Author: admin

Categories
The ESG Report

Increasing the Speed of ESG Risk Management with Todd Boehler

 

Todd Boehler has over 25 years experience in the governance risk and compliance software space. He is currently Senior Vice President of Strategy at ProcessUnity, where he oversees third-party risk management. ProcessUnity is a company that is making good governance, risk, and compliance (GRC) practices and tools available to organizations via cloud-based, third-party risk and cybersecurity program management tools. Tom Fox welcomes Todd to this week’s episode of the ESG Report to discuss the relationship between third-party risk management and ESG. 

 

 

The Biggest Risk 

“In my opinion, third-party risk management has been the biggest risk in anti-corruption compliance,” Tom says. It’s something everyone in the company – up to the board level – has to be more consistent with. Todd agrees; it’s becoming more complex as time goes on, he adds. More businesses are outsourcing in order to compete. This brings accelerated risk. “You have to know where the risk lies inside of those [third-party] companies, otherwise you’re going to be accountable for that to your customers and your regulators and your examiners,” Todd points out. Your company needs to understand and mitigate risk prior to doing business with prospective third-party vendors. 

 

Evolving Risk

Todd runs ProcessUnity’s Partners and Alliances program and its product teams. His role involves growing the company ecosystem and investing in technology to help their clients manage risk and solve their problems more efficiently. “ESG has been an evolving risk area,” Todd tells Tom. “We help companies monitor and manage their third-party [risk] specifically, across all different areas of risk [including ESG risk].” ESG is a social mandate nowadays, he continues; more companies and regulators are acknowledging its importance. “We integrate and connect ESG data providers into our customer’s risk programs so that they can cover and understand ESG risk against their third parties,” he points out.

 

Monitoring Third-Party Risk

Tom asks Todd whether potential clients fully understand the need to monitor ESG risk and how ProcessUnity allows them to manage that risk. It depends on the maturity of the company, Todd responds. “Smaller companies that are highly regulated may be more mature than larger companies that are not so highly regulated,” he points out. It also depends on the stage they are in their roadmap, as well as how much they prioritize ESG risk against other types of risk. ProcessUnity helps them figure this out and how to grow their ESG program over time based on their specific industry. Building a culture of ESG is vital, as are sustainable procurement practices. Sustainable procurement refers to how businesses can identify and reduce the environmental impact of their supply chains. This requires monitoring third parties and ensuring that procurement practices are aligned to the ESG framework. He and Tom discuss the evolving work landscape, accelerated by the pandemic, and the accompanying increase in cybersecurity risk. The Russian invasion of Ukraine also spurred an uptick in sanctions screening. All this impacts how organizations manage third-party risk, Tom and Todd agree. “It’s an evolving world,” Todd comments, “things are changing fast, and you have to manage to the speed of change.”

 

Financial Resiliency 

Tom comments on the importance of financial resiliency of your third-party partners. If a company is not doing well financially, they may be unable to supply your products. They are more vulnerable to cyber attack because they may not be able to invest in cybersecurity, and they may be more easily persuaded to engage in bribery and corruption. Financial resiliency is a must, Todd says. Your company needs it, and your suppliers must also have it. “If your critical suppliers are having problems financially, you need to have a backup plan to be able to switch them out in dire straits,” he tells listeners. You also need to have a system to monitor those companies. Financial tracking is a good strategy here, he points out. He describes how ProcessUnity helps clients build a financial profile of their suppliers.

 

The Rise of ESG

ProcessUnity recently released a white paper, The Rise of ESG in Third-Party Risk Management. Tom asks, “What do you see as some of the key factors contributing to the relevancy of ESG on a worldwide basis?” He and Todd talk about the global push towards ESG and the corporate world’s response. A cultural shift coupled with new regulation is bringing ESG to the fore. Proper documentation of our ESG program will help you make better business decisions as well, both men agree. Your business will become more efficient and robust as well.

 

Looking Ahead

Tom asks Todd where he sees third-party risk management in ESG in 2025 and beyond. Risk professionals are thinking about and prioritizing ESG risk more, they agree. Todd adds that ESG risk attention will increase because there will be more data and more regulations. Additionally, there will be more people taking over executive positions who wish to implement ESG cultures and regulations in businesses that require ESG risk management. 

 

Resources 

Todd Boehler | LinkedIn | ProcessUnity 

The Rise of ESG in Third-Party Risk Management

 

Categories
FCPA Compliance Report

James Koukios on the MoFo February Int’l Anti-Corruption Newsletter

In this episode of the FCPA Compliance Report, I am joined by fan favorite James Koukios, partner at Morrison and Foerster. In this episode we consider some of the key ABC issues in the always great MoFo Monthly Top 10 International Anti-Corruption Developments for February 2022. Highlights of this podcast include:

  1. KT FCPA Resolution
  2. Roger Ng convicted at FCPA trial.

Resources

James Koukios on the MoFo website

February International Anti-Corruption Newsletter here

Categories
Daily Compliance News

August 8, 2022 the Morgan Stanley Settles edition

In today’s edition of Daily Compliance News:

  • Ex-PR gov arrested on corruption charges. (Bloomberg)
  • Morgan Stanley settles FTC, CFTC enforcement actions. (Reuters)
  • Top 10 least corrupt countries in Africa. (Business Insider)
  • OBG’s avoided forced birth states. (WaPo)
Categories
Sunday Book Review

August 7, 2022 the Dunkirk Contrarian edition

In today’s edition of Sunday Book Review:

  1. Blitzkrieg in Their Own Words: First-Hand Accounts From German Soldiers 1939-1940 Edited by Heinz Guderian
  2. Panzer Commander: The Memoirs of Hans von Luck By Hans von Luck
  3. Flames of Calais: The Soldier’s Battle, 1940 By Airey Neave
  4. Week-End A Zuydcoote By Robert Merle
  5. DUNKIRK: The Necessary Myth By Nicholas Harman

 Resource

Wall Street Journal Bookshelf

Categories
Popcorn and Compliance

Leadership Lessons from Rocky

Richard Lummis and I are back to look at leadership lessons from one of the very all-time boxing movies, Rocky. Highlights of this podcast include:

  1. What are our favorites scenes from the movie? No one knows anything; you owe yourself, get the work done, and we are all underdogs.
  2. What are the leadership lessons from Rocky Balboa? Repetition will make you great; tech can be a great business advantage but never forget the human element and practice for the worst.
  3. What are the leadership lessons from Apollo Creed? The mind is the greatest muscle; pay attention to those behind you.
  4. What are the leadership lessons from Rocky’s trainer Mick?
  5. What is the leadership lesson from the boxing ring? Go the distance and think long term; it’s not about how hard you punch but how hard a punch you can take and go back into the ring when it’s the toughest.
  6. Do these lessons hold up today?
Categories
Daily Compliance News

August 6, 2022 the Sgt. Schultz edition

In today’s edition of Daily Compliance News:

  • Glencore CEO – “I know nothing.” (Bloomberg)
  • Project Veritas loses to Stanford. (Reuters)
  • Dechert spanked for ENRC damages. (MLex) (sub req’d)
  • Musk says it is Twitter who committed fraud. (NYT)
Categories
Corruption, Crime and Compliance

Episode 241 – Continuous Improvement, Testing and Auditing of Your Ethics and Compliance Program

The Justice Department and various regulatory agencies continue to emphasize the importance of continuous improvement, testing and review as part of robust assessment procedures in an effective compliance program. The Treasury Department’s Office of Foreign Asset Control has specifically stated that a sanctions compliance program should include “a comprehensive, independent, and objective testing or audit function” so that a company can determine “how their program[] [is] performing and should be updated, enhanced, or recalibrated to account for a changing risk assessment or sanctions environment.” The Health and Human Services — Office of Inspector General has made similar statements underscoring the need to conduct compliance audits and testing. An important part of every compliance program focuses beyond the design and operation of the program to the important issue of whether the program is working. In this respect, DOJ and regulatory agencies have noted that CCOs should be striving to develop “continuous” monitoring systems and avoid “snapshots” in time. In order to execute such monitoring, compliance has to maintain broad access to operational data across all key functions in a company. This data must be used to regularly update risk assessments, compliance policies and procedures and financial controls.

In this episode, Michael Volkov takes a broad review of the testing and auditing of ethics and compliance programs.

Categories
Greetings and Felicitations

Winnie the Pooh Explains Compliance: Part 5 – Winnie the Pooh as CECO (Think, Think, Think)

This week I have explored compliance through a five-part podcast series, as seen through the lens of Winnie the Pooh and the characters living in the Hundred Acre Woods. I want to conclude my series by looking at Winnie the Pooh himself through the lens of the Chief Ethics and Compliance Officer (CECO).

Pooh may be a bit naive and slow-witted, but he is also friendly, thoughtful and steadfast. Although he and his friends agree that he is “a bear of very little brain”, Pooh is occasionally acknowledged to have a clever idea, usually driven by common sense. Pooh is also a talented poet; his poems and “hums frequently punctuate the stories”. Although he is humble about his slow-wittedness, he is comfortable with his creative gifts. When Owl’s house blows down in a windstorm, trapping Pooh, Piglet and Owl inside, Pooh encourages Piglet (the only one small enough to do so) to escape and rescue them all by promising that “a respectful Pooh song” will be written about Piglet’s feat. Later, Pooh muses about the creative process as he composes the song.

Pooh is very social. Christopher Robin is his closest friend, Piglet, and often chooses to spend his time with one or both of them. But he also habitually visits the other animals, often looking for a snack or an audience for his poetry as much as for companionship. His kind-heartedness means he goes out of his way to be friendly to Eeyore, visiting him, bringing him a birthday present, and building him a house, despite receiving mostly disdain from Eeyore.

We need to recall that the DOJ started from the position that the role of compliance and ethics in an organization was co-equal. Winnie the Pooh reminds us of that foundational building block. Pooh also reminds us that a CECO is a social animal. Just as he is friends with all the animals and characters we have visited this week, you as a compliance professional should make friends with all the corporate functions they represented this week: sales, HR, finance and legal. If you find you run out of hunny to pass around, you can always resort to the Russ Berland strategy of pizza.

Even though this is the final offering in this week’s blog post on Compliance in the Hundred Acre Woods, do not feel blue. We will have another week of Pooh later this summer for more compliance lessons. And if you do feel blue in the interim, check out this YouTube clip of the Pooh theme song. And always remember, when all else fails;

“Think, Think, Think”

Categories
Because That's What Heroes Do

WandaVision: Episode 1 – Filmed Before a Live Studio Audience

In this podcast series, two complete MCU fans, Tom Fox, founder of the Compliance Podcast Network, and Megan Dougherty, co-founder of One Stone Creative, indulge in a passion for all things in the Marvel Cinematic Universe. We previously reviewed all the movies, and now we begin a series on WandaVision. If you want to indulge in your love for the MCU with two fans passionate about all things MCU, this is the podcast series for you. We begin with Episode 1, Filmed Before a Live Studio Audience for this offering.

Some of the highlights include:

Ø  The story synopsis.

Ø  What are the key plot points?

Ø  What were some of our favorite cookies?

Next up in our series WandaVision, Episode 2, Do Not Touch That Dial.

Categories
The Woody Report

Twitter v. Elon Musk

Welcome to The Woody Report, where Washington & Lee School of Law Associate Professor Karen Woody and host Tom Fox discuss issues on white collar crime, compliance issues, international corruption, securities and accounting fraud, and internal corporate investigations. From current events to topical issues to academic research and thought leadership, Karen Woody helps lead the discussion of these issues on the new and exciting podcast. In this episode, Tom and Karen explore the Twitter lawsuit against Elon Musk for failing to follow through on his agreement to purchase Twitter. Some of the issues we explore include:

  1. Twitter Complaint
  2. What is specific performance?
  3. What is an equitable remedy?
  4. Why is this matter in Delaware?
  5. The judge and her role.
  6. The discovery to date.

Resources

Karen Woody on LinkedIn

Karen Woody at Washington & Lee, School of Law