. Self-reporting should not be relied upon as the sole or primary control in a high-risk environment. It should be supplemented with independent verification methods, such as automated time tracking, regular audits, or cross-referencing with other data sources. This approach ensures that the data collected is accurate and that controls are truly effective.

Automation and Technology in Internal Controls

Given BoA’s size and sophistication, it is somewhat perplexing that more robust, automated controls were not implemented. In today’s technologically advanced world, numerous tools can automatically track employee hours, monitor for signs of overwork, and flag potential issues for review. These tools can remove the burden of self-reporting and provide more accurate, real-time data.

For example, many organizations use software that tracks employee computer activity, monitors login and logout times, and even tracks time spent on specific tasks. This data can then be used to identify patterns of overwork and take proactive measures to prevent burnout or health issues.

For the compliance professional, it is a direct lesson that leveraging technology can significantly enhance the effectiveness of internal controls. Automated systems can provide continuous monitoring, reduce the risk of human error, and offer objective data that can be used to identify and address potential issues before they escalate.

The Importance of a Holistic Approach

Finally, every compliance professional must recognize that internal controls cannot operate in a vacuum. Internal controls must be part of a broader, holistic approach to risk management and compliance. This includes fostering a strong ethical culture, regularly training employees at all levels, and ensuring transparent, accessible channels for reporting concerns.

With BoA, the failure was not just in the specific control related to work hours—it was a systemic failure across the organization. The culture of overwork was allowed to persist because the control environment was weak, monitoring was inadequate, and there was no serious commitment to remediation.

This final lesson learned for the compliance professional is that internal controls are just one piece of the puzzle. To be truly effective, they must be integrated into a comprehensive risk management framework that includes strong ethical leadership, ongoing education, and a commitment to continuous improvement. 

Internal Controls as a Reflection of Corporate Culture

The tragic situation at BoA is a stark reminder of the critical importance of internal controls in maintaining compliance and a healthy and sustainable corporate culture. Internal controls are more than checkboxes—they reflect an organization’s values and priorities. When controls are ignored or undermined, they send a message that compliance, and by extension, employee well-being, is not a priority.

For compliance professionals, the key takeaway is clear: internal controls must be actively managed, monitored, and enforced. They must be part of a broader effort to create a culture of integrity and accountability. Perhaps most importantly, they must be seen as a dynamic system that requires constant attention and adjustment to remain effective. In a world where pressure on employees is greater than ever, robust internal controls are not just a regulatory requirement but a moral imperative.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Communicating Across Cultural Boundaries

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In this episode, we consider how to break through the internal cultural boundaries in your organization by creating cultural bridges.

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

To check out The Compliance Handbook, 5th edition, click here.

Categories
Magnificent 7 Rides Again

The Magnificent 7 Rides Again: Exploring the Creative Journey of Deanna Eixman

Welcome to The Magnificent 7 Rides Again, a captivating podcast series that delves into the vibrant world of seven talented female artists painting amidst the breathtaking landscapes, wildlife and vistas of the Texas Hill Country. Join us as we explore their creative journeys, uncover the inspirations behind their work, and celebrate their unique perspectives on art and life.

In this series, we will dive deep into the heart of the Texas Hill Country, where sweeping vistas and rugged beauty serve as the backdrop for artistic expression. Each episode will feature intimate conversations with these remarkable women, offering insights into their creative processes, the challenges they face, and the stories that shape their art.

In this episode, Tom welcomes back artist Deanna Eixman. Deanna shares her lifelong passion for art, describing how nature and her experiences with animals inspired her childhood, and recounting her development in art throughout her school years.

Deanna discusses the intersection of her athletic and artistic interests, revealing her fascination with the human body and movement. They reminisce about her career as a full-time artist, including her involvement in ‘sip and paint’ classes and the impact of the pandemic on her work. Deanna also explains her process of creating art from nature by touching and feeling plants, and how this sensory engagement influences her work. She highlights her efforts to support and encourage creativity in others, particularly women who have faced abuse, and shares heartwarming stories of transformation through art. The episode concludes with insights into the upcoming art show, ‘The Magnificent Seven Rides Again,’ and Deanna’s excitement for her new works featured in the show.

Key Highlights

  • Art and Athletics: A Unique Connection
  • Connecting with Nature
  • Creating with the Creator
  • The Magnificent Seven Rides Again

Resources

Deanna Eixman Fine Art

Kerrville Arts and Cultural Center

Texas Hill Country Podcast Network

The Hill Country Artists Facebook Page

Categories
Daily Compliance News

Daily Compliance News: August 27, 2024 – The Just Say No Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • Saying No: Art or Science? (FT)
  • Nippon Steel’s purchase of US Steel is in peril. (NYT)
  • Why is Illinois so corrupt? (Chicago Tribune)
  • Don’t marry immigrants (at least in Texas). (Reuters)

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Everything Compliance - Shout Outs and Rants

Everything Compliance: Shout Outs and Rants – Episode 139

Welcome to the only roundtable podcast in compliance as we celebrate our second century of shows.

In this episode, Karen Woody, Jonathan Armstrong, Jonathan Marks, Matt Kelly, and Tom Fox join Karen Moore for shoutouts and rants.

  1. Matt Kelly shouts out the GOP speakers at the recently concluded Democratic National Convention who bucked their party for the good of the nation.
  2. Jonathan Marks shouts out to researchers at the University of Pennsylvania for its work in CAR T cell therapy to treat certain types of cancer.
  3. Karen Moore shouts out to her students in the new semester of her class at Fordham Law School.
  4. Karen Woody shouts out to the people who ran the Democratic National Convention for a great convention.
  5. Jonathan Armstrong rants about Elon Musk and hate speech on X.
  6. Tom Fox shouts out to Rick Springfield and his 80s hit ‘Jessie’s Girls.’

The members of Everything Compliance are:

  • Jonathan Armstrong – partner at PunterSouthall in London.
  • Karen Moore is an Adjunct Law professor at the Fordham School of Law.
  • Matt Kelly – founder of Radical Compliance.
  • Jonathan Marks– is a partner at BDO.
  • Karen Moore can be reached at Kmoore51@fordham.edu

The host of Everything Compliance is Tom Fox, who is the founder of the Compliance Podcast Network.

Categories
Blog

Bank of America’s Corporate Culture Crisis: Part 2 – Lessons Learned for Compliance

Compliance professionals constantly seek to understand how systemic issues within corporate hierarchies can lead to severe consequences. The recent revelations about Bank of America’s (BoA) persistent workplace culture problems are a powerful reminder of compliance’s critical role in safeguarding employees and the organization.

This week, I will explore the BoA failure around workplace culture from various perspectives articulated by the Everything Compliance gang, including Karen Woody, Jonathan Armstrong, Matt Kelly, Karen Moore, and Jonathan Marks. This exploration will include the failure of internal controls, failures by the Board and senior management, culture failures around highly driven, self-selecting employees, and the cultural miasma that is BoA from a perspective from across the pond. In Part 2, we journey through some key lessons learned for compliance professionals.

In the high-stakes world of investment banking, where deals are won or lost in hours, the pressure to perform can push individuals to the brink. Unfortunately, that brink has meant a premature end to some people’s lives. The recent tragedy at BoA, where a junior banker named Leo Lukenas died after working over 100 hours a week for weeks on end, has cast a harsh light on a decade-long problem. This is not the 2013 scandal revisited; it’s an ongoing crisis, a corporate culture problem that has festered for years. The lessons from this ongoing debacle are critical and chilling for compliance professionals.

Lukenas was not the first casualty of this toxic culture. In 2013, an intern in Bank of America’s London office, Moritz Erhardt, met a similar fate after enduring a grueling workload. Following that incident, the bank promised to implement policies to prevent such tragedies from recurring. Yet, a decade later, Lucas’s death is a stark reminder that those policies have either failed or were never truly enforced.

The investment banking division at Bank of America has been likened to a “white-collar sweatshop,” a description that, sadly, fits too many high-pressure work environments. While the term “sweatshop” might conjure images of factories in developing countries, overwork and exploitation can happen in plush office towers just as easily. Lucas’s death has brought into sharp relief the human cost of such environments, where the relentless pursuit of profit eclipses the well-being of employees.

What is particularly concerning is that this issue is separate from a single office or even a single country. The WSJ’s reporting has revealed that overwork at Bank of America is a pervasive issue, affecting employees in New York, London, Tokyo, and Latin America. Former employees have cited overwork as a primary reason for leaving the bank, underscoring that this is not a localized problem but an enterprise-wide failure of corporate culture.

This brings us to a crucial question: Where was compliance? Why have the policies and controls put in place to prevent overwork ineffective? The answer lies in a deep-seated cultural issue that transcends mere policy implementation. Middle management has tolerated if not outright encouraged, this culture, which senior management has failed to address with the necessary urgency.

Middle management is often described as the “meat grinder” of corporate culture, where good intentions from the top can get mangled into toxic behaviors at the bottom. In the case of Bank of America, middle managers were reportedly telling their subordinates not to report excessive working hours to HR, effectively bypassing the controls that were supposed to prevent overwork.

This is a classic example of what can happen when senior management fails to engage effectively with middle management. Senior executives may have genuinely wanted to prevent overwork, but their message could have been more focused and addressed by those in the middle tasked with enforcing it. This disconnect is where corporate culture often fails. Compliance professionals understand that policies are only as good as their enforcement, and enforcement is only as good as the people who are responsible for it. For the compliance professional, this means you must directly connect what senior management has laid out as policy and not simply put procedures in place to implement the policy but then monitor the implementation to ensure the policy is being followed. Sadly, that was not the case at BoA.

Another critical factor in this crisis is the role of incentive structures. It is no secret that high-stakes deals and intense pressure to produce results drive investment banking. But the stage is set for disaster when bonuses and career advancement are tied to closing deals, even at the cost of employee health.

This misalignment of incentives is a fundamental issue that any compliance officer must address. If the financial rewards for middle managers are tied to delivering results, irrespective of the human cost, then it should be no surprise that overwork becomes a pervasive problem. Incentive structures must be reexamined and realigned with the organization’s ethical and operational goals.

As compliance professionals, it is imperative not just to address the symptoms of such crises but to dig deeper and identify the root causes. This case’s root cause is clear: a toxic corporate culture prioritizes results over people. But beyond that, it is about senior management’s failure to enforce a healthy work culture and the misalignment of incentives that drives middle managers to push employees to the brink.

Organizations need to examine their culture, management practices, and incentive structures to prevent such tragedies in the future. This is not just a problem for Bank of America; it’s an industry-wide issue that requires a collective response. Compliance officers have a crucial role in advocating for stronger controls, better communication, and a culture that truly values employee well-being.

The ongoing crisis at BoA is a sobering reminder of the human cost of a toxic work culture. For compliance professionals, it serves as a call to action. A culture that values employees as people, not just as cogs in a machine, is necessary for enforcing and supporting policies; having them on paper is not sufficient.

As we progress, the lessons from this tragedy should guide our efforts to create healthier, more sustainable work environments. Compliance is not just about ticking boxes; it’s about ensuring our values are reflected in our organizations’ day-to-day operations. Ultimately, it’s about protecting the organization and the people who make it what it is.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Multiplying The Influence of Compliance

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today we discuss how to maximize the influence of your compliance program throughout your organization.

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

To check out The Compliance Handbook, 5th edition, click here.

Categories
Riskology

Riskology by Infortal: Episode 31 – Nigeria: Turning The Tide Against Corruption with Soji Apampa, Christopher Mason and Dr. Ian Oxnevad

In Episode 31 of Riskology by Infortal, join Soji Apampa, Christopher Mason, and Dr. Ian Oxnevad as they discuss Nigeria’s fight against corruption in the post-Covid era.

Soji, Chris, and Ian discuss the grassroots and civil society efforts in Nigeria and West Africa to combat corruption and increase business transparency.

The Fight Against Corruption and the Role of Civil Society

Soji Apampa, a leader in the anti-corruption space, shares his experiences in promoting ethical business practices in Nigeria and the evolution of corporate compliance in the region. Contrary to top-down regulatory regimes in the US and Europe, anti-corruption efforts in Nigeria underscore the need for effective collective action from the private sector and civil society.

Successful models for this include the Maritime Anti-Corruption Network, and the advancements in technology that are driving transparency and reducing opportunities for corrupt practices in West Africa. Nigeria’s maritime sector presents a pertinent example of how collective action can bring about significant improvements in integrity and operational efficiency. Prior to these concerted efforts, discretionary powers and lack of standard operating procedures often led to unpredictability and opportunities for corrupt practices.

Culture Matters: From a Perception of Anti-Government to Anti-Corruption

Soji’s journey in integrity and anti-corruption began when he returned to Nigeria as a civil and structural engineer. Frustrated by the rampant corruption and trade malpractices, he took it upon himself to help instill a culture of transparency and anti-corruption.  Over time, these efforts shifted the culture where “anti-corruption” was deemed to be “anti-government” to a culture of increased transparency and professionalism.  Despite initial setbacks, the support from like-minded individuals and organizations paved the way for significant progress. Recent years have seen significant improvements due to collective action in the maritime sector. From 266 corruption cases in 2019 to just 45 in 2022, the benefits are clear. Efforts to introduce transparency and reduce unreceipted cash payment demands have dramatically lowered shipping costs, making the sector more reliable.

Culture Matters: Regulations in the West Don’t Work the Same Way Elsewhere

Initially, practices such as bribery were not only common but also tax-deductible in countries like France and Germany.  Countries like the US, UK, and France have even historically topped indices for bribery, despite stringent anti-corruption laws.  A critical factor in the success of compliance programs is the cultural context within which they operate. Corporate culture often reflects broader societal norms, impacting how compliance policies are perceived and implemented.

Despite the proliferation of laws to combat corruption, money laundering, and terrorist financing from the West to the rest of the world, many of these laws are ill-suited to local needs. Often, laws from developed economies perpetuate corrupt practices. Bottom-up Initiatives like the Maritime Anti-Corruption Network demonstrate the power of collective action in combating corruption.

By working together, businesses can create a culture of integrity.  The reforms in the maritime sector included the development of clear standard operating procedures (SOPs) and timelines for specific activities, enhancing predictability in both costs and time.  Captains can adhere to these standards and checklist requirements, subsequently reducing the chances for extortion. Unlike in the past, transitioning a vessel from Anchorage to the berth now takes a standardized 90 minutes instead of varied durations extending to several hours.

When Going Abroad, You Need a Guide

Understanding local dynamics is crucial, as even the best compliance plans can falter if they don’t align with ground realities. Unlike the abstract nature of high finance, industries such as shipping depend heavily on functional relationships between shippers, locals, and governance. This sector demonstrates that proper collaboration ensures essential goods move smoothly, maintaining daily life.  As bottom-up initiatives help combat corruption, greater diversity in the business environment will become more localized.  At the same time, avoiding violating laws like the Foreign Corrupt Practices Act (FCPA) initiatives and local laws requires having a “local guide” help you navigate new business environments. Intelligence and local connections matter.

Nigeria’s Success Is Now a Model For the “Global South”

The Nigerian model of tackling maritime corruption has inspired similar reforms in other key global ports and regions. Nations such as Egypt, India, Pakistan, Bangladesh, and Ghana have begun adopting similar frameworks, showing promise for broader anti-corruption efforts. Countries like Nigeria, which show real structural changes, may not immediately reflect these in perception surveys, yet they offer untapped potential for investors aware of these developments.  This forward-looking approach, integrating both retrospective analysis and future opportunities, aims to not only continue the fight against corruption but to set an example that ripples out to other industries and regions trying to roll back corruption.

Resources:

Infortal Worldwide

Email

Chris Mason on LinkedIn

Dr. Ian Oxnevad on LinkedIn

Soji Apampa on LinkedIn

Categories
Adventures in Compliance

The Last Bow Stories – Investigative Lessons from The Disappearance of Lady Frances Carfax

Welcome to a review of all the Sherlock Holmes stories that are collected in the work, “The Last Bow.“. It is a collection of eight detective stories written by Sir Arthur Conan Doyle, from 1908 to 1917. The collection spans some of the most intriguing cases and mysteries that Holmes and his loyal friend Dr. John Watson tackle.

Today we take up The Disappearance of Lady Frances Carfax, which appeared in Strand Magazine in December 1911, as we consider investigative lessons for compliance professionals from The Disappearance of Lady Frances Carfax.

This episode considers the investigative methods employed by Holmes and Watson, which offers valuable lessons on investigations for compliance professionals. Key points include thorough information gathering, maintaining confidentiality, attention to detail, critical thinking, collaboration, understanding human behavior, following financial clues, meticulous documentation, and learning from each case. The episode underscores how these investigative principles can be directly applied to the field of compliance.

Key Highlights:

  • Introduction to Lady Frances Carfax
  • The Disappearance and Investigation
  • Holmes’ Discoveries and the Climax
  • Key Investigative Lessons for Compliance
  • Compliance Principles

 Resources:

The New Annotated Sherlock Holmes

Sherlock Holmes FAQ

Connect with Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on Ethico and a free White Paper on top compliance issues in 2024, click here.