Categories
Compliance Into the Weeds

Compliance Lessons from the Cuban Missile Crisis


Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. This week Matt and Tom take a deep dive into a different area; their joint love of history. Matt is reading Nuclear Folly, a new chronicle of the Cuban Missile Crisis by Ukrainian history professor Serhii Plokhy. We use this as a starting point to explore how both the Soviets and Americans used different types of internal debate and information to eventually steer clear of nuclear war. Some of the issues we consider are:

  • What was the Soviet model for information gathering, analysis and debate, both before and during the Missile Crisis?
  • How was the American model of Ex-Comm so different?
  • How do these models inform a speak up culture?
  • How and more importantly why are leadership, corporate culture, speaking up, ethical values all connected.?
  • What does this mean for compliance officers?

 Resources
Matt’s blog post on Radical Compliance:
Culture and the Cuban Missile Crisis

Categories
The Compliance Life

Jonathan Kellerman – What’s next for Compliance


The Compliance Life details the journey to and in the role of a Chief Compliance Officer. How does one come to sit in the CCO chair? What are some of the skills a CCO needs to success navigate the compliance waters in any company? What are some of the top challenges CCOs have faced and how did they meet them? These questions and many others will be explored in this new podcast series. Over four episodes each month on The Compliance Life, I visit with one current or former CCO to explore their journey to the CCO chair. This month, my guest is Jonathan Kellerman, Partner at StoneTurn and former CCO at Allergan. In this final episode, Kellerman and myself look down the road for what’s next for Compliance.  Kellerman sees compliance at a cross-roads today. He believes it needs to evolve from a critical support function while controlling the narrative on how compliance wants to define the functionality, value and relevance of the profession Compliance needs to become a real-time provider of not only compliance insights but also business performance. The compliance function needs new skill sets (new muscles) such as data analytics, digital engagement, advance adult learning and other skills to help change the tune about compliance.
Resources
Jonathan Kellerman LinkedIn Profile
Jonathan Kellerman StoneTurn Profile
StoneTurn

Categories
The Ethics Experts

Episode 058 — Andy Hinton

In this episode of The Ethics Experts, Nick welcomes Andy Hinton, former Chief Compliance Officer of Google and GE, to the show.

Categories
The Compliance Handbook

3rd Party Risk Management Program with Vanessa Rossi


In 2021 amid the pandemic, the risks haven’t changed, and the enforcements are still mostly related to third parties. In this new episode, compliance consultant Vanessa Rossi explains the importance of third-party risk management for companies and how they should look at program enhancement.
Key points discussed in this episode:
✔️ Socializing across the entire employee base is essential to education and training. What is the law? Why are we doing this? Is it a risk for us? And why do we have to train on this more than once? It takes teaching, messaging, and repeating to ensure that everybody on the team is on board.
✔️ Know that an effective program is the one that you’re constantly upgrading. Even in a mature company with a mature third-party risk program already in place, practitioners must continually engage in risk assessing, monitoring, and incorporating concepts going forward because there is always room for improvement.
✔️ There are a lot of tech solutions out there that you should always be considering. If your program is not evolving, it’s not changing, with the company facing numerous risks every day.
✔️ Collaboration and compliance cross so many different departments. In addition to working with the business sponsor of the third party and with the legal team, there’s Internal Audit and more departments to collaborate with. Socializing and collaboration are soft skills that you need.
✔️Don’t take your eye off the Third Party Management Bill. You’ve got to continue with your due diligence procedures. The beginning of the pandemic put a wet blanket on everything, but you need to continue with your third-party management elements. It is difficult, but you shouldn’t stop doing it because, if anything, engaging with third parties got riskier in specific sectors and certain types of third parties.
About Thomas Fox:
Thomas Fox, the Compliance Evangelist®, is one of the leading writers, thinkers, and commentators on anti-bribery and anti-corruption compliance. In this latest edition of The Compliance Handbook, he continues to arm seasoned compliance professionals and those new to the realm with the practical, actionable guidance and tools needed to design, create, implement and continually enhance a best practices compliance program.
The “Nuts and Bolts” for Creating a Comprehensive Compliance Plan 
This chapter of this unique work lays out a succinct yet thorough one-month approach to operationalizing a company’s compliance regimen. Beginning with a section on what 2020 brought to the compliance landscape, each chapter methodically outlines best practices for everything from establishing policies, procedures, and internal controls, to assessing risk, training, handling investigations, and more. Each day ends with three key takeaways you can implement at little or no cost.
Understanding Compliance Responsibility Across the Organization
The Compliance Handbook also takes a close look at all professionals’ roles with compliance responsibility, from Compliance Officers and Boards of Directors to Human Resources, to Internal Audit and Internal Controls and Communications and Training professionals.
In-Depth Treatment of Hot Topics and Trends
The Handbook provides an in-depth look at the latest thinking and trends for the full range of critical compliance topics, including:
• Compliance and business ventures
• Third-party risk management
• The Board’s Role in Compliance
• Continuous improvement
• Compliance innovation
• And much more
Order your copy OR copies of The Compliance Handbook: A Guide to Operationalizing Your Compliance Program. Save 25% off.
http://www.lexisnexis.com/fox25

Categories
Innovation in Compliance

Reimagining Training with Rashelle Tanner


 
Rashelle Tanner is the Director of Compliance Learning Program at the Office of Legal Compliance at Microsoft. A senior attorney, she is responsible for the trust and integrity learning program for Ethics and Compliance. Rashelle develops and delivers learner-centered anti-corruption and ethical decision-making courses that empower employees to do business the right way. Tom Fox welcomes her to this week’s show to discuss how compliance professionals can incorporate and promote integrity in training, and how to reimagine training in innovative ways for the organization’s ultimate benefit.

The Importance of Integrity
Tom asks Rashelle to explain why integrity is integral to compliance. She stresses that people have to follow rules not just because they’re there, but also because they feel motivated to do so. The focus on “doing the right thing” is becoming less on what you can and cannot do, and more on your day-to-day decisions. Focusing on integrity will help you make more ethical decisions.
Compliance and Integrity Through Storytelling
Rashelle tells Tom about incorporating integrity training through the use of storytelling. She describes how her team takes employees through compliance-related scenarios, and ethical issues, with characters based on workers at all levels of Microsoft. The episodes are based on what motivates people, and how it impacts their decisions. Rashelle remarks that this venture has helped build employee engagement and continues to encourage them to get involved with compliance training. She stresses the importance of keeping the content suspenseful to grab employees’ attention; however, it must also stand alone so that anyone can follow along. It also needs to have specific language in the given content in order to reach the target audience. 
Diversity and Inclusion in Compliance
Tom switches to the topic of diversity and asks Rashelle her thoughts on the role of diversity and inclusion in compliance, and how compliance departments can drive that conversation forward. He adds that diversity is natural while inclusion is completely different. Diversity is getting one’s foot in the door while inclusion is being completely embraced and listened to. Rashelle stresses that inclusivity is a responsibility, and one she and her team emphasizes at Microsoft, and even within their serial training programs. She states that representing all walks of life in their episodes is a way of reaching not just their local employees but their international ones as well and making them feel seen and heard. 
 
Resources
Rashelle Tanner on LinkedIn | Twitter
The Learning Guild
 

Categories
Daily Compliance News

April 27, 2021 the No Book Deals? edition


In today’s edition of Daily Compliance News:

  • SFO prosecution collapses. (WSJ)
  • UK blacklists for corruption. (WSJ)
  • Investors target Credit Suisse Board over risk failures. (WSJ)
  • No book deals for ex-Trump Administration? (WSJ)
Categories
Coffee and Regs

Managing Cyber Insurance Risk

Managing Cyber Insurance Risk
 

In this episode, CSS’s Director of Cyber IT Services E.J Yerzak sits down with AVP, Program Executive at Varney Agency and cyber insurance expert Nick Weiner to discuss the recent NYDFS guidance for insurers that underwrite cyber insurance policies. The guidance includes a Cyber Insurance Risk Framework that provides best practices for managing cyber insurance risk amid concerns of systemic and “silent” risks to the financial sector.

 

 

About Our Guest Speakers:

 

E.J. Yerzak CISA®, CISM®, CRISC™ assists firms in assessing and managing their cybersecurity risk – from network vulnerability scanning and penetration testing to onsite cybersecurity assessments and assistance in implementing the NIST cybersecurity framework. E.J. has authored articles and alerts on emerging regulatory and technology issues, and is regularly requested to speak as a cybersecurity expert at industry conferences.

 
 

Nick Weiner is a commercial insurance agent, with ten years of experience focused on cyber, professional & management liability insurance for financial institutions. Nick firmly believes every professional organization deserves access to a specialist who can design, administer and implement a custom insurance solution. Working with an independent insurance agency gives Nick the opportunity to use his experience, knowledge, and understanding of the marketplace to assist his clients in finding the insurance solutions that meets their needs. At twenty-two, Nick started his own national insurance agency focused solely with the goal of servicing entrepreneurs in the financial services industry. Seven years later, Nick’s business was purchased, and he joined forces with Varney Agency (Portland, ME) to assist in the continued growth of their financial institution’s division. Nick often participates in thought leader groups for the industry and works closely with some advisory focused publications to provide input on insurance related topics.

 
 

Categories
FCPA Compliance Report

Max Keating, Controls and ESG in eSports

In this Episode of the FCPA Compliance Report, I am joined by Max Keating, CEO and co-founder of Kleos, a scheduling and payment platform for the eSports industry. We take a deep dive into eSports, the Kleos platform and how the industry is evolving from an internal controls, compliance and ESG perspective. If you do not know anything about eSports and you are in compliance, this is a podcast for you.   Highlights of this podcast include:

  1. The breadth and scope of the eSports industry?
  2. What market gap or need did you see in the eSports industry?
  3. What is the interest in fan interaction with players and celebs?
  4. What idea(s) led to the creation of Kleos?
  5. What makes Kleos different?
  6. A portion of the proceeds from each match played on Kleos go to charity. Why is this so important to you and the company?
Categories
ComTech

Technology, Learning and Communications with Natalia Shehadeh


 
Natalia Shehadeh is a well-known compliance expert who worked in the energy sector for over a decade. She is now the Chief Integrity Officer at ABB, a multinational corporation in the robotics and process automation space. Natalia believes that using data and technology in compliance is no longer an option: “It is absolutely mission-critical to the proper functioning and success of our function and our mission,” she tells Tom Fox and Valerie Charles. In this week’s show, Natalia chats with Tom and Valerie about the importance of leading with data, including how to use data to measure cultural buy-in. 
 

 
Building Culture with Data
“We are trying to look at opportunistically, how to leverage data for purposes of giving us real-time insights on the health of our integrity culture in the company; how to do so effectively and efficiently, and with a real keen eye towards innovation,” Natalia remarks. Her cross-functional team – which includes data professionals and business analytics experts – is a major reason they have been so successful in moving towards that goal, she says. Their focus is not only on monitoring from a risk perspective, but also measuring how effective their communications for learning purposes are. Valerie asks her about the data sets they use. She explains that they monitor internal social media posts as well as their learning assets to measure sentiment. “A lot of data we’re looking at and trying to get a feel for, Are we communicating effectively in the eyes of our employees? And how do we think that’s moving the culture needle?” she tells Valerie.
Getting Cultural Buy-In
“Data analytics or tech solutions on their own aren’t particularly useful without the cultural buy-in of the organization,” Valerie comments. She asks Natalia how she gets buy-in at ABB. Natalia responds that ABB is a data-focused organization, so they understand the importance of using data. However, she advises, it takes “care and feeding culturally” to get to the point where you have quality data sets that can provide rich insights.  
Facilitating Learning Through Data
ABB is focused on “communicating learning in an effective way”, Natalia tells Tom and Valerie. To this end, they revamped their approach to employee training, focusing instead on a data-driven stratified approach. Traditional compliance and integrity training is no longer mandatory; instead, employees interact with learning assets as and when they need, similar to how they use Youtube to find a quick solution to a problem. “We really believe in inculcating an adult self-learning objective,” Natalia says. “…The concept is [to] create a simple learning approach where people will want to come back for more because it’s easy, it answered the question that they had, and hopefully we can make it a little bit fun.” 
Resources
Natalia Shehadeh on LinkedIn 
ABB
 

Categories
The Ethics Experts

Episode 057 — Rupert Evill

In this episode of The Ethics Experts, Nick welcomes Rupert Evill, Founder of EthicsInsight, to the show.