Tag: 31 Days to a More Effective Compliance Program

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 14 – Internal Controls

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6-8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

Today, the focus is on internal controls and their critical role in compliance frameworks. The episode provides a comprehensive definition of internal controls, emphasizing their importance for achieving operational efficiency, reliable financial reporting, compliance with laws and policies, and the reduction of risks such as fraud and waste. The discussion highlights the requirements outlined in the FCPA for internal controls, including the authorization and documentation of transactions and the protection and accountability of assets. Moreover, four significant internal controls for compliance practitioners are identified: delegation of authority, maintenance of the vendor master file, contracts with third parties, and management of cash and currency transfers. The episode underscores that effective internal controls are essential and mandated by the FCPA, forming a cornerstone of any robust compliance program.

Key highlights:

  • Defining Internal Controls
  • Key Components of Internal Controls
  • Internal Controls in Compliance Programs

Resources:

Listeners to this podcast can receive a 20% discount on The Compliance Handbook, 5th edition, by clicking here.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 13 – Policies and Procedures

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6-8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

In this episode, we review the importance of having well-crafted compliance policies and procedures as the foundation of a robust compliance program. As highlighted by the 2024 ECCP and 2020 FCPA Resource Guide, such policies and procedures are crucial for addressing and mitigating risks identified during a company’s risk assessment. Regulators emphasize having articulated anti-bribery and anti-corruption policies regularly reviewed and updated to reflect evolving risks. We discuss the five general elements of a compliance policy and underscore the need for consistent implementation to maintain the credibility and effectiveness of the compliance program. Key takeaways include the necessity of written policies, expectations from the DOJ and SEC, and the critical role of institutional fairness.

Key highlights:

  • Importance of Compliance Policies
  • Key Elements of Compliance Policies
  • Assessment and Evolution of Policies

Resources:

Listeners to this podcast can receive a 20% discount on The Compliance Handbook, 5th edition, by clicking here.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 12 – The Importance and Construction of a Corporate Code of Conduct

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6-8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

This episode explores the critical value and construction of a corporate Code of Conduct, explaining its evolution from a legalistic document to a cornerstone of compliance programs. The discussion includes an analysis of the 2016 SEC Enforcement Action against United Airlines, highlighting how violations of the Code of Conduct can lead to severe consequences, including substantial penalties and executive resignations. Key takeaways emphasize that a Code of Conduct should be tailored to a company’s specific culture and industry, must be accessible to all employees, and needs to be regularly updated and documented to ensure its effectiveness. Tune in to learn why a robust Code of Conduct is foundational for any compliance program.

Key highlights:

  • Introduction to Code of Conduct
  • Regulatory Expectations and Guidelines
  • Crafting an Effective Code of Conduct

Resources:

Listeners to this podcast can receive a 20% discount on The Compliance Handbook, 5th edition, by clicking here.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 11 – Moving Compliance Down into an Organization

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of the best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6-8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

In this episode, Tom Fox discusses the importance of embedding a culture of compliance throughout all levels of an organization. Mike Volkov emphasizes that having senior management committed to compliance is not enough; the culture must permeate middle and lower management for a program to be effective. The 2024 ECCP underscores the necessity for ethical values to be embedded throughout the company’s hierarchy. This involves senior and middle management actively demonstrating their commitment to compliance, even in the face of competing business interests. Middle management plays a critical role, as they are the primary interface between most employees and upper management. The script highlights practical steps such as assembling compliance focus groups, training managers in effective listening, and ensuring organizational justice to operationalize a compliance program effectively. We also consider how to assess the real-world application of compliance measures within the company and the need for consistent and fair disciplinary actions across different regions and business units to reinforce a culture of compliance.

Key highlights:

  • Embedding Compliance Culture
  • Role of Middle Management
  • Tone at the Bottom

Resources:

Listeners to this podcast can receive a 20% discount on The Compliance Handbook, 5th edition, by clicking here.

Categories
31 Days to More Effective Compliance Programs

31 days to a More Effective Compliance Program: Day 8 – Building Effective Compliance Through Payroll

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

Operationalizing a compliance program through payroll is a vital component of a company’s risk management strategy, serving as both a control mechanism and a crucial link to the broader compliance function. Payroll is instrumental in identifying potential red flags, such as offshore payments, which require meticulous documentation and enhanced internal controls to prevent compliance violations. Tom Fox, a noted expert in compliance, underscores the significant role payroll plays in fortifying compliance programs by aligning with FCPA requirements and preventing fraudulent activities. He advocates for implementing demonstrable controls like Approval Certification processes, segregation of duties, and regular review procedures to mitigate compliance risks effectively. According to Tom, by embedding robust controls within payroll operations, companies deter potential violations and ensure compliance is woven into the organizational fabric, thus operationalizing their compliance programs seamlessly.

Key highlights:

  • Payroll should be on the front lines of any attempt to prevent, detect, and remediate anti-corruption compliance.
  • Key compliance program components for payroll.
  • Watch for offshore payments.

Resources:

Listeners to this podcast can receive a 20% discount on The Compliance Handbook, 5th edition, by clicking here.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 5- Enhancing Compliance Through Automation

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days series in January 2025, I will post a key part a best practices compliance program each day. By the end of January, you will have enough information to create, design or enhancement a compliance program. Each podcast will be short, at 6-8 minutes with three key takeaways that you can implement at little or no cost to help update your compliance program. I hope you will plan to join each day in January for this exploration of best practices in compliance.

In this episode, we explore how automation can revolutionize traditional compliance reporting, which is often manual, time-consuming, and error-prone. By leveraging data-driven solutions, compliance professionals can achieve near real-time reporting, improving decision-making and efficiency across their organizations. Reg Ops (regulatory operations) plays a key role in this transformation by focusing on automating compliance artifact creation and integrating existing security and compliance tools. This helps provide a comprehensive, real-time view of the company’s compliance status. However, organizations must carefully balance the need for real-time reporting with data accuracy, security, and cultural adaptation to realize these benefits. Tune in as we highlight three key takeaways: the critical role of automation in improving compliance effectiveness, the necessity of near real-time reporting, and the importance of balancing data accuracy and security in compliance programs. Join us tomorrow to discuss the impact of privacy regulations on data-driven compliance programs and analytics.

Key Highlights

  • Challenges in Traditional Compliance Reporting
  • Integrating Tools for Real-Time Compliance
  • Balancing Real-Time Reporting with Data Security
Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 4- Building Effective Data Analytics Programs for Compliance

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days series in January 2025, I will post a key part a best practices compliance program each day. By the end of January, you will have enough information to create, design or enhancement a compliance program. Each podcast will be short, at 6-8 minutes with three key takeaways that you can implement at little or no cost to help update your compliance program. I hope you will plan to join each day in January for this exploration of best practices in compliance.

In today’s business environment, compliance professionals leverage data analytics to adhere to regulatory requirements and ethical standards. This episode focuses on the importance of defining specific risks an organization wants to monitor, capturing relevant data creatively, and utilizing internal expertise to build effective data analytics programs. By starting small and focusing on one risk at a time, compliance officers can demonstrate their dedication to improving compliance despite limited resources. Additionally, a data-driven approach helps shift focus from individual policy violations to identifying systemic issues, enhancing overall organizational compliance. Key takeaways include understanding multiple factors in creating data-driven compliance programs, recognizing the value of shifting focus to systemic issues, and gradually building analytics capabilities.

Key Highlights

  • Defining and Identifying Risks
  • Innovative Data Capture and Internal Collaboration
  • Demonstrating Value to Senior Management

Resources

Listeners to this podcast can receive a 20% discount to The Compliance Handbook, 5th edition by clicking here.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 3- Key Updates in the ECCP: Messaging Apps, Internal Controls, and Compensation

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days series in January 2025, I will post a key part a best practices compliance program each day. By the end of January, you will have enough information to create, design or enhancement a compliance program. Each podcast will be short, at 6-8 minutes with three key takeaways that you can implement at little or no cost to help update your compliance program. I hope you will plan to join each day in January for this exploration of best practices in compliance.

In today’s episode, we delve into the significant updates in the evaluation of corporate compliance programs, focusing on messaging apps, internal controls, and adequate compensation. The revised language in the ECCP highlights the DOJ’s increased scrutiny on the use of messaging apps, emphasizing the need for tailored policies that align with a company’s specific risks and business needs. We also discuss the critical importance of internal controls as minimum expectations set by the DOJ, and the necessity of continuous monitoring to manage these risks effectively. Lastly, we examine the newly added provisions related to adequate compensation, ensuring that compliance teams are empowered and protected against retaliation. The episode concludes by summarizing three key takeaways for compliance professionals: the growing importance of communications compliance, the need for robust and functional internal controls, and the imperative of adequately compensating compliance personnel.

Key Highlights

  • Messaging Apps and Compliance
  • Internal Controls and Risk Management
  • Adequate Compensation for Compliance Teams

Resources

Listeners to this podcast can receive a 20% discount to The Compliance Handbook, 5th edition by clicking here.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 2-2024 ECCP on Incentives, Consequences, and Clawbacks

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days series in January 2025, I will post a key part a best practices compliance program each day. By the end of January, you will have enough information to create, design or enhancement a compliance program. Each podcast will be short, at 6-8 minutes with three key takeaways that you can implement at little or no cost to help update your compliance program. I hope you will plan to join each day in January for this exploration of best practices in compliance.

In this episode, we discuss how the Department of Justice (DOJ) has emphasized the importance of designing and implementing compliance-based compensation schemes. Financial incentives, such as deferred or escrowed compensation tied to conduct, play a critical role in fostering a culture of compliance. The episode also explores the necessary continuum of assessment, analysis, implementation, and monitoring that companies must follow for effective compliance incentive programs. Additionally, Tom covers the DOJ’s rigorous approach to consequence management, particularly concerning clawback provisions in executive contracts. The episode guides compliance professionals on the essential steps and analyses required to adhere to the enhanced DOJ expectations. Key takeaways include the importance of financial incentive analysis and the distinct yet related roles of clawbacks and consequence management within a compliance program.

Key Highlights

  • Starting with Incentives and Consequences
  • Incentive Program Breakdown
  • Consequence Management Deep Dive

Resources

Listeners to this podcast can receive a 20% discount to The Compliance Handbook, 5th edition by clicking here.

Categories
31 Days to More Effective Compliance Programs

One Month to Better Reporting and Investigations – The Investigation Protocol

After the internal report comes in and you have properly triaged the matter, you need to scope out and investigate it, promptly, thoroughly, and with competent personnel. In the 2020 Update, provided these series of questions about your internal investigations:
 Properly Scoped Investigations by Qualified Personnel – How does the company determine which complaints or red flags merit further investigation? How does the company ensure that investigations are properly scoped? What steps does the company take to ensure investigations are independent, objective, appropriately conducted, and properly documented? How does the company determine who should conduct an investigation, and who makes that determination?
 Investigation Response – Does the company apply timing metrics to ensure responsiveness? Does the company have a process for monitoring the outcome of investigations and ensuring accountability for the response to any findings or recommendations?
 Resources and Tracking of Results – Are the reporting and investigating mechanisms sufficiently funded? How has the company collected, tracked, analyzed, and used information from its reporting mechanisms? Does the company periodically analyze the reports or investigation findings for patterns of misconduct or other red flags for compliance weaknesses? Does the company periodically test the effectiveness of the hotline, for example by tracking a report from start to finish?

In a presentation, Jay Martin, and Jacki Trevino discussed the specifics of an investigation protocol. It consisted of 1) opening and categorizing the case; 2) planning the investigation; 3) executing the investigation plan; 4) determining appropriate follow-up, and 5) closing the case. If you follow this basic protocol, you should be able to work through most investigations, in a clear, concise, and cost-effective manner. Furthermore, you should have a report at the end of the day which should stand up to later scrutiny if a regulator comes looking. Finally, you will be able to “Document, Document, and Document”, not only the steps you took but why and the outcome obtained.
Three key takeaways:

  1. A written protocol, created before an investigation, is a key starting point.
  2. Create specific steps to follow so there will be full transparency and documentation going forward.
  3. Consistency in approach is critical.