In today’s edition of Daily Compliance News:
Welcome to the Day 3 of the five-day podcast series Jay Rosen and I are producing in honor of the latest Star Wars movie The Rise of Skywalker Each day over this week, Jay and I will review a Star Wars movie and discuss it from the compliance perspective. Today, we consider Episode VI, Return of the Jedi and effective training.
In this final movie from the original three, the good guys win in the end after overcoming incredible odds. Many fans and critics panned it for including the incredibly cute and furry Ewoks on the moon named Endor as a part of the storyline. Many thought one very tall Wookie was enough cuteness for the series. This movie’s big reveal was that Luke and Princess Leia were twins and that she was now free to unabashedly pursue bad boy Han Solo. While Episode VI was the lowest grossing film of the original three, coming in at only $572MM worldwide, it was still a great ride and visually stunning. George Lucas’ in-house organ, Industrial Light & Magic (ILM), certainly earned their title for their special effects in the movie. The Sarlacc battle sequence was great, the speeder bike chase on the Endor moon was way cool and the space battle between Rebel and Imperial pilots was a great ride.
I have adapted an approach from Joel Smith on his Inhouse Owl website to help determine compliance training effectiveness.
1.What you want to measure. Before you ever train an employee, you should have a goal in mind. What actions do you want employees to take? What risks do you want them to avoid? In compliance, you want them to avoid non-ethical and non-compliant actions that would lead to compliance violations. The goal is to train employees to follow your Code of Conduct and your compliance program policies and procedures so you avoid liability related to actions.
2. What is employee engagement? The next step is to get a sense of whether employees feel that the training you provided is relevant and targeted to their job. If it’s not targeted, employees will likely not be committed to changing risky behavior. You can get data on employee engagement through a quick post-training survey, which will help you isolate and qualify the training benefit.
3. Did employees actually learn anything? A critical part of any employee training is the assessment. If you want to understand the “benefit” of training employees, you must know whether they actually learned anything during training. You can collect this data in a number of ways, but for compliance training, the best way is to measure pre-and post-training understanding over time. Basically, each time you train an employee, measure comprehension both before and after training.
4. Are employees applying your training? You need to conduct a survey to determine employee application and their implementation of the training topics. To do so, you must conduct employee surveys to understand whether they ceased engaging in certain risky behaviors or better yet understand how to conduct themselves in certain risky situations. These surveys can provide a good sense of whether the training has been effective.
Join us tomorrow where we consider The Force Awakens and disruptive innovation in compliance.
Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly and I go into the weeds about the new DOJ, National Security Division’s Export Controls and Sanctions Enforcement Policy for Business Organizations.
Some of the highlights include:
- Why is there no declination available?
- What aggravating factors are different between this policy and the FCPA policy?
- What is an effective compliance program under this Policy and the OFAC Compliance Framework?
- Who do you self-disclose to first if you uncover a trade sanctions violation?
- Is this policy coordinated with other cooperation agreements?
- What are the lessons learned for a corporate compliance program?
- What does all this mean for compliance professionals going forward?
Resources
Matt’s blog post Cooperation for Sanctions Violations in Radical Compliance.
Welcome to the Day 2 of a five-day podcast series Jay Rosen and I are producing in honor of the latest Star Wars movie The Last Jedi. Each day over this week, Jay and I will review a Star Wars movie and discuss it from the compliance perspective. Today, we consider Episode V, The Empire Strikes Back and due diligence.
This movie is my personal favorite of the initial trilogy. During the climactic battle between Luke Skywalker and Darth Vader, there is the BIG REVEAL where Vadar utters the immortal line, “I AM YOUR FATHER”. In the context of knowing who you are doing business with under the Foreign Corrupt Practices Act or UK Bribery Act. I once heard a company President say he did not need to perform due diligence because he looked a man in the eyes and that was enough to know if he was honest. (I should add, this company President also evaluated the strength of a handshake as an additional level of due diligence.) Hopefully we have moved past this level of sophistication for due diligence and its evaluation thereof.
There are three levels of due diligence and you must make a determination which is appropriate for the entity or person you are investigating. If a red flag appears it must be cleared or a risk management strategy articulated to allow moving forward.
Level I
First level due diligence typically consists of checking individual names and company names through several hundred Global Watch lists comprised of anti-money laundering (AML), anti-bribery, sanctions lists, coupled with other financial corruption and criminal databases. Level I due diligence addresses such basic issues as whether the third party actually exists, the identities of management, officers, directors and shareholders and whether such persons are on regulators’ watch lists. It can also provide some basic information on whether there are politically exposed persons (PEPs) involved in the third party. Finally, if there are any media reports linking the company to corruption.
Level II
Level II due diligence encompasses supplementing Level I due diligence with a deeper screening of international media, typically the major newspapers and periodicals from all countries plus detailed Internet searches. Such inquiries will often reveal other forms of corruption-related information and may expose undisclosed or hidden information about the company, the third party’s key executives and associated parties. Level II can give you information on adverse litigation, any bankruptcy proceedings, overt signs of financial difficulty. More generally it will also provide local online information such as corporate filings, regulatory filings, lawsuits and locally archived materials. You also be able to determine if there were any in-country investigations or sanctions from regulatory entities.
Level III
This level is the deep dive. It will require an in-country ‘boots-on-the-ground’ investigation and is designed to supply your company “with a comprehensive analysis of all available public records data supplemented with detailed field intelligence to identify known and more importantly unknown conditions. Seasoned investigators who know the local language and are familiar with local politics bring an extra layer of depth assessment to an in-country investigation.
Now imagine if Luke had performed a more robust level of due diligence on Darth Vadar? Would he have been able to find out Darth Vadar was his father? Perhaps not but then again, we might not have heard that seminal line “I AM YOUR FATHER”.
Join us tomorrow where we consider Return of the Jedi and effective training.
This week’s guest on the Innovation In Compliance show is Krista Hardwick, General Counsel at Deputy. Deputy brings an innovative solution to managing compliance and legal risk around scheduling. Krista chats with Tom Fox about how her company’s software helps business owners stay compliant with fair wage and hour laws, as well as increase profitability.
Analyzing Shift Work
Deputy recently released a free ebook entitled The United States of Shift Work, based on their study of 1million shift hours over the course of a year. They were able to conclude that there are many similarities among the different generations of shift workers with regard to the hours they worked vs hours they were scheduled. On average, workers were rostered to work just a few hours more than they actually worked. Krista says that this shows that managers and business owners are complying with the fair workweek laws which state that workers should not be required to work more than they are scheduled. It also implies that business leaders do not want workers to work overtime, which would trigger overtime compliance regulations. Tom comments that this relates directly to the key issues of fairness in the workplace and sustainability.
How Deputy Helps Businesses Be Compliant
Krista advises business owners to love their employees. Keeping your employees happy will help your business be more successful in the long run. She discusses the fair workweek laws that are being implemented across the country, which require businesses to post schedule weeks in advance and not change them once posted. Deputy’s tool, she says, help owners stay compliant with these laws, so they can focus on growing their business. Business owners should also be focusing on creating an optimal schedule that minimizes payroll costs for the company, Krista points out. Deputy partners with Widget Brain to do customized labor forecasting for their clients: they help you create an optimal schedule based on your forecasted profits for each hour of the day. This shows that effective compliance can create greater business efficiency, leading to greater profitability, Tom comments. Krista adds that it also minimizes the chance of a wage and hour audit.
Corporations Need To Respond To People
The number of shift workers is increasing and will continue to increase, Krista says. Due to the amendment to the Department of Labor rules, many workers who are now considered salaried employees will be converted to shift workers and paid an hourly rate come January 2020. Krista says that another issue companies should consider is that Gen-Z’ers are working fewer hours than previous generations. Their work preferences are different, added to which, they have choices about where they want to work and the kind of work they want to do. These issues are important when doing scheduling and workforce management. Tom says that this speaks to how corporations need to respond to people, instead of people responding to corporations.
Resources
Deputy.com
The United States of Shift Work
Deputy on Facebook | LinkedIn | Twitter | Instagram
Categories
A New Hope and Risk
Welcome to the first day of a five-day podcast series Jay Rosen and I are releasing in honor of the latest Star Wars movie The Rise of Skywalker. Each day over this week, Jay and I will review a Star Wars movie and discuss it from the compliance perspective. Today, we consider Episode IV, A New Hope and risk.
The full series schedule is:
Monday, December 16, A New Hope and risk.
Tuesday, December 17, The Empire Strikes Back and due diligence.
Wednesday, December 18, Return of the Jedi and effective training.
Thursday, December 19, The Force Awakens and disruptive innovation in compliance.
Friday, December 20, The Last Jedi and the Board’s role in succession.
One of the plotlines is that the Galactic Empire has created a Death Star with enough firepower to destroy a planet. The Rebel Alliance is determined to destroy the Death Star and has blueprints detailing the defensive posture of the Death Star. A computer analysis determines a weakness in the Death Star’s defensive shield. At one point, the Death Star’s commander, Grand Moff Tarkin, played by Peter Cushing, is told there is a ‘risk’ in the Rebel’s plan of attack. Tarkin dismisses this risk as insignificant. Of course, Luke Skywalker then proceeds to exploit this risk and destroy the Death Star.
Tarkin’s incorrect assessment of this risk was lethal. Today I want this part of the story to introduce the subject of how you evaluate compliance risk under the Foreign Corrupt Practices Act (FCPA) or an economic sanctions regime. Failure to appreciate risk can lead to some very serious and perhaps lethal consequences.
Whether you utilize one approach or another, analyzing the results of your risk assessment is as important as doing the risk assessment. With the recent Department of Justice (DOJ) remarks around how they will review the effectiveness of compliance programs during an enforcement action to determine potential credit or even granting a declination, the stakes have never been higher. Of course, for Grand Moff Tarkin, his refusal to analyze the risk assessment presented to him was fatal.
Join us tomorrow where we consider The Empire Strikes Back and due diligence.
In today’s edition of Sunday Book Review:
- Big Wonderful Thing by Stephen Harrington
- Border Land, Border Water by CJ Alverez
- Taking the Land to Make the City by Mary Ryan
- No Way But To Fight by Andrew RM Smith