Categories
Great Women in Compliance

Great Women in Compliance: Rupert Evill on Prioritizing Employee Well-Being in Risk Management

Welcome to the Great Women in Compliance Podcast. How can you make risk management more relevant? In this episode, Hemma Lomax visits with Rupert Evill, a seasoned expert in human-centered risk management with a diverse background spanning over 50 countries and 30 sectors and a strong academic foundation in business, international relations, and sustainability.

Rupert’s perspective on human-centered risk management is deeply rooted in the importance of understanding and valuing the personal and human aspects of risk. He emphasizes the need to consider values, ethics, and beliefs when assessing and managing risks, and highlights the significance of empathy, compassion, and curiosity in the process. His belief is that making risk management relevant involves engaging with local perspectives and experiences, acknowledging the realities faced by individuals in different contexts, and building relationships based on mutual understanding and respect. This perspective has been shaped by his extensive experience in due diligence, intelligence gathering, and counter-espionage, as well as his work with mid-caps and SMEs through his company, Ethics Insight.

Key Highlights:

  • Strength-Based Approach to Ethical Risk Management
  • Enhancing Employee Engagement through Simplified Communication
  • Empathy-driven Approach to Addressing Systemic Challenges
  • Fostering Ethical Culture Through Employee Engagement
  • Strategic Alignment for Effective Compliance Functions
  • Individual-Focused Risk Mitigation Strategies
  • Fostering Psychological Safety for Informed Decision-Making
  • Practical Risk Management Strategies for Businesses

Resources:

Join the Great Women in Compliance community on LinkedIn here.

Categories
Compliance Into the Weeds

Compliance into The Weeds: The Gunvor FCPA Enforcement Action

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject more fully. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode, Tom and Matt deeply dive into the recently released Gunvor FCPA Enforcement Action.

The Gunvor FCPA case, a high-profile instance of bribery involving Ecuadorian government officials, is a stark reminder of the perils of corruption in international business and the critical need for stringent compliance measures. Tom emphasizes the importance of adherence to anti-corruption laws and regulations. He stresses the necessity for robust compliance programs and internal controls to prevent such violations and the potential fallout of non-compliance, including reputational damage, financial penalties, and legal repercussions.

Matt Kelly sees the Gunvor FCPA case as a significant example of the consequences companies face when engaging in corrupt practices. He would underscore the importance of strong compliance programs, ethical business practices, transparency, and accountability to prevent similar instances of bribery and corruption in the future. Check out the key lessons learned from this matter.

Key Highlights:

  • Bribery Scheme in Gunvor’s Ecuador Dealings
  • Ethical Practices and Regulatory Compliance Strengthening
  • Gunvor’s Bribery Scheme: FCPA Enforcement Consequences
  • Proactive Transparency in Mitigating Legal Penalties

Resources:

Matt on Radical Compliance

Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Week Conference Podcast

Compliance Week 2024 Speaker Preview Podcasts – Jonathan Rusch on Clawbacks and Holdbacks

In the Compliance Week 2024 Speaker Preview Podcasts episode, Jonathan Rusch discusses his panel at Compliance Week 2024, “Clawbacks, Incentives, and Remediation.” Some of the issues he will discuss in this podcast and his presentation are:

  • DOJ emphasizes clawbacks in remediation
  • The additional role of holdbacks
  • Learn about cutting-edge topics at Compliance Week 2024

I hope you can join me at Compliance Week 2024. This year’s event will be held April 2-4 at The Westin Washington, DC, Downtown. The line-up for this year’s event is first-rate, with some of the top ethics and compliance practitioners around.

Gain insights and make connections at the industry’s premier cross-industry national compliance event, offering knowledge-packed, accredited sessions and take-home advice from the most influential leaders in the compliance community. Back for its 19th year, join 500+ compliance, ethics, legal, and audit professionals who gather to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs. Compliance, ethics, legal, and audit professionals will gather safely face-to-face to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs, among many others, to:

  • Network with your peers, including C-suite executives, legal professionals, HR leaders, and ethics and compliance visionaries.
  • Hear from 80+ respected cross-industry practitioners, including CEOs, CCOs, regulators, federal officials, and practitioners, to help inform and shape the strategic direction of your enterprise risk management program.
  • Hear directly from panels on leadership, fraud detection, confronting regulatory change, abiding by cross-border rules and regulations, and the always-favorite fireside chats.
  • Bring actionable takeaways from various session types, including cyber, AI, Compliance, Board obligations, data-driven compliance, and many others, to your program for you to listen, learn, and share.
  • Compliance Week aims to arm you with information, strategy, and tactics to transform your organization and career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Compliance Week is offering a $200 discount on the registration price. Enter the discount code TFOX2024 for $200 off.

The Compliance Podcast Network produces the Compliance Week 2024 Preview Podcast series. Compliance Week sponsors this series.

Categories
Blog

Ten Top Lessons from Recent FCPA Settlements – Lesson No. 6, Clawbacks and Holdbacks

Over the past 15 months, the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have made clear, through three Foreign Corrupt Practices Act (FCPA) enforcement actions and speeches, their priorities in investigations, remediations, and best practices compliance programs. Every compliance professional should study each of these enforcement actions closely for the lessons learned and direct communications from the DOJ. They should guide not simply your actions should you find yourself in an investigation but also how you should think about priorities.

The three FCPA enforcement actions are ABB from December 2022, Albemarle from November 2023, and SAP from January 2024. Taken together, they point out a clear path for the company that finds itself in an investigation: using extensive remediation to avoid a monitor. They also provide insight for the compliance professional into what the DOJ expects in an ongoing best practices compliance program.

Over a series of blog posts, I will lay out what I believe are the Top Ten lessons from these enforcement actions for compliance professionals who find themselves in an enforcement action. Today we continue  with Number 6, Clawbacks and Holdbacks. These strategies are relatively new to the DOJ’s arsenal, and they want companies to employ them in enforcement actions. While the DOJ and SEC have long made clear that they view monetary structure for incentive compensation, as far back as the FCPA Resource Guide, 1st edition (2012), they did not focus as intensely on the disincentive side of the equation. Prior to the Monaco Memo, clawbacks had not been generally seen as a necessary part of a compliance program.

This began to change in the Monaco Memo. It is now unequivocally required by the DOJ and listed as a crucial area of DOJ inquiry in the 2023 Evaluation of Corporate Compliance Programs. Moreover, having such a penalty in place is also seen as part of an excellent corporate culture, which not only penalizes those who engage in unethical behavior in violation of a company’s policies and procedures but will also “promote compliant behavior and emphasize the corporation’s commitment to its compliance programs and its culture.”

The DOJ was told to look into whether companies have “clawback” clauses in their pay agreements and whether “as soon as the company found out about the misconduct, the company has, as much as possible, taken affirmative steps to carry out such agreements and clawback compensation previously paid to current or former executives whose actions or omissions led to or contributed to the criminal conduct at issue.”

The Monaco Memo directed “to develop further guidance by the end of the year on how to reward corporations that develop and apply compensation clawback policies, including how to shift the burden of corporate financial penalties away from shareholders—who in many cases do not have a role in misconduct—onto those more directly responsible.” This clause is an effort by the DOJ to keep companies from shielding recalcitrant executives from the consequences of their own illegal and unethical conduct.

However, the Monaco Memo clarified that it is not simply having a written policy and procedure. If warranted, there must be corporate action under the clawback policy and procedure. In the Albemarle and SAP enforcement actions, the DOJ evaluated the companies’ actions, “Following the corporation’s discovery of misconduct, a corporation has, to the extent possible, taken affirmative steps to execute on such agreements and clawback compensation previously paid to current or former executives whose actions or omissions resulted in or contributed to the criminal conduct at issue.”

Albemarle

Albemarle went in a different direction—not clawbacks, but holdbacks. While the DOJ has made much noise about clawbacks from recalcitrant executives, Albemarle engaged in holdbacks, where they did not pay bonuses to certain employees involved in the conduct or those who had oversight. The NPA stated, “The company withheld bonuses totaling $763,453 during the course of its internal investigation from employees who engaged in suspected wrongdoing.” The illegal conduct involved those who “(a) had supervisory authority over the employee(s) or business area engaged in the misconduct; and (b) knew of, or were willfully blind to, the misconduct.” The significance of this effort was vital as it qualified Albemarle for an additional fine reduction of a dollar-for-dollar credit of the amount of the withheld bonuses under the Criminal Division’s March 2023 Compensation Incentives and Clawbacks Pilot Program. 

SAP

SAP had extensive holdbacks as well. The DPA noted SAP withheld bonuses totaling $109,141 during the course of its internal investigation from employees who engaged in suspected wrongdoing in connection with the conduct under investigation, or who both (a) had supervisory authority over the employee(s) or business area engaged in the misconduct and (b) knew of, or were willfully blind to, the misconduct, and further engaged in substantial litigation to defend its withholding from those employees, which qualified SAP for an additional fine reduction in the amount of the withheld bonuses under the DOJ’s Compensation Incentives and Clawbacks Pilot Program.

The DOJ has given significant credit to both Albemarle and SAP for their holdbacks, and we would expect them to continue to do so. If your organization has not instituted a Clawback/Holdback Policy, now is the time to do so rather than wait until you are in the middle of an investigation or enforcement action. Also, remember that the DOJ gives a dollar-for-dollar credit on any settlement where the company engaged in either clawbacks or holdbacks.

Categories
Compliance Week Conference Podcast

Compliance Week 2024 Speaker Preview Podcasts – William Nelson on Building Out a Compliance Program

In this episode of the Compliance Week 2024 Speaker Preview Podcasts series, William Nelson discusses his panel at Compliance Week 2024, “Building a Compliance Organization from the Ground Up.”. Some of the issues he will discuss in this podcast and his presentation are:

  • Building out a compliance program from the ground up
  • The nuts and bolts of compliance
  • Learning about AI in compliance and other cutting-edge topics at Compliance Week 2024

I hope you can join me at Compliance Week 2024. This year’s event will be held April 2-4 at The Westin Washington, DC, Downtown. The line-up for this year’s event is first-rate, with some of the top ethics and compliance practitioners around.

Gain insights and make connections at the industry’s premier cross-industry national compliance event, offering knowledge-packed, accredited sessions and take-home advice from the most influential leaders in the compliance community. Back for its 19th year, join 500+ compliance, ethics, legal, and audit professionals who gather to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs. Compliance, ethics, legal, and audit professionals will gather safely face-to-face to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs, among many others, to:

  • Network with your peers, including C-suite executives, legal professionals, HR leaders, and ethics and compliance visionaries.
  • Hear from 80+ respected cross-industry practitioners who are CEOs, CCOs, regulators, federal officials, and practitioners to help inform and shape the strategic direction of your enterprise risk management program.
  • Hear directly from panels on leadership, fraud detection, confronting regulatory change, abiding by cross-border rules and regulations, and the always-favorite fireside chats.
  • Bring actionable takeaways to your program from various session types, including cyber, AI, Compliance, Board obligations, data-driven compliance, and many others, for you to listen, learn, and share.
  • Compliance Week aims to arm you with information, strategy, and tactics to transform your organization and career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Compliance Week is offering a $200 discount on the registration price. Enter the discount code TFOX2024 for $200 off.

The Compliance Week 2024 Preview Podcast series is a production of the Compliance Podcast Network. Compliance Week is the sponsor of this series.

Categories
Blog

Ten Top Lessons from Recent FCPA Settlements – Lesson No. 5, Data Analytics

Over the past 15 months, the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have made clear, through three Foreign Corrupt Practices Act (FCPA) enforcement actions and speeches, their priorities in investigations, remediations, and best practices compliance programs. Every compliance professional should study these enforcement actions closely for the lessons learned and direct communications from the DOJ. They should guide not simply your actions should you find yourself in an investigation but also how you should think about priorities.

The three FCPA enforcement actions are ABB from December 2022, Albemarle from November 2023, and SAP from January 2024. Taken together, they point a clear path for the company that finds itself in an investigation, using extensive remediation to avoid monitoring, and provide insight for the compliance professional into what the DOJ expects in a best practices compliance program on an ongoing basis.

Over a series of blog posts, I will lay out what I believe are the Top Ten lessons from these enforcement actions for compliance professionals who find themselves in an enforcement action. Today, we continue with Number 5, Data Analytics. Data analytics was previously seen as cutting-edge in compliance. Now, they are recognized as part of a best practices compliance program. By this time next year, they will be table stakes for every compliance program. However, the DOJ specifically called out the use of data analytics in these three enforcement actions and the incorporation of data analytics into their compliance regimes in the future.

Albemarle

Albemarle’s NPA specifically called out the Company’s use of data analytics in two ways. The first was to monitor the Company’s compliance program, and the second was to measure the compliance program’s effectiveness. While this language follows a long line of DOJ pronouncements, starting with the 2020 Update to the Evaluation of Corporate Compliance Programs, about the corporate compliance functions’ access to all company data, this is the first time it has been called out in a settlement agreement in this manner. Moreover, although not explicitly tied to the lack of a required corporate monitor, it would appear that by using data analytics, Albemarle was able to satisfy the DOJ requirement for implementing controls and then effectively testing them throughout the pendency of the DOJ investigation.

Andrew McBride, Chief Risk & Compliance Officer at Albemarle. He noted that if you think about each element of a compliance program—policies and procedures, training, due diligence, and pre-approvals—and your investigation process, a recurring theme throughout is the role of data to test that those program elements are working as you intend. McBride believes there are four critical purposes for using data and data analytics to support the ethics and compliance program, which he listed as follows:

  1. Risk Identification Issues. It can be used as a part of transaction testing and auditing to identify problematic behavior, support investigations, and highlight areas of residual risk.
  2. Risk Response. Data analytics can be used as a form of internal control. Albemarle uses data analytics as a form of gatekeeper.
  3. Compliance Program Testing. Data analytics can be used to determine the effectiveness of your ethics and compliance program.
  4. Finally, and perhaps most significantly for the DOJ’s purposes in FCPA enforcement actions, are the reporting requirements to demonstrate that the company meets its requirements as laid out in the resolution documents, whether a DPA, NPA, or other.

SAP

The SAP resolution made several references to data analytics and data-driven compliance. SAP did so around its third-party program and expanded its data analytics capabilities to cover over 150 countries, including all high-risk countries globally. The SEC Order also noted that SAP had implemented data analytics to identify and review high-risk transactions and third-party controls. The SAP DPA follows the Albemarle FCPA settlement by stating that SAP now uses data analytics to measure the compliance program’s effectiveness. This language follows a long line of DOJ pronouncements, starting with the 2020 Update to the Evaluation of Corporate Compliance Programs, about the corporate compliance function’s access to all company data; this is the second time it has been called out in a settlement agreement in this manner. Additionally, it appears that by using data analytics, SAP was able to satisfy the DOJ requirement for implementing controls and then effectively testing them throughout the pendency of the DOJ investigation, thereby avoiding monitoring.

ABB

While not explicitly called out in its DPA, ABB has instituted a significant and company-wide data analytics program as a part of its overall remediation effort. Tapan Debnath, Head of Integrity, Regulatory Affairs, & Data Privacy—Process Automation at ABB, spoke about some of the challenges ABB faced and overcame to institute its data analytics program. He said, “The way data is hosted for us and probably for a lot of organizations is in lots of different places, and there needs to be a lot of data cleanup before we can utilize and use data.” He related that another challenge “for us has also been getting hold of data in different jurisdictions. There may be data privacy laws around data transfer, and there may be blocking statutes around this same thing. So navigating the local law requirements around data transfer, getting a hold of the data, and all of those things have been key challenges, as well as resourcing internally how to do this and getting the external stakeholders to support. I think These key fundamental steps need to be ironed out and looked at early on in the process.”

In November, Nicole Argentieri, Acting Assistant Attorney General for the Criminal Division, speaking at the ACI National FCPA, reported that the DOJ is stepping up its use of data analytics to identify instances of corporate misconduct and will boost its cooperation with overseas law enforcement to bring more anti-corruption cases as well. The DOJ and SEC increasingly focus on data analytics for corporate compliance, signaling higher expectations for larger companies.

Data-driven analytics have become a significant part of any best practices compliance program. The DOJ sees it as a critical remedial step for any company in an FCPA enforcement action. The actions taken by ABB, Albemarle, and SAP demonstrate that the DOJ also wants to impress this upon the greater compliance community.

Categories
Innovation in Compliance

Innovation in Compliance – Keith Laska – Bitcoin: Investment or Monetary System?

Innovation comes in many forms, and compliance professionals need to not only be ready for it but also embrace it. Today, I visited Keith Laska to talk about his work in the realm of bitcoin and as a blockchain educator.

Keith Laska, a professor at Fordham University and founder of learnbitcoin.io, says that Laska’s perspective on bitcoin is that it can serve as both an investment and a monetary system, depending on the individual’s location and use case.

In the United States, he sees bitcoin as a high-growth investment that can outpace inflation, while in countries with high inflation rates like Argentina, Turkey, or Lebanon, he views bitcoin as a more stable and reliable monetary system compared to their local currencies.

This dual perspective is shaped by his extensive experience and dedication to staying at the forefront of the evolving field of bitcoin and blockchain.

Key Highlights:

  • Evolution of Bitcoin from 2009 to ETFs
  • Blackrock’s Successful Spot Bitcoin ETFs Approval
  • Enhancing Compliance with Blockchain Contracts and AI
  • Fluency in Bitcoin: Educating Future Industry Professionals

Resources:

Keith Laska on LinkedIn 

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Tactics To Use in Human Rights Abuse

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In this episode, we consider some of the tactics your organization can employ if it finds itself in a human rights imbroglio.

For more information on Ethico and a free White Paper on top compliance issues in 2024, click here.

Categories
Everything Compliance - Shout Outs and Rants

Shout Outs and Rants – Episode 130, The End of SPACs Edition

Welcome to the only roundtable podcast in compliance as we celebrate our second century of shows.

In this episode, we have the quartet of Jonathan Armstrong, Matt Kelly, Karen Woody, Jay Rosen, and Special Guest Karen Moore, all hosted by Tom Fox, joining us on this episode of Shout Outs and Rants.

1. Matt Kelly shouts out to the Russian people who turned in droves for the funeral of murdered activist Alexei Navalny.

2. Karen Woody shouts out to Caitlin Clark, who set the all-time single season scoring record in college basketball.

3. Special Guest Karen Moore shouts out and rants about UW killing the EU Corporate Sustainability Due Diligence Directive.

4. Jonathan Marks shouts out garbage collectors who saw a house on fire, saved the family inside and warned neighbors all before the Fire Department arrived.

5. Jay Rosen shouts out to the rich getting richer: Shohei Ohtani signing with the LA Dodgers for $700MM and deferring 97% of his salary until 2034 and to Adam Turteltaub, an uber Dodgers fan who might see a Dodgers World Series this year.

6. Tom Fox rants about the Supreme Court intentionally delaying the federal trials of Donald Trump.

The members of the Everything Compliance are:

Jay Rosen – Jay can be reached at Jay.r.rosen@gmail.com.

Karen Woody – One of the top academic experts on the SEC. Woody can be reached at kwoody@wlu.edu

Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com

Jonathan Armstrong – is our UK colleague, who is an experienced data privacy/data protection lawyer in London.

Jonathan Marks can be reached at jtmarks@gmail.com.

Special Guest Karen Moore is an Adjunct Professor at the Fordham School of Law. She can be reached at kmoore51@fordham.edu.

The host, producer, ranter (and sometimes panelist) of Everything Compliance is Tom Fox, the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the Compliance Podcast Network.

Categories
Daily Compliance News

Daily Compliance News: March 5, 2024 – The World’s Most Ethical Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • Ethisphere announces the World’s Most Ethical Company Awards. (Press Release)
  • A former Venezuelan officer pleads guilty to $1.7 fraud and corruption.  (Local10)
  • Apple was fined €1.8bn in the EU. (FT)
  • Former Twitter execs sued for severance packages. (WSJ)

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.