Categories
FCPA Compliance Report

FCPA Compliance Report – John Gebauer and John Van Der Wal on Implementing Comprehensive Strategies for Regulatory Rule Compliance

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, Tom Fox welcomes John Gebauer, Chief Regulatory Officer at COMPLY, and John Van Der Wal, Senior Director, Compliance Advisory at COMPLY.

John Gebauer and John Van Der Wal are seasoned professionals in the financial industry, each with over three decades of experience and a focus on regulatory changes and compliance challenges. Gebauer believes that there is a need for stricter controls and requirements in the ESG space. He emphasizes the importance of firms having the necessary documents and procedures to back up their claims of being ESG advisors. Van Der Wal shares a similar perspective. He stresses the need for more controls and requirements in ESG advising, the importance of vendor due diligence, and the potential of AI and machine learning technologies in preventing inappropriate activity. Both Gebauer and Van Der Wal highlight the importance of staying up-to-date with changing rules and regulations in the financial industry. Join Tom Fox, John Gebauer, and John Van Der Wal on this episode of the FCPA Compliance Report to delve deeper into these insights.

Key Highlight:

  • Compliance Consulting Expert: John Gebauer
  • Private Fund Reform Rule: Addressing Industry Concerns and Improving Practices
  • Comprehensive Approach for Rule Implementation
  • Cybersecurity Measures to Prevent Insider Trading
  • The Impact of Cybersecurity Regulations on Finance

Resources:

John Gebauer on LinkedIn

COMPLY

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Greetings and Felicitations

Podfest Expo 2024 Speaker Preview Series – Dave Jackson

In this episode of the PodfestExpo 2024 Speaker Preview Podcasts series, I visit Dave Jackson, founder of the School of Podcasting, to discuss his presentation at PodfestExpo. Some of the issues we tackle in this podcast are:

  • Podcasting into 2024 and beyond.
  • Why is Dave so excited about the 10th anniversary event?
  • Why you should attend PodfestExpo 2024.

I’m hoping you’ll be able to join me at PodfestExpo 2024, which Podfest Global is hosting. This year’s event will be the 10th anniversary and will be held January 25–28, 2024, at the Wyndham in Orlando, Florida. The line-up of this year’s event is simply first-rate, with some of the top names in podcasting.

Podfest Expo is a community of people interested in and passionate about sharing their voice and message with the world through powerful audio and video mediums. We’re proud to unite as many people as possible to learn, get inspired, and grow better together.

PodfestExpo is so much more than just a mere conference. While we pride ourselves on featuring the most engaging speakers, exciting topics, and in-depth content, the thing that sets the PodfestExpo event apart from all others is the tight-knit community we’ve been building since 2013. You don’t just attend a Podfest event – you become part of the Podfest family.

Whether you’re new to podcasting or a veteran podcaster looking to innovate and improve your podcast, our easy-to-understand Conference Topics allow you to customize a daily agenda based on what you’re most interested in learning. No matter your skill level or experience, PodfestExpo 2024 has plenty to offer!

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Podfest Expo is offering a discount on the registration price. Enter the discount code, Listener.

PodfestExpo 2024 is a production of Podfest Global, which sponsors this podcast series.

School of Podcasting

Dave Jackson on LinkedIn

Categories
Blog

What 2023 Brought to Compliance – The 2023 ECCP

January 2023 saw the release of the 2023 U.S. Department of Justice Criminal Division Evaluation of Corporate Compliance Programs (ECCP). It brought forward several new initiatives laid out in the 2020 Update to the Evaluation of Corporate Compliance Programs, include additions and deletions. It also incorporated many of the concepts from the 2022 Monaco Memo. It contained new incentives, both financial and non-financial; consequence management; messaging apps and provide a summary for the compliance professional.

Incentives

This section begins with a new introduction which makes clear the seriousness in which the Department of Justice (DOJ) views incentives, both financial and other types of incentives. The ECCP states, “The design and implementation of compensation schemes play an important role in fostering a compliance culture. Prosecutors may consider whether a company has incentivized compliance by designing compensation systems that defer or escrow certain compensation tied to conduct consistent with company values and policies. Some companies have also enforced contract provisions that permit the company to recoup previously awarded compensation if the recipient of such compensation is found to have engaged in or to be otherwise responsible for corporate wrongdoing. Finally, prosecutors may consider whether provisions for recoupment or reduction of compensation due to compliance violations or misconduct are maintained and enforced in accordance with company policy and applicable laws. Compensation structures that clearly and effectively impose financial penalties for misconduct can deter risky behavior and foster a culture of compliance.”

The ECCP also added a new section on financial incentives which directs prosecutors to specifically evaluate how a company designs and applies financial incentives. These four questions basically breakdown into the following continuum: (1) Assessment, (2) Analysis, (3) Implementation; and (4) Monitoring.

Incentive program assessment. Here you need to review your corporate incentive program for all employees, most particularly the discretionary bonus program but also your non-financial incentives such as promotion.

Incentive program analysis. Here you need to see what perverse incentives may exist in your organization.

Incentive program implementation. After implementation of the incentive program, it must be monitored.

Incentive program monitoring. Here there needs to be ongoing monitoring of the incentive program, including has the company ensured effective management of the incentive program? 

Consequence Management

The DOJ has been talking about clawbacks for some time now. However, the revised language of the ECCP puts more rigor around what the DOJ is now mandating. This section begins by noting that financial penalties as well as financial incentives can influence employee behavior and that prosecutors are now required to consider both aspects. It states:

By way of example, prosecutors may consider whether a company has publicized disciplinary actions internally, where appropriate and possible, which can have valuable deterrent effects. Prosecutors may also consider whether a company is tracking data relating to disciplinary actions to measure effectiveness of the investigation and consequence management functions.

Clawbacks

The DOJ has made clear that companies need to seek to recover amounts paid out to executives which were illegally received as corporate compensation. This could include both salary, stock options or similar payments or discretionary bonuses. All of this means every compliance program will need to analyze each of these components as set out. It will also require a review of executive contracts to determine if there are clawback provisions set out in each employment contract. If there are no such provisions, they will need to be inserted. Finally, what “specific examples of actions taken” does a company have to show to the DOJ should they come knocking?

Consequence Management

The DOJ also mandated that compliance programs take a deeper dive into their entire financial incentive program; both incentives and dis-incentives. While there is some overlap with the clawback language but there is quite a bit new in these area. The DOJ ties hotline and speak up reports directly to a company’s culture of compliance. The DOJ goes on to ask about substantiation rates, closure rates, consistent and fair application of discipline (and rewards when called for) and root cause analysis; which are not simply technical aspects of compliance programs but are concrete steps companies can implement to engender trust with employees that their concerns will be taken seriously and then acted upon when they are raised. Once again, as with clawbacks, these are levels of analysis that many compliance programs have not yet taken but are now required to do so.

Messaging Apps

The ECCP opened this section by noting, “Messaging applications have become ubiquitous in many markets and offer important platforms for companies to achieve growth and facilitate communication.” For any company under investigation or in a Foreign Corrupt Practices Act (FCPA) enforcement action, the DOJ will evaluate its “policies and mechanisms for identifying, reporting, investigating, and remediating potential misconduct and violations of law…governing the use of personal devices, communications platforms, and messaging applications, including ephemeral messaging applications.” Off the shelf policies will not be sufficient as the company’s management of messaging apps “should be tailored to the corporation’s risk profile and specific business needs.” Not surprisingly the DOJ is also concerned about storage, access and even backups, requiring that “business-related electronic data and communications are accessible and amenable to preservation by the company.” Training and communication of these policies and procedures will also be evaluated and “whether the corporation has enforced the policies and procedures on a regular and consistent basis in practice.”

Final Thoughts

What does it all means for the compliance professional going forward? The 2023 ECCP and the year in compliance bore out the following.

 Use of Monitors

In the introduction its states “Moreover, Criminal Division policies on monitor selection instruct prosecutors to consider, at the time of the resolution, whether the corporation has made significant investments in, and improvements to, its corporate compliance program and internal controls systems and whether remedial improvements to the compliance program and internal controls have been tested to demonstrate that they would prevent or detect similar misconduct in the future to determine whether a monitor is appropriate.” This language is a firm rejection of the Benzkowski Memo and the prior administration’s reticence to employ monitorships as a tool to ensure compliance with not only the settlement documents but also the creation and implementation of a compliance program.

Internal Compliance Controls

Under Section II, entitled Is the Corporation’s Compliance Program Adequately Resourced and Empowered to Function Effectively? Is the new language, “In this regard, prosecutors should evaluate a corporation’s method for assessing and addressing applicable risks and designing appropriate controls to manage these risks.” This simple sentence packs quite a whoolop as it mandates a risk assessment, design and implementation of appropriate internal compliance controls and then monitoring of those controls to see if they are managing the risks identified in the risk assessment. Many of these concepts are fleshed out in the ECCP but it is clear this is a minimum expectation from the DOJ.

Adequate Compensation and Salary/Bonus Review for Compliance

Under Section III, Does Your Compliance Program Work in Practice, is the following new language “Independence and Empowerment – Is compensation for employees who are responsible for investigating and adjudicating misconduct structured in a way that ensures the compliance team is empowered to enforce the policies and ethical values of the company? Who determines the compensation, including bonuses, as well as discipline and promotion of compliance personnel or others within the organization that have a role in the disciplinary process generally?”

This is a significant new addition to the ECCP. It forces a company to adequately compensation those employees who investigate and pass judgment on misconduct. But it is more than simply adequate compensation as it also requires a company not to retaliate via low salaries or limited raises or other compensation for doing their jobs as compliance officers. In other words, if the CEO is being investigated by compliance; that same CEO should not be setting or reviewing the salary of the CCO or those doing the investigation. This mandates that the DOJ will review the entire corporate organization on these issues.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 1 – What 2023 Brought to Compliance

2023 was a very significant year for every compliance practitioner and compliance program. While there was a paucity of corporate enforcement actions under the Foreign Corrupt Practices Act (FCPA), there were significant announcements from the Department of Justice (DOJ) that directly impacted compliance professionals and compliance programs.

The first came in January, and it was an update to the Evaluation of Corporate Compliance Programs (2023 ECCP). Next, we heard speeches about the increased focus on clawbacks and other areas of consequence management. In October, Deputy Attorney General (DAG) Lisa Monaco introduced a new Mergers & Acquisitions Safe Harbor Policy in October. Finally, in late November, Acting Principal Deputy Assistant Attorney General Nicole M. Argentieri Delivered remarks at the 39th International Conference on the Foreign Corrupt Practices Act (FCPA) on the use of data analytics in a compliance program and DOJ expectations going forward.

The 2023 ECCP brought forward several new initiatives laid out in the 2020 Update to the Evaluation of Corporate Compliance Programs, including additions and deletions.

In October 2023, Deputy Attorney General Lisa Monaco announced a new policy regarding M&A. It is a Mergers & Acquisitions Safe Harbor policy that encourages companies to self-disclose criminal misconduct discovered by an acquiring company during the acquisition of a target company.

In November, Nicole Argentieri, Acting Assistant Attorney General for the Criminal Division, speaking at the ACI National FCPA, reported that the DOJ is stepping up its own use of data analytics to identify instances of corporate misconduct and will boost its cooperation with overseas law enforcement to bring more anti-corruption cases as well. The DOJ and SEC are increasingly focusing on data analytics for corporate compliance, signaling higher expectations for larger companies. Both agencies have successfully utilized data analytics in various areas, such as securities and healthcare fraud, and are actively improving their own capabilities in this field. She made several important points for all compliance professionals, which will be significant going forward into 2024 and beyond.

Three key takeaways:

1. 2023 was a key year for the DOJ’s evolution in its views on compliance programs.

2. Clawbacks, incentives, and consequence management have become more important.

3. The new DOJ safe harbor initiative for M&A raises many questions.

Categories
Blog

What 2023 Brought to Compliance

2023 was a very significant year for every compliance practitioner and compliance program. While there was a paucity of corporate enforcement actions under the Foreign Corrupt Practices Act (FCPA), there were significant announcements from the Department of Justice (DOJ) which directly impact compliance professionals and compliance programs.

The first came in January and it was update to the Evaluation of Corporate Compliance Programs (2023 ECCP). Next we heard speeches about the increased focus on clawbacks and other areas of consequence management. In October, Deputy Attorney General (DAG) Lisa Monaco introduced a new Mergers & Acquisition Safe Harbor Policy in October. Finally, in late November Acting Principal Deputy Assistant Attorney General Nicole M. Argentieri Delivered remarksat the 39th International Conference on the Foreign Corrupt Practices Act (FCPA) on the use of data analytics in a compliance program and DOJ expectations going forward.

The 2023 ECCP brought forward several new initiatives laid out in the 2020 Update to the Evaluation of Corporate Compliance Programs, include additions and deletions. It also incorporated many of the concepts from the 2022 Monaco Memo. We begin with a review of the new incentives, both financial and non-financial; consequence management; messaging apps and provide a summary for the compliance professional.

In March there were two days of speeches from the DOJ which added to the compliance complexity for 2023 and beyond.  The speeches were made by Deputy Attorney General (DAG) Lisa Monaco (2023 Monaco Speech) and Assistant Attorney General Kenneth A. Polite, Jr. (Polite Speech) and they previewed a number of initiatives by the DOJ which every compliance professional needs to study in some detail. These new initiatives included: (1) The Criminal Division’s Pilot Program Regarding Compensation Incentives and Clawbacks; (2) Evaluation of Corporate Compliance Programs; and (3) Revised Memorandum on Selection of Monitors in Criminal Division Matters.

In October 2023, Deputy Attorney General Lisa Monaco announced a new policy regarding M&A. It is a Mergers & Acquisitions Safe Harbor policy that encourages companies to self-disclose criminal misconduct discovered by an acquiring company during the acquisition of a target company. Under the policy, the acquiring party will receive a presumption of criminal declination if it promptly and voluntarily discloses criminal misconduct, cooperates with any ensuing investigation, and engages in appropriate remediation, restitution and disgorgement.

The Safe Harbor policy is a clear continuation of the DOJ’s push for corporate voluntary self-disclosure. Monaco outlined efforts by DOJ to increase the benefits to companies that voluntary disclose corporate misconduct rather than those companies that decide not to disclose misconduct. The key for the acquirer company to  obtain the “carrot” DOJ is dangling and poses questions as to the “stick” the DOJ might wield if a self-disclosure does not achieve safe harbor, or more broadly, if an acquirer fails to identify criminal misconduct in the acquisition process, either pre or post-closing. This new Mergers & Acquisitions Safe Harbor Policy clearly demonstrates the DOJ’s interest is to avoid discouraging companies with strong compliance programs from acquiring companies with ineffective compliance programs and/or a history of misconduct. To the contrary, DOJ is seeking to incentivize an acquiring company to timely disclose misconduct uncovered during the M&A process.

In November, Nicole Argentieri, Acting Assistant Attorney General for the Criminal Division, speaking at the ACI National FCPA reported that the DOJ is stepping up its own use of data analytics to identify instances of corporate misconduct, and will boost its cooperation with overseas law enforcement to bring more anti-corruption cases as well. The DOJ and the Securities and Exchange Commission (SEC) are increasingly focusing on data analytics for corporate compliance, signaling higher expectations for larger companies. Both agencies have successfully utilized data analytics in various areas, such as securities and healthcare fraud, and are actively improving their own capabilities in this field. She made several important points for all compliance professionals which will be significant going forward into 2024 and beyond.

Categories
Greetings and Felicitations

Podfest Expo 2024 Speaker Preview Series – Furkhan Dandia

In this episode of the PodfestExpo 2024 Speaker Preview Podcasts series, I visit Furkhan Dandia, host of the EZ Conversations podcast, to discuss his presentation at PodfestExpo. Some of the issues we tackle in this podcast are:

  • How Furkhan helps others with mental health struggles.
  • What Furkhan hopes to get out of the 10th anniversary event.
  • Why you should attend PodfestExpo 2024.

I’m hoping you’ll be able to join me at PodfestExpo 2024, which Podfest Global is hosting. This year’s event will be the 10th anniversary and will be held January 25–28, 2024, at the Wyndham in Orlando, Florida. The line-up of this year’s event is simply first-rate, with some of the top names in podcasting.

Podfest Expo is a community of people interested in and passionate about sharing their voice and message with the world through powerful audio and video mediums. We’re proud to unite as many people as possible to learn, get inspired, and grow better together.

PodfestExpo is so much more than just a mere conference. While we pride ourselves on featuring the most engaging speakers, exciting topics, and in-depth content, the thing that sets the PodfestExpo event apart from all others is the tight-knit community we’ve been building since 2013. You don’t just attend a Podfest event – you become part of the Podfest family.

Whether you’re new to podcasting or a veteran podcaster looking to innovate and improve your podcast, our easy-to-understand Conference Topics allow you to customize a daily agenda based on what you’re most interested in learning. No matter your skill level or experience, PodfestExpo 2024 has plenty to offer!

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Podfest Expo is offering a discount on the registration price. Enter the discount code, Listener.

PodfestExpo 2024 is a production of Podfest Global, which is the sponsor of this podcast series.

Furkhan Dandia on LinkedIn

EZ Conversations

 

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program: Day 18-Strategic Considerations for Implementing AI in Compliance

What are the key factors that impact these strategic considerations for implementing AI in compliance, exploring the tradeoffs, challenges, and importance of considering the impact on decision-making.

Key Considerations

1.     Understand the impact of AI on the company.

2.     Maintain an inventory of all tools used.

3.     Understand the tools for cost efficiency and risk avoidance.

4.     Involve all business sectors in AI discussions.

5.     Utilize AI for better data usage in compliance.

While implementing AI in compliance brings numerous benefits, there are tradeoffs and challenges to consider. One tradeoff is the need to balance exploration and innovation with rules and regulations. Another challenge is the selection of AI tools.

Implementing AI in compliance requires strategic considerations and decision-making. Understanding the impact of AI, maintaining an inventory of tools, considering cost efficiency and risk avoidance, involving all business sectors, and utilizing AI for better data usage are key factors to consider. Balancing exploration and rules, as well as selecting the right AI tools, are challenges that need to be addressed. By carefully navigating these considerations and challenges, companies can leverage AI to enhance their compliance programs and stay ahead in an ever-evolving regulatory landscape.

Three key takeaways:

1. What are the key factors that impact these strategic considerations for implementing AI in compliance?

2. Compliance professionals need to stay updated with the latest AI developments and trends, which requires continuous learning and keeping abreast of industry news and insights.

3. Understanding the impact of AI, maintaining an inventory of tools, considering cost efficiency and risk avoidance, involving all business sectors, and utilizing AI for better data usage are key factors to consider.

For More information on KonaAI, click here.

Categories
Greetings and Felicitations

Podfest Expo 2024 Speaker Preview Series – Steve Stewart

In this episode of the PodfestExpo 2024 Speaker Preview Podcasts series, I visit Steve Stewart, founder of the Podcast Editor’s Academy, and discuss his presentation at PodfestExpo. Some of the issues we tackle in this podcast are:

  • How to perform podcast editing more quickly, efficiently, and with better results.
  • How Chris Krimitsos brings out the best in everyone.
  • Why you should attend PodfestExpo 2024.

I’m hoping you’ll be able to join me at PodfestExpo 2024, which Podfest Global is hosting. This year’s event will be the 10th anniversary and will be held January 25–28, 2024, at the Wyndham in Orlando, Florida. The line-up of this year’s event is simply first-rate, with some of the top names in podcasting.

Podfest Expo is a community of people interested in and passionate about sharing their voice and message with the world through the powerful mediums of audio and video. We’re proud to unite as many people as possible to learn, get inspired, and grow better together.

Podfest Expo is so much more than just a mere conference. While we pride ourselves on featuring the most engaging speakers, exciting topics, and in-depth content, the thing that sets the Podfest Expo event apart from all others is the tight-knit community we’ve been building since 2013. You don’t just attend a Podfest event – you become part of the Podfest family.

Whether you’re new to podcasting or a veteran podcaster looking to innovate and improve your podcast, our easy-to-understand Conference Topics allow you to customize a daily agenda based on what you’re most interested in learning. No matter your skill level or experience, PodfestExpo 2024 has plenty to offer!

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Podfest Expo is offering a discount on the registration price. Enter the discount code, Listener.

PodfestExpo 2024 is a production of Podfest Global, which is the sponsor of this podcast series.

Steve Stewart on LinkedIn

The Podcast Editors Academy

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program: Day 17-Adapting Compliance Programs for Cloud Technologies

As organizations transition to remote work and embrace cloud technologies, it is crucial to adapt compliance programs to ensure regulatory obligations are met.

Companies are shifting away from traditional tools like Excel or SharePoint towards centralized systems that facilitate compliance monitoring. Compliance teams can no longer rely on face-to-face collaboration and need systems to manage communication, investigations, and case management. This shift towards virtual platforms for communication has also increased the need to capture and record voice data for compliance purposes.

Adapting compliance programs for remote work and cloud technologies is essential in the current business landscape. Compliance program visibility, capturing and recording communication data, leveraging cloud technologies, and embracing AI-driven compliance monitoring are key factors to consider. By balancing these factors and focusing on risk-based approaches, organizations can ensure they meet their regulatory obligations while enabling their compliance teams to focus on their core responsibilities. The future holds even more advancements in cloud technologies and AI, promising increased defensibility and improved compliance monitoring capabilities.

 Three key takeaways:

1. Companies are shifting away from traditional tools like Excel or SharePoint towards centralized systems that facilitate compliance monitoring.

2. You must focus on the explainability  and defensibility of your AI models.

3. By focusing on risk-based approaches, organizations can ensure they meet their regulatory obligations while enabling their compliance teams to focus on their core responsibilities.

For more information on KonaAI, click here.

Categories
Data Driven Compliance

Data Driven Compliance: Jag Lamba on Revolutionizing Procurement and Compliance Processes

Are you struggling to keep up with the ever-changing compliance programs in your business? Look no further than the award-winning Data Driven Compliance podcast, hosted by Tom Fox, This podcast features an in-depth conversation around the uses of data and data analytics in compliance programs. Data Driven Compliance is back with another exciting episode. Today, I visited Jag Lamba, founder and CEO of Certa, on Certa tools, which facilitate data-driven compliance.

Jag emphasizes the importance of solving real-existing problems with AI. Certa’s AI tools are designed to address tangible challenges faced by clients rather than being mere marketing buzzwords. Lamba highlights the increasing dynamism in procurement and the prevalence of supply chain disruptions, especially in the wake of the pandemic and geopolitical issues. The agility provided by Certa’s AI tools becomes crucial in such scenarios, enabling organizations to navigate these challenges effectively.

The impact of Certa’s AI tools goes beyond streamlining processes. Lamba emphasizes that digitization and automation not only enhance efficiency but also enable organizations to be more agile and responsive to changing requirements. By digitizing processes related to compliance, procurement, or environmental, social, and governance (ESG) initiatives, organizations can identify opportunities for improvement and drive better business processes and controls. This not only benefits the organization as a whole but also enhances the standing of the individuals responsible for managing these processes within the firm.

Resources:

Jag Lamba on LinkedIn

Certa

 Tom Fox 

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

LinkedIn