Categories
31 Days to More Effective Compliance Programs

Mapping Internal Controls


As they made clear with several FCPA enforcement actions in 2020, the SEC has continued to emphasize the accounting provisions of the FCPA, specifically the internal controls provisions. Charles Cain, the Chief, FCPA Unit; Division of Enforcement of the SEC, reiterated that the SEC is committed to protecting investors in U.S. public companies and those which list other securities in the U.S., through enforcement of the accounting provisions, including internal controls provisions of the FCPA. The reason is straightforward; a company with rigorous internal compliance controls is better able to prevent, detect and remedy any FCPA violations that may occur.
What can you do around the FCPA’s requirements for internal controls and continued SEC enforcement emphasis? I would suggest that you begin with an exercise where you map the internal controls your company has in place to the indicia of the Ten Hallmarks of an Effective Compliance Program, as set out in the 2020 FCPA Resource Guide. While most compliance practitioners are familiar with the Hallmarks, you may not be as familiar with standards for internal controls. I would suggest that you begin with the COSO 2013 Internal Controls Framework as your starting point.
As a CCO or compliance practitioner, this is an exercise that you can engage in at no cost. You simply investigate and note what internal controls you have in place and how they may be a part of your anti-corruption efforts going forward. Compliance is a straightforward exercise; this does not mean that it is easy, you do have to work at it so that you will simply not have a paper, “check the box”, program. But using the excuse that you have limited resources is simply an excuse and a rather poor one at that. While the clear lesson from the BHP enforcement action is that you are required to have effective internal controls in place, by engaging in this mapping exercise you can then figure out what you have and, more importantly, what internal compliance controls that you do not have and need to institute.
Three key takeaways:

  1. Learn the internal controls your company currently has in place.
  2. Map your compliance internal controls to the COSO 2013 Internal Controls Framework.
  3. Use your gap analysis as a basis for remediation.
Categories
ComplianceLIVE

Episode 29: COVID and Compliance Journalism with Aaron Nicodemus


Amanda and guest-host-with-the-most Michelle Zychowski welcome Aaron Nicodemus, journalist for Compliance Week, to the show to discuss the new COVID-friendly workplace, journalism in South Africa, and HOW MANY?!?!? compliance articles since May???


Check out more episodes and full episode videos at ComplianceLine.com, and don’t forget to subscribe on your favorite podcast platform!
 

Episode Notes

STUFF WE TALKED ABOUT IN THE SHOW–
https://www.complianceweek.com/cyber-security/employees-working-from-home-to-avoid-coronavirus-protect-your-data/28600.article
https://www.complianceweek.com/risk-management/navigating-the-return-of-employees-to-the-workplace/28761.article
Categories
The Walden Pond

Third-Party Due Diligence with Taylor Twining


Taylor Twining is the Director of Sales at ethiXbase, an organization dedicated to helping clients in every stage of their third-party compliance lifecycle. He joins Vince Walden to discuss how companies are taking a risk-based approach to third-party due diligence. 

ethiXbase helps compliance professionals reduce corruption and bribery risks by providing an end-to-end risk management platform which they can configure and customize to suit their needs. There are two categories of background checks: screening, which is instantaneous and involves inputting a name into a software program designed to monitor compliance watchlists; and enhanced due diligence reports, which is an in-depth analysis report done by humans, with a reduced risk of false positives. 
DDQ’s, or due diligence questionnaires, are tools which provide information for risk assessment; they are becoming more widely used in the compliance industry. This information is a critical part of understanding the risks third-parties may bring to your organization. 
Resources
Taylor Twining on LinkedIn 
ethiXbase.com

Categories
Daily Compliance News

September 10, 2020-a Bad Day for M&A edition

In today’s edition of Daily Compliance News:

  • TikTok not looking to good. (WSJ)
  • LVMH pulls out of Tiffany deal. (WSJ)
  • EU after Facebook yet again. (NYT)
  • What is the ‘weekend’ in a lockdown? (WSJ)
Categories
The Ethics Movement

Converge20-Lisa Stewart Hughes-Accountability Beyond Diversity and Inclusion


CONVERGE is in its 5th year of bringing together the world’s leading companies for 2 days of dynamic speakers, thought-provoking breakout sessions, and opportunities to connect with like-minded professionals. This year the conference has gone virtual. You will leave the conference with new resources and best practices allowing you to continue the hard work of driving ethics to the center of your business. In today’s episode I visit with Lisa Stewart Hughes, Chief Compliance Officer at Endeavor. We visit about her presentation at Converge20 on Accountability Beyond Diversity and Inclusion. 
What is your role in diversity and inclusion? How are you responsible for not only those who work at your organization today but tomorrow as well? What about your local community stakeholders? Find out more as Lisa explores these and other questions on this panel. For more registration and information on Converge20, click here.

Categories
Fraud Eats Strategy

Fraud Eats Strategy Episode 3: Interview Techniques & Detecting Deception on Zoom

In this episode, we talk about remote witness interviews and how to make the best of a bad situation using time-tested interrogation techniques and other methods. While things are starting to return to something resembling normal, our use of video conferencing as a business tool is here to stay. I’ve been fielding a lot of questions about use of body language and other techniques to try to limit a witness or deponent’s ability to be coached or misdirect the interviewer. With us today is a subject matter expert on interviewing and interrogation skills, Michael Bret Hood. Bret is the Founding Partner of 21st Century Learning & Consulting, LLC where he teaches leadership skills. He is also an adjunct professor of Corporate Governance and Ethics at University of Virginia.

Join us each week as we take a deep dive into the various forms of fraud across the world and discuss crime families, penny stock boiler rooms, international money launderers, narco-traffickers, oligarchs, dictators, war lords, kleptocrats and more.

Scott Moritz is a leading authority on white-collar crime, anti-corruption, and in the evaluation, design, remediation, implementation, and administration of corporate compliance programs, codes of conduct. He is also considered an authority in the establishment, training, and oversight of the investigative protocols carried out by financial intelligence, corporate security, and internal audit units.
 

Categories
Compliance Into the Weeds

FinCen DD Pronouncements-Did they Hurt More than Help?


Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode Matt and Tom go into the weeds to look at two recent pronouncements by FinCen on customer and PEP due diligence. We ask the question: Is the Guidance so vague as to actually hurt the efforts of a compliance practitioner.
Resources
See Matt’s blog posts on Radical Compliance
Regulators Talk PEPs and Due Diligence
FinCen Gives Guidance, Says Little

Categories
Daily Compliance News

September 9, 2020-the Employees and Customers edition

In today’s edition of Daily Compliance News:

  • JPMorgan investigating both customers and employees over PPP fraud. (WSJ)
  • Even more Boeing production woes. (WSJ)
  • Will Mulan sink Disney? (NYT)
  • Trump payroll tax screw job on federal employees. (WaPo)
Categories
The Ethics Movement

Russ Berland on Aligning your Compliance Allies


CONVERGE is in its 5th year of bringing together the world’s leading companies for 2 days of dynamic speakers, thought-provoking breakout sessions, and opportunities to connect with like-minded professionals. This year the conference has gone virtual. You will leave the conference with new resources and best practices allowing you to continue the hard work of driving ethics to the center of your business. In today’s episode I visit with Russ Berland, Chief Integrity and Risk Officer at  Aventiv Technologies. We visit about his presentation at Converge20 on The Ethics Movement Part 1: Aligning your Allies. In this interactive session Berland will share experiences and techniques to truly engage other departments as champions of your program, enabling greater efficiency, trust and communication. In 2020 and beyond, ethics and compliance not only deserve a seat at the table—it demands cross-collaboration from your peers. Sometimes, you have to bring pizza. For more registration and information on Converge20, click here.

Categories
31 Days to More Effective Compliance Programs

Assessing internal controls in international operations


How should you assess your internal controls regime for international operations? It is incumbent that you need to review as much information as you can to understand the financial and operational structure of an entity and how it is integrated with the corporate headquarters, or the U.S. business unit’s financial and operation structure, if the foreign operation is part of a U.S. business unit.
You could begin with the TI-CPI to garner a sense of the reputation of the country in which your business unit is located, as well as the CPI for all other countries in which the location either markets business or has current customers. Another area for inquiry or review is the scope of your foreign operations. This means you will need to consider your sales model, whether employee based or primarily using third party representatives. You will also need to consider if such third-party representatives are coming into a commercial relationship with your company through your supply chain.
Other areas of inquiry should include whether your company’s finance and accounting staff produce financial statements that are integrated into the parent’s financial statements; whether your international business locations utilize a local bank account for local sales receipts as well as funds transfers from the U.S. and whether the account has local check signers and whether dual signatures are required on the checks. You may also want to consider the extent to which disbursements are made in the local currency and, of course, is there a local petty cash fund.
Three key takeaways:

  1. You must understand the financial and operational structure of your company and how that structure outside the U.S. is integrated with the corporate headquarters.
  2. Are your financial statements and reporting systems integrated?
  3. Always consider the fraud triangle.