Categories
Innovation in Compliance

A Holistic Approach to Third-Party Risk with Brenda Ferraro


Tom Fox welcomes VP of Third-Party Risk at Prevalent, Brenda Ferraro, to this week’s Innovation In Compliance show. They discuss Prevalent’s 2020 Third-Party Risk Management study, its key findings, and implications for compliance professionals.

A Holistic Approach
Brenda describes Prevalent’s mission as “…delivering a unified third-party risk management platform that’s going to enable businesses to better reveal and interpret and alleviate risk by simplification and speeding risk mitigation awareness …” Prevalent does this through “economic approaches with standardization, how to use networks, how to leverage completed content gathering and making sure that we’re doing the big bang for the buck,” Brenda says. She emphasizes the importance of a holistic and economic approach.
Key Findings and Recommendations
Tom and Brenda discuss why Prevalent commissioned The 2020 Third-Party Risk Management study and its key findings and recommendations. Brenda says that the objective of the study was to provide “a state of the union” on third party risk as well as actionable recommendations to the industry. She lists some of the key findings, including:

  • a lack of process which lessens third party program effectiveness;
  • third party risk management is a team sport;
  • many companies lack confidence in their risk management programs and the results they’re getting;

That companies need a comprehensive risk management process is the study’s predominant recommendation. Brenda critiques the compliance industry’s affinity for questionnaires, which just expose vulnerabilities but do nothing to mitigate them. She remarks, “…if you don’t have a way to track and monitor your performance indicators and your risk indicators, then what you’re doing is, you’re spending a lot of time with questionnaire fatigue, gathering content administratively, identifying risks, and then it stops there. So we’ve got to get to the point where we’re looking at inherent risk and residual risks qualitatively and quantitatively so that we can end up doing what’s best for the company moving forward.” She argues that industries need to work together to identify and address vulnerabilities across sectors. Working together and sharing information will help everyone elevate their risk posture and reduce vulnerabilities.
Resources
Prevalent.net
2020 Third-Party Risk Management Study Report

Categories
The Ethics Experts

Episode 013–Shannon Walker


On this episode of The Ethics Experts, we speak with Shannon Walker about whistleblowing, culture, and why speaking up should be more than a talking point…it should be an action.

 Check out more episodes, and don’t forget to subscribe on your favorite podcast platform!

Categories
Daily Compliance News

May 18, 2020-the Woe is Softbank edition


In today’s edition of Daily Compliance News:
·       Double bad news for Softbank. (NYT)
·       How resilient is your business? (WSJ)
·       A true sports pioneer passes away. (ESPN)
·       Still delusional after all these months. (WaPo)

Categories
Innovation in Compliance

Defining and Building Effective Compliance Programs -The Biggest Issues in Compliance Today

In this five-part podcast series, sponsored by K2 Intelligence FIN, we consider defining and building effective compliance programs. I am joined in this series by Michelle Goodsir, a Managing Director at K2 Intelligence, and Gail Fuller, Financial Integrity Network (FIN) Vice President. Michelle has 25 years of financial crime compliance experience which includes fraud risk management, anti-bribery and corruption, corporate security and investigations, sanctions, and Anti-Money Laundering (AML) program experience working within the financial services industry and the US government. Gail focuses on developing, refining, and implementing FIN’s quantitative and qualitative risk rating tools. She leads engagements focused on helping FIN’s jurisdictional and private sector clients understand their exposure to financial crime risk and develop and implement strategies to mitigate their risks.

Over this series we will consider key challenges in compliance, why compliance needs a seat at the table, how to do compliance on a budget; training and culture and what is on the horizon. In Part 2, Michelle and I discuss why compliance needs to be an integral part of your business strategy going forward.

  • What has evolved recently in the landscape that has made the role of compliance more challenging? There has been a plethora of  guidance from different regulators to address emergency situations; managing costs; reviewing alerts in a timely manner.
  • You mention that Compliance is often seen as an overhead cost – why should entities think of it differently? There are a variety of costs around the following, enforcement action costs vs. cost of compliance; operationalizing compliance; building compliance in from the beginning vs. retrofitting a program to maintain compliance; outsourcing compliance.
  • How can organizations make sure compliance protocols are carried out every day? Through a variety of tactics including regular training, communication, action; culture of compliance; tone from the top; compliance at business meetings.

Resources
K2 Intelligence financial crimes risk & compliance page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance 
K2 Intelligence AML page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance/anti-money-laundering-compliance
K2 Intelligence Anti-corruption page: https://www.k2intelligence.com/en/services/our-practices/financial-crimes-risk-and-compliance/anti-corruption
K2 Intelligence DOLFIN: https://www.finintegrity.com/dolfin.html
 

Categories
FCPA Compliance Report

John Warren on 2020 ACFE Report to the Nations


In the Episode, I am joined by John Warren Vice President and General Counsel at the Association of Certified Fraud Examiners (ACFE). We discuss the 2020 ACFE Report to the Nations, which is the most comprehensive report on the global scourge of fraud. The year’s Report is particularly important with the government bailouts from the fallout of Covid-19. It is a fascinating look of how fraud occurs, where is occurs and the steps you can take to prevent it.
Some of the highlights include: 

  • What is the ACFE Report to the Nations? How often is it released? What are you trying to capture?
  • What are some of the big picture findings of the Report?
  • What is the annual cost of global fraud?
  • Why are hotlines so critical to fraud detection?
  • What is the fraud tree?
  • What are the 5 critical areas of occupational fraud reviewed?
  • What does the Report to the Nations tell us about corruption?
  • What detection/prevention areas are the most effective for corruption?
  • With COVID-19 and the federal government bailout, why is fraud prevention and detection so much more critical now?

You can download a copy of the ACFE 2020 Report to the Nations by clicking here.

Categories
Sunday Book Review

May 17, 2020, the Classic Mysteries edition


In today’s edition of Sunday Book Review:

  • Whose Body by Dorothy L. Sayers
  • Murder is Easy by Agatha Christie
  • The Big Sleep by Raymond Chandler
  • Strangers on a Train by Patricia Highsmith
Categories
Daily Compliance News

May 16, 2020-the Coloring Book edition


In today’s edition of Daily Compliance News:

  • Dealing with a difficult employee. (NYT)
  • US to file antitrust charges against Google. (NYT)
  • Think travel was a pain in the yazoo before Covid-19? (WSJ)
  • Compliance guidance for maritime industry. (WSJ)
Categories
31 Days to More Effective Compliance Programs

Policies on Travel


Prior to the 2012 FCPA Guidance, the DOJ issued two 2007 Opinion Releases which offered guidance to companies considering whether, and if so how, to incur travel and lodging expenses for government officials. Both Opinion Releases laid out the specific representations made to the DOJ, which led to them to approve the travel to the U.S. by foreign governmental officials. These facts provided strong guidance to any company which seeks to bring such governmental officials to the U.S. for a legitimate business purpose. In Opinion Release 07-01, the company was desired to cover the domestic expenses for a trip to the U.S. for a six-person delegation of the government of an Asian country for an educational and promotional tour of one of the requestor’s U.S. operations sites. In 07-02, the Company desired to pay certain domestic expenses for a trip within the U.S. by approximately six junior to mid-level officials of a foreign government for an educational program at the Requestor’s US headquarters, prior to the delegates attendance at an annual six-week long internship program for foreign insurance regulators sponsored by the National Association of Insurance Commissioners (NAIC).
When Walmart Inc., Hewlett-Packard Company (HP) or GSK are in the news for alleged FCPA violations, it provides you a good reminder to review your compliance program. Not only from your compliance procedures perspective, but to test to determine if the policies and procedures are being followed or if there are issues which you might need to look at more closely.
Three key takeaways:

  1. Travel for foreign officials continues to plague companies for compliance violations.
  2. The key is being reasonable in your costs.
  3. Always remember to record travel expenses correctly based upon documented costs.
Categories
This Week in FCPA

Episode 205 – the Not So Fast edition


As federal judge Emmet Sullivan reminded the Justice Department that he, not they, run his court this week, self-distancing Tom and Jay are back to consider some of the top compliance articles and stories which caught their collective eye this week.

  1. Former Wal-Mart lawyer sues for allegedly refusing to change internal investigation report on FCPA. Matt Kelly in Radical Compliance. Dylan Tokar in the WSJ Risk & Compliance Journal.
  2. How to mobilize for an internal investigation. In the WSK Risk & Compliance Journal.
  3. What is trade based money laundering? Jon Rausch in Dipping Through Geometries.
  4. Moving towards a more agile compliance and internal audit. Alex Movchan interviews Alkistis Gkiosi for the Risk and Compliance Platform Europe.
  5. What steps can you take to safeguard a compliance program during Covid-19? Kara Brockmeyer, Andrew M. Levine and Philip Rohlikin opine in NYU’s Compliance and Enforcement Blog.
  6. Should the role of the CCO be expanded? Klaus Moosemeyer says yes in the FCPA Blog.
  7. Using data analytics in a compliance regime. Szilvia Andriasik in the FCPA Blog.
  8. A new cyber-compliance playbook? Rod Rosenstein & Sumon Dantiki in Compliance Week. (sub req’d)
  9. How to handle an internal investigation in during Covid-19? Lara Burke & Dominique Strieder in Compliance Week. (sub req’d)
  10. Interested in moving to the CCO chair? Check in on this month’s edition of The Compliance Life where Tom visits with Ellen Hunt, CCO at AARP. In this Part 2, Hunt relates how to move towards the CCO chair. New episodes appear each Tuesday in May at 1 PM CST. The Compliance Life is now available on iTunes.
  11. On Compliance and Coronavirus this week: Megan Dougherty explains why you should be pod-curious; Andrew Rawson on the new normal of employee relations during and after Covid-19; JohnPetrovski and Jim Belin  on how the economy may reopen and the markets play out. Compliance and Coronavirus.
  12. On the Compliance Podcast Network, this month topic: written standards; all on 31 Days to a More Effective Compliance Program. This week’s offerings: Monday-Operationalization of your Code of Conduct; Tuesday-Introduction to policies and procesures; Wednesday-Revising your policies and procedures; Thursday– Policies and procedures on gifts and business entertainment; Friday– Policies and procedures on travel. Note 31 Days to a More Effective Compliance Program now has its own iTunes channel.

Tom Fox is the Compliance Evangelist and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.

Categories
Daily Compliance News

May 15, 2020-the Pots and Kettles edition


In today’s edition of Daily Compliance News:

  • Boeing CEO predicts demise of one major airline. (WSJ)
  • Trump Administration ponders ways to decimate USPS. (WaPo)
  • 4th Circuit reinstates emoluments suit. (Reuters)
  • SEC brings charge against 2 companies over Covid-19 testing claims. (WSJ)