Categories
Blog

Using Data Analytics to Create an Effective Compliance Program-Part 2

In this three-part blog post series, we are ruminating on how to create an effective compliance program through  the use of data analytics. I am joined in this exploration by Vince Walden, CEO of Kona AI and we are considering the requirements laid out by the Department of Justice (DOJ) in their recent pronouncements on best practices, as well as the key trends and lessons learned from enforcement actions. Finally, we will consider the speech by Kenneth Polite on the changes to the Corporate Enforcement Policy and how to meet those requirements using data analytics. Walden articulated 10 steps you need to follow:

  1. Assess a company’s conduct;
  2. Self-disclose;
  3. Know quickly if there is a problem or not;
  4. Have access to relevant sources of data;
  5. Conduct monitoring at the beginning and throughout the lifespan of the relationship
  6. Have an on-premise application;
  7. Look up vendors and transactions quickly;
  8. Run data through a library of corruption and fraud tests;
  9. Look at a predictive model and see if it meets the profile of an improper payment; and
  10. Have visibility into data almost at their fingertips.

Under Step 4, companies must quickly analyze their data quickly and efficiently to determine if they need to self-disclose any potential issues. By sharing the attributes across corporate siloes, companies can make their individual models perform better and improve their compliance programs. This allows companies to access the data quickly and easily, allowing them to identify potential risks and areas of improvement. It also provides insights into the effectiveness of compliance programs, allowing companies to make better informed decisions concerning their compliance.

Overall, having access to relevant sources of data is essential for an effective compliance program. Companies can gain access to data through on-premise platforms. By leveraging these sources of data, companies can ensure their compliance programs are up to date and compliant with applicable laws and regulations.

Step 5 is to conduct monitoring at the beginning and throughout the lifespan of any business  relationship or transaction cycle. This is an important step as it allows a company to identify potential issues with their compliance program and take corrective action. Monitoring should be conducted at the beginning of a relationship or transaction to ensure that all parties understand the expectations and that there is no potential for criminal activity. Monitoring should continue throughout the relationship as well, as this will allow a company to identify any changes in behavior or activity that could indicate a potential problem. This can be used to gain insights into a vendor’s financial and transactional data, which is often a key indicator of future or even potential compliance violations.

Having access to relevant sources of data and conducting monitoring throughout the lifespan of a third-party relationship will help an organization meet the expectations set by the DOJ for an effective compliance program. With the DOJ’s recent announcement of amendments to the Corporate Enforcement Policy, companies have even greater incentive to self-disclose if they uncover potential violations, all of which demonstrates an effective compliance program. A data analytics platform can help companies quickly identify understanding of the risks and monitoring these relationships regularly, companies can ensure that they are compliant with all applicable regulations and review potential issues.

With a comprehensive view of their activities, organizations can quickly identify any changes in activities, such as unusual patterns of payments or activities, which could indicate a potential problem. Through visibility into third party activities and transactions, companies are able to gain a better understanding of the compliance risk associated with their third-party relationships. Moreover, businesses have a mechanism to identify any financial or transactional red flags.

Interestingly Walden advocates having an “on-premise application” for data analytics, which is he step 6.  He believes “This is an important step, as it allows companies to keep their data secure, while still being able to use predictive analytics and other compliance monitoring tools.” It can be hosted and managed as a service, “meaning that companies can utilize the platform without having to move large amounts of data around each month.” This helps companies to gain insights from the model without compromising their data privacy. Furthermore, this platform can be used to identify anomalous payments that may be indicative of corruption or fraudulent activities.

Join us tomorrow where continue conclude our exploration of using data analytics to create an effective compliance program.

Listen to Vince Walden on Data Driven Compliance

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Internal Controls – Assessing for Internal Controls in International Operations

How should you assess your internal controls regime for international operations? It is incumbent that you need to review as much information as you can to understand an entity’s financial and operational structure and how it is integrated with the corporate headquarters or the U.S. business unit’s financial and operational structure if the foreign operation is part of a U.S. business unit.

You could begin with the TI-CPI to garner a sense of the reputation of the country in which your business unit is located, as well as the CPI for all other countries in which the location either markets business or has current customers. Another area for inquiry or review is the scope of your foreign operations. Other areas of inquiry should include whether your company’s finance and accounting staff produce financial statements that are integrated into the parent’s financial statements, whether your international business locations utilize a local bank account for local sales receipts as well as funds transfers from the U.S. and whether the account has local check signers and whether dual signatures are required on the checks. You may also want to consider the extent to which disbursements are made in the local currency and whether there is a local petty cash fund.

As with many other areas around internal controls, it is important to consider the local DOA and whether it is consistent with your corporate DOA. Some of the considerations regarding the local DOA should extend to which corporate or U.S. business unit approvals are required for transactions initiated locally, such as 1) approval of vendor invoices; 2) disbursements of funds, including wire transfers; 3) execution of facilities leases; 4) execution of contracts with agents; and 5) approval of pricing and credit terms to customers and distributors. You should also review whether the local DOA provides appropriate SODs at the local business unit level.

These reviews, questions, inquiries, and analyses are designed to locate the pressure points involved in any company’s sales processes. This is because pressure is a key element of occupational fraud, and the risk of fraud, including corruption, increases as the pressure increases. Since corruption is viewed as a subset of fraud, it might be a good time to review the “fraud triangle,” which lays out a breeding ground for fraud in the corruption context.

 Three key takeaways:

1. You must understand your company’s financial and operational structure and how that structure outside the U.S. is integrated with the corporate headquarters.

2. Are your financial statements and reporting systems integrated?

3. Always consider the fraud triangle.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Internal Controls – Internal Controls in International Locations

While a CCO should expect (or at least hope) that internal controls at locations outside the U.S. are of the same effectiveness as internal controls within U.S. business units and at the U.S. corporate office, unfortunately, that might not always be the case, it is often the case that corporate level internal controls are stronger than those in foreign business units. There may well be several reasons for this. First, the CFO may be paying closer attention to the corporate level internal controls, with the idea that the corporate level internal controls are the final “filter” to detect issues. This follows partly from the focus in most companies on the controls over financial reporting, which does not include all controls needed for compliance. A second reason is that many companies were built through acquisitions, resulting in many business units (both in and outside the U.S.) having completely different accounting, ERP, and internal control systems than the corporate office. There is often a tendency to leave acquired companies in the state where they were acquired rather than trying to integrate their controls and conform them to those of current business units. After all, the reason for the acquisition was the company’s profitability, and nobody wanted to be accused of negatively impacting profitability.

A third situation may exist at locations outside the U.S. with what began simply as a sales office and then expanded its scope of operations to become a business unit with its accounting and data processing functions. Unfortunately, it is not often a situation where there was a master plan for internal controls as the location’s scope grew. Processes are usually added and designed by the local personnel, which, in practice, means the country manager has total control over financial affairs and is not truly accountable to the corporate office. This can be particularly true if a country’s business unit’s profits continue. In such situations, there will rarely be any focus on effective preventive internal controls for compliance risk.

Where should a CCO begin in any of the above scenarios? The first step is to determine the extent of centralization or decentralization of relevant processes or, put another way, to what extent are relevant processes performed at the corporate offices? The second step for the CCO is to determine the possible universe of risks and to assess the risks to result in a priority of how attention will be focused. One useful approach is to perform a location risk assessment, whose purpose is to capture each location outside the U.S. where your company conducts business in one place and assess the compliance risks posed by the nature of operations at each location. Once the risks at each location have been properly categorized, you can prioritize your approach to dealing with the risks.

 Three key takeaways:

1. Modifying your internal controls can work to operationalize your compliance program more fully.

2. Check the effectiveness of your internal controls for your international locations.

3. Revisit your internal controls when a country or region experiences large growth or disruption.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Internal Controls – What Are Internal Controls?

What specifically are internal controls in a compliance program? Internal controls are not only the foundation of a company but are also the foundation of any effective anti-corruption compliance program. Internal controls expert Joe Howell has said that internal controls are systematic measures, such as reviews, checks and balances, methods, and procedures instituted by an organization that performs several different functions. Howell also notes that for compliance purposes, controls are those measures specifically to provide reasonable assurance any assets or resources of a company cannot be used to pay a bribe. This definition includes the diversion of company assets, such as by unauthorized sales discounts or receivables write-offs, as well as the distribution of assets.

Three key takeaways:

  1. Effective internal controls are required under the FCPA.
  2. Internal controls are a critical part of any best practices compliance program.
  3. There are multiple FCPA enforcement actions that demonstrate the enforcement spotlight on internal controls.
Categories
Blog

Day 21 of One Month to More Effective Internal Controls-Revenue Recognition, Internal Controls and Compliance

Financial Accounting Standards Board (FASB) issued Accounting Standards Update No. 2014-09, Revenue from Contracts with Customers (Topic 606) for public business entities, certain not-for-profit entities, and certain employee benefit plans. The amendments become effective for public entities for annual reporting periods beginning after December 15, 2017. In other words, we are now less than six months away from a new Revenue Recognition (“new rev rec”) standard, which may significantly impact the compliance profession, compliance programs, and compliance practitioners. I visited with Joe Howell, Executive Vice President (EVP) at Workiva Inc., and asked him if he could walk me through some key changes and how they might impact compliance. FASB recognized that its revenue recognition requirements around the U.S. generally accepted accounting principles (GAAP) differed from those in the International Financial Reporting Standards (IFRS) and that both sets of requirements needed improvement. This led to a project by FASB and the International Accounting Standards Board (IASB) to jointly clarify the principles for recognizing revenue and to develop a common converged revenue standard for GAAP and IFRS. Hence the new rev rec standard. The implementation will be a massive undertaking. According to Howell, “The accounting standard is 700 pages long, and in the US accounting literature, it replaces over 200 other pieces of accounting guidance on revenue.” The official name is “Revenue from Contracts with Customers,” and Howell noted there are a “lot of surprises, and the thing that is true for almost everybody is that they are going to be facing some level of change in the way they account and report revenue. They will most certainly have to change how they disclose their revenue-related things. Included in the revenue standards are over six pages worth of new disclosure requirements.” One of the key differences in this new rev rec standard is that it requires companies to disclose new information beyond data a company might have been required to release in the past. Howell thinks this will pressure auditors “to get comfortable with what the company provided them and which they incorporated into their decision-making process in forming an opinion. This is quite different for disclosure control because the auditor’s typically not relying on those.” This will create risks for auditors adjusting to the new rev rec standard because as they learn more about it and apply it going forward into 2018, they may have to revisit prior reporting and revise some of it. This is important to the compliance profession and the compliance practitioner because internal controls over financial reporting involved in implementing this new standard are critical to the effective use of implementation and how you implement it. The Securities and Exchange Commission (SEC) has said explicitly in several public statements and through their early comment letters on disclosures made in advance of implementation that companies must inform the SEC about the accounting policies that they are changing and how this new standard will affect a company’s accounting processes, and finally how those effects are going to be managed. Howell believes “The SEC is making it clear that this is a real compliance issue.” Moreover, the SEC has indicated that these disclosures are central to the new rev rec standard. Howell said, “typically, if a company has some sort of failure in their disclosures for an accounting standard, they’re treated under section Sarbanes-Oxley (SOX) Section 302 of the SEC rules, and that has a level of significance or liability, which is much lower than the liability that a company might face under SOX Section 404, which has to do with the actual internal controls over financial reporting.” While disclosure of internal controls might not typically bring Section 404 scrutiny, they may now do so under the new rev rec standard. Howell articulated that when performing a financial audit, an auditor would usually not rely on a disclosure control in the past. However, under the new rev rec standard, if there is a change during the year in how an auditor views a disclosure control, it could require them “to go back and either figure out if the audit work that they did is tainted and they need to go back and do that work in the form of substantive testing, or they need to go back to see if there were mitigating controls that were in place that still allowed them to rely on the internal control processes to get comfortable with what the company provided them and which they incorporated into their decision-making process in forming an opinion. This is quite different for disclosure control because the auditor’s typically not relying on those.” Of course, this is overlaid with the requirements of effective internal controls under the Foreign Corrupt Practices Act (FCPA) and the lack of materiality standards. One only need to consider the Wells Fargo fraudulent accounts scandal to see how a lack of materiality does not prevent the types of risk from moving forward to become huge public relations disasters, hundreds of millions of dollars in fines and costs estimated at over $1bn for failures of internal controls. Yet there are other tie-ins into compliance that the compliance practitioner needs to understand and prepare for going forward. The prior rev rec standard was rules-based. As a lawyer, that was an approach I was quite comfortable with both from a learning standpoint and communicating with business folks. But now, the standard is much more judgment-based, and when a standard is more judgment based, there can be more room for manipulation. Howell explained the response by compliance is “making sure that you have changes in the business processes necessary to gather the information that has not previously been required to continue to monitor; how that information is factoring into the judgments that managers must make as they report their revenue under the new standard; and that those judgments themselves are properly documented.” This final point demonstrates the convergence and overlap between the compliance profession, compliance programs, and compliance practitioners going forward. Compliance internal controls are in place to both detect and prevent. They can also be used to gather the information that will be presented to auditors under the new rev rec standard. Many professionals are focused on the new rev rec from the auditing and implementation perspective. However, suppose you are a Chief Compliance Officer (CCO). In that case, you might want to go down the hall and have a cup of coffee with your Chief Financial Officer (CFO) and find out what internal controls might be changing or that they might be adding and consider how that will impact compliance in your organization.

Three Key Takeaways

  1. An effective internal controls system provides reasonable assurance of the entity’s objectives relating to operations, reporting, and compliance.
  2. There are two over-arching requirements for effective internal controls. First, each of the five components is present and functional. Second are the five components operating together in an integrated approach.
  3. You can use the Tem Hallmarks of an Effective Compliance Program for an anti-corruption compliance program as your guide to testing against.

For more information on improving your internal controls management process, visit this month’s sponsor Workiva at workiva.com. The new FASB rev rec standard has significant implications for the compliance practitioner going forward.]]>

Categories
Blog

Day 22 of 30 Days to a Better Compliance Program, the Regional Compliance Committee

The Regional Compliance Committee operationalizes compliance into the Company’s Regional operations where the business operates. This approach follows the Department of Justice mandate, articulated in the Department’s FCPA Pilot Program, for companies to move the doing of compliance down into the organization’s business. The make-up of the Regional Compliance Committee, while including legal and compliance representatives, is also populated by representatives from other disciplines within the global organization, which allows a fuller, richer, and more holistic approach to compliance advice. It adds a dimension not often seen or discussed in the compliance profession. The accountability and oversight down to the Regional level and the compliance monitoring, reviewing, assessing, and recommending deemed necessary will provide additional endorsements to the organization that it is doing compliance. The Regional Compliance Committee can provide a unique structure to perform these functions.

Key Takeaways:

  1. A regional compliance committee can work to drive more efficient and robust compliance into the region.
  2. All regional leaders should be on the committee.
  3. The regional compliance committee should liaise with other compliance committees.

For more information, check out my book Doing Compliance: Design, Create and Implement an Effective Anti-Corruption Compliance Program, which is available by clicking here. The Regional Compliance Committee is uniquely suited to drive compliance down into the fabric and DNA of an organization.

Categories
Blog

Day 19 of 30 Days to a Better Compliance Program, Compliance Expertise on the Board

The Office of Inspector General (OIG) has called for greater compliance expertise at the Board level. The OIG said that a Board could raise its level of substantive expertise concerning regulatory and compliance matters by adding a compliance member to the Board. Such a compliance professional with subject matter expertise on the Board sends a strong message about the organization’s commitment to compliance, provides a valuable resource to other Board members, and helps the Board better fulfill its oversight obligations. Mike Volkov looked at it from both a practical and business perspective. He stated, “I have witnessed firsthand that companies with a board member with compliance expertise usually have a more aggressive and effective compliance program. In this situation, a Chief Compliance Officer has to answer to the board for the company’s compliance program while receiving the resources and support to accomplish compliance tasks.” Roy Snell sees it through the prism of the compliance profession and has said, “If you ask most companies if they have compliance expertise on their Board… most would say yes. When asked who the compliance expert is, they typically point to a lawyer, auditor, risk manager, or ethicist. None of these professions are automatically compliance experts. All lawyers have different specialties.” He goes on to state that what regulators want to see is specific compliance expertise at the Board level. He noted, “the government is looking for is not generic compliance expertise. They are looking for compliance program management expertise. Hui Chen, the DOJ Compliance Counsel, has continually talked about the need for companies to operationalize their compliance programs. She intones businesses must work to burn compliance into the fabric and DNA of their organization. Having a Board member with specific compliance expertise heading a Board level Compliance Committee can provide a level of oversight and commitment to achieving this goal. It will not be long before the DOJ and SEC require this step in any FCPA enforcement action resolution. This means that when your company is evaluated by Chen, under the factors set out in Prong Three of the FCPA Pilot Program, to retrospectively determine if your company had a best practices compliance program in place at the time of any violation, you need to have not only the structure of the Board level Compliance Committee but also the specific subject matter expertise on the Board and on that committee.

Key Takeaways

  1. Boards must have compliance expertise.
  2. Government regulators and shareholder groups have called for greater compliance expertise on the Board.
  3. Compliance expertise at the Board works up and down as such expertise can be a resource to the CCO and the compliance department.

For more information, check out my book Doing Compliance: Design, Create and Implement an Effective Anti-Corruption Compliance Program, which is available by clicking here. Both government regulators and shareholder groups have both called for greater compliance expertise at the Board.

Categories
This Week in FCPA

Episode 222 – the Trees Gone Bad edition


As Donald Trump blames the California and Oregon forest fires on ‘trees gone bad’; Tom and Jay continue to brave the surge in Covid cases by staying safe at home. They are back to look at top compliance articles and stories which caught their eye this week.

  1. How does Bluebell apply to cyber claims against a Board of Directors? Paul Ferllio, Bob Zukis and Christophe Veltsos in the Harvard Law School forum on Corp Governance.
  2. VW Monitor closes out monitorship. Jack Ewing in the NYT. Mengqi Sun in the WSJ Risk and Compliance Journal.
  3. Tom takes a deep dive into Herbalife. Part 1, Part 2, Part 3 and Part 4.
  4. The intersection of anti-human trafficking and ABC compliance. Vanessa Hans in the FCPA Blog.
  5. Does the DOJ have to turn in SEC investigative material in a criminal FCPA trial? Matt Kelly goes legal in Radical Compliance.
  6. The intersection of compliance and internal audit? Mike Volkov in Corruption Crime and Compliance.
  7. Who is a PEP? Dick Cassin considers a plethora of definitions in the FCPA Blog.
  8. Has Covid-19 changed the relationship between senior management and the Board? Dottie Schindlinger and Kira Ciccarelli in CCI.
  9. This month on The Compliance Life, I am joined by DeAnna Nwankwo. In this week’s Part 2, DeAnna talks about some of the skills she needed in the CCO chair.
  10. On the Compliance Podcast Network, on 31 Days to a More Effective Compliance Program, this month focuses on internal controls. This week saw the following offerings: Monday– Internal controls for 3rd parties; Tuesday– Internal controls for GTE; Wednesday– BOD oversight as an internal control; Thursday– Code of Conduct as an internal control; and Friday– What is the COSO Internal Controls Framework. The month of August is being sponsored by Affiliated Monitors. Note 31 Days to a More Effective Compliance Program now has its own iTunes channel. If you want to binge out and listen to only these episodes, click here.
  11. Join Jay and Tom at Converge20. Convercent’s top compliance conference is going virtual this year. Check at the agenda and register here.
  12. Join a great upcoming K2 Intelligence FIN webinar. Robin Henry on how investigators can use social media, Thursday, 9-24 at 1600 GMT. Registration and information here.
  13. Join Tom, Charlie Voelker, Legal Compliance Solutions, Skillsoft and Stephen Martin, Partner, StoneTurn for a joint Skillsoft/StoneTurn webinar on evolving your compliance program under the 2020 Update to the Evaluation of Corporate Compliance Programs. Wednesday, September 23, from 12 PM – 1 PM EDT. Information and registration here.

Tom Fox is the Compliance Evangelist and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.

Categories
This Week in FCPA

This Week in FCPA-Episode 156 – the Farewell to May edition

As the lads wish a fond farewell to May, enjoy the Astros still leading the MLB with the best record and looking forward to the start of summer, they return to discuss both events some of this week’s top compliance and ethics stories which caught their collective eyes.

  1. Dave Lefort’s Top 10 takeaways from Compliance Week 2019. (sub req’d) Tom, Mary Shirley, Lisa Fine and Amii Bernard-Bahn provide their reflections on a cross-posted podcast.
  2. Why ethics matters at the top.
  3. Can UNCAC help Mozambique recover funds stolen through corruption? Rick Messick explores.
  4. What is cooperation and remediation? Matt Kelly explores.
  5. Why is pre-acquistion DD from the compliance perspective now critical in France? Antoine F. Kirry, Frederick T. Davis, and Alexandre Bisch discuss.
  6. How much does a monitorship cost? Jay continues his multipart series on monitorships .
  7. How do you audit your investigative protocol? Mike Volkov explains in a 3-part series on his blog site Corruption, Crime and Compliance.
  8. Why is visibility key for compliance? Elsa Chan explores.
  9. CITGO now part of PdVSA/Venezuelan corruption scandal. Dick Cassin reports. Marissa Luck.
  10. Is there a legal duty to set the right ‘tone at the top?”
  11. This week Tom had a special 5-part podcast series sponsored by Hanzo on using AI and data analytics in compliance investigations. Check out the following: Part 1-Current State of Investigations; Part 2-Using AI and Web-Based Evidence; Part 3– Overcoming Investigative Challenges; Part 4-Improving Investigative Efficiencies; Part 5-Where are investigations headed? The podcast is available on multiple sites: the FCPA Compliance Report, iTunes, JDSupra, Megaphone,YouTube,  Spotifyand Corporate Compliance Insights. The Compliance Podcast Networkjoins C-Suite Radio.
  12. Join Tom in Boston for industry leading Compliance Master Class at the offices on AMI on June 11 & 12. Listeners who attend will receive a complimentary copy of The Compliance Handbook. Registration and Information is here. Join Tom, Eric Feldman, Vin DiCianni and Jay at the AMI Roundtable in Boston on June 13 for a deep dive into the DOJ’s new Evaluation of Corporate Compliance Programs-2019 Guidance. Information and registration is here.

Tom Fox is the Compliance Evangelist and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.
For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Categories
Everything Compliance

Everything Compliance-Episode 45, the Drinkin’ the Kool-Aid edition

Welcome to the only roundtable podcast in compliance. Today, in Episode 45 we celebrate our newest addition to the Everything Compliance gang; Sarah Hadden. Sarah is the Publisher at Corporate Compliance Insights, taking the helm from founder Maurice Gilbert earlier this year. She is a journalist by profession and has been working in the compliance space, largely at CCI for the past six years. She brings a wealth of talent, knowledge and perspective to our happy band of commentators and help us to ‘drink the Kool-Aid’.

  1. Sarah Hadden discusses experiential learning. She uses that as a basis to consider what is effective training and how interactive training can lead to a new level of not simply effectiveness but awareness to recency bias which can cloud decision making. Sarah shouts out to internet service providers everywhere who were able to make the Mueller report available as soon as it was released.
  1. Matt Kelly discusses best practices around disclosing reporting data and using interactive technologies to improve Codes of Conduct, compliance policies and procedures. Matt rants on former White House Ethics Counsel, Stefan Passantino who urged Mazars USA not to comply with a subpoena that House Oversight Committee issued for Trump’s financial documents. That is ethics for you in TrumpWorld.
  1. Jay Rosen talks about repositioning compliance as a business generator. He discusses companies which see compliance as a business advantage and details how they do so. Jay shouts out to former White House counsel Don McGahn for being a “real lawyer” because he takes notes.
  1. Tom Fox, sitting in on this episode, uses the top three FCPA settlements of 2019 (MTS, Cognizant and Fresenius) to illustrate how the FCPA Corporate Enforcement Policy, announced in 2017 is being used in practice. He compares the three different types of resolutions used by the Justice Department and what it might mean for compliance going forward. Tom rants about Charles Van Doren and the quiz show scandals from the late 1950s.

The members of the Everything Compliance panelist are:

  • Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
  • Mike Volkov– One of the top FCPA commentators and practitioners around and the Chief Executive Officer of The Volkov Law Group, LLC. Volkov can be reached at mvolkov@volkovlawgroup.com.
  • Matt Kelly– Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com
  • Jonathan Armstrong–is our UK colleague, who is an experienced lawyer with Cordery in London. Armstrong can be reached at armstrong@corderycompliance.com
  • Sarah Hadden– the newest addition to our panel. Sarah is the Publisher at Corporate Compliance Insights. Hadden can be reached at Sarah@corporatecomplianceinsights.com

The host and producer (and sometime panelist) of Everything Compliance is Tom Fox the Compliance Evangelist. Everything Compliance is a part of the Compliance Podcast Network.
For additional reading, check out the follow resources:
Matt Kelly’s blog post, Three Ideas on Codes, Policies, and Tech in Radical Compliance.
For additional reading on the 3 top FCPA cases and how they were handled under the FCPA Corporate Enforcement policy, see Tom’s blog post FCPA Enforcement Going Forwardin the FCPA Compliance Report.
Jay Rosen’s article How to Reposition Compliance as a Revenue Generator on Corporate Compliance Insights.