In today’s edition of the Daily Compliance News:
The role of the CCO has steadily grown in stature and prestige over the years. In the 2012 FCPA Guidance, under Hallmark Three of the Ten Hallmarks of an Effective Compliance Program, it focused on the whether the CCO held senior management status and had a direct reporting line to the Board; stating:
In appraising a compliance program, DOJ and SEC also consider whether a company has assigned responsibility for the oversight and implementation of a company’s compliance program to one or more specific senior executives within an organization. Those individuals must have appropriate authority within the organization, adequate autonomy from management, and sufficient resources to ensure that the company’s compliance program is implemented effectively. Adequate autonomy generally includes direct access to an organization’s governing authority, such as the board of directors and committees of the board of directors.
This Hallmark was significantly expanded in both the 2019 Guidance and the FCPA Corporate Enforcement Policy. And in so doing, the DOJ has increased the prestige, authority and role of both the CCO and corporate compliance function. The 2019 Guidance has four general areas of inquiry around the CCO and corporate compliance function. (1) How does the CCO salary and stature within the organization compare to other senior executives within the company. (2) What are the experience and stature of the CCO with an organization? Does the CCO have appropriate training for the role? (3) How much autonomy does the CCO have to report to the Board of Directors? How often do the CCO meet with directors? Are members of the senior management present for these meetings with the Board of Directors or of the Audit Committee? (4) Is the compliance function run by a designated chief compliance officer, or another executive within the company, and does that person have other roles within the company?
Three key takeaways:
We have been getting accountability all wrong in the compliance profession. It’s not a set of tasks – it’s a way of thinking and it has to come from the heart as well as the head. On Accountability: The Heart of Compliance Tom Fox and Sam Silverstein dig into what accountability means to the corporate compliance function and business organizations and most significantly, how to make it an integral part of your culture. In this episode Sam and I begin a three-part series to consider the current disaster Boeing finds itself in from the accountability perspective and what it might do to crawl out of the deep hole it finds itself in. In this Part 1, we consider accountability from employees to their fellow employees and up towards management. Some of the highlights include:
· What is an employee’s commitment to values in an organization? What are your Foundational Values? Your Relational Values? Your Professional Values? Your Community Values?
· How employees commit to ‘it’s all of us’ so that all employees rise or fall together?
· Is bringing in a new CEO enough or must an organization do more?
· What is an employee’s commitment to a good reputation? How do you get alignment in word and deed to commit to accountability?
For more information on Sam Silverstein and his work on accountability, click here.
Will another Kleptocrat lose ill-gotten gains? Jay and I are back to consider some of the top compliance articles and stories which caught our eye this week. We give some final thoughts on the Astros sign stealing scandal, at least until the MLB Report on the Red Sox comes out.
Tom Fox is the Compliance Evangelist and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.
In today’s edition of the Daily Compliance News:
One of the critical elements found in the 2019 Guidance is the need to use the information you obtain, whether through risk assessment, root cause analysis, investigation, hotline report or any other manner to remediate the situation which allowed it to arise. It stated:
Evolving Updates – How often has the company updated its risk assessments and reviewed its compliance policies, procedures, and practices? Has the company undertaken a gap analysis to determine if particular areas of risk are not sufficiently addressed in its policies, controls, or training? What steps has the company taken to determine whether policies/procedures/practices make sense for particular business segments/subsidiaries?
Your company should establish a regular monitoring system to spot issues and address them. Effective monitoring means applying a consistent set of protocols, checks, and controls tailored to your company’s risks to detect and remediate compliance problems on an ongoing basis. To address this, your compliance team should be checking in routinely with local finance departments in your foreign offices to ask if they have noticed recent accounting irregularities. Regional directors should be required to keep tabs on potential improper activity in the countries in which they manage. These ongoing efforts demonstrate that your company is serious about compliance.
Three key takeaways:
Who needs more drama in their life? Anybody? Nobody! There is an upside to conflict, though. If you, or if people on your team, are dealing with conflict…it is possible to eliminate the conflict and come out with a stronger, better relationship – if you handle it correctly! As a leader, it is your responsibility to successfully navigate conflict and help your team to do the same.
In today’s episode we are digging into a how one top-recognized leader, Chris, uses an old school theory to help him and his team successfully navigate conflict. Chris and I are both millennials. But, no matter how young, how cool, how old, how smart you are…there are some things we will always be able to learn from the people who went before us.
We are discussing the Transactional Analysis theory developed in the mid 1900’s. This theory helps leaders understand why their people might think, act, and feel the way they do.
We’re going to walk you through how you can use this information to help in the trenches at work. Let’s dig in –it’s time to LEVEL UP!
———-
If you’re looking for tangible action steps and refreshing insights to help ignite the power of your own leadership journey, sign up for my weekly leadership blog HERE.
If your business would benefit from higher-performing leaders, check out more information about the comprehensive leadership development training I do HERE.
If you want to reach out to me directly, email alyson@vanhooser.com.
If you enjoyed this episode, will you please subscribe and leave a review? Your reviews help this show get discovered by more incredible leaders just like you. I’m obsessed with helping leaders ignite their performance results and I’d love to have you help me make an impact! Thank you so much!
P.S. Share and tag me on social — @AlysonVanHooser — and I’ll share your comments and big takeaways on my feed!
Vince Walden welcomes Wendy Riggs and Kara Ricupero to the Walden Pond show. Wendy heads Information Governance and Legal Operations at Airbnb, and Kara is the Senior Global Director of Information Governance at Ebay. This week’s discussion revolves around the new communication and collaboration tools such as Slack, which are now widely adopted by organizations, and the unique issues and challenges they pose for information governance and compliance.
Listen to the episode now:
The issue of data retention and review is one that is particularly problematic. With communication tools like Slack being used to share vast amounts of information, reviewing and holding on to potentially relevant data proves challenging. Kara says that it’s an all or nothing conundrum unless you bring in a separate legal hold tool. You can’t use the company’s automated deletion policy because you don’t know which channel may be relevant to litigation or an investigation. Wendy adds that putting governance around a tool like Slack is difficult from an architectural perspective.
Finding an effective solution to these governance issues is a matter of understanding your business. Work with your people to find the best defensible position for your company that also makes you compliant, Kara advises.
Resources
Wendy Riggs on LinkedIn
Kara Ricupero on LinkedIn
Control Testing – Has the company reviewed and audited its compliance program in the area relating to the misconduct? More generally, what testing of controls, collection and analysis of compliance data, and interviews of employees and third-parties does the company undertake? How are the results reported and action items tracked?
Fortunately, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) 2013 Internal Controls Framework considers assessing compliance internal controls. In “Internal Controls – Integrated Framework, Illustrative Tools for Assessing Effectiveness of a System of Internal Controls”, COSO laid out its views on assessing the effectiveness of internal controls. It noted that an effective system of internal controls provides “reasonable assurance of achievement of the entity’s objectives, relating to operations, reporting and compliance.” Moreover, there are two over-arching requirements that can only be met through such a structured protocol. First, each of the five components are present and functioning. Second, that the five components operate in an integrated fashion with each other. One of the most critical components of the COSO Framework is that it sets internal control standards against those which you can audit to assess the strength of your compliance internal controls.
Three key takeaways:
