Categories
Hidden Traffic Podcast

A Global Effort to End Modern Slavery with Irene Kaushansky


 
Irene Kaushansky is Associate Director for Compliance and Operational Integrity at Global Fund to End Modern Slavery (GFEMS). She has over 15 years of international experience developing and implementing programs for compliance and ethics, risk mitigation, and crisis management and investigations. She discusses GFEMS’ contribution to the fight against modern slavery and human trafficking.
 

 
GFEMS’ mission is to bring donors together and coordinate globally to eradicate modern slavery and human trafficking. Most anti-slavery work is narrowly focused on interventions that are tied to the purpose of the organizations, and these entities do not collaborate effectively. GFEMS was conceived by leaders who recognized that greater resources and coordinated global action was necessary to make real progress in ending modern slavery.
 
One of the ways that GFEMS is addressing forced labor and exploitation along supply chains is through private sector engagement. They are developing innovative tools to help private sector businesses build and maintain supply chains that are free from exploitation. These tools also support the private sector to comply with regulations to meet rising consumer demand for ethically sourced products, and ultimately to protect workers from being exploited.
 
Resources
Irene Kaushansky on LinkedIn
 
 

Categories
Everything Compliance

Episode 92 – the Issues in 2022 Edition


Welcome to the only roundtable podcast in compliance. The entire gang was also thrilled to be honored by W3 as a top talk show in podcasting. In this episode, we have the sextet of Karen Woody, Jonathan Armstrong, Matt Kelly and Jay Rosen. We discuss some of the key issues we will be watching in 2022.

1. Karen Woody will be watching the legal evolution around SPACs and expansion of insider trading laws. Karen shouts out to workers in the travel industry for getting travelers home during the holidays.

2. Jay Rosen reviews the considers the Holmes verdict, Tyler Schultz/whistleblowers and the celebrity BOD failure at Theranos. Rosen shouts out to Antonio Brown.

3. Matt Kelly considers the Log4j cybersecurity threat and the SEC move to regulate ESG. Kelly rants about Elon Musk selling his Tesla stock immediately before the company announces a massive product recall.

4. Jonathan Armstrong tackles several topics; ransomware, Safe Harbor, EU Whistleblower Directive, Supply Chain & China. Armstrong shouts out Nicholas Burk and synthetic ransomware attacks.

5. Jonathan Marks looks at the intersection of crypto, currency and crime. Marks rants about the inconsistent information emanating from the CDC.

6. Tom Fox rants about Novak Djokovic.  

The members of the Everything Compliance are:
•       Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
•       Karen Woody – One of the top academic experts on the SEC. Woody can be reached at kwoody@wlu.edu
•       Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com
•       Jonathan Armstrong –is our UK colleague, who is an experienced data privacy/data protection lawyer with Cordery in London. Armstrong can be reached at jonathan.armstrong@corderycompliance.com
•       Jonathan Marks is Partner, Firm Practice Leader – Global Forensic, Compliance & Integrity Services at Baker Tilly. Marks can be reached at jonathan.marks@bakertilly.com
The host and producer, ranter (and sometime panelist) of Everything Compliance is Tom Fox the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the Compliance Podcast Network.

Categories
Daily Compliance News

January 13, 2022 the Prince Andy to Face Trial Edition


In today’s edition of Daily Compliance News:

  • Compliance costs went up during pandemic. (com)
  • CA DFEH wants in on Activision Blizzard EEOC settlement. (The Register)
  • Prince Andrew to face trial in US. (NPR)
  • FTC lawsuit against Facebook can proceed. (Reuters)
Categories
Blog

Continuous Improvement of Internal Controls

Cristina Revelo is the Deputy Director, Corporate Monitoring at Affiliated Monitors, Inc (AMI). Her academic background is in Master of Science and Bachelor of Science in Accountancy from the University of Illinois. Her professional background is in forensic accounting and internal controls. I visited with her about internal controls in practice inside a corporation.
Revelo said that internal controls are essentially any process that someone has to execute in order for the company to meet their objectives, whatever those objectives might be. In a corporate compliance department, the process procedure protocols you have in place that someone has to execute, can be an internal control. It could be an individual who inputs data into a system, or it could be automated or an individual who has to physically do something in order for you to meet your goal within your overall process.
We moved to a couple of terms which often cause confusion around internal controls. The first is compensating controls and the second is control override. Revelo explained that a compensating control is “essentially an alternative control. You set in place a manual control versus an automated. If your control system breaks down, you are compensating for your control in a different way.” However, she emphasized the key is that you are still following your normal process of executing your controls.
Next was control override. A control override is an override of a compliance internal control, a negative from an accounting perspective or even violation of the Foreign Corrupt Practices Act (FCPA). She explained that a control override should be the exception and not the rule for any corporate compliance or finance function. There must be a business reason and it must be documented, Revelo stated, “We definitely don’t advertise having to override controls, but we understand that there are emergency instances where you need to override a control that should be properly documented.”
However, what happens when controls are continually overridden? Does that necessarily mean that companies are engaging in activities which violate the FCPA or some other law such as Sarbanes-Oxley (SOX). Revelo said she would start out with some basic questions such as “How often would something be manually approved? How often are controls skipped, what are the level of approvals that you have and what is your document? What are the reasons, and are you documenting how often a certain department is requiring those overrides?” While it could indicate a company lacks a culture of compliance or everything is an emergency, it might mean something else. It might mean that your internal controls need to be evaluated and then recalibrated. The Department of Justice (DOJ) calls this continuous monitoring leading to continuous improvement. Joe Oringel, co-founder of Visual Risk IQ, calls it continuous controls monitoring.
However, many compliance professionals, and particularly lawyers think once a control is in place, it’s set in stone, and it’s there forever. This derives from the unfortunate fact that once again many compliance professionals and most lawyers do not understand internal controls. Yet, internal controls, much like the rest of a compliance program can and should be continually monitored and continually improved based upon the information about such things as the number of overrides. Such a review can be evidence of a management problem or a culture of non-compliance at the organization. However, it could be that perhaps the controls need to be adjusted.
We then turned to how to assess and then update or enhance your internal controls. Companies should also think about updating and reviewing their controls at least annually. In this manner, they can identify any violations of their internal controls. It also allows a deep dive into any specific areas of control failures. Another approach would be more robust through greater monitoring of your controls, for example, you could review them quarterly to allow you to spot any trends that are moving in the wrong direction. You can even start out by having your compliance function perform a self-review of its controls and  test exemplar transactions. This is not a full-blown audit but simply desktop testing to make sure controls were properly followed. Once again simply because there is a control override or excessive use of a compensating control does not mean something is illegal. It may mean that the control is not working as it was designed.
Revelo said it could be an instance of “too short of an approval time period and they need a little bit longer because depending on their industry or how business works. This also helps to both  identify frustrations from employees where there is a control, but every time I need to execute, it is impossible for me to do, or it’s impossible for me to comply with it a hundred percent. These are the reasons.” These quarterly reviews can then be collated into an annual report for review and assessment and the report can form the basis of an annual report to the Compliance Committee of the Board of Directors or even the full Board.
The key is to have a process for monitoring the controls, taking input, literally from each line of defense. If a control is overridden too often, you need to change it. If a control is ineffective, you can use that information to craft a new internal control. Internal controls are not static, but dynamic and, with proper oversight, you can set up internal controls and literally improve them with appropriate documentation. (Hint” Document, Document, and Document)
Revelo emphasized it is not simply identifying the issues “because that actually might look worse if you identify a lot of issues, but do not fix them. You are better off by remediating everything you are identifying.” From there you can conduct a root cause in that analysis as to why there was failure in a control or violation of a compliance procedure. Revelo concluded, “you need to really do that in depth and then remediate it.”
Interestingly, Revelo noted that a Board of Directors has a significant role to play with internal controls. It is because all compliance literally starts with the very top of an organization and this is true when it comes to internal controls. She said, “probably the most important aspect of establishing a really great foundation for great execution of internal controls is with the Board. It all starts with the Board; with the way they advise the company with their priorities of the year and objectives for the year.” The importance of a corporate compliance program should be communicated throughout their organization and highlight the company’s commitment to compliance.
When I talk about internal controls to lawyers, I still see about half of them roll their eyes up inside their heads. However, that is a huge improvement from 10 years ago when all the lawyers had the same reaction. By using some of the strategies Revelo recommends for continuous monitoring and continuous improvement of internal controls, you have not only robust internal controls but more importantly effective internal controls.

Categories
The Wirecard Saga

Season 2 – Episode 3 – Shell Games

Welcome to Season 2 of Lies, Spies & Corporate Crimes: The Wirecard Saga. The Wirecard Saga, has become of the world’s leading sources on all things Wirecard. In Lies, Spies & Corporate Crimes: The Wirecard Saga; Mikhail Reider-Gordon, Managing Director of Institutional Ethics & Integrity at Affiliated Monitors looks at the biggest financial scandal in post-war Germany from a variety of angles.  In this Episode 2 of Season 3, Shell Games, she continues her exploration of those persons, entities and governments who have been damaged, some beyond repair, by Wirecard and the nuclear fallout from its scandal.

Some of the highlights include:

  • Marsalek in love
  • O’Sullivan’s detention
  • Crook on crook crime
  • Citizen of Vanuatu
  • Vanrenen: The Pink bits are ours
  • Electronic Fundraising Company
  • A history of TPAs
  • Pay2 play
  • WorldPlay and the Commission
  • The name game
  • IoM the place to be
  • Bespoke services
  • Harding hangs a shingle
  • Matroyshka dolls
  • Enabling Transnational Crime
Categories
Compliance Kitchen

EU Sanctions on Mali


EU amends its sanctions regime to issue autonomous restrictions on Mali.

Categories
Innovation in Compliance

Integrity Matters: AML Trends for 2022


Welcome to this special podcast series, Integrity Matters sponsored by K2 Integrity. For this series, I visit with Koby Bambilia, Managing Director, and Olivia Allison, Senior Managing Director. Over the series, we look some issues and trends going forward into 2022. In this Part 2, I am joined by Koby Bambilia who looks at trends regarding AML going into 2022. Some of the highlights include:

  • Impact has there been to-date from the  passage of the AML Act of 2020?
  • What has been on the mind of clients and others in the market?
  • Has COVID and the global crises created shifted just how bad actors take advantage of the financial system?
  • How are you advising your clients to mitigate these risks and get ahead of the rule making as we head into 2022?

Resources
Koby Bambilia Profile
K2 Integrity

Categories
Great Women in Compliance

Jonathan Armstrong – Original Gangster Great Gentleman in Compliance

Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley.

Welcome to the first Great Women In Compliance episode for 2022. Lisa and Mary are really excited about starting off another year of connecting, communicating and celebrating our GWIC family.

While Mary and Lisa usually start out each quarter with a joint discussion, this time they do a joint interview with a guest who was there when this podcast was born. Jonathan Armstrong is a strong supporter of women in compliance, diversity, and is an expert in GDPR, Brexit, and many other multinational issues, as well as a partner at Cordery Compliance, and is based in the UK. He is also on the Compliance Podcast Network as a co-host of the “Everything Compliance” and “Life with GDPR” podcasts.

 In this episode, we talk about what he thinks should be top of mind for E&C professionals in multinational organizations, how Brexit has impacted compliance programs, and what is new in the world of GDPR and data privacy.

Jonathan is also known for his ability to connect and build relationships. and talks about how he builds his network and his approach. Lisa and Mary like to think that one of the highlights of Jonathan’s career is that he won the GWICie for Comic Relief, and not only will you understand why after listening to this episode.

As always, we are so grateful for all of your support and if you have any feedback or suggestions for our line up or would just like to reach out and say hello, we always welcome hearing from our listeners. If you are enjoying this episode, please rate it on your preferred podcast player to help other likeminded Ethics and Compliance professionals find it.  You can also find the GWIC podcast on Corporate Compliance Insights where Lisa and Mary have a landing page with additional information about them and the story of the podcast.

You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it and we welcome new subscribers to our podcast.

Join the Great Women in Compliance community on LinkedIn here.

Categories
Compliance Into the Weeds

Issue and Trends for 2022, Part 2


Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. This week, Matt and Tom conclude a special two-part podcast series of several topics they will be following in 2022. Today in our concluding Part 2, we consider

  • The time of reckoning is coming for SPACs funded in 2021 as their 18 month-deadline is fast approaching. Is the SEC looking at SPACs as an alternative form of IPO? What will the regulatory landscape look like going forward?
  • CCO pay. Will it go up after several years of remaining flat? How did the Great Resignation impact compliance, if at all? What skills sets might a CCO need into 2025 and beyond?
  • The SEC investigation into Facebook. Are a company’s public statements about having an ethical culture mere puffery or are they actionable for failing to live up to their public statements. Also, what does the Francis Haugen testimony mean for whistleblowers going forward.
  • The SEC investigation into Activision’s toxic workplace and culture of misogyny. Are these new areas the SEC will be looking at in addition to its traditional role of financial reporting watchdog.

Resources
Matt in Radical Compliance

Categories
Daily Compliance News

January 12, 2022 the Farewell to Michael Lang Edition


In today’s edition of Daily Compliance News:
·      Cyber issues for PE.  (WSJ)
·      Woodstock organizer dies.  (NYT)
·      RCMP looking a Canadian company corruption overseas. (NationalPost)
·      Journalist who exposed FIFA corruption dies. (SI.com)