Welcome to the newest addition to the Compliance Podcast Network, Compliance and Coronavirus. As the Voice of Compliance, I wanted to start a podcast which will help to bring both clarity and sanity to the compliance practitioner and compliance profession during this worldwide health and healthcare crisis. In this episode, I am joined by the co-hosts of the Great Women in Compliance Podcast, Mary Shirley and Lisa Fine who discuss their personal and professional challenges during this time of coronavirus. The podcast is cross-posted from the Great Women in Compliance podcast, on the Compliance Podcast Network.
This podcast is sponsored by SAI Global. To learn how you can protect your business operations and workforce during these uncertain times, visit saiglobal.com/risk for free resources, expert guidance, and industry-leading technology.
In today’s edition of Daily Compliance News:
- Employees trust their companies around COVID-19. (Houston Chronicle)
- Banks slowing down business stimulus package? (WSJ)
- Has Softbank lost its vision? (Barron’s)
- At least Trump hasn’t blamed cell phone towers (yet). (Washington Post)
An important part of the job duties of any compliance practitioner is clearing red flags which might appear for a proposed third-party relationship during the due diligence process. It is mandatory that not only must all red flags be cleared but there also be evidence of the decision-making process to show to a regulator if one comes knocking. Around third-parties, consider what risks you face in both your sales and supply chain. If there is a key player several tiers down the line who creates or builds a key component or delivers a critical service, you may want to put more management around that relationship from the compliance perspective.
For anything below a tier 2; you may be able to manage your risks through having your direct tier one counter-party take the lead in managing such compliance risks. But make sure that the expectation is communicated to your direct counter-party so that if the government comes knocking you can show that not only did you contractually obligate your direct counter-party to do so but that you provided them the tools and training to do so. Finally, you will need to be able to show that your direct counter-party did so.
Three key takeaways:
- There is no set formula for clearing of red flags or the evaluation of due diligence.
- Know when to say enough has been done.
- You must “Document, Document, and Document” your evaluation of any red flags.
In this five-part series, Mike Volkov and Tom Fox consider COVID-19 from a variety of angles and perspectives; from the Board of Directors, the CCO, the ethical company, new laws and regulations, crisis management and leadership. In this fifth and final episode, we consider the paucity of leadership at the federal level and why this has put businesses at the forefront of leadership during this crisis. Highlights from the podcast include:
- Why do we need strong federal leadership?
- Without federal leadership why is business leadership so important?
- Will CEOs who signed the Business Roundtable’s Statement on the Purpose of an Organization adhere to those principals in this time of crisis?
- What time horizons are you considering?
- Why is trust even more important now?
- How will the COVID-19 crisis test the mettle of companies in ways never seen in our lifetimes?
Resources
Mike Volkov
Call for Leadership
Absence of Federal Leadership
Tom Fox
Trust in the Age of Coronavirus
Final Thoughts
Mike Cherkasky on Testing Your Mettle
In my last corporate position, my company was at the compliance forefront because we required compliance related audits for vendors in the supply chain. This was cutting edge in 2007-08. However, now an audit for adherence to compliance requirements has become a standard best practice in the management of business relationships with third-party vendors in the supply chain. In several settlements of enforcement actions through both DPAs and NPAs, in the 2012 FCPA Guidance and, most recently, in the 2019 Guidance, the DOJ made it clear that a best practices compliance program includes the right to conduct audits of the books and records of its suppliers to ensure compliance. Many companies have yet to begin their audit process for FCPA compliance on vendors in their supply chain. This is a missed opportunity from both the compliance perspective and greater business efficiency.
Any organization which audits a business partner in its supply chain should consult with legal, audit, financial and supply chain professionals to determine the full scope of the audit and a thorough and complete work plan should be created based upon all these professional inputs. After an audit, an audit report should be issued. This audit report should detail incidents of non-compliance with the compliance program and recommendations for improvements. Any reported incidents of non-compliance should reference the basis, such as contractual clauses, legal requirement or company policies.
Three key takeaways:
- Is your supply chain vendor committed to the audit process?
- Capture the data, analyze the data, report on the data.
- Supply chain audits are no longer cutting edge but are now simply best practices.
Welcome to a special series of Trekking Through Compliance, the podcast series inspired by my review of Star Trek, the Original Series. In this special series I am joined by another uber Star Trek maven, Megan Dougherty, co-founder of One Stone Creative. In this series we will review the new television show Picardwhich is currently streaming on CBS. Today, Episode 9, “Et in Arcadia Ego”.
SPOILER ALERT-Although we will review each episode after it appears, we will discuss each episode in depth.
Episode 9, Et in Arcadia Ego. Picard’s brain condition has become terminal. He is on his mission to find and save androids he believes to be Soji’s people. The Romulans have now found the Synth homeworld. Picard and friends arrived at this synth home world and meet Dr. Altan Inigo Soong, a previously unknown organic son of Noonian Soon; and a number of synths. Picard attempts to contact Starfleet, reporting a first contact with the synths. But a synth, Sutra mind-melded with Agnes Jurati and was able to explain the real meaning of the Admonition which the Zhat Vash. Sutra designed a beacon to summon the advanced synthetic life to save her people and destroy all organics. Dr. Soong and Jurati took the side of the synths and Picard is led away under house arrest to end this Part 1 of a two-part conclusion.
Highlights, speculations and questions include:
- Homage to the Picard Incident?
- Some really big philosophical questions in this episode.
- What is the role of Dr. Soong?
- Sutra and Vulcan mind-meld?
- Will the evolution of the synths lead to the annihilations of organics?
- Moment between Raffi and Picard. Was it real for you?
- Sutra and her manipulation?
- Does Picard have any credibility regarding his offer to protect the synths?
- Cookies
As the lads fire up to celebrate their 200th show, they mourn the passing of John Prine, self-distancing Tom and Jay are back to consider some of the top compliance articles and stories which caught their eye this week.
- Mike Volkov with a two-part tribute to his great mentor, Stanley Sporkin. On Corruption Crime and Compliance, Part 1 and Part 2.
- How beliefs impact mindset. Linda Henman in CCI.
- Some coronavirus considerations. For Board, on the D&O Diary and from the front lines on the FCPA Blog.
- Stepping up your DD game during coronavirus. Jason Chang in the FCPA Blog.
- FINMA reports highlights AML risk. Jonathan Rusch in Dipping Through Geometries.
- Don’t be a Covidiot engaging in Covidocity. Matt Kelly in Radical Compliance. Tom and Matt take a deep dive in Compliance into the Weeds.
- Compliance Week announces finalists for Excellence in Compliance Awards. Round One and Round Two. Special congrats to Carrie Penman.
- Man update on COVID-19 and D&O Insurance. Kevin LaCroix on the D&O Diary.
- Be careful out there, the bad guys are watching. Ahsan Habib in Risk and Compliance Platform Europe.
- On Compliance and Coronavirus this week: Peter Eyre on navigating the choppy legal and regulatory waters; Eric Feldman on the importance of culture assessments during COVID-19; Mike Cherkasky on why coronavirus truly is a crisis; Mary Shirley and Lisa Fine ruminate on their professional and personal lives.
- The Compliance Life premiers on the Compliance Podcast Network.
- On the Compliance Podcast Network, Tom concludes a month of looking at the role of innovation in compliance And opens a month of exploring continuous improvement, all on 31 Days to a More Effective Compliance Program. This week saw the following offerings: Monday-designing a process for continuous monitoring; Tuesday-Auditing of 3rd Parties; Wednesday-Continuous Improvement in Compliance; Thursday-the Compliance Audit; Friday-Supply Chain audits. Note 31 Days to a More Effective Compliance Program now has its own iTunes channel. If you want to binge out and listen to only these episodes, click here. This month’s sponsor is Affiliated Monitors, Inc.
Tom Fox is the Compliance Evangelist and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.
A recently released study from the AICPA and NC State show that despite the constant drumbeat for improving and formalizing risk management processes, most organizations are still way behind in their efforts. When 60% agree the volume and complexity or risk have changed extensively over the last five years, and 65% of boards are call for “somewhat” to “extensively” increasing managment involvement in risk oversight, why aren’t more organizations on board with implementing ERM (only 34% have “mature” or “robust” oversight)? We’ll unpack the results of the study, discuss some of the reasons and implications this has on organizations, internal audit, and how to use ERM as a strategic advantage.
Jason Mefford is joined by Joseph McCafferty, Editor & Publisher of Internal Audit 360 who recently reported on this study in an article. https://internalaudit360.com/
You can access Joe’s article “Report: Companies Lad on Improving Risk Management” at https://internalaudit360.com/report-companies-lag-on-improving-risk-management-programs/
Jason Mefford is a Rock Star – Internal Audit, Risk Management and Compliance. He helps Chief Audit Executives (CAE) and professionals with technical & soft-skills training and coaching to navigate the mine fields of audit, risk and compliance in organizations. http://www.jasonmefford.com/ and http://www.meffordassociates.com
Apple Podcast: https://itunes.apple.com/us/podcast/jamming-with-jason-mefford/id1456660699
PodBean: https://jammingwithjason.podbean.com/
In this five-part series, Mike Volkov and Tom Fox consider COVID-19 from a variety of angles and perspectives; from the Board of Directors, the CCO, the ethical company, new laws and regulations, crisis management and leadership. In this fourth episode, we consider the role of the Chief Compliance Officer and why compliance must step up to the corporate forefront to meet these challenges. Highlights from the podcast include:
- Why compliance must NEVER sleep during the coronavirus crisis.
- What are some of the specific tactics a CCO can employ during the coronavirus crisis?
- What technological solutions can a CCO bring to bear?
- What time horizons are you considering?
- Why the COVID-19 crisis should force you to be creative?
- Why culture assessments are a key tool for a CCO during this crisis.
- How will enforcement view the coronavirus crisis three to five years from now?
Resources
Mike Volkov
Business Response
Tom Fox
Getting Started
Specific Tactics a CCO Can Employ
A Video Isn’t Just a Video
Eric Feldman on Culture Assessments During Coronavirus Crisis
According to Frank