Categories
Coffee and Regs

Expanding Your Compliance Program Through Trade Surveillance

Expanding Your Compliance Program Through Trade Surveillance

 
In this episode, CSS’s former CCOs Allison Fraser and Matt Calabro sit down to discuss trade surveillance and how CCOs can mitigate the risk factors through the trade lifecycle – from pre-trade to trade execution and post-trade. They’ll also dive into how compliance together with operations and third parties can build out a robust and automated trade surveillance program.
 

 

About Our Guest Speakers:

Allison Fraser provides compliance consulting services to investment advisers, registered investment companies and private investment funds, including conducting annual compliance program reviews and testing, developing risk assessments and preparing for SEC examinations. She also assists clients with drafting policies and procedures and preparing regulatory filings. On behalf of, the Compliance Services division of CSS, Allison served as the Chief Compliance Officer for a family of alternative funds registered under the Investment Company Act of 1940. Prior to joining CSS, Allison served as a Senior Vice President of Compliance at Northern Trust Investments, Inc. (“NTI”), the asset management subsidiary of The Northern Trust Company. In this capacity, she managed and administered the compliance due diligence program for NTI’s Multi-Manager Solutions and Outsourced Chief Investment Officer businesses. Allison also was the Chief Compliance Officer of two registered funds of hedge funds advised by NTI as well as a member of the funds’ Pricing and Disclosure Committees. Before joining NTI, Allison served as the Compliance Director for General Motors Asset Management, where she assisted with the administration of the compliance program for this registered investment adviser.


Matt Calabro is an experienced Chief Compliance Officer, having served as CCO for registered mutual funds, investment advisers and a family of UCITS funds. Before joining CSS, Matt was Deputy CCO at Delaware Investments, where he led the daily activities of the firm’s compliance department covering advisory, fund and distribution activity. Under his leadership, Delaware implemented specific improvements in its guideline compliance, advertising review and Code of Ethics programs. Prior to Delaware, Matt spent 20 years in Raymond James’ investment advisory business, where he led mutual fund operations. While there, Matt implemented and upgraded controls, processes and technology and also served as the first full-time CCO to the mutual funds following the adoption of the Compliance Rule. Matt leverages his compliance and operations experience in the investment management industry to assist advisers and investment companies in advancing the effectiveness of their compliance programs.

 
 

Categories
The Compliance Life

Gabe Hidalgo – Beyond the CCO Chair


The Compliance Life details the journey to and in the role of a Chief Compliance Officer. How does one come to sit in the CCO chair? What are some of the skills a CCO needs to success navigate the compliance waters in any company? What are some of the top challenges CCOs have faced and how did they meet them? These questions and many others will be explored in this new podcast series. Over four episodes each month on The Compliance Life, I visit with one current or former CCO to explore their journey to the CCO chair. This month, my guest is Gabe Hidalgo, Managing Director at K2 Integrity and former CCO.
In is role at K2 Integrity, Hidalgo sees problems and issues for clients through a variety of lenses. His time as a CCO gives him insight and empathy into the challenges of a CCO. His time at the Federal Reserve Bank of New York gives him insight into the regulatory mindset for financial institutions. He continues to emphasize that the buck stops with the CCO. AML compliance will only grow and continue to become more important, not simply for financial institutions but for commercial corporations going forward.
Resources
Gabe Hidalgo LinkedIn Profile
Gabe Hidalgo K2 Integrity Profile
K2 Integrity

Categories
Compliance Kitchen

China Anti-Foreign Sanctions Law


In this episode, we gather information on the new China’s anti-foreign sanctions law that appears to rank higher on the legal ladder that the previous Chinese government’s Unreliable Entity List and Blocking Rules, adding to the already opaque Chinese global trade landscape.

Categories
Innovation in Compliance

Innovation Through Info Security with Abbas Kudrati


 
Abbas Kudrati is the Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group and is Tom Fox’s second guest on Microsoft Week. Abbas has spent the duration of his career providing thought leadership, strategic direction, and deep customer and partner engagement through Microsoft’s initiatives and operations. On this episode, he and Tom are talking about a range of topics surrounding info security and Abbas’ role at Microsoft.
 

 
The Evolution of Cybersecurity & Its Challenges
When security was first introduced, it was called IT Security, and its primary focus was securing everything within a network behind a firewall. Society has since moved from a firewall to the cloud. The focus on complaints within an organization has also shifted from local to multinational. 
 
End-to-End Security
End-to-end security’s focus is people, process, and technology. Abbas says that focusing on end-to-end security means turning your attention to 14 different domains of policy. It means ensuring that the right people are on your teams and managing the security surrounding that. It means managing data access, business communication security, product security, and supply relationship security.
 
 Risk Appetite & Risk Management
“You cannot implement security without having conducted a detailed risk assessment and understanding what is your current risk appetite,” Abbas tells Tom. When starting the risk management process, Abbas stresses the importance of having a threat model. “Define what are the various threats, and then embed those threats into your risk management,” he emphasizes. 
 
What’s Next
In the near future, the citizens of the emerging South Asian economy will be using the internet much more, and that there will be higher demand for cybersecurity professionals. The demand will be impossible to meet, so there will be more automation. Tom asks him to elaborate on what’s next for Microsoft’s cybersecurity group. Abbas explains that the group is continuously improving its product to be more inclusive, and also that security and privacy are being built into their products by design and not an afterthought.
 
Listen here to Microsoft Week episode 1, featuring Alan Gibson, Director of Legal and Compliance Innovation.
 
Tune in tomorrow for episode 3 featuring Joseph Davis.
 
Resources
Abbas Kudrati | LinkedIn | Twitter
Abbas Kudrati book, Threat Hunting in the Cloud
 
 

Categories
Jamming with Jason

Corporate Quitters with Jason Mefford


Yep, you read that correctly. In this special episode of #jammingwithjason the tables are turned again and you get to hear Jason interviewed on Robert Berry’s Corporate Quitters podcast.
We discuss how Jason helps people with career insurance – how you can succeed in your current job, develop the skills that help you get that promotion or new position at a new company, or even help you get a new job quicker if you happened to be laid off or fired.
We also get into Jason’s story on how he left being a corporate executive and why he does what he does now with his various businesses, and so much more. Listen in at: http://www.jasonmefford.com/jammingwithjason/ to hear all the juicy details.
 

Categories
Daily Compliance News

June 22, 2021 the NCAA Takes it on the Chin edition


In today’s edition of Daily Compliance News:

  • KPMG faces record fine in UK over conflict of interest. (FT)
  • Lordstown Motors execs sold stock before bad news came out. (WSJ)
  • NCCA loses at Supreme Court. (NYT)
  • Do we need a world anti-corruption court? (FT)
Categories
Compliance Kitchen

EU’s Mandate on Supply Chain Due Diligence


In this episode, The Kitchen looks at the upcoming EU’s mandatory supply chain due diligence Directive that will likely apply to all business operating in the European Union market.

Categories
Innovation in Compliance

Legal Compliance for The Future with Alan Gibson


 
Alan Gibson is the current Director of Legal and Compliance Innovation at Microsoft and is Tom Fox’s first guest on Microsoft Week at the Innovation in Compliance podcast. Alan has worked in various fields – from legal to compliance to business. He’s a thought leader and currently involved in helping companies manage compliance risks and measure program effectiveness. He and Tom discuss his role at Microsoft and what companies need to be thinking about in the future with respect to legal compliance.
 

 
Data Analytics in Microsoft
Tom asks Alan to explain how Microsoft implements its data analytics program for compliance. Alan responds that the focus was on first identifying which sales agreements and channel partners posed the most corruption risk to Microsoft. “Our compliance team partnered closely with our finance internal audit and our business team to figure out how we could use the data that we were collecting in our sales contracts and from our third parties to create this early warning and monitoring system to identify which contracts needed to be routed for additional compliance oversight,” Alan tells Tom. The business unit and frontline salespeople were then able to use this data to prove to the business leaders at Microsoft that they were identifying risky sales contracts, and this program was built into the business process to manage risky sales.
 
Challenges in Legal Compliance Innovation
One of the big challenges surrounding legal compliance innovation is helping individuals understand its ecosystem, Alan remarks. Another challenge is that delivering compliance solutions requires stakeholders. “It goes to working with law firms, working with compliance consultants, alternative legal service providers, legal tech vendors, and really helping people understand how all of this ecosystem works together to address these challenges,” he tells Tom. There is also the cultural challenge in that legal services have lagged behind finance and HR and their digital transformations. 
 
What’s Next
Companies have to think about the direction they want their legal departments to go and what steps they have to take to get them there. “They need the greatest contract lifecycle management system,” Alan tells Tom. Companies have to consider whether the decisions they make will allow them to have the capabilities they want in the coming years. “…It’s people, process, and technology; you have to think about your solutions or where you want to go on your digital transformation across all three of those dimensions,” Alan says.
 
Tomorrow’s guest on Microsoft Week is Abbas Kudrati, Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group. Abbas and Tom will be talking about innovating cybersecurity. 
 
Resources
Alan Gibson | LinkedIn
 

Categories
The Ethics Experts

Episode 067 — Nicolai Ellehuus

In this episode of The Ethics Experts, Nick welcomes Nicolai Ellehuus, Bang & Olufsen Global Compliance Officer, to the show.

Categories
ComTech

Towards a Cyber-Secure Future with Jenna Waters


 
Jenna Water’s time in the US Navy equipped her with sophisticated skills she now finds invaluable in her work as Cybersecurity Consultant at True Digital Security. She joins Tom Fox and Valerie Charles on this episode of ComTech to talk about how the cybersecurity industry is evolving, her vision to end security breaches, and what she thinks about President Biden’s executive order on cybersecurity.
 

 
Putting Corporate America on Notice
“I think businesses – particularly those that work in industries regarded as critical infrastructure, obviously because of the Colonial Pipeline hack – …a lot of them know now that they’re on notice,” Jenna tells Tom and Valerie. Recent cybersecurity attacks as well as the rise in ransomware, have driven home the need for good cybersecurity. These attacks not only impact businesses but are now tangibly affecting the lives of everyday citizens. Jenna believes this is sparking change in the industry, as the government, companies, and even the general public are taking cybersecurity more seriously. 
 
End Security Breaches
Tom comments that his clients are now asking about their information security program, something they weren’t concerned about before. He asks Jenna how she would advise a company to start thinking about this issue. She outlines the steps her company takes to help their clients create a customized cybersecurity program. “…By prioritizing your risk, that’s how you can develop a more tailored cybersecurity program,” she points out. She and Tom discuss her vision of ending security breaches overall. She remarks, “For me, ending security breaches is a vision of the future in which a security breach can be detected, identified, and contained effectively… It’s not allowing a security incident to go to the point of a security breach… and it doesn’t affect or impact the organization or public in any significant way other than maybe the time it takes to contain it.”
 
Improving Cybersecurity with Data
“When you’re trying to combat this kind of breach, how do you use data?” Valerie asks Jenna. “Cybersecurity is actually one of the best areas in technology where it can be very data-driven,” Jenna responds. Data can help you build a threat profile and come up with an action plan to combat threats. Analyzing recent and past data can help you establish an operational baseline, and in turn recognize deviations from the norm. It can also help you identify gaps and vulnerabilities in your organization. There’s also the global perspective: gathering and analyzing data on threat groups helps you recognize their patterns before they attack. However, don’t focus only on data and ignore basic psychology. Hackers are still just human beings and are “subservient to human behaviors and motivation,” Jenna reminds listeners. 
 
Cyber Risk Assessment is for Everyone
“I think everybody could benefit from a risk assessment in terms of cybersecurity,” Jenna tells Valerie; businesses in critical industries should prioritize it. Generally, she recommends an annual assessment. However, it should also be done when there is a significant change in operations or in the direction of the business. She argues that leadership buy-in is imperative: “Leadership buy-in for an organization is paramount to the success of the cybersecurity team.” 
 
Thoughts on Biden’s Executive Order
“Do you have any urgent or immediate thoughts on President Biden’s executive order on cybersecurity?” Valerie asks. Jenna responds that she is excited and on board with the order. “As cybersecurity professionals, we like to take advantage of every emergency,” she quips. It’s a positive step signaling that cybersecurity is seen as important at the highest levels of government. On the other hand, however, the executive order may not last after Biden’s term of office as it can be revoked by the next President. Additionally, only certain federal bodies are bound by the order.
 
Resources
Jenna Waters on LinkedIn 
True Digital Security