In this edition of Cordery Head to Head @ Home, Cordery’s Jonathan Armstrong talks to Christian Hunt.
Christian Hunt is the founder of Human Risk Limited, a behavioral science consulting and training firm, specializing in the fields of risk, compliance, conduct, and culture. A former regulator, Christian was previously Head of Compliance & Operational Risk Control (C&ORC) for UBS EMEA and Global Head of C&ORC for UBS Asset Management.
They talk about how the use of behavioral science can improve compliance. They talk about how to help people to do the right thing and particularly of the extra challenges people face during the pandemic.
You can find out more about Christian and sign up to his newsletter here https://human-risk.com/. Christian’s podcast is here https://www.podpage.com/site/the-human-risk-podcast/.
You can find out more about Cordery and its work here https://www.corderycompliance.com/how-we-help/.
You can also read about current issues in bribery and corruption here https://www.corderycompliance.com/category/bribery-corruption/.
You can view more Cordery Head to Head interviews here www.bit.ly/corderytv.
Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. This week Matt and Tom take a deep dive into SAP trade sanction enforcement action. Some of the issues we consider are:
- What were the underlying facts?
- How did SAP allow products to get to Iran for so long?
- How did SAP achieve a NPA even with aggrieved factors?
- How was the financial penalty calculated?
- What were the remedial steps SAP engaged in?
- Why does this enforcement action point towards the need for a more holistic approach to risk?
Resources
Matt’s blog post on Radical Compliance:
SAP Nailed on Sanctions Violations
Welcome to The Ethics Movement, special podcast series highlighting Converge21 The Workshop Edition. This podcast series will feature some of the speakers at the event. You can find out more information about the event and register here. In this podcast, I visit with Carsten Tams, Founder & CEO at EMAGENCE, who will lead the discussion on the Workshop, EMEA: Pragmatic Anti-Retaliation to Meet the EU Whistleblower Directive US: Anti-Retaliation Measures that Stand in the New Age of Whistleblowing. Rising retaliation rates calls for a mindset shift. You’ll define your biggest challenges, Carsten and team will bring the framework to overcome them.
Neste episódio, falamos com o ex-ministro da Justiça do Brasil Sergio Moro sobre o crescimento dos programas de compliance no Brasil e como as autoridades brasileiras avaliam os programas de compliance.
Apple Podcasts * Spotify * Amazon Music * Google Podcasts * Stitcher
Questões? Contato com podcasts@milchev.com.
*Esse episódio está em portugues.*
Categories
Episode 1 – The Risk of Timing
Welcome to SURVIVE AND THRIVE, the newest addition to the Compliance Podcast Network. This is a podcast where we unpack compliance, crisis disasters and walk you through all the red flags which appear, and give you some lessons learned going forward. This show is hosted by the Compliance Evangelist Thomas Fox and Kortney Nordrum, Regulatory Counsel & Chief Compliance Officer, Deluxe Corporation. Today’s episode is all about disasters and the unpleasant situations that companies find themselves in. Know more about timing risks and why you should care about when things happen just as much as why they happen accordingly.
Major takeaways discussed in the episode:
- People are the biggest risk. Humans make choices, and 95% percent of breaches at companies are the result of human error.
- Ensure having a second set of eyes on every process. And that’s particularly important in compliance. Having a situation where something that was apparently routine but because of timing has moved to a higher risk can be mitigated by having someone else review the process is an appropriate step.
- Compliance practitioners must have a necessary conversation with leadership, the board, and whoever ultimately is in charge to calibrate and communicate; what kind of risks is your organization willing to put up with on a daily basis?
- Go out there and make people trust the humans in your compliance team that you are open, you care, and you are diligent in your job that if they report something, it will be appropriately investigated. Doing so is how you build the culture of trust.
✅ Connect with Kortney Nordrum:
Twitter: @nordrumlaw
✅ About Thomas Fox:
Thomas Fox, the Compliance Evangelist®, is one of the leading writers, thinkers, and commentators on anti-bribery and anti-corruption compliance. In this latest edition of The Compliance Handbook, he continues to arm seasoned compliance professionals and those new to the realm with the practical, actionable guidance and tools needed to design, create, implement and continually enhance a best practices compliance program.
Do you have a podcast (or do you want to)? Join the only network dedicated to compliance, risk management and business ethics, the Compliance Podcast Network. For more information contact Tom Fox at tfox@tfoxlaw.com.
Justin Beals is the CEO and co-founder of Strike Graph, a company helping customers get through their cybersecurity audits. He’s a serial entrepreneur with expertise in AI, cybersecurity, and governance. He founded Strike Graph with the goal to make cybersecurity standards easy to understand and easily accessible. Tom Fox welcomes him to this week’s show to discuss cybersecurity, auditing, and building maturity within an organization.
SOC/SOC2 Audit
Justin explains to Tom the origins of SOC: it was created to ensure that third-party vendors who trade with public companies, and the public companies themselves, were implementing effective cybersecurity practices. SOC2 Audit is a cybersecurity standard that focuses on security within an organization in a number of ways including HR practices, code of conduct, and other compliance liability issues. SOC2 analysis is about how data is encrypted and how new codes get put on servers. “The achievement of something like a SOC2 represents two things: one is an organizational maturity and the second is an assessment of that maturity by an independent party,” Justin tells Tom.
Trust is Currency
Tom asks Justin to share a few tips for when hiring a SOC2 auditor and why it is necessary. “The selection of the right auditor is important strategically because you’re going to want to work with them for a while. Generally, you want to go back to the same auditor [because] it’s more efficient,” Justin responds. Auditors we are familiar with know our practices and can measure them well. He points out that buyers and investors will pick the more trusted company; a company that has done a SOC2 audit is preferred over a company that hasn’t. Trust is what drives them and is what will influence buyers’ decisions.
COVID-19 and What’s Next
Tom asks Justin to reflect on how the pandemic has affected Strike Graph. Justin remarks that his business was established during the pandemic and is a remote work organization. He adds that interest has grown due to the pandemic, and it helped build his company’s success. With the pandemic, certifications and audits are great tools that can help build trust with customers. Justin remarks that in the future, it’s going to be more commonplace to expect vendors to share any form of private information to achieve audits or certifications.
Resources
Justin Beals | LinkedIn | Twitter
StrikeGraph.com
New Rule Roadmap: Navigating and Implementing the Marketing Rule
In this episode, former CCOs and CSS’s compliance services experts in retail and institutional wealth manager services, Korrine Kohm and Matt Calabro discuss a roadmap on navigating the new Marketing Rule, building an action plan and leveraging managed services and technology to help remove compliance complexities from the rule.
About Our Guest Speakers:
Korrine Kohm is CSS’s Director of Retail Wealth Manager Services. Prior to CSS, Korrine was the Chief Compliance Officer and Head of Operations at Estabrook Capital Management where she was responsible for all compliance functions of this SEC-registered, $2.1B investment advisory firm. Korrine began her regulatory career while working at Allied Irish Bank (NY) in the Operations Department where she was a key member of AIB’s Compliance Committee, responsible for ensuring compliance with Federal and State regulations. An active member of the National Society of Compliance Professionals for over 10 years, Korrine earned her Investment Adviser Certified Compliance Professional (IACCPTM ) designation in 2006, is a member of the Association of Certified Fraud Examiners, and obtained her Certified Fraud Examiner designation. In addition to her experience in compliance and banking, Korrine began the 16-week intensive training course in Quantico, Virginia, to become a Special Agent with the Federal Bureau of Investigation. She has particular experience in crafting customized policies and procedures, developing and implementing compliance programs, conducting on-site compliance reviews, acquisition due diligence reviews, risk assessments and mock SEC examinations. She routinely counsels clients on various regulatory matters, including SEC registration issues, social media and advertising, policies related to diminished financial capacity, disclosures and the annual review process.
Matt Calabro is an experienced Chief Compliance Officer, having served as CCO for registered mutual funds, investment advisers and a family of UCITS funds. Before joining CSS, Matt was Deputy CCO at Delaware Investments, where he led the daily activities of the firm’s compliance department covering advisory, fund and distribution activity. Under his leadership, Delaware implemented specific improvements in its guideline compliance, advertising review and Code of Ethics programs. Prior to Delaware, Matt spent 20 years in Raymond James’ investment advisory business, where he led mutual fund operations. While there, Matt implemented and upgraded controls, processes and technology and also served as the first full-time CCO to the mutual funds following the adoption of the Compliance Rule. Matt leverages his compliance and operations experience in the investment management industry to assist advisers and investment companies in advancing the effectiveness of their compliance programs.
In this Episode of the FCPA Compliance Report, I am joined by fan fav and now Hughes Hubbard & Reed partner Mike DeBernardis. We take a look back at some of the early pronouncements from the Biden Administration and consider where both enforcement and regulatory oversight may be headed into the rest of 2021. Highlights of this podcast include:
- What are the 3 top areas you and Hughes Hubbard are counseling clients to be aware of over the next few years?
- In addition to general areas the DOJ has signaled its interest in; other federal agencies are coming to life again. What should clients think about regarding expanded FTC, CFPB and CFTC oversight and enforcement?
- The pandemic changed the way many investigations are conducted. Other than Zoom interviews, did your substantive work really change in the areas of document review, background ETC?
- What about Board and senior management risk management issues. Has it changed or are these groups now focused on a broader set of risk management strategies?
- To the international arena. Are there any countries/regions you are watching more carefully than others in terms of ABC enforcement?
Resources
Mike DeBernardis on the HughesHubbard website
Mike DeBernardis on LinkedIn