Author: admin

Categories
The Ethics Movement

Jane Arnott on Risk Mitigation through Encouraging a Speak up Culture

CONVERGE19 is in its 4th year of bringing together the world’s leading companies for 2 days of dynamic speakers, thought-provoking breakout sessions, and opportunities to connect with like-minded professionals. You will leave the conference with new resources and best practices allowing you to continue the hard work of driving ethics to the center of your business. In today’s episode I visit with Jane Arnott, Associate and New Zealand representative of the Institute of Business Ethics and visit about her talk, Risk Mitigation through Encouraging a Speak up Culture.
Tt takes leadership along with a culture of trust and fairness to sustain employee loyalty and motivation. When misconduct occurs, that same culture must encourage speaking up or whistleblowing to both enable early intervention and prevent loss. Jane will draw on country-based surveys that explain why employees don’t speak up, the steps companies can take to improve this and how technology such as a Speak Up App can work to overcome employee fears and guide an effective speak up process.
For more information on Converge19, click here.
For more information on the Institute of Business Ethics, click here.
Categories
This Week in FCPA

Episode 170 – the Alabama Sharpie edition

As Walmart bans the sales of handguns and certain ammo and President Trump uses a sharpie to claim Hurricane Dorian is headed towards Alabama, Tom and Jay are back  to discuss some of this week’s top compliance and ethics stories which caught their collective eyes.

  1. How compliance led to Walmart’s decision to ban gun and certain ammo sales. Jaclyn Jaeger reports.
  2. Tom and Jonathan Marks author a compliance game plan for your first 18 months in the CCO chair. Tom blogs about the highlights.
  3. Wells Fargo reads NYT article and starts internal investigation after ignoring internal whistleblowers on closed accounts scandal.
  4. Texas woman violates FCPA in Africa adoption cases. Dick Cassin analyzes.
  5. What are some of the blind spots in customer due diligence? Sam Sheen considers.
  6. How can monitors help in the administrative procesedings? Jay explores in another post.
  7. How does compliance factor into Brexit? Jonathan Rusch provides yet but one example.
  8. The always great Jonthan Marks opines on the Juniper Networks enforcement action, considering the Board of Directors role. Tom and Matt Kelly consider it on this week’s episode of Compliance into the Weeds.
  9. Odebrecht spanked again, this time by Inter-American Development Bank. Dylan Tokar reports.
  10. Tom begins a preview of the Converge19 speakers in a special bonus series of podcasts on the Compliance Podcast Network. Check out the following: Tuesday-Rebecca Rehm and Matt Doherty on the Drip Drip Drip of Compliance Training; Wednesday-UB Ciminieri and Mark Thurman on the Code of Curiousity; Thursday-Norm Hodne on Bridging the Digital Divide and Friday– Jane Arnott on Risk Mitigation through Encouraging a Speak up Culture.
  11. Join Tom and Jay and a host of other great speakers and guest at Converge19 in Denver October 2 & 3. Listeners to this podcast can obtain a complimentary ticket by using the promotion code foxvip, for registration and information, click here.

Tom Fox is the Compliance Evangelist and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.
For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Categories
Compliance Man Chooses the Target

Episode 8: Future of Compliance in Emerging Markets

Welcome to Episode 8 of Compliance Man Chooses the Target with Tim Khasanov-Batirov. The goal is to highlight matters that should be on agenda of practitioners that deploy compliance programs in industries or countries of active anticorruption enforcement. Today we will focus on future of compliance in the reality of emerging markets.
Target #1: What is Compliance?
During last ten years, Compliance Man has been witnessing interesting phenomena. Compliance became a popular concept in business and legal communities. Many countries have adopted laws, which deploy compliance philosophy. Many corporations have huge compliance departments. In the very same time, there is no universally acknowledged methodology what to consider compliance system or compliance as such. This problem extends far beyond borders of emerging markets being a global challenge for professional community. Compliance as professional occupation has to pass certain stages of development like internal audit did in early 2000s in order to form universally recognized standards.
Target #2: Next Generation of Compliance Professionals
Based on what we have discussed earlier on we came to another challenge, which is preparation of new generation of compliance professionals. Let’s take the following example. When employer hires a graduate from a law or medical school, he/she has a clue what knowledge and skills a graduate has. In case of hiring a young compliance professional, it is impossible to evaluate his/her academic proficiency as there are so many courses, trainings, academic programs which might not share even very basic compliance methodical approaches.
Target #3: Think Globally Act Locally?
Implementation of corporate anticorruption program in the reality of emerging markets requires necessity to address both local legislation and extraterritorial laws as for instance UKBA and FCPA. Big multinationals also have piles of internal ethical rules to be deployed at their subsidiaries internationally. In addition, as previously mentioned we have been witnessing a boom of local compliance initiatives and sometimes new laws which companies have to follow as well. As a result, compliance officer faces the necessity to implement many requirements, which sometime might contradict to each other. This situation is depicted in one of the releases of Compliance Man illustrated series http://complianceinpostussr.com/compliance-man-of-integrity-corp-episode-4-it-is-about-tailoring/
To be effective and in order not to get lost in various laws, ethical concepts and compliance philosophies it is right time for professional community to agree on basic principles of corporate compliance system, which will be acknowledged as minimal standards by practitioners worldwide.
Join me for the next episode of Compliance Man Chooses the Target with Tim Khasanov-Batirov.
Learn more compliance tips from Tim Khasanov-Batirov at:
http://complianceinpostussr.com/& http://complianceinpostussr.com/blog/
Categories
Daily Compliance News

September 6, 2019- the Bring out Your Dead edition

In today’s edition of Daily Compliance News:
  • Nissan execs simply awarded themselves extra bonuses. (FT)
  • Former Malaysian PM Najib Razak tried to get China to bail out 1MDB. (Bloomberg)
  • Dealbook asks—is the US ready to reign in big tech? (NYT)
  • MSU fined record amount for Nassar reporting failures. (WSJ)
Categories
Daily Compliance News

September 5, 2019- NCAA spanked yet again edition

In today’s edition of Daily Compliance News:

  • Google fined for violating child privacy. (NYT)
  • Judge denies NCAA access to FBI corruption material. (247Sports)
  • Wells Fargo reads NYT story, starts internal investigation. (NYT)
  • Odebrecht fined and certain subsidiaries debarred by the Inter-American Development Bank. (WSJ)
Categories
Life with GDPR

Episode 32- Lessons Learned in Year 1 of GDPR, Part 2

In this podcast, data privacy/data security expert Jonathan Armstrong and Compliance Evangelist Tom Fox use the framework of GDPR to discuss a wide range of issues relating to these topics. They consider what the US compliance and InfoSec security expert needs to know about what is happening in the UK, Europe and beyond. In this episode, we continue our three-part series of some of the key lessons learned from the first year of GDPR. Some of the issues and highlights are:
DPIA Everything. It’s mandatory under GDPR. It is a process analysis so you will need Subject Matter Expertise. How often do you revisit DPIA? Regulators are beginning to look at the process of your DPIA. When new process comes into play, you should do a new DPIA. Do you require DPIA when you hire 3rdparty vendor or in the M&A situation? If not you should do so moving forward.
Do SARs and DSRs are real good.How do you deal with these types of request? More importantly do you have a centralized team to understand the reason behind the request. Who could make that analysis? Is it a work in progress for your organization? Robust response to SARs is critical, as they are here to stay as core component of GDPR.
Respect the time. Time limits are much more generous in the US. Some regulators suggest not to be obsessed with time. Will courts allow ‘reasonable delay’? Corporations trying to extend the 72 hour by time zone arguments and other ridiculous argument by US corporations. (Listen for the Thanksgiving Weekend exemption) Regulators can fine you for being late. Are US companies getting the message? It’s a mixed bag, some are not doing so.
For more information on Cordery Compliance, go their website here.
For more information on data breaches, see here.
Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.
Categories
Life with GDPR

Steven O’Donnell and the CCPA

We take a short interlude from our three-part series with Jonathan Armstrong to visit with Steven O’Donnell, the Head of Product Marketing – Legal Operations at Mitratech. We consider the California Consumer Privacy Act (CCPA) and how companies can more toward complying with the most robust data privacy law in the US. Some of the highlights in this episode include:

  1. What is the CCPA?
  2. How and why does it apply to companies domiciled outside the state of California?
  3. Is it true that if you’re not already making moves, you’re already behind the curve? What can a company so situated do at this point?
  4. What is the role of compliance in responding to the CCPA?
  5. How can CCPA compliance be a business differentiator?
  6. What processes should a company put in place to comply with the CCPA?

For more information on check out the article “How can improved process drive CCPA compliance” on the CCI website by clicking here.

Categories
Great Women in Compliance

Kirsten Liston on Training that Resonates

Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley. In this week’s episode of Great Women in Compliance, Mary Shirley sits down with Kirsten Liston to talk about some of the old school ways of Compliance training and more modern approaches that will help better get your message across. Kirsten’s a pretty darn good authority on effective Compliance training – she’s just released a book on the very subject called “Creating Great Compliance Training in a Digital World”. Some of the highlights include:
Compliance programs used to be evaluated simply by having certain fundamentals in place.  Policies? Check. Training? Check.  Hotline for reporting? Check.   Compliance has now evolved to where regulators are asking questions about whether the aforementioned cornerstones of your compliance program are any good. Are they effective?  Do they help employees do their jobs in a more ethical way? Do employees understand what is required of them?  Do they retain education and messaging?  Are they receiving it often enough?  The considerations nowadays go far beyond the mere existence of controls.
We bust the following myths:
Legalese driven language is the only way to go.  Let’s make materials that appear to have been written by lawyers, for lawyers.  After all, Compliance is a serious topic.
In order to be sufficiently comprehensive and really teach the learner everything they need to know; Compliance training should be at least an hour long to view or read.
Annual training needs to cover every single risk area under the sun, every year, otherwise we’re leaving ourselves open to scrutiny from regulators.
We round out the episode to consider whether being “too nice” is an impediment to successKirsten Liston
Categories
Compliance Into the Weeds

Juniper Networks FCPA Enforcement Action

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly and I go into the weeds to explore the recently released FCPA enforcement action by the SEC involving Juniper Networks.
Some of the highlights include:
Ø Who is responsible for the continued violations after initial discovery, the subsidiaries or the parent?
Ø What happens when a grandparent ‘speaks sternly’ to a grandchild?
Ø Why does a decentralized compliance structure allow for internal abuse?
Ø Do your policies and procedures actually support your compliance efforts?
Ø As CCO do you have visibility into where customer discounts are going?
Ø Should lawyers ever review expense reports from foreign business units?
For additional reading see the following:
Tom’s blog post, Juniper Network FCPA Enforcement Action, on the FCPA Compliance & Ethics Blog.
Matt’s blog post, Juniper Networks Hit on FCPA Charge, on Radical Compliance.
Jonathan Marks considers these points as well as the Board of Directors role in his blog post, Slush Funds and the Juniper Networks FCPA Settlement, on his always great Board and Fraud blog.
Categories
Daily Compliance News

September 4, 2019- how much per night edition

In today’s edition of Daily Compliance News:
  • As part of gun and ammo policy change, Walmart makes its firearm compliance program available to other retailers. (NYT)
  • How much is Trump charging Pence to stay at his resort in Ireland? (Washington Post)
  • Huawei accuses US government of dirty tricks. (WSJ)
  • Why is now the right time for compliance hiring? (Forbes)