In today’s edition of Daily Compliance News:
Author: admin
Welcome to the only roundtable podcast in compliance. Today, we close out the year with Part 2 of a two-part series on our fan favorite year-end wrap up on the state of compliance under the Trump Administration. We have been following this topic since Trump was elected in 2016 and it one of the most anticipated podcast releases for the year. Today, we have a triple serving of Sarah Hadden, Jonathan Armstrong and Mike Volkov with a potpourri of topics. Rants and shouts outs follow the commentary for this episode.
- Mike Volkov reviews the FCPA enforcement year. Volkov shouts out to the Justice Department’s FCPA trial team which secured several guilty verdicts at year’s end in individual prosecutions under the FCPA.
- Jonathan Armstrong discusses the year in antibribery enforcement from the UK perspective by reviewing the SFO’s successes and failures. Armstrong shouts out to Sir Rod Stewart for a compliance related project.
- Sarah Hadden takes a look back over her first year as CCI Publisher and highlights some of the top features, stories, news items and new voices in compliance. She shouts out to James Bone and Columbia University’s risk management survey.
Resources:
Participate in the Columbia University risk management project headed by James Bone, here.
The members of the Everything Compliance are:
- Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
- Mike Volkov – One of the top FCPA commentators and practitioners around and the Chief Executive Officer of The Volkov Law Group, LLC. Volkov can be reached at mvolkov@volkovlawgroup.com.
- Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com
- Jonathan Armstrong –is our UK colleague, who is an experienced data privacy/data protection lawyer with Cordery in London. Armstrong can be reached at armstrong@corderycompliance.com
- Sarah Hadden –Publisher at Corporate Compliance Insights. Hadden can be reached at Sarah@corporatecomplianceinsights.com
The host and producer (and sometime panelist) of Everything Compliance is Tom Fox the Compliance Evangelist. Everything Compliance is a part of the Compliance Podcast Network.
Welcome to the Day 4 of the five-day podcast series Jay Rosen and I are producing in honor of the latest Star Wars movie The Rise of Skywalker. Each day over this week, Jay and I will review a Star Wars movie and discuss it from the compliance perspective. Today, we consider Episode VII, The Force Awakens and disruption in compliance.
Today we consider Episode VII – The Force Awakens. It was the first one not created by LucasFilms, as George Lucas had sold his company to Disney. It was directed by JJ Abrams and told the story of the Star Wars universe some 30 years after the destruction of the last Death Star. It is this disruptive nature of the Star Wars franchise that I will focus on today as it relates to disruption innovation in compliance.
The film introduced several new characters: Rey, Finn and Poe Dameron, Kylo Ren and the First Order, a successor to the Galactic Empire. The film was largely one giant search for Luke Skywalker who had gone into isolation after his failure to re-establish the Jedi order. In addition to introducing the new characters, we are reunited with Han, Chewbacca and Princess Leia, who is now General Leia Organa. The First Order has developed new weapon, Starkiller, a deliciously worthy successor to the Death Star; the Rebel Alliance majorly disrupts the weapon and the First Order by destroying it, in the film’s climactic battle.
Compliance is a process. Compliance programs should evolve as business risks change. Just as disruptive innovation tends to focus on process, your compliance program should focus on your overall business process to be successful.
Compliance 3.0 is very different from compliance programs of the past decade. Compliance is moving from a solutions shop where all compliance functions are centered in the legal or compliance department to a process function where the front-line business team can use technology and other tools to operationalize compliance. The 2017 Evaluation of Corporate Compliance Programs focused on how well a company operationalizes compliance into the business functions. The authors point to new business models as disruptive and I think this concept translates into how compliance can be burned into the DNA of an organization rather than simply sitting in the corporate office in the US.
Not all disruptive innovations succeed as disruption is only one step in both the creative and growth process. The key concept are the three goals of any compliance program; to prevent, find and fix issues. This is how compliance differs from legal, whose job is to protect the company; from compliance whose mission is to monitor, obtain the data and then use the data as a feedback loop back into the company.
As many compliance practitioners are lawyers, we are naturally reticent to embrace such change, however I think the pronouncements of the DOJ throughout the year have made even clearer the need for continued evolution of anti-corruption compliance going forward. In The Force Awakens, there were numerous disruptions. We saw the death of one of the most beloved characters in the series, Han Solo, the growing awareness by Rey of her powers and the return of Luke Skywalker. It totally disrupted the First Order and destroyed its most lethal weapon.
Join us tomorrow where we consider The Last Jedi and the Board’s role in succession.
If you want your employees to perform better–I’ve got two tools for you in this episode. This is Part 2 of our discussion on best-leading remote employees in today’s workforce.
Remember, remote employees are not a thing of the future, it’s a reality leaders must realize today. In this episode, my business partner, Phil Van Hooser, is joining me once again. This time we are digging deeper into best managing expectations and results from your remote employees. While our focus is on remote employees, the discussion within this episode can directly relate to in-office employees as well.
As a leader, YOU control your leadership success. Tune in for real-talk about how to lead well in this new environment of remote workers.
Your critical incident file (details in the episode) is HERE.
If you’re looking for tangible action steps and refreshing insights to help ignite the power of your own leadership journey, sign up for my weekly leadership blog HERE.
If your business would benefit from higher-performing leaders, check out more information about the comprehensive leadership development training I do HERE.
If you want to reach out to me directly, email alyson@vanhooser.com.
If you enjoyed this episode, will you please subscribe and leave a review? Your reviews help this show get discovered by more incredible leaders just like you. I’m obsessed with helping leaders ignite their performance results and I’d love to have you help me make an impact! Thank you so much!
P.S. Share and tag me on social — @AlysonVanHosoer — and I’ll share your comments and big takeaways on my feed!
Sergio Kopelev is Vice-President of Engagement Management at Stroz Friedberg (an Aon Company). He joins Vince Walden on this week’s show to share stories of the types of cyber threats companies face today.
Some of the highlights include:
Sergio remarks that while threat actors have always been present, today they are becoming increasingly sophisticated. He describes several ways they hack businesses, including filing false income tax returns and installing ransomware in backup systems. It’s not just that they are gaining access to systems, Sergio says, they are weaponizing that access and gaining from it. Moreover, the weaponization isn’t only through sophisticated technology, they are patiently learning their target businesses, and then attacking them at the most advantageous time for themselves. Cybercrime currently costs companies approximately $4 million per year, but is estimated to reach $6 trillion by 2021.
Vince and Sergio discuss the pros and cons of blockchain technology as a security precaution. Sergio agrees that it offers several benefits, once a threat actor does not gain access to someone’s login credentials. If they do, it’s all over. He comments that the risk lies in the two main areas of supply chain and employees. As such, companies should have comprehensive employee training and awareness and should invest in having a strong cyber insurance policy. Every business is being targeted, and threat actors know exactly what they are targeting, so be very careful, Sergio warns.
Sergio Kopelev is Vice-President of Engagement Management at Stroz Friedberg (an Aon Company). He joins Vince Walden on this week’s show to share stories of the types of cyber threats companies face today. Sergio remarks that while threat actors have always been present, today they are becoming increasingly sophisticated. He describes several ways they hack businesses, including filing false income tax returns and installing ransomware in backup systems. It’s not just that they are gaining access to systems, Sergio says, they are weaponizing that access and gaining from it. Moreover, the weaponization isn’t only through sophisticated technology, they are patiently learning their target businesses, and then attacking them at the most advantageous time for themselves. Cybercrime currently costs companies approximately $4 million per year, but is estimated to reach $6 trillion by 2021.
Vince and Sergio discuss the pros and cons of blockchain technology as a security precaution. Sergio agrees that it offers several benefits, once a threat actor does not gain access to someone’s login credentials. If they do, it’s all over. He comments that the risk lies in the two main areas of supply chain and employees. As such, companies should have comprehensive employee training and awareness and should invest in having a strong cyber insurance policy. Every business is being targeted, and threat actors know exactly what they are targeting, so be very careful, Sergio warns.
Resources
Sergio Kopelev on LinkedIn
Stroz Friedberg (an Aon Company)
In today’s edition of Daily Compliance News:
Welcome to the Day 3 of the five-day podcast series Jay Rosen and I are producing in honor of the latest Star Wars movie The Rise of Skywalker Each day over this week, Jay and I will review a Star Wars movie and discuss it from the compliance perspective. Today, we consider Episode VI, Return of the Jedi and effective training.
In this final movie from the original three, the good guys win in the end after overcoming incredible odds. Many fans and critics panned it for including the incredibly cute and furry Ewoks on the moon named Endor as a part of the storyline. Many thought one very tall Wookie was enough cuteness for the series. This movie’s big reveal was that Luke and Princess Leia were twins and that she was now free to unabashedly pursue bad boy Han Solo. While Episode VI was the lowest grossing film of the original three, coming in at only $572MM worldwide, it was still a great ride and visually stunning. George Lucas’ in-house organ, Industrial Light & Magic (ILM), certainly earned their title for their special effects in the movie. The Sarlacc battle sequence was great, the speeder bike chase on the Endor moon was way cool and the space battle between Rebel and Imperial pilots was a great ride.
I have adapted an approach from Joel Smith on his Inhouse Owl website to help determine compliance training effectiveness.
1.What you want to measure. Before you ever train an employee, you should have a goal in mind. What actions do you want employees to take? What risks do you want them to avoid? In compliance, you want them to avoid non-ethical and non-compliant actions that would lead to compliance violations. The goal is to train employees to follow your Code of Conduct and your compliance program policies and procedures so you avoid liability related to actions.
2. What is employee engagement? The next step is to get a sense of whether employees feel that the training you provided is relevant and targeted to their job. If it’s not targeted, employees will likely not be committed to changing risky behavior. You can get data on employee engagement through a quick post-training survey, which will help you isolate and qualify the training benefit.
3. Did employees actually learn anything? A critical part of any employee training is the assessment. If you want to understand the “benefit” of training employees, you must know whether they actually learned anything during training. You can collect this data in a number of ways, but for compliance training, the best way is to measure pre-and post-training understanding over time. Basically, each time you train an employee, measure comprehension both before and after training.
4. Are employees applying your training? You need to conduct a survey to determine employee application and their implementation of the training topics. To do so, you must conduct employee surveys to understand whether they ceased engaging in certain risky behaviors or better yet understand how to conduct themselves in certain risky situations. These surveys can provide a good sense of whether the training has been effective.
Join us tomorrow where we consider The Force Awakens and disruptive innovation in compliance.
Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly and I go into the weeds about the new DOJ, National Security Division’s Export Controls and Sanctions Enforcement Policy for Business Organizations.
Some of the highlights include:
- Why is there no declination available?
- What aggravating factors are different between this policy and the FCPA policy?
- What is an effective compliance program under this Policy and the OFAC Compliance Framework?
- Who do you self-disclose to first if you uncover a trade sanctions violation?
- Is this policy coordinated with other cooperation agreements?
- What are the lessons learned for a corporate compliance program?
- What does all this mean for compliance professionals going forward?
Resources
Matt’s blog post Cooperation for Sanctions Violations in Radical Compliance.
