Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 26 – CCO Authority and Independence

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 26, we ponder the evolving stature and authority of the CCO within organizations, as highlighted by recent guidelines and regulations. The 2020 FCPA Resource Guide emphasizes the importance of the CCO’s direct reporting line to the board and senior management status. The DOJ’s updated Corporate Enforcement Policy has further enhanced the prestige and role of the CCO, introducing key factors like the quality, experience, authority, independence, compensation, and reporting structure of the CCO. The episode also touches on the significance of the Delaware Court of Chancery’s decision in the McDonald’s case, which formalized the oversight duties of corporate officers, positioning the CCO as the second-most important role in an organization. Key takeaways include demonstrating real authority for the CCO, evaluating their professional qualifications, and assessing their actual status within your company.

Key highlights:

  • Key Inquiries Around the CCO and Compliance Function
  • Importance of CCO Certification and Court Decisions
  • Critical Takeaways for Compliance Professionals

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 25 – Responding to Investigative Findings

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 25, we consider the critical importance of addressing investigative findings within a corporate compliance framework. When a whistleblower report, DOJ subpoena, or SEC notice brings compliance violations to light, it commands the board’s and senior management’s attention. The initial outrage and ethical proclamations that follow are often a prelude to the need for a serious reality check regarding costs and time outlays for remediation. The key is maintaining transparency and solid communication between those investigating and those responsible for remediation, ensuring compliance gaps are effectively identified and addressed. Today’s takeaways emphasize using the heightened attention for compliance improvement, recognizing the interplay between investigation and remediation, and being ready to answer the ‘where else’ question effectively. Join us tomorrow as we explore the authority and independence of Chief Compliance Officers.

Key highlights:

  • The Impact of Investigations on Compliance
  • Communicating Costs and Risks
  • Ensuring Effective Communication

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
Kerrville Weekly News Roundup

Kerrville Weekly News Roundup: January 25, 2025

Welcome to the Kerrville Weekly News Roundup. Each week, veteran podcaster Tom Fox and his colleagues Andrew Gay and Gilbert Paiz get together to go over a couple of their favorite stories from the past week from Kerrville and the greater Hill Country. Sit back, enjoy a cup of morning coffee and listen in to get a wrap-up of the Kerrville Weekly News. We each consider two of our favorite stories and talk about the upcoming weekend’s events, which we will enjoy or participate in this weekend.

In this episode, Tom returns to take a look at some of the things that caught his attention over the past week.

Stories Include:

  • Jordan leaves KEDC
  • Arch Ray to treat and reuse wastewater for development in Frederiksberg
  • Frederiksberg  convicted for defrauding Medicare
  • New exhibit at the Museum of Western Art
  • Friends of the Library make donation
  • First Star Party of the Year

Resources:

Tom Fox on LinkedIn

Gilbert Paiz on LinkedIn

Andrew Gay on LinkedIn

Texas Hill Country Podcast Network

The Lead

Kerrville Daily Times

Categories
10 For 10

10 For 10: Top Compliance Stories for the Week Ending January 25, 2025

Welcome to 10 For 10, the podcast that brings you the week’s Top 10 compliance stories in one podcast each week. Tom Fox, the Voice of Compliance, brings to you, the compliance professional, the compliance stories you need to be aware of to end your busy week. Sit back, and in 10 minutes hear about the stories every compliance professional should be aware of from the prior week. Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for the compliance professional, all curated by the Voice of Compliance, Tom Fox. Get your weekly filling of compliance stories with 10 for 10, a podcast produced by the Compliance Podcast Network.

  • Great risk for Germany to invest in China. (FT)
  • Vietnam dismantles AML ring. (Aljazeera)
  • Administration ramps up attacks on DEI . (NYT)
  • Ukraine chief psychiatrist arrested on corruption charges. (BBC)
  • Ex-Everton player and China coach jailed for bribery. (ESPN)
  • KPMG under FRC investigation yet again. (Bloomberg)
  • Tariff whiplash coming. (Bloomberg)
  • WFH not ‘real work’. (BBC)
  • More conflict mineral allegations against Apple from DRC. (FT)
  • Trash compliance-it’s a thing. (Gothamist)

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

You can check out the Daily Compliance News for four curated compliance and ethics-related stories each day here.

Connect with Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 24 – Internal Reporting and Triage

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 24, we look into the critical internal reporting process and triaging of FCPA claims. As the CCO, you will oversee the initial steps when suspicious activities are reported. Jonathan Marks’ five-step process on early assessment of incoming information is explored, providing a structured approach for evaluating the severity of allegations from low-threat level to crisis management mode. Moreover, this episode emphasizes the necessity of effective hotlines, trained managers, and a culture of listening to employees to foster a safe reporting environment. Key takeaways include the DOJ and SEC’s emphasis on internal reporting lines, regularly testing hotlines, and the triage of claims to ensure appropriate investigation levels.

Key highlights:

  • Guidelines for Effective Compliance Programs
  • Jonathan Marks’ Five-Step Process for Early Assessment
  • Key Takeaways

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Categories
Presidential Leadership Lessons for the Business Executive

Presidential Leadership Series – Herbert Hoover’s Rise, Part 1: From Poverty to the Presidency

Who are our greatest Presidents? What lessons can the modern-day business leader learn from our 47 Chiefs of State? Welcome to a new season of this award-winning podcast series with Tom Fox and Richard Lummis to delve into the great and not-so-great Presidents to mine their successes and failures for today’s business executives. In this episode, Tom Fox and Richard Lummis begin a two-part series on the life and times of Herbert Hoover. In Part 1, we look at Hoover’s beginnings and the time up to his presidential election 1928.

We begin with Hoover’s humble beginnings, rise as the first president born west of the Mississippi, and extensive international business and humanitarian efforts. Key questions include the significance of a pre-presidential resume and how one determines the qualifications for leadership without prior experience. Highlights include Hoover’s tenure during World War I, his visionary work in the U.S. Food Administration, and significant contributions to infrastructure projects like the Colorado River Compact and the Hoover Dam. This episode also touches on Hoover’s progressive policies despite being overwhelmed by the Great Depression during his presidency.

Key highlights:

  • Early Life and Education
  • Hoover’s Business Career
  • Humanitarian Efforts During WWI
  • Political Career and Secretary of Commerce
  • Conclusion and Final Reflections

Resources-Herbert Hoover

UVA Miller Center-overview

Life Before Presidency

Work in Europe

As Secretary of State

Presidency

First Amendment and Supreme Court

Great Depression

Top Quotes

Brainy Quotes

Categories
Creativity and Compliance

Creativity and Compliance – Creative Approaches to Corporate Compliance with Tyson Avery

Where does creativity fit into compliance? In more places than you think. Problem-solving, accountability, communication, and connection – they all take creativity. Join Tom Fox and Ronnie Feldman on Creativity and Compliance, part of the award-winning Compliance Podcast Network.

Ronnie’s company, Learnings, and Entertainment, utilizes the entertainment devices people use to consume information in their everyday, non-work lives and apply it to important topics around compliance and ethics. It is not only about being funny. It is about changing the tone of your compliance communications and messaging to make your compliance program, policies, and resources more accessible. In this episode of Creativity and Compliance, host Tom Fox and Ronnie Feldman are joined by Tyson Avery, the former Chief Ethics Compliance Officer at Starbucks and current Deputy General Counsel and Compliance Officer for Lucid Motors.

They discuss innovative strategies to make ethics and compliance engaging within organizations. Tyson shares insights into how he has leveraged creative methods to make serious compliance topics more relatable and accessible, emphasizing the importance of aligning corporate values with effective compliance programs.

One of the standout moments in the episode is Tyson’s recounting of the ‘Wally Awards,’ a unique initiative aimed at normalizing misconduct reporting and fostering a culture of transparency and trust. Through creative anonymization and employee engagement, the Wally Awards highlighted significant misconduct cases without compromising confidentiality, thereby encouraging ethical behavior across the company. The episode underscores the need for continuous, relatable, and engaging communications to embed compliance into the organizational culture.

Key highlights:

  • The Importance of Creativity in Compliance
  • Making Ethics Relatable
  • The Wally Awards: A Creative Compliance Initiative
  • Building Engagement and Trust
  • Advice for Implementing Creative Compliance

Resources:

Ronnie

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
2 Gurus Talk Compliance

2 Gurus Talk Compliance – Episode 44 – The Snow in Texas Edition

What happens when two top compliance commentators get together? They talk compliance, of course. Join Tom Fox and Kristy Grant-Hart in 2 Gurus Talk Compliance as they discuss the latest compliance issues in this week’s episode!

Stories this week include:

  • Former Wells Execs Fined Millions (Radical Compliance)
  • Another Example of Weak Governance (Radical Compliance)
  • Can a Computer Learn to Speak Trader? (WSJ)
  • Florida Chipotle worker installed tracking device on ex-fling’s car in hopes he would ‘run into’ her: complaint (NY Post)
  • Wells Fargo banks on (Not) risky business. (PYMNTS.com)
  • What is forced labor? (BBC)
  • KPMG will open a US law firm in AZ.  (Reuters)
  • Return To Office compliance. (Bloomberg)
  • What is the Conference of State Bank Supervisors, and why is fining Block $80MM?(CSBS)
  • 10 Workplace Trends for 2025: What’s In and What’s Out? (Gensler)

Resources:

Kristy Grant-Hart on LinkedIn

Spark Consulting

Prove Your Worth

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

Daily Compliance News: January 24, 2025, The DEI Goes to War Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

  • Buc-ee’s as a small-town growth machine. (Bloomberg)
  • Great risk for Germany to invest in China. (FT)
  • Vietnam dismantles the AML ring. (Aljazeera)
  • Administration ramps up attacks on DEI. (NYT)

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Check out The FCPA Survival Guide on Amazon.com.

Categories
Blog

Lessons on Conducting Internal Investigations from Brazil

It is always gratifying when a reader calls you out for your podcasts and postings. It is even more so when your work inspires them to join in the conversation with a pod or post of their own. I was, therefore, very intrigued by Priscila Copi, who recently wrote on LinkedIn, “Inspired by an episode of Thomas Fox’s podcast and my own experience, I share best practices in internal investigations and the importance of well-structured protocols to strengthen organizational integrity.” In her piece, Internal Investigations Financial Market, she related that effective internal investigations are not just a cornerstone of a robust compliance program but a testament to an organization’s commitment to transparency, integrity, and ethical behavior. Today, I write about her thoughts on the key components of an investigative protocol, the importance of maintaining consistency across global operations, and some lessons we in the United States can draw from Brazilian regulatory frameworks and enforcement cases.

The Importance of Confidentiality, Transparency, and Impartiality

Copi reminds us that at the heart of every internal investigation lies a delicate balance: ensuring confidentiality for all parties involved while maintaining transparency and impartiality. This balancing act is vital for building trust within your organization and with regulators. Confidentiality ensures whistleblowers and witnesses feel safe to come forward without fearing retaliation. Transparency guarantees stakeholders, including employees and regulators, trust the investigation process. Impartiality ensures that the findings of the investigation will withstand scrutiny both internally and externally. These principles are not just ethical imperatives but essential for mitigating legal risks and protecting corporate reputation.

The Components of an Effective Investigative Protocol

It is no secret that well-structured investigative protocol is the backbone of a credible compliance program. Copi is kind enough to cite my five-step process that should form the foundation of any investigation:

  • Opening and Categorizing the Case

The process begins by identifying and categorizing the alleged violation. This step involves notifying relevant stakeholders, including senior management and the investigative team. Categorization determines the course of the investigation, helping allocate resources and ensuring alignment with regulatory requirements.

  • Planning the Investigation

In this phase, the investigative team develops a comprehensive plan, which may involve reviewing documents, quarantining data, and identifying individuals for interviews. Each step must adhere to strict evidentiary standards to ensure findings are admissible and defensible if challenged.

  • Executing the Investigative Plan

Execution should follow a logical sequence. For instance, document reviews should precede interviews, ensuring that interviewers are well-informed and can ask meaningful questions. This phase also requires meticulous documentation to create a clear audit trail.

  • Monitoring the Investigation

Monitoring ensures that the investigation stays on track and addresses all relevant questions. Preliminary findings should be reviewed to identify gaps or areas needing further clarification. Proper storage of evidence is critical to maintaining its integrity.

  • Closing the Case

The investigation concludes with the communication of findings to relevant stakeholders and the preparation of a final report. This report should include detailed documentation of all steps taken, ensuring consistency and materiality, especially if the findings are presented to regulators or used in litigation.

(Ed. Note: This original formulation came from a speech by Jacki Trevino and Jay Martin.)

Why Uniform Protocols Matter 

Copi reminds multinational American organizations that maintaining uniformity in investigative protocols is critical. A documented and standardized approach minimizes the risk of inconsistent findings, which can undermine the credibility of your compliance program. However, uniformity must be balanced with local adaptation. For instance, what works at headquarters may not be workable or appropriate for subsidiaries in jurisdictions with different cultural or legal norms. In such cases, close collaboration with local legal teams and alignment with headquarters is essential to maintain consistency and compliance with local laws.

Lessons from Brazil’s Regulatory Framework 

After setting the stage, Copi offers real guidance to North American compliance professionals by reviewing Brazilian anti-corruption law, key enforcement actions, and company responses. Brazil offers a compelling case study on the importance of robust investigative protocols, given its strong regulatory frameworks like the Anti-Corruption Law and sector-specific regulations enforced by entities such as the Central Bank of Brazil (Bacen), the Securities and Exchange Commission (CVM), and the Superintendence of Private Insurance (SUSEP).

1. Brazilian Anti-Corruption Law

This landmark legislation, the Clean Companies Act, emphasizes the importance of corporate integrity programs, which must include whistleblowing channels, investigative protocols, and employee training. Companies that show robust compliance measures may see reduced penalties in enforcement actions. Odebrecht entered into a leniency agreement under this law, which involved repaying embezzled funds and implementing stringent compliance measures. The case highlights how transparency and cooperation can mitigate reputational and financial damage.

2. Bacen’s Circular

The Central Bank’s regulations focus on preventing money laundering and terrorist financing. Financial institutions must implement detailed investigative protocols and ensure comprehensive documentation to identify and report suspicious activities.

Bacen’s intrusive inspections exemplify how regulators scrutinize compliance. Recent cases involving credit market fraud, misuse of foreign exchange transactions, and FinTech-related fraud underscore the importance of a robust investigative framework.

3. CVM and SUSEP Regulations

The CVM’s Instruction 607/2019 and SUSEP’s CNSP Resolution 382/2020 emphasize transparency, good governance, and whistleblower protections. Recent enforcement actions against XP Investimentos and ModalMais demonstrate the CVM’s commitment to holding companies accountable for infractions, such as front-running and inadequate disclosures.

Practical Takeaways for Compliance Professionals

What lessons can the American compliance professional draw from Copi’s experience and overview?

1. Invest in Investigative Training

Investigative protocols are only as effective as the people implementing them. Regular training for compliance teams, internal auditors, and other stakeholders ensures they understand their roles and responsibilities.

2. Leverage Technology

Technology can streamline investigations by automating document review and data analysis tasks. Advanced analytics can also identify patterns that may indicate misconduct.

3. Build a Culture of Integrity

An effective investigative process starts with a strong corporate culture. Encourage employees to speak up by fostering trust in whistleblowing channels and demonstrating that reports are taken seriously.

4. Document Document Document

Always remember, even in the international context, it never happens if it is not documented in a regulator’s eyes. This translates to detailed documentation that ensures consistency and serves as critical evidence in enforcement actions or litigation.

5. Adapt to Local Contexts

Tailor investigative protocols to align with local legal and cultural norms while maintaining overall consistency with global standards.

The Role of Leadership in Investigations

Leadership buy-in is essential for the success of any investigative process. Senior executives must set the tone from the top, demonstrating a commitment to transparency and accountability. This commitment ensures that investigations are adequately resourced and findings are acted upon regardless of the individuals or departments involved.

Internal investigations are more than just a compliance requirement; they reflect an organization’s ethical backbone. By adhering to best practices and learning from regulatory frameworks like those in Brazil, companies can ensure that their investigative processes address misconduct and foster a culture of trust and integrity.

Copi reminds us that a strong investigative protocol is not just about compliance but about building a sustainable and ethical business. By embedding these principles into your compliance program, you can confidently navigate the complexities of internal investigations, ensuring regulatory compliance and organizational resilience.