Author: admin

Categories
31 Days to More Effective Compliance Programs

Day 28 | Post-acquisition integration plan


Your company has just made its largest acquisition ever and your CEO says they want you to have a compliance post-acquisition integration plan on their desk in one week. Where do you begin? A good place to start would be the 2012 FCPA Guidance language: Pre-acquisition due diligence, however, is normally only a portion of the compliance process for mergers and acquisitions. DOJ and SEC evaluate whether the acquiring company promptly incorporated the acquired company into all of its internal controls, including its compliance program. Companies should consider training new employees, reevaluating third parties under company standards, and, where appropriate, conducting audits on new business units.
As reported by New and Trahanas, in a July 2018 speech, former Deputy Assistant Attorney General Matthew Miner emphasized that DOJ would apply the principles contained in the FCPA Corporate Enforcement Policy to successor companies that discover potential violations subsequent to an acquisition, as well as to acquirers who detect potential corrupt activities during the due diligence process. He also encouraged acquiring companies to seek guidance through the FCPA Opinion Procedures. Miner said the DOJ would apply the principles contained in the FCPA Corporate Enforcement Policy to acquiring companies that uncover potential FCPA violations in the mergers and acquisitions context. This means if you meet the four requirements under the FCPA Corporate Enforcement Policy, the default DOJ position would be a declination would be granted
Three key takeaways:

  1. Planning is critical in the post-acquisition phase.
  2. Build upon what you learned in pre-acquisition due diligence.
  3. You literally need to be ready to hit the ground running when a transaction closes.

 

Categories
Innovation in Compliance

The Human Element of Compliance with Gio Gallo


Gio Gallo, and his brother and co-CEO Nick Gallo, joined ComplianceLine because they saw a need for better vendor partners in the compliance industry. Their mission is to help more people every day. Today they care for the leaders who care for six million people around the world. Gio joins Tom Fox on this week’s show to talk about why the human element in compliance is mandatory and why it’s going to stay that way far into the future.

Taking Care of People
ComplianceLine helps compliance leaders by giving them actionable information so they can take care of their people. Gio lists the services his company offers, such as issue intake and case management, and hotline. 
Data Cannot Replace Humans
Tom comments about the increasing importance of collecting and monitoring data, given regulatory mandates. He asks Gio why he believes that data cannot be allowed to replace the human element. Gio responds that automation is great, for machines. However, you can’t define every scenario or what should be done in every interaction, so there’s no way you can automate everything. In addition, where there are issues that involve people, you need people to find information, and to plan and execute the appropriate fixes. As more repetitive tasks become automated, the human element is going to become more important, Gio predicts.
Hotlines and Empathy
The human element of compliance is especially relevant in hotlines. People expect that human-caused problems with human-required solutions have human-considered interactions, Gio says. People calling in to report a problem need to feel heard and that their issue is being considered by someone who will do something about it. Tom commends Gio on a ComplianceLine blog post entitled, I Hope Things Get Better for You: The Importance Of Empathy In Compliance Reporting. Gio responds that empathy drives effectiveness. It’s also the way to show care and respect for others. Anyone calling your hotline should feel cared for and listened to. When you engage with them in a caring way, you understand where they’re coming from and you get better information. You can now follow up and close issues faster, and ultimately take care of damaging risks more quickly.
Resources
ComplianceLine.com
ComplianceLine on YouTube | LinkedIn | Facebook | Twitter | Instagram
ComplianceLive podcast
ggallo@complianceline.com 
Blog post: I Hope Things Get Better for You

Categories
Daily Compliance News

January 28, 2020, the Data Privacy Day edition


In today’s edition of the Daily Compliance News:

  • SFO goes to trial in SBM Offshore/Unaoil bribery trial. (Bloomberg)
  • Eagle Shipping settles trade sanction violations. (WSJ)
  • Hacker who leaked FIFA docs also leaked Isabel Dos Santos docs. (NYT)
  • Pentagon against tightening restrictions on Huawei. (Washington Post)
Categories
31 Days to More Effective Compliance Programs

Day 27 | Pre-acquisition due diligence in mergers and acquisitions


A company that does not perform adequate due diligence prior to a merger or acquisition may face both legal and business risks. Perhaps most commonly, inadequate due diligence can allow a course of bribery to continue – with all the attendant harms to a business’s profitability and reputation, as well as potential civil and criminal liability. While most compliance practitioners have been long aware of the requirement in the post-acquisition context, the 2012 FCPA Guidance focused many compliance practitioners of the need to engage in robust pre-acquisition due diligence.
This was expanded again in the 2017 Evaluation but the 2019 Guidance made even more clear the need for a robust compliance presence in the pre-acquisition phase. It stated, “A well-designed compliance program should include comprehensive due diligence of any acquisition targets.  Pre-M&A due diligence enables the acquiring company to evaluate more accurately each target’s value and negotiate for the costs of any corruption or misconduct to be borne by the target.  Flawed or incomplete due diligence can allow misconduct to continue at the target company, causing resulting harm to a business’s profitability and reputation and risking civil and criminal liability.
Three key takeaways:

  1. The results of your pre-acquisition due diligence will inform your post-acquisition integration and remediation going forward.
  2. Periodically review your M&A due diligence protocol.
  3. If red flags appear in pre-acquisition due diligence, they should be cleared.

 

Categories
Why a Duck

A Night at the Opera, Part 1 and 2019 Compliance Year in Review


From Vaudeville to the Silver Screen to the Small Screen, the Marx Brothers made an impact wherever people found them. Now Tom Fox and Mike Volkov have wedded their love of the Marx Brothers with their passion for compliance and bring them into the boardroom to help explain and explore the sometimes-chaotic world of governance, risk-management, ethics and compliance. In this episode they begin a three-part series where they discuss the movie A Night at the Opera and how it informs the 2019 in Compliance, FCPA enforcement actions and Compliance into 2020 and beyond.  In this episode we review the year in compliance. Highlights from the podcast include:

  1. Why do many people consider A Night at the Opera the greatest of all Marx Brothers movies? What makes it AFI 100 worthy?
  2. What were some of the key regulatory pronouncements in 2019?
  3. How do the OFAC Compliance Framework and Anti-Trust Division Guidance inform ABC compliance?
  4. Why were the enforcement numbers so great in 2019?
  5. How did the role of compliance professionals strengthen in 2019?
  6. How successful was the DOJ in trying individuals in 2019?

Resources
Mike Volkov-A Record Year in Enforcement and Compliance

Categories
Daily Compliance News

January 27, 2020, the No Morals edition


In today’s edition of the Daily Compliance News:

  • How lack of morals helped fuel opioid crisis. (FT)
  • How UnderArmor lost its mojo. (NYT
  • How Western companies can help to fight corruption. (NYT)
  • Corruption through currency manipulation. (FT)
Categories
FCPA Compliance Report

Philip Urofsky on the Shearman & Sterling 2020 FCPA Digest


In the Episode, I visit with Philip Urofsky, partner at Shearman & Sterling, Editor-in-Chief of the firm’s most excellent FCPA Digest. We visit about the firm’s 2020 FCPA Digest, Recent Trends and Patterns in the  Enforcement of the FCPA and consider some of the highlights from the report. We also take a deep dive into the issue of agency under the FCPA, which was a major legal issue in the Hoskins trial and an ongoing debate on the issue of parent-subsidiary liability under the FCPA. Some of the highlights include:

  1. Enforcement actions and strategies seen in 2019. What did the numbers tell us?
  2. What were some of the perennial statutory issues address and litigated in 2019? Did the DOJ adequately address the issue of parent-subsidiary liability? Do the Barclays and Deutsche Bank enforcement actions end the question of whether a job for a child or relative can be a ‘thing of value’ under the FCPA?
  3. What is the significance you seen in the Criminal Division’s 2019 Guidance?
  4. Is the ‘inability to pay’ a codification of existing DOJ practice or something new?
  5. What is the significance of the Och-Ziff restitution case?
  6. What were some of the key developments in the UK around Bribery Act prosecutions and enforcement actions?

Resources
To download a copy of the Shearman & Sterling 2020 FCPA Digest, Recent Trends and Patterns in the Enforcement of the FCPA click here.
To use the fully searchable Shearman & Sterling FCPA digest, click here.

Categories
31 Days to More Effective Compliance Programs

Day 26 | Operationalizing compliance through payroll


One of the areas articulated in the 2019 Guidance was around payments and payroll. For the both the compliance professional and the corporate payroll function, there is a significant role to play in the operationalization of a corporate compliance program. The Evaluation of Corporate Compliance Programs – Guidance Document (2019 Guidance) was replete with references to payment and its critical nature to any best practices compliance program.  This includes references to payments to foreign officials, payments to third parties and hiding bribes in payments to distributors.
The 2019 Guidance begins with an admonition to stop wasting time on low hanging fruit when there are much higher risks in your business operations. It stated: Risk-Tailored Resource Allocation – Does the company devote a disproportionate amount of time to policing low-risk areas instead of high-risk areas, such as questionable payments to third-party consultants, suspicious trading activity, or excessive discounts to resellers and distributors?  Does the company give greater scrutiny, as warranted, to high-risk transactions (for instance, a large-dollar contract with a government agency in a high-risk country) than more modest and routine hospitality and entertainment?   The 2019 Guidance then drills down into the payment and payroll system, stating: Appropriate Controls – How does the company ensure there is an appropriate business rationale for the use of third parties?  If third parties were involved in the underlying misconduct, what was the business rationale for using those third parties? What mechanisms exist to ensure that the contract terms specifically describe the services to be performed, that the payment terms are appropriate, that the described contractual work is performed, and that compensation is commensurate with the services rendered? 
Taken together, these questions may not seem particularly new, innovative, or even something different from what payroll currently does for an organization. However, the 2019 Guidance , clearly demonstrates the role of payroll in compliance. The 2019 Guidance requires that payroll not only form a part of any best practices compliance program, but when it comes to the specific subject matter expertise, payroll is on the front lines of any attempts to prevent, detect, and then remediate anti-corruption compliance violations.
Three key takeaways:

  1. Payroll can be a key prevent and detect control.
  2. The Evaluationspecified the tying of the corporate compliance function to the corporate payroll function.
  3. Offshore payments remain a key indicator for a red flag.
Categories
Sunday Book Review

January 26, 2020, the Old is New edition


In today’s edition of Sunday Book Review:

Categories
31 Days to More Effective Compliance Programs

Day 25 | Compliance function in an organization


The role of the compliance professional and the compliance function in a corporation has steadily grown in stature and prestige over the years. When it came to the corporate compliance function, 2012 FCPA Guidance, under Hallmark Three of the Ten Hallmarks of an Effective Compliance Program, simply noted the government would “consider whether the company devoted adequate staffing and resources to the compliance program given the size, structure, and risk profile of the business.”
This Hallmark was significantly expanded in both the 2019 Guidance and the FCPA Corporate Enforcement Policy. And in so doing, the DOJ has increased the prestige, authority and role of both the corporate compliance function. The 2019 Guidance has four general areas of inquiry around the corporate compliance function. (1) What is the seniority and stature of the compliance function within an organization? (2) What are the experience and stature of the compliance personnel with an organization? (3) What is the funding and resources made available to the compliance function? (4) How much autonomy does the compliance function have to report to the Board of Directors?
Three key takeaways:

  1. How is compliance treated in the budget process?
  2. Has your compliance function had any decisions over-ridden by senior management?
  3. Beware outsourcing of compliance as any such contractor must have access to company documents and personnel.