Categories
Great Women in Compliance

Hemma Ramrattan Lomax – The Art of Compliance

Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley.

One of the interesting things about ethics & compliance as a field is that we look at ethical decision-making and policies and working to be innovative and approachable.  In today’s episode Lisa speaks with Hemma Ramrattan Lomax,  Senior Corporate Counsel, Integrity and Compliance at Snap, Inc.   As you may have heard last week with Nicole Diaz, Snap is doing exactly with their Code of Conduct and how they center so many things around their core value of kindness.   Hemma elaborates on this and the career she has built through the art of integrity.

When she was younger, Hemma’s goal was to be the first female Secretary General of the UN (which still has not happened), and Hemma talks about how this brought her into law as she grew up in the UK, to deciding to come to the US to work for the SEC, and eventually to Snap.  She mentions how her work now relates to her earlier goals, and that radical curiosity is what keeps her career and interests evolving.

To Hemma, the “art of integrity” has guided her career interests, and how we can all do that to make impactful changes, whether it is in our communities, in DEI, or in other ways.

The Great Women in Compliance Podcast is on the Compliance Podcast Network with a selection of other Compliance related offerings to listen in to. If you are enjoying this episode, please rate it on your preferred podcast player to help other likeminded Ethics and Compliance professionals find it. You can also find the GWIC podcast on Corporate Compliance Insights where Lisa and Mary have a landing page with additional information about them and the story of the podcast. Corporate Compliance Insights is a much appreciated sponsor and supporter of GWIC, including affiliate organization CCI Press publishing the related book; “Sending the Elevator Back Down, What We’ve Learned from Great Women in Compliance” (CCI Press, 2020).

You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it and we welcome new subscribers to our podcast.

Join the Great Women in Compliance community on LinkedIn here.

Categories
Compliance Into the Weeds

SEC Proposed Rules on Disclosure of Cyber Breaches

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. This week, Matt and Tom are joined by Karen Woody and Jonathan Marks to consider the SEC’s recent proposed rules for disclosure of cyber breaches. Highlights include:

·      What was in the proposals? The 60-day comment period is running.

·      The 4-day disclosure requirement for material breaches.

·      The corporate governance issues around Board reporting.

·      What is the SEC trying to accomplish?

·      Should your company have a cyber-risk committee? If so, who should be on it.

Categories
Daily Compliance News

April 20, 2022 the Digital Transformation Edition


In today’s edition of Daily Compliance News:
·      Advocating for a corp digital transformation. (WSJ)
·      Tools and resources to fight corruption. (Council of Europe)
·      Indonesia announces investigation into corruption around palm oil industry.  (Reuters)
·      Is there a Scope 3 in your future?  (Reuters)

Categories
The Compliance Life

Susan Divers – Sitting in the CECO Chair

The Compliance Life details the journey to and in the role of a Chief Compliance Officer. How does one come to sit in the CCO chair? What are some of the skills a CCO needs to success navigate the compliance waters in any company? What are some of the top challenges CCOs have faced and how did they meet them? These questions and many others will be explored in this new podcast series. Over four episodes each month on The Compliance Life, I visit with one current or former CCO to explore their journey to the CCO chair. This month, my guest is Susan Divers, currently Director of Thought Leadership at LRN.

In 2009, Susan moved into the CECO chair at AECOM. She became the Senior Corporate Vice President, Chief Ethics and Compliance Officer & Associate General at AECOM. In this role she built out a compliance program across the globe for an international infrastructure construction company and built out her compliance team. She learned that to engage employees in compliance and ethics you often needed to explain the ‘why’ of compliance. She talked about the values of senior leadership and how that helped infuse compliance throughout the organization. She was particularly proud of the company receiving a World’s Most Ethical designation early in her tenure and then for five consecutive years.

Resources

 Susan Divers LinkedIn Profile

LRN

Categories
Everything Compliance - Shout Outs and Rants

Everything Compliance – Shout Outs and Rants from the Elon Etc Edition


Welcome to Everything Compliance Shout Outs and Rants.

1. Jay Rosen shouts out to Rachael Smith, Gilnet Sainvil and High-Five Man which reminded Rosen of Johnny Bank from his childhood

2. Matt Kelly gives a ‘mild’ rant to the SEC for proposing companies should have to disclose with 4 days after a cyber breach even if law enforcement asks a company not to do so.

3. Jonathan Armstrong goes on his most epic rant ever using 2 funerals and a birthday party to excoriate Tory Politicians to not simply talk the talk but follow the rules when it comes to Covid-19 protocols.

4. Karen Woody rants about the recent Declination with Disgorgement given to a MarshMac subsidiary in the UK, the Jardine Group Holdings  and says this is simply a NPA and should be monikered as such.

5. Jonathan Marks shouts out to Phillies 3rd baseman Alec Bohm who went from Phillies’ fan goat to hero with a mea culpa and SF Giants assistant coach Alyssa Nakken, who became the first female to take the field and coach in the history of MLB.

6. Tom Fox shouts out to author Margaret Atwood and in her book The Handmaiden’s Tale, which is not a dystopian novel but a prophecy of current Texas in 2022.

 The members of the Everything Compliance are:
•       Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
•       Karen Woody – One of the top academic experts on the SEC. Woody can be reached at kwoody@wlu.edu
•       Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com
•       Jonathan Armstrong –is our UK colleague, who is an experienced data privacy/data protection lawyer with Cordery in London. Armstrong can be reached at jonathan.armstrong@corderycompliance.com
•       Jonathan Marks is Partner, Firm Practice Leader – Global Forensic, Compliance & Integrity Services at Baker Tilly. Marks can be reached at jonathan.marks@bakertilly.com
The host and producer, ranter (and sometime panelist) of Everything Compliance is Tom Fox the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the Compliance Podcast Network.

Categories
The ESG Compliance Podcast

The ESG Standards with Thomas Fox & Erika Peters


Gatekeepers of third parties have to handle evolving new questions that ensure ESG initiatives align with the company’s values, providing for the welfare of the employees, communities, and the environment. Erika Peters, Managing Director and Global Head of Third Party and Supply Chain Risk management at Exiger, chats with Thomas Fox on The ESG Compliance Podcast on the importance of these third parties as an extension of the company and how to hold them accountable.
Watch ▶️ The ESG Standards with Thomas Fox & Erika Peters
✔️ Admittingly, the risk is all around a company’s entire ecosystem. Peters says that no third party is more critical and may have a higher risk than another. From an ESG perspective, companies must look at all parties involved that can potentially hurt their brand and reputation.
✔️ On an ESG framework that doesn’t exist. Many companies around ESG have been asking for government guidance, regulation, or other government signals on standards they should follow. The first step is to see what they already have and the existing data and bring it to one place.
✔️ Technology is the only way to go in 2022 to assess the criticality of a third party. Many companies are still not using technology to bring data together to map their supply chain and then understand the effects of the inherent downstream risks.
✔️ Transparency is vital for supply chain and third-party risk management solutions provider Exiger. With the launch of the platform Supply Chain Explorer, companies can instantly look into any entity in the world’s supply chain.
✔️ Supply chain and third parties are more than just your direct counterparties. Tom Fox and Erika Peters explore how companies should know third parties more than simply their direct counterparties and have direct contact with the fourth, fifth, and perhaps even sixth party down the line.
✔️ Erika cites how leadership is an important component of everything in ESG. More information is necessary for those companies in terms of biographical information to start layering on the risk question and set the framework for creating that compliance picture.
Erika Peters is the Managing Director and Global Head of Third Party and Supply Chain Risk management at Exiger. Exiger is the global leader in AI-powered supply chain and third-party risk management solutions. Visit https://www.exiger.com/ and get the early free trial of Supply Chain Explorer in May 2022.
———————————————————————-
Do you have a podcast (or do you want to)? Join the only network dedicated to compliance, risk management, and business ethics, the Compliance Podcast Network. For more information, contact Tom Fox at tfox@tfoxlaw.com.

Categories
Innovation in Compliance

Personal Training For Businesses with Kris Reynolds


 
Kris Reynolds is the CEO of Arrowhead Consulting, a company that guides other organizations on managing their employees, processes, and tools. Tom Fox welcomes him to this week’s show to talk about corporate culture, strategies for post-pandemic productivity, and the future of project management. 
 

</p>

Culture As a Focus
Corporate culture is important and must be aligned to the business’s core values. Your core values also can’t be simple slogans that you have up on walls. They have to be constantly acted on. “If you’re not really living and breathing the core values, you’re not really going to be a culture fit,” Kris tells Tom. 
 
Post-Pandemic Strategies
Kris itemizes three strategies companies should be engaging within the post-pandemic business world: creativity, relationships and connections, and going back to basics. Creativity in advertising and marketing is key, and Kris also suggests pairing creativity with relationships. “I would encourage companies whether you’re small or large, to take the time to do more personal related touchpoints with the people that you’re trying to engage with,” he remarks. Going back to basics as a strategy is looking back at what got you to where you are as a business, and making sure that you’re accentuating those elements in your business. 
 
Making Meetings More Efficient
Tom asks Kris to give some tips to make corporate meetings more efficient. The goal of meetings should be decision-making. Corporate meetings should be about making sure that the knowledge shared is being used to advance the respective initiative. Kris stresses having structured meeting agendas that are time-boxed and having the meetings begin with the most important topics. Having meetings commence like this enforces a sense of urgency and will encourage employees to arrive on time. 
 
The Future of Project Management in Technology
Kris explains that there will be a greater focus on virtual reality training as opposed to Zoom meetings and PowerPoint presentations. This is because training in the future has to be experiential and hands-on. Training has to be engaging. “If we have some training spaces where we have the virtual reality, you could be training with somebody across the other side of the globe and being able to talk and work on projects together and things like that,” Kris tells Tom. 
 
Resources
Kris Reynolds | LinkedIn | Twitter 
Arrowhead Consulting
 

Categories
Daily Compliance News

April 19, 2022 the Cesspool of Corruption Edition


In today’s edition of Daily Compliance News:

  • Ohio a cesspool of GOP corruption. (TheHill)
  • Can SEC require gag orders? (NYT)
  • Loretta Lynch to lead racial audit at Amazon. (Bloomberg)
  • If you remove litigation to arbitration, you must pay the fees. (Reuters)
Categories
Blog

Driving the Digital Transformation of Compliance

The digital transformation of compliance will probably be the biggest change in our profession since the move to operationalizing compliance in the past decade. Legal professionals are generally ill-suited to lead this effort due to the legal focused training we all received, not quantitative training that most business students received. This means that many Chief Compliance Officers (CCOs), compliance professionals and corporate compliance functions struggle to reap the benefits of investments in digital transformation. I was therefore intrigued by a recent Harvard Business Review (HBR) article, by Marco Iansiti and Satya Nadella, Microsoft Chief Executive Officer (CEO), on a five-step approach to digital transformation. The article, Democratizing Transformation, sets out how innovation can be pushed out throughout a company’s workforce. I have adapted it for the compliance professional.
For a true digital transformation, technologists and data scientists alone cannot bring about the kind of wholesale innovation both a compliance function and a business unit need. This means that your organization should pair “data scientists with business [and compliance] employees who had insight into where improvements in efficiency and performance were needed.” Another strategy, which is near and dear to the heart of Carsten Tams, Ethical Business Architect and founder and CEO of Emagence LLC, is to use Design Thinking concepts in designing and implementing a digital innovation of compliance. The authors note, “A growing number of teams adopted agile methods to address all kinds of opportunities. The intensity and impact of transformation thus accelerated rapidly, driving a range of innovation initiatives.” This same strategy can work in sales as well as compliance.
It is this step which “democratize access to data and technology” outside of compliance and can lead to true and permanent innovation. The potential for employee-driven digital innovation cannot be accomplished by small groups of technologists and data scientists walled off in organizational silos. It will require much larger and more-diverse groups of employees – executives, managers, and frontline workers – coming together to rethink how every aspect of the business should operate. Once again this is what Tams has talked about with his articulation of Design Thinking, the engagement of business unit employees can well be a significant driver of compliance.
To achieve the type of engagement which will drive real digital transformation, a CCO must create synergy in three key areas: Capabilities, Technology and Architecture. The authors state, “Digital transformation requires that executives, managers, and frontline employees work together to rethink how every aspect of the business should operate.”

  1. Capabilities. It is axiomatic that successful transformation and innovation efforts in compliance requires “that companies develop digital and data skills in employees outside traditional technology functions. These capabilities alone, however, are not sufficient to deliver the full benefits of transformation; organizations must also invest in developing process agility and, more broadly, a culture that encourages widespread, frequent experimentation.” It is all a long-winded way of saying “Call Carsten Tams” and use his framework for Design Thinking as a starting point for your digital transformation.
  2. Technology. As always, “investment in the right technologies is important, especially in the elements of an AI stack: data platform technology, data engineering, machine-learning algorithms, and algorithm-deployment technology. Companies must ensure that the technology deployed is easy to use and accessible to the many nontechnical employees participating in innovation efforts.” Fortunately, there are more compliance product providers you can provide the right tech to you. See the Rise of ComTech.
  3. . One of the things that many compliance professionals do not often consider is that of architecture. The authors believe the “investment in organizational and technical architecture is necessary to ensure that human capabilities and technology can work in synergy to drive innovation. That requires an architecture—for both technology and the organization—that supports the sharing, integration, and normalization of data (for example, making data definitions and characteristics consistent) across traditionally isolated silos. This is the only real, scalable way to assemble the necessary technological and data assets so that they are available to a distributed workforce.” This is similar to what the Department of Justice (DOJ) intoned in the 2020 Update to the Evaluation of Corporate Compliance Program where they mandated for the first time that both the CCO and corporate compliance function should have access to all corporate data, literally cutting across all siloes.

The authors concluded, “mandate for digital transformation creates a leadership imperative: Embrace transformation, and work to sustain it.” I would add that these words apply even more so to the CCO who is leading the digital transformation of a compliance program. You should put together a clear strategy and sell it to the Board and senior management as well as communicating it “relentlessly” throughout your organization. Work to inaugurate a compliance “architecture to evolve into as you make the myriad daily decisions that define your technology strategy. Deploy a real governance process to track the many technology projects underway, and coordinate and integrate them whenever possible. Champion agility in all business initiatives you touch and influence. And finally, break free of tradition. Train and coach your employees to understand the potential of technology and data, and release the innovators within your workforce.”
Momentum is growing for the digital transformation of compliance; from the regulators to business units to investors. Indeed, it will be the driving strategy for compliance in 2025 and beyond. But we must always remember that it is the human element that will be the critical component to drive the transformation and more importantly use those tools to drive compliance up to the next level of effectiveness and engagement.

Categories
All Things Investigations

All Things Investigations: Episode 2-From US Attorney to ESG Advocate


 
Welcome to the Hughes Hubbard Anti-Corruption & Internal Investigations Practice Group’s podcast All Things Investigations. In this podcast, host Tom Fox and members of the Hughes Hubbard Anti-Corruption & Internal Investigations Practice Group will highlight some of the key legal issues involved in white collar and other investigations, both domestically and internationally. In this episode, I visit with Kenyen Brown on his journey from the US Attorney’s office to bring ESG programs and initiatives to clients to improve their businesses.
 

 
Kenyen Brown is a partner in the Washington, D.C. office of Hughes Hubbard & Reed in the White Collar & Regulatory Defense and Anti-Corruption & Internal Investigations practices. He is the former US Attorney for the Southern District of Alabama. He also served on the Senate Ethics Committee. Kenyen’s practice focuses primarily on white collar criminal litigation, compliance counseling, including matters involving internal and government investigations. In this area, Kenyen has performed compliance program reviews, audits, and risk assessments.
Key areas we discuss on this podcast are:

  • Role as the US Attorney for the Southern District of Alabama.
  • Role on the Senate Ethics Committee. Key accomplishments.
  • Working with police departments and their communities to identify systemic racial and gender discrimination issues.
  • The ‘S’ in ESG in racial and gender discrimination issues.
  • The important of managing reputational through a robust ESG program.

 
Resources
Hughes Hubbard & Reed website
Kenyen Brown bio
Anti-Corruption and Internal Investigations Practice Group