Categories
ComTech

Welcome to ComTech


 
In this new show on the Compliance Podcast Network, Tom Fox, the Voice of Compliance, and Valerie Charles of StoneTurn are going to be exploring the intersection of compliance and technology.
 

In this initial episode, Tom and Valerie share their plans for the show – who they want to talk to, what they want to explore, and the impact they hope to have on the industry. They also give some insight into how they got to where they are in their careers and how their appreciation and understanding of technology in the compliance space has evolved over the years.
Valerie explains that compliance isn’t really top-down, anymore – people are empowered to evaluate risk and make decisions accordingly. The best compliance people are creative in how they implement programs and strategies.
In the future, Tom and Valerie are going to be speaking to lawyers, CPA’s and audit types, and non-compliance people who come in and start working in technology – marketing, sales, entrepreneurs. The silos for compliance are gone, and Comtech is going to be digging deep into what that means.
Tune in every other Monday for another episode!
Resources
StoneTurn

Categories
The Ethics Experts

Episode 049–Sarah Badahman


In this episode of The Ethics Experts, Nick welcomes Sarah Badahman, CEO/Founder of HIPAAtrek, to the show to discuss the importance of organizational values, HIPAA compliance, and the lives of compliance leaders.

Categories
FCPA Compliance Report

Pamela Fierst-Walsh on Responsible Sourcing


In the Episode, I have back Pamela Fierst-Walsh, Senior Advisor for Conflict & Critical Minerals, Bureau of Economic and Business Affairs, U.S. Department of State. Pamela joins me to discuss the responsible sourcing initiatives from the former Administration and where we may be headed under the Biden Administration.
Some of the highlights include:

  1. What are your job duties as a Senior Advisor for Conflict & Critical Minerals, Bureau of Economic and Business Affairs, U.S. Department of State?
  2. What is responsible sourcing?
  3. What is the public/private partnership around this issue?
  4. Why is this seen as a national security issue?
  5. Is there an Executive Order on domestic supply chains relying on critical mineral sourcing from foreign Adversaries?
  6. What is the process for considering this issue? Are there plans in the works to deal or remedy this?
  7. What, if any, changes do you expect under the Biden Administration?
Categories
Daily Compliance News

February 1, 2021, the Big Boys edition


In today’s edition of Daily Compliance News:

  • The Big Boys dance to a potential Exxon/Chevron Merger? (WSJ)
  • Facebook finally gets a CCO. (WSJ)
  • Did Trump Administration so eviscerate the SEC it can’t respond to GameStop. (WaPo)
  • Ghosn Lt. on trial in Japan. (FT)
Categories
Coffee and Regs

Transaction Reporting Reflections & Readiness for EMIR REFIT & MiFIR

EMIR REFIT
In this episode, CSS’s Executive Advisor on Global Transaction Reporting Mikkel Mördrup sits down with Regulatory Specialist Nicklas Nilsson for a look back into the world of transaction reporting in 2020 – from uncertainties in the market to new regulations – and a look forward at changes to EMIR REFIT and MiFID II / MiFIR coming in 2022.

A CSS RegTech podcast series on moving from a tactical to strategic approach to regulatory compliance. The global regulatory space is complex and fragmented. Financial firms can address this problem through tactical responses to regulatory deadlines or think more strategically on how to optimize their compliance data, operations and technology. The CSS weekly podcast features regulatory experts, former Chief Compliance Officers, cybersecurity specialists, industry partners and RegTech collaborators to help prepare investment management firms for changes on the regulatory horizon. For more information on CSS, visit: www.cssregtech.com
 

About Our Guest Speakers:

Mikkel Mördrup is CSS’s Executive Advisor on Global Transaction Reporting. Mikkel has headed up CSS Nordic since 2010. After 20-plus years in the financial industry, Mikkel knows the value of combining quality and knowledge and has extensive knowledge from EMIR and MiFIDII/MiFIR. Prior to CSS, Mikkel worked at SimCorp with project implementations and account management. He has also held leadership positions at Nordea Bank and Danske Capital AB.
 

Nicklas Nilsson is a Regulatory Specialist at CSS concentrating on global transaction reporting, including SFTR, MiFIR and EMIR. Nicklas is currently in a cross-functional role covering the regulations from analysis to implementation. He has eight years of experience working in the finance industry, including operational experience in fund reporting and regulatory implementation. Prior to joining CSS, Nicklas held positions at Swedbank, SEB and Wahlstedt Sageryd.

 
 
 

Categories
31 Days to More Effective Compliance Programs

Day 31 | Using a root cause analysis for remediation


The 2020 Update re-emphasized the need for both performing a root cause analysis but equally importantly using it to remediate your compliance program. It stated, “a hallmark of a compliance program that is working effectively in practice is the extent to which a company is able to conduct a thoughtful root cause analysis of misconduct and timely and appropriately remediate to address the root causes.”
It went on to state, what additional steps the company has taken “that demonstrate recognition of the seriousness of the misconduct, acceptance of responsibility for it, and the implementation of measures to reduce the risk of repetition of such misconduct, including measures to identify future risk”).”
The key is that after you have identified the causes of problems, consider the solutions that can be implemented by developing a logical approach, using data that already exists in the organization. Identify current and future needs for organizational improvement. Your solution should be a repeatable, step-by-step processes, in which one process can confirm the results of another. Focusing on the corrective measures of root causes is more effective than simply treating the symptoms of a problem or event and you will have a much more robust solution in place. This is because the solution(s) are more effective when accomplished through a systematic process with conclusions backed up by evidence.
When you step back and consider what the DOJ was trying to accomplish with its 2020 Update, it becomes clear what the DOJ expects from the compliance professional. Consider the structure of your compliance program and how it inter-relates to your company’s risk profile. When you have a compliance failure, use the root cause analysis to think about how each of the structural elements of your compliance program could impact how you manage and deal with that risk.
Three key takeaways:

  1. The key is objectivity and independence.
  2. The critical element is how did you use the information you developed in the root cause analysis?
  3. The key is that after you have identified the causes of problems, consider the solutions that can be implemented by developing a logical approach, using data that already exists in the organization.
Categories
Sunday Book Review

January 31, 2021, the Leadership edition


In today’s edition of Sunday Book Review:

Categories
31 Days to More Effective Compliance Programs

Day 30 | What is a root cause analysis?


One of the biggest changes in the 2020 FCPA Resource Guide is the addition of a new Hallmark, entitled “Investigation, Analysis, and Remediation of Misconduct”, which reads in full:
The truest measure of an effective compliance program is how it responds to misconduct. Accordingly, for a compliance program to be truly effective, it should have a well-functioning and appropriately funded mechanism for the timely and thorough investigations of any allegations or suspicions of misconduct by the company, its employees, or agents. An effective investigations structure will also have an established means of documenting the company’s response, including any disciplinary or remediation measures taken.
In addition to having a mechanism for responding to the specific incident of misconduct, the company’s program should also integrate lessons learned from any misconduct into the company’s policies, training, and controls. To do so, a company will need to analyze the root causes of the misconduct to timely and appropriately remediate those causes to prevent future compliance breaches.
Ultimately, performing a root cause analysis is not simply a matter of sitting down and asking a multitude of questions. You need to have an operational understanding of how a business operates and how they have developed their customer base. Overlay the need to understand what makes an effective compliance program, with the skepticism an auditor should bring so that you do not simply accept an answer that is provided to you, as you might in an internal investigation. As Marks noted, “a root cause analysis is not something where you can just go ask the five whys. You need these trained professionals who really understand what they’re doing.”
Three key takeaways:

  1. A root cause analysis is now required if you have a reportable compliance failure.
  2. There is no one process for performing a root cause analysis. You should select the one which works for you and follow it.
  3. To properly perform a root cause analysis, you need trained professionals who really understand what they’re doing.
Categories
Daily Compliance News

January 30, 2021, the RoaringKitty edition


In today’s edition of Daily Compliance News:

  • RoaringKitty speaks. (WSJ)
  • Wells Fargo President pay cut. (WSJ)
  • OFAC ends probe of HB Fuller. (WSJ)
  • BaFin President canned. (WSJ)
Categories
The Affiliated Monitors Expert Podcast

How Ethical Culture is a Part of an Overall Ethics and Compliance Assessment


In this episode, I visit with Jay Rosen, VP of Business Development for Affiliated Monitors, Inc. (AMI). Corporate culture exists in the space between what an organization professes and what it does. In this series Jay and I will be exploring key aspects of corporate culture, including why it matters, what influences culture, the CCOs role in culture, assessing corporate culture and how to use that information to improve culture. In this episode, we consider how an ethical culture is a part of an overall ethics and compliance assessment.
 Highlights include:

  • Begin with framework for such an assessment, usually the compliance program itself.
  • Is your training both focused and effective?
  • Is there institutional fairness in your promotion and compensation programs?
  • Is there institutional justice around reporting, discipline and investigations?
  • Is your compliance program a paper program or is it fully operationalized?
  • Is there accountability in your organization?

For more information see Jay’s blog post How is ethical culture a part of an overall ethics and compliance assessment? on Corporate Compliance Insights.
For more information on Affiliated Monitors, Inc. check out their website here.