Categories
Compliance Into the Weeds

Ransomware Attacks and Internal Controls


Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Today, Matt and Tom take a deep dive into the difference between a privacy breach and a ransomware attack.
Some of the issues we consider are:

  • Why are privacy breaches different from ransomware attacks?
  • What is an authenticated v. unauthenticated cyber-attack?
  • Why would the SEC get involved?
  • What are the internal controls need to prevent and detect a ransomware attack? How will they be audited?
  • How can a material weakness in internal controls around ransomware lead to a financial restatement?
  • What will the SEC look at from an enforcement angle?

Resources
Matt in Radical Compliance

Categories
Daily Compliance News

December 8, 2021 the Real Estate Scrutiny Edition


In today’s edition of Daily Compliance News:

  • Rohingya refugees sue FB for $150bn. (Reuters)
  • US will increase scrutiny of real estate transactions. (WSJ)
  • DoT to keep costs low for UBO reporting requirements. (WSJ)
  • To uphold democracy, US must fight corruption. (WaPo)
Categories
Blog

Not Your Father’s Monitor – Cristina Revelo, Using Assessments to Drive Compliance

In October, Deputy Attorney General (DAG) Lisa O. Monaco gave a Keynote Address at ABA’s 36th National Institute on White Collar Crime (Monaco Speech). Her remarks reframed a discussion about the uses of, reasons for and perceptions on independent monitors and monitorships. I asked Affiliated Monitors Inc. (AMI) founder Vin DiCianni for his thoughts around the remarks on monitors. He said, “For Affiliated Monitors this refreshed approach by DAG Monaco highlights the seriousness which businesses must place on the investment in their programs and in addressing what has for some been a negative experience with a monitor. For those who might be the subject of a monitorship, DAG Monaco recognized that the negativity that has sometimes surrounded monitorships as being punitive, should be seen in a different light bringing value, pointing a way forward and as a solution which has had great success in resolving matters.”
Monaco’s remarks should be studied by every compliance professional as they portend a very large change in the way the Department of Justice (DOJ) will utilize monitors going forward. Over this podcast series, sponsored by AMI, we will consider why DAG Monaco’s remarks herald a new era for monitorships. We will consider Monaco’s remarks from a variety of perspectives. Bethany Hengsbach will consider this change in monitorships from the white-collar enforcement and defense perspective. Mikhail Reider-Gordon will look at global aspects of the new DOJ monitor’s focus. Jesse Caplan brings his views on the twin topics of antitrust and healthcare compliance. We will conclude the series with Vin DiCianni who will look at where monitorships are going in 2022 and beyond. In Part 3, Cristina Revelo, Deputy Director, Corporate Monitoring and Compliance Services at AMI, discusses how ethics and compliance (E&C) assessments help drive more compliant companies.
Revelo has a different professional background than many compliance professionals, having earned both her Master of Science and Bachelor of Science in Accountancy. We began by exploring why a proactive monitorship can be such a valuable tool in a best practices compliance program. With this an independent monitor can help companies review their ethics and compliance programs. AMI’s vast experience in monitorships under different regulators and requirements gives them insights into what the regulators are looking for in this type of project. With this knowledge from prior monitorships AMI can facilitate a very practical assessment. It can highlight to a company what are some gaps within, for example, their anti-corruption program, ethics program, internal controls, or for their entire E&C program.
This type of approach allows AMI to provide recommendations based on what we think the regulars might be looking for. Revelo noted, “These are great because it helps companies get ahead of potential regulators coming, knocking on their door.” It also allows a company to demonstrate they have been proactively working on their E&C program and that they are seeking to close those gaps and enhance their programs.
We then turned to Revelo’s academic and professional background which gives a different perspective from a legally trained compliance professional. As more individuals with different backgrounds, especially with the auditing and forensic background, Revelo feels it really does help in these proactive assessments because she’s looking to “follow the gaps, follow the issues,  use the five whys, digging a little bit deeper as opposed to potentially just checking that there is a law and that we have complied with the law.” A forensic type will inevitably dig a little bit deeper to understand a company’s internal controls, how they implement their controls, whether those internal controls are manual or automated, where there could be a failure, essentially to walk through the entire process.
Revelo emphasized, “conducting a walkthrough of your entire internal controls process, sitting with different individuals, having interviews, really understanding, whoever is implementing that process. This allows you to really pick apart and identify the different failures that could come up throughout the different controls in the process.” It is really looking at things through a different lens. From there you can move to enhance or remediate as needed. These are the types of skills and analysis an accountant or forensic auditor could bring to a proactive E&C assessment.
Turning to a more commercial reason for proactive assessments, Revelo concluded with an observation about culture. In the ever-increasing race for talent acquisition and talent retention, culture has become one of the most critical factors for millennials as they make up most of the workforce now and will be above 50% of the workforce in a few years. Millennials want to have pride in a place they work, they want to be happy, and money is not the driving factors in their equation. Revelo noted, “they want to work for companies that are ethical, that are socially responsible, that are behind the right things that they care about.” As these areas fall directly within the area of E&C, Revelo said, “I think it’s really important for companies in order to attract the right talent and retain that talent because sometimes also you see millennials moving jobs very often. Those employees a company might want to retain are going to care about what you are behind, how ethical you are, how you treat your employees, and all of this has to do with a company culture and the ethical culture.”
Affiliated Monitors
Cristina Revelo

Categories
The Compliance Life

Matt Silverman – Academic Background and Early Professional Career


The Compliance Life details the journey to and in the role of a Chief Compliance Officer. How does one come to sit in the CCO chair? What are some of the skills a CCO needs to success navigate the compliance waters in any company? What are some of the top challenges CCOs have faced and how did they meet them? These questions and many others will be explored in this new podcast series. Over four episodes each month on The Compliance Life, I visit with one current or former CCO to explore their journey to the CCO chair. This month, we have our first Director of Trade Compliance, Matt Silverman, Director of Trade Compliance at VIAVI. We discuss Matt’s journey to the Director’s chair and look down the road at where trade compliance will be in 2025 and beyond.
After law school at Loyola, Silverman practiced, rather unhappily for four years as a personal injury and asbestos litigator in Chicago for a couple small defense firms. He then went back to school to get an LLM in international business law at Georgetown Law. It was this experience that drew him to trade compliance where during his LLM program I took temporary positions/externships in a variety of disparate positions including the US Senate, the Office of the US Trade Representative, the World Bank and the law firm of Baker Hostetler.

Categories
Compliance Kitchen

EU Regulation of Big Tech


Regulating “big tech” – EU to level competition playing field in the digital space

Categories
Innovation in Compliance

Not Your Father’s Monitor- Episode 2: Mikhail Reider Gordon on the Global Nature Aspects of New DOJ Focus on Monitors


In October, Deputy Attorney General (DAG) Lisa O. Monaco gave a Keynote Address at ABA’s 36th National Institute on White Collar Crime (Monaco Speech). Monaco’s remarks should be studied by every compliance professional as they portend a very large change in the way the DOJ will utilize monitors going forward. Over this podcast series, sponsored by AMI we will consider why DAG Monaco’s remarks herald a new era for monitorships.
Over this podcast series we will consider Monaco’s remarks from a variety of perspectives. Bethany Hengsbach considered this change in monitorships from the white-collar enforcement and defense perspective. Cristina Revelo discusses how E&C assessments help drive more compliant companies. Jesse Caplan will bring his views on the intersection of the twin topics of antitrust and healthcare compliance. Vin DiCianni looks at where monitors and monitorships are going in 2022 and beyond. In this Episode 2, Mikhail Reider Gordon will look at global aspects of the new DOJ monitor’s focus.
Highlights of this podcast include:

  1. As far back as late 2020, the DOJ made clear its increased focus on working with other international regulators in the fight against bribery and corruption.
  2. The Biden Administration and introduced legislation in Congress have targeted the global nature of corruption and kleptocracy.
  3. We have seen and will continue to see ABC enforcement from several surprising sectors.

Resources
Mikhail Reider Gordon
Affiliated Monitors Inc.

Categories
Innovation in Compliance

The Power of Storytelling with AJ Churchill


 
AJ Churchill is Tom Fox’s guest in this week’s show. He is a composer, sound designer, and founder of the Lunar Company. He is also a producer on the audio drama, Earth Eclipsed. This week, Tom switches things up as he and AJ talk about AJ’s podcast series, the challenges he and his team faced in developing it, and how powerful storytelling is to get messages across. 
 

 
The Power of Podcasting
‘The sound world is our creation, the limit is our imagination,’ is a quote that AJ strongly believes in. “Nowadays we want the audience to be able to put on their headphones, close their eyes, and just completely escape into our universe,” AJ tells Tom. The podcast series medium of Earth Eclipsed allows listeners to have the freedom to fully utilize their imagination and conceptualize how everything looks. The concept of the audio series and the techniques used are not new, but modern podcasting is unique in several ways. Podcasting is on-demand now, and the technology and techniques are much more advanced.
 
Why Apollo
The main challenge that content creators in fiction podcasting face is building an audience and making a name for themselves. AJ and his team came up with the solution for this by way of their app Apollo which will be launched mid-December. Normally, creators would crowdfund, spend money on voice actors, upload content to their RSS feed, then pray to get featured. Keeping momentum for the subsequent episodes via ads doesn’t work for fiction shows. AJ and his team created Apollo, which is an app that is exclusively dedicated to fiction shows. The app will be categorized according to genre of fiction and will be free for the listeners. 
 
Fiction As A Communicator
Fiction allows the creators to tell good stories, convey messages, and tackle themes in ways that elicit less of a hostile response. With fiction, the listeners can come to the realization themselves. “You show them the story, you present them the character, their arcs, and the conflicts… and the listeners can put one and one together, and it’s a different way of shedding light on an important problem,” AJ says. Fiction allows you an insight into a person’s mind and their point of view, and you can get messages across in ways that are not only informative and educational, but also entertaining. 
 
Resources
AJ Churchill | LinkedIn | Twitter
The Lunar Company
 
 

Categories
Daily Compliance News

December 7, 2021 the Ugly American Edition


In today’s edition of Daily Compliance News:

  • LA Police chief has someone arrest, in Marseille. (Vice)
  • US reveals steps to fight corruption. (WSJ)
  • Trump SPAC under investigation. (NYT)
  • How migration became a weapon. (FT)
Categories
Blog

Not Your Father’s Monitor – Mikhail Reider-Gordon on Global Aspects of New DOJ Monitor’s Focus

In October, Deputy Attorney General (DAG) Lisa O. Monaco gave a Keynote Address at ABA’s 36th National Institute on White Collar Crime (Monaco Speech). Her remarks reframed a discussion about the uses of, reasons for and perceptions on independent monitors and monitorships. I asked Affiliated Monitors Inc. (AMI) founder Vin DiCianni for his thoughts around the remarks on monitors. He said, “For Affiliated Monitors this refreshed approach by DAG Monaco highlights the seriousness which businesses must place on the investment in their programs and in addressing what has for some been a negative experience with a monitor. For those who might be the subject of a monitorship, DAG Monaco recognized that the negativity that has sometimes surrounded monitorships as being punitive, should be seen in a different light bringing value, pointing a way forward and as a solution which has had great success in resolving matters.”
Monaco’s remarks should be studied by every compliance professional as they portend a very large change in the way the Department of Justice (DOJ) will utilize monitors going forward. Over this podcast series, sponsored by AMI, we will consider why DAG Monaco’s remarks herald a new era for monitorships. We will consider Monaco’s remarks from a variety of perspectives. Bethany Hengsbach will consider this change in monitorships from the white-collar enforcement and defense perspective. Mikhail Reider-Gordon will look at global aspects of the new DOJ monitor’s focus. Cristina Revelo will discuss how ethics and compliance (E&C) assessments help drive more compliant companies. Jesse Caplan brings his views on the twin topics of antitrust and healthcare compliance. We will conclude the series with Vin DiCianni who will look at where monitorships are going in 2022 and beyond. In Part 2, Mikhail Reider-Gordon, Managing Director of Institutional Ethics & Integrity, will look at global aspects of the new DOJ monitor’s focus.
Mikhail said the change in DOJ focus and orientation actually started in late 2020 when then Acting Assistant Attorney General Brian Rabbit said in a speech, “notably many of DOJ, corporate resolutions in 2020 included coordination with one or more foreign enforcement authorities and increasingly important aspect of DOJ his work.” Mikhail believes that since that time, it is reasonable to conclude that US regulators have progressively coordinated with foreign enforcement authorities to resolve multi-jurisdictional corruption and money laundering cases and other white-collar crimes. She added, “I would even say the cross jurisdictional approach has really gained traction in 2021.”
Next, she pointed to a recent interview of John Carlin in the Financial Times. In this article, Carlin drew particular attention to two types of companies. The first, those entities which violated their Deferred Prosecution Agreements (DPAs) or other settlement agreements and the second are those companies failing to invest in compliance systems that are now in all practicality a mandatory business and legal practice. Taking Carlin’s FT interview, Rabbit’s 2020 speech and the Monaco Speech and the renewed focus on corporate malfeasance US legislation recently passed or proposed, we see a DOJ which is fully focused on fighting the international scourge of corruption. Finally, if the Biden Administration announcement raising corruption to a national security concern.
Mikhail highlighted one key outcome from the Monaco Speech and related DOJ announcements. It is that companies can take proactive steps right now to address these DOJ concerns. She said that businesses “may want to take a hard look at their corporate compliance programs and assess just how robust and effective they truly are. If you are a corporation currently under a DPA and a monitor was not imposed, but you aren’t certain how well you’re meeting the terms of your settlement agreement really well. You know, now may be the time to seek out an independent assessment.”
We concluded by circling back to two words from the Monaco Speech, ‘independent’ and ‘integrity’. I asked Mikhail why she thought those two words were so significant. She said, “one thing that when we talk about independence is that it indicates that the monitor is a neutral, impartial evaluator. Whether it is a law firm or consultancy that offers a range of services, your firm cannot be thinking down the road, we can sell them more services. So, let’s handle them gently, lightly. Let’s not tell them the truth. We don’t want to offend them. We want them to hire us later for all this other work. You can’t have independence that way.” Your firm must be truly independent.
We then turned to the word ‘integrity’, which Mikhail observed “is at the core, all of compliance and ethics.” Unfortunately, we seemed to have moved away from this concept of integrity somewhat. Mikhail noted, “we don’t focus enough anymore on the philosophy that underpins the concept of integrity and ethics. You can have all the transparency in the world, but if you don’t have integrity what you do fails. The concept of independence and understanding we do this; this is the right thing to do that this is better for society. This is the spirit of the law. It is embracing integrity, it’s not compromising integrity, it’s not phoning it in if you will.”
Even the G20 is moving in this direction, dovetailing in concert with the Biden administration. In November, the G20 issued their anti-corruption action plan for 2022 through 2024. The G20 has made clear, now more than ever, the international fight against corruption requires increased international cooperation and renewed global commitment. Here Mikhail noted they are “really calling for a spirit of zero tolerance of corruption.”

Categories
Compliance Kitchen

Digital Services Act


Update from Europe – Council of the EU aligns on Digital Services Act.