In today’s edition of Daily Compliance News:
Author: admin
Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley.
As we continue our Spring series we bring Selena Evans onto the show to talk about her Brave Space initiative which is an award winning endeavor, including what other companies can do to build something similar.
This episode also focuses on innovation, particularly how to combat the downsides of innovation. Often when it comes to this topic we are inclined to talk about the positives of moving the dial, the benefits that come with creativity, inspiration and establishing new best practices. However naturally when new processes or tools are brought in, that means that some aspects of the status quo need to fall by the wayside. Colleagues who put in place the previous systems can feel discouraged or even resentful. Similarly when someone brings a fresh idea that proves popular and receives praise for it, the feelings of those around them can cause resentment due to the positive attention lavished on someone else in the team. We discuss those elephants in the room and how a Compliance practitioner can better navigate those troubled political waters.
Selena shares with us the best advice she has received from a mentor and Mary wraps up the episode with learnings from one of the biggest FCPA cases of 2020 – the Goldman Sachs case.
The Great Women in Compliance Podcast is proudly featured on the Compliance Podcast Network and sponsored by Corporate Compliance Insights. If you enjoyed this episode please subscribe to the podcast and rate it on your podcast player to help other compliance professionals find it. Want to hear more from us? We have a book, “Sending the Elevator Back Down: What We’ve Learned from Great Women in Compliance” (CCI Press, 2020) which is available on Amazon.com and Book Depository.
If you’ve already read the booked and liked it, will you help out other women to make the decision to leverage off the tips and advice given by rating the book and giving it a glowing review on Amazon?
As always, we are so grateful for all of your support and if you have any feedback or suggestions for our 2021 line up or would just like to reach out and say hello, we always welcome hearing from our listeners.
You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it and we welcome new subscribers to our podcast.
Join the Great Women in Compliance community on LinkedIn here.
In this edition of Cordery Head to Head @ Home, Cordery’s Jonathan Armstrong talks to Christian Hunt.
Christian Hunt is the founder of Human Risk Limited, a behavioral science consulting and training firm, specializing in the fields of risk, compliance, conduct, and culture. A former regulator, Christian was previously Head of Compliance & Operational Risk Control (C&ORC) for UBS EMEA and Global Head of C&ORC for UBS Asset Management.
They talk about how the use of behavioral science can improve compliance. They talk about how to help people to do the right thing and particularly of the extra challenges people face during the pandemic.
You can find out more about Christian and sign up to his newsletter here https://human-risk.com/. Christian’s podcast is here https://www.podpage.com/site/the-human-risk-podcast/.
You can find out more about Cordery and its work here https://www.corderycompliance.com/how-we-help/.
You can also read about current issues in bribery and corruption here https://www.corderycompliance.com/category/bribery-corruption/.
You can view more Cordery Head to Head interviews here www.bit.ly/corderytv.
Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. This week Matt and Tom take a deep dive into SAP trade sanction enforcement action. Some of the issues we consider are:
- What were the underlying facts?
- How did SAP allow products to get to Iran for so long?
- How did SAP achieve a NPA even with aggrieved factors?
- How was the financial penalty calculated?
- What were the remedial steps SAP engaged in?
- Why does this enforcement action point towards the need for a more holistic approach to risk?
Resources
Matt’s blog post on Radical Compliance:
SAP Nailed on Sanctions Violations
Welcome to The Ethics Movement, special podcast series highlighting Converge21 The Workshop Edition. This podcast series will feature some of the speakers at the event. You can find out more information about the event and register here. In this podcast, I visit with Carsten Tams, Founder & CEO at EMAGENCE, who will lead the discussion on the Workshop, EMEA: Pragmatic Anti-Retaliation to Meet the EU Whistleblower Directive US: Anti-Retaliation Measures that Stand in the New Age of Whistleblowing. Rising retaliation rates calls for a mindset shift. You’ll define your biggest challenges, Carsten and team will bring the framework to overcome them.
Categories
Episode 1 – The Risk of Timing
Welcome to SURVIVE AND THRIVE, the newest addition to the Compliance Podcast Network. This is a podcast where we unpack compliance, crisis disasters and walk you through all the red flags which appear, and give you some lessons learned going forward. This show is hosted by the Compliance Evangelist Thomas Fox and Kortney Nordrum, Regulatory Counsel & Chief Compliance Officer, Deluxe Corporation. Today’s episode is all about disasters and the unpleasant situations that companies find themselves in. Know more about timing risks and why you should care about when things happen just as much as why they happen accordingly.
Major takeaways discussed in the episode:
- People are the biggest risk. Humans make choices, and 95% percent of breaches at companies are the result of human error.
- Ensure having a second set of eyes on every process. And that’s particularly important in compliance. Having a situation where something that was apparently routine but because of timing has moved to a higher risk can be mitigated by having someone else review the process is an appropriate step.
- Compliance practitioners must have a necessary conversation with leadership, the board, and whoever ultimately is in charge to calibrate and communicate; what kind of risks is your organization willing to put up with on a daily basis?
- Go out there and make people trust the humans in your compliance team that you are open, you care, and you are diligent in your job that if they report something, it will be appropriately investigated. Doing so is how you build the culture of trust.
✅ Connect with Kortney Nordrum:
Twitter: @nordrumlaw
✅ About Thomas Fox:
Thomas Fox, the Compliance Evangelist®, is one of the leading writers, thinkers, and commentators on anti-bribery and anti-corruption compliance. In this latest edition of The Compliance Handbook, he continues to arm seasoned compliance professionals and those new to the realm with the practical, actionable guidance and tools needed to design, create, implement and continually enhance a best practices compliance program.
Do you have a podcast (or do you want to)? Join the only network dedicated to compliance, risk management and business ethics, the Compliance Podcast Network. For more information contact Tom Fox at tfox@tfoxlaw.com.
Justin Beals is the CEO and co-founder of Strike Graph, a company helping customers get through their cybersecurity audits. He’s a serial entrepreneur with expertise in AI, cybersecurity, and governance. He founded Strike Graph with the goal to make cybersecurity standards easy to understand and easily accessible. Tom Fox welcomes him to this week’s show to discuss cybersecurity, auditing, and building maturity within an organization.
SOC/SOC2 Audit
Justin explains to Tom the origins of SOC: it was created to ensure that third-party vendors who trade with public companies, and the public companies themselves, were implementing effective cybersecurity practices. SOC2 Audit is a cybersecurity standard that focuses on security within an organization in a number of ways including HR practices, code of conduct, and other compliance liability issues. SOC2 analysis is about how data is encrypted and how new codes get put on servers. “The achievement of something like a SOC2 represents two things: one is an organizational maturity and the second is an assessment of that maturity by an independent party,” Justin tells Tom.
Trust is Currency
Tom asks Justin to share a few tips for when hiring a SOC2 auditor and why it is necessary. “The selection of the right auditor is important strategically because you’re going to want to work with them for a while. Generally, you want to go back to the same auditor [because] it’s more efficient,” Justin responds. Auditors we are familiar with know our practices and can measure them well. He points out that buyers and investors will pick the more trusted company; a company that has done a SOC2 audit is preferred over a company that hasn’t. Trust is what drives them and is what will influence buyers’ decisions.
COVID-19 and What’s Next
Tom asks Justin to reflect on how the pandemic has affected Strike Graph. Justin remarks that his business was established during the pandemic and is a remote work organization. He adds that interest has grown due to the pandemic, and it helped build his company’s success. With the pandemic, certifications and audits are great tools that can help build trust with customers. Justin remarks that in the future, it’s going to be more commonplace to expect vendors to share any form of private information to achieve audits or certifications.
Resources
Justin Beals | LinkedIn | Twitter
StrikeGraph.com