Welcome to the newest addition to the Compliance Podcast Network, Compliance and Coronavirus. As the Voice of Compliance, I wanted to start a podcast which will help to bring both clarity and sanity to the compliance practitioner and compliance profession during this worldwide health and healthcare crisis. In this episode, I am joined by John Shegerian, President of ERI. We visit on the new normal of working from home, its implications for data security, mental health issues for workers during Covid-19 and how data is the new oil.
Tom Fox welcomes VP of Third-Party Risk at Prevalent, Brenda Ferraro, to this week’s Innovation In Compliance show. They discuss Prevalent’s 2020 Third-Party Risk Management study, its key findings, and implications for compliance professionals.
A Holistic Approach
Brenda describes Prevalent’s mission as “…delivering a unified third-party risk management platform that’s going to enable businesses to better reveal and interpret and alleviate risk by simplification and speeding risk mitigation awareness …” Prevalent does this through “economic approaches with standardization, how to use networks, how to leverage completed content gathering and making sure that we’re doing the big bang for the buck,” Brenda says. She emphasizes the importance of a holistic and economic approach.
Key Findings and Recommendations
Tom and Brenda discuss why Prevalent commissioned The 2020 Third-Party Risk Management study and its key findings and recommendations. Brenda says that the objective of the study was to provide “a state of the union” on third party risk as well as actionable recommendations to the industry. She lists some of the key findings, including:
- a lack of process which lessens third party program effectiveness;
- third party risk management is a team sport;
- many companies lack confidence in their risk management programs and the results they’re getting;
That companies need a comprehensive risk management process is the study’s predominant recommendation. Brenda critiques the compliance industry’s affinity for questionnaires, which just expose vulnerabilities but do nothing to mitigate them. She remarks, “…if you don’t have a way to track and monitor your performance indicators and your risk indicators, then what you’re doing is, you’re spending a lot of time with questionnaire fatigue, gathering content administratively, identifying risks, and then it stops there. So we’ve got to get to the point where we’re looking at inherent risk and residual risks qualitatively and quantitatively so that we can end up doing what’s best for the company moving forward.” She argues that industries need to work together to identify and address vulnerabilities across sectors. Working together and sharing information will help everyone elevate their risk posture and reduce vulnerabilities.
Resources
Prevalent.net
2020 Third-Party Risk Management Study Report
Categories
Episode 013–Shannon Walker
On this episode of The Ethics Experts, we speak with Shannon Walker about whistleblowing, culture, and why speaking up should be more than a talking point…it should be an action.
Check out more episodes, and don’t forget to subscribe on your favorite podcast platform!
In this five-part podcast series, sponsored by K2 Intelligence FIN, we consider defining and building effective compliance programs. I am joined in this series by Michelle Goodsir, a Managing Director at K2 Intelligence, and Gail Fuller, Financial Integrity Network (FIN) Vice President. Michelle has 25 years of financial crime compliance experience which includes fraud risk management, anti-bribery and corruption, corporate security and investigations, sanctions, and Anti-Money Laundering (AML) program experience working within the financial services industry and the US government. Gail focuses on developing, refining, and implementing FIN’s quantitative and qualitative risk rating tools. She leads engagements focused on helping FIN’s jurisdictional and private sector clients understand their exposure to financial crime risk and develop and implement strategies to mitigate their risks.
Over this series we will consider key challenges in compliance, why compliance needs a seat at the table, how to do compliance on a budget; training and culture and what is on the horizon. In Part 2, Michelle and I discuss why compliance needs to be an integral part of your business strategy going forward.
- What has evolved recently in the landscape that has made the role of compliance more challenging? There has been a plethora of guidance from different regulators to address emergency situations; managing costs; reviewing alerts in a timely manner.
- You mention that Compliance is often seen as an overhead cost – why should entities think of it differently? There are a variety of costs around the following, enforcement action costs vs. cost of compliance; operationalizing compliance; building compliance in from the beginning vs. retrofitting a program to maintain compliance; outsourcing compliance.
- How can organizations make sure compliance protocols are carried out every day? Through a variety of tactics including regular training, communication, action; culture of compliance; tone from the top; compliance at business meetings.
Resources
K2 Intelligence financial crimes risk & compliance page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance
K2 Intelligence AML page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance/anti-money-laundering-compliance
K2 Intelligence Anti-corruption page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance/anti-corruption
K2 Intelligence DOLFIN: https://www.finintegrity.com/dolfin.html
In the Episode, I am joined by John Warren Vice President and General Counsel at the Association of Certified Fraud Examiners (ACFE). We discuss the 2020 ACFE Report to the Nations, which is the most comprehensive report on the global scourge of fraud. The year’s Report is particularly important with the government bailouts from the fallout of Covid-19. It is a fascinating look of how fraud occurs, where is occurs and the steps you can take to prevent it.
Some of the highlights include:
- What is the ACFE Report to the Nations? How often is it released? What are you trying to capture?
- What are some of the big picture findings of the Report?
- What is the annual cost of global fraud?
- Why are hotlines so critical to fraud detection?
- What is the fraud tree?
- What are the 5 critical areas of occupational fraud reviewed?
- What does the Report to the Nations tell us about corruption?
- What detection/prevention areas are the most effective for corruption?
- With COVID-19 and the federal government bailout, why is fraud prevention and detection so much more critical now?
You can download a copy of the ACFE 2020 Report to the Nations by clicking here.
In today’s edition of Sunday Book Review:
- Whose Body by Dorothy L. Sayers
- Murder is Easy by Agatha Christie
- The Big Sleep by Raymond Chandler
- Strangers on a Train by Patricia Highsmith
Prior to the 2012 FCPA Guidance, the DOJ issued two 2007 Opinion Releases which offered guidance to companies considering whether, and if so how, to incur travel and lodging expenses for government officials. Both Opinion Releases laid out the specific representations made to the DOJ, which led to them to approve the travel to the U.S. by foreign governmental officials. These facts provided strong guidance to any company which seeks to bring such governmental officials to the U.S. for a legitimate business purpose. In Opinion Release 07-01, the company was desired to cover the domestic expenses for a trip to the U.S. for a six-person delegation of the government of an Asian country for an educational and promotional tour of one of the requestor’s U.S. operations sites. In 07-02, the Company desired to pay certain domestic expenses for a trip within the U.S. by approximately six junior to mid-level officials of a foreign government for an educational program at the Requestor’s US headquarters, prior to the delegates attendance at an annual six-week long internship program for foreign insurance regulators sponsored by the National Association of Insurance Commissioners (NAIC).
When Walmart Inc., Hewlett-Packard Company (HP) or GSK are in the news for alleged FCPA violations, it provides you a good reminder to review your compliance program. Not only from your compliance procedures perspective, but to test to determine if the policies and procedures are being followed or if there are issues which you might need to look at more closely.
Three key takeaways:
- Travel for foreign officials continues to plague companies for compliance violations.
- The key is being reasonable in your costs.
- Always remember to record travel expenses correctly based upon documented costs.