Categories
10 For 10

10 For 10: Top Compliance Stories For The Week Ending September 7, 2024

Welcome to 10 For 10, the podcast that brings you the week’s Top 10 compliance stories in one podcast each week. Tom Fox, the Voice of Compliance, brings to you, the compliance professional, the compliance stories you need to be aware of to end your busy week. Sit back, and in 10 minutes, hear about the stories every compliance professional should be aware of from the prior week.

Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for the compliance professional, all curated by the Voice of Compliance, Tom Fox. Get your weekly filling of compliance stories with 10 for 10, a podcast produced by the Compliance Podcast Network.

  • A Nigerian tech boss fined $250MM for a fictional company. (FT)
  • 7 people have died from a listeria outbreak so far. (NYT)
  • How much did Stewart Health Care pay its agent? (OCCRP)
  • The former VW chief goes to trial for the emissions testing scandal. (NYT)
  • HP to go after Lynch’s widow. (Reuters)
  • Another round of SEC enforcement actions for off-channel comms. (WSJ)
  • Corruption pushing Africans to immigrate. (Al Jazeera)
  • ENRC seeks $290MM from SFO for a botched investigation. (WSJ)
  • Did BoA share non-public information with investors? (WSJ)
  • Biden to block Japanese takeover of US Steel. (Bloomberg)

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

You can check out the Daily Compliance News for four curated compliance and ethics related stories each day, here.

Connect with Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

Daily Compliance News: September 6, 2024 – The Lady Godiva Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • Ugandan women stage naked protests against corruption. (OCCRP)
  • Trump wants Elon Musk to audit the US government. (WaPo)
  • Fyre II, I can’t wait. (WaPo)
  • Did BoA share non-public information with investors? (WSJ)

For more information on the Ethico Toolkit for Middle Managers, available at no charge, click here.

Categories
Blog

Bank of America’s Corporate Culture Crisis: Part 3 – The Role of Internal Controls

Compliance professionals constantly seek to understand how systemic issues within corporate hierarchies can lead to severe consequences. The recent revelations about Bank of America’s (BoA) persistent workplace culture problems are a powerful reminder of compliance’s critical role in safeguarding employees and the organization.

This week, I will explore the BoA failure around workplace culture from various perspectives articulated by the Everything Compliance gang, including Karen Woody, Jonathan Armstrong, Matt Kelly, Karen Moore, and Jonathan Marks. This exploration will include the failure of internal controls, failures by the Board and senior management, culture failures around highly driven, self-selecting employees, and the cultural miasma that is BoA from a perspective from across the pond. In Part 3, we will consider the role of internal controls.

Internal controls are often seen as the backbone of an organization’s ability to operate efficiently, ethically, and within the bounds of the law. They serve as the safety net that catches errors deters fraud, and ensures that policies are not just theoretical but are put into practice. However, the recent revelations in the Wall Street Journal (WSJ) surrounding the culture of overwork at a major financial institution, where junior bankers were expected to work excessively long hours, shine a spotlight on a critical failure in internal controls—not in their design, but in their execution and monitoring. This blog post will explore the lessons compliance professionals can learn from this situation, focusing on implementing, actively managing, and enforcing internal controls.

Understanding the Control Environment

The control environment is at the heart of any robust internal control system. This includes the corporate culture, employee attitudes toward internal controls, and the tone set by senior management. It’s the foundation upon which all other aspects of internal control are built. When the control environment is weak or toxic, as in the situation under discussion, the entire control structure can crumble.

In this case, BoA had ostensibly implemented controls to prevent overwork—junior bankers were required to self-report their working hours. If they exceeded a certain threshold, this would trigger a review by HR. However, this control was ineffective because those responsible for enforcing it did not take it seriously. Managers instructed their subordinates not to report excessive hours, bypassing control entirely. Additionally, think about the basic conflict of interest (READ: Absurdity) in having the person the control was supposed to monitor input the information for the control to activate.

For the compliance professional, this emphasizes that your control environment is only as strong as the commitment of those enforcing it. Senior management must set the tone and ensure that it resonates throughout the organization. When internal controls are ignored or undermined, it’s often a sign that the control environment is flawed.

The Role of Monitoring and Remediation

Internal controls are not static; they require ongoing monitoring and, when necessary, fine-tuning or remediation. In the BoA situation, the institution needed to adequately monitor the effectiveness of its controls. Even after the tragic death of a junior banker, which should have been a clear signal that the controls in place were not working, there was no significant overhaul or improvement in the control environment.

Monitoring is a critical component of internal control, as it allows an organization to detect weaknesses and address them before they lead to significant issues. In this case, the failure to monitor and remediate allowed a toxic culture to persist for years, ultimately leading to repeated tragedies.

For the compliance professional, the lesson is clear: regular monitoring of internal controls is essential. When weaknesses are identified, they must be addressed promptly and effectively. A failure to remediate control weaknesses leaves an organization vulnerable to risks and can signal to employees that the controls—and the culture—are not taken seriously.

The Flaws of Self-Reporting as a Control

One of the most striking aspects of this case is the reliance on self-reporting as a key control mechanism. While self-reporting can be helpful, it is far from foolproof, especially in environments with significant pressure to conform to unrealistic expectations. In this instance, the control requiring junior bankers to self-report their hours was ineffective because the reporting was neither enforced nor monitored.

The problem with self-reporting as a control is that it places the onus on the individuals being controlled, which can create a conflict of interest. Employees may feel pressured to underreport or falsify their time to meet expectations or avoid repercussions. With independent verification and oversight, self-reporting is likely to be reliable.

For the compliance professional, the starkness of the lesson could not be more profound. Self-reporting should not be relied upon as the sole or primary control in a high-risk environment. It should be supplemented with independent verification methods, such as automated time tracking, regular audits, or cross-referencing with other data sources. This approach ensures that the data collected is accurate and that controls are truly effective.

Automation and Technology in Internal Controls

Given BoA’s size and sophistication, it is somewhat perplexing that more robust, automated controls were not implemented. In today’s technologically advanced world, numerous tools can automatically track employee hours, monitor for signs of overwork, and flag potential issues for review. These tools can remove the burden of self-reporting and provide more accurate, real-time data.

For example, many organizations use software that tracks employee computer activity, monitors login and logout times, and even tracks time spent on specific tasks. This data can then be used to identify patterns of overwork and take proactive measures to prevent burnout or health issues.

For the compliance professional, it is a direct lesson that leveraging technology can significantly enhance the effectiveness of internal controls. Automated systems can provide continuous monitoring, reduce the risk of human error, and offer objective data that can be used to identify and address potential issues before they escalate.

The Importance of a Holistic Approach

Finally, every compliance professional must recognize that internal controls cannot operate in a vacuum. Internal controls must be part of a broader, holistic approach to risk management and compliance. This includes fostering a strong ethical culture, regularly training employees at all levels, and ensuring transparent, accessible channels for reporting concerns.

With BoA, the failure was not just in the specific control related to work hours—it was a systemic failure across the organization. The culture of overwork was allowed to persist because the control environment was weak, monitoring was inadequate, and there was no serious commitment to remediation.

This final lesson learned for the compliance professional is that internal controls are just one piece of the puzzle. To be truly effective, they must be integrated into a comprehensive risk management framework that includes strong ethical leadership, ongoing education, and a commitment to continuous improvement. 

Internal Controls as a Reflection of Corporate Culture

The tragic situation at BoA is a stark reminder of the critical importance of internal controls in maintaining compliance and a healthy and sustainable corporate culture. Internal controls are more than checkboxes—they reflect an organization’s values and priorities. When controls are ignored or undermined, they send a message that compliance, and by extension, employee well-being, is not a priority.

For compliance professionals, the key takeaway is clear: internal controls must be actively managed, monitored, and enforced. They must be part of a broader effort to create a culture of integrity and accountability. Perhaps most importantly, they must be seen as a dynamic system that requires constant attention and adjustment to remain effective. In a world where pressure on employees is greater than ever, robust internal controls are not just a regulatory requirement but a moral imperative.

Categories
Compliance Into the Weeds

Compliance into the Weeds: Toxic Workplace Culture at Bank of America

The award winning, Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds!

In this episode, Tom Fox and Matt Kelly take a deep dive into the toxic workplace culture at Bank of America (BoA) around hours worked by junior employees, in spite of senior management saying the right things.

BoA’s investment banking division has long been plagued by a toxic work culture, characterized by overworked junior employees and severe health crises, despite repeated assurances of reform. Tom Matt discuss these pervasive issues within BoA’s work environment. Fox highlights the tragic consequences of this toxic culture, such as the deaths of junior employees, and criticizes the company’s failure to implement effective reforms, attributing this to a lack of accountability and ethical leadership. Kelly echoes this sentiment, emphasizing the necessity for senior management to set clear expectations and consequences for middle managers who perpetuate unethical behavior. Both stress the need for senior management to address the deep-seated cultural dysfunction, impose consequences, and foster a healthier, rule-abiding workplace to prevent further tragedies and promote employee well-being.

Key Highlights:

  • Toxic Workplace Culture at Bank of America
  • Proactive Controls for Preventing Employee Overwork
  • Consequences of Middle Managers in Corporate Culture
  • Cultural Impact: Negative Attitudes in Organizations

Resources:

Matt in Radical Compliance

How Bank of America Ignores Its Own Rules Meant to Prevent Dangerous Workloads, by Alexander Saeedy in the WSJ

 Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
10 For 10

10 For 10: Top Compliance Stories For The Week Ending August 17, 2024

Welcome to 10 For 10, the podcast that brings you the week’s top 10 compliance stories in one episode each week.

Tom Fox, the Voice of Compliance, presents the stories every compliance professional needs to know as you wrap up your busy week. In just 10 minutes, sit back and catch up on the key compliance stories from the prior week.

Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for compliance professionals, all curated by the Voice of Compliance, Tom Fox. Get your weekly dose of compliance stories with 10 For 10, a podcast produced by the Compliance Podcast Network.

  • DOJ defends itself from Boeing victims’ families’ objections.  (Law360)
  • Boeing puts work output before employee health and safety. (WSJ)
  • A new CCO salary survey is out. (WSJ)
  • More fines for failure to monitor employee text messaging. (WSJ)
  • Boeing and the cost of culture failure. (NYT)
  • Smartmatic execs accused of FCPA violations in The Philippines. (NYT)
  • SFO files charges against 2 additional Glencore traders. (FT)
  • Ukraine detains Deputy MoE in corruption scandal. (Reuters)
  • French ABC efforts led to the most successful Olympics since 1984. (The Conversation)
  • Mozambique official found guilty in tuna boat corruption case. (Bloomberg)

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

You can check out the Daily Compliance News for four curated compliance and ethics related stories each day, here.

Connect with Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

Daily Compliance News: August 14, 2024 – The CCO Salary Survey Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • A new CCO salary survey is out. (WSJ)
  • Will the UK finally try and clean up BVI? (Politico)
  • Bank of America tells junior bankers to ‘follow the rules’. (WSJ)
  • Texas sues GM over stealing drivers’ personal data from its cars. (Reuters)

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Daily Compliance News

Daily Compliance News: August 13, 2024 – The ABC in Paris Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • French ABC efforts led to the most successful Olympics since 1998.   (The Conversation)
  • Boeing puts work output before employee health and safety.  (WSJ)
  • Mozambique official found guilty in tuna boat corruption case. (Bloomberg)
  • Ukraine detains Deputy MoE in corruption scandal. (Reuters)

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Compliance Into the Weeds

Compliance Into The Weeds: Data Analytics, BoA and DOJ Pronouncements

The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on sanctions compliance? Look no further than Compliance into the Weeds! In this episode, Tom and Matt take a deep dive into data analytics and highlight the Bank Of America CFPB enforcement action for failures in a data analytics program.

Data analytics is a powerful tool in the realm of compliance and risk management, providing invaluable insights that can help organizations identify potential risks and assess the effectiveness of their compliance programs. Tom emphasizes the importance of continuous monitoring using data analytics, citing a case where Bank of America was fined $12 million due to poor use of data analytics. He advocates for the use of analytics algorithms as ongoing monitoring tools and encourages business units to take an active role in managing their risks. Matt underscores the significance of data analytics in identifying and managing compliance risks. He echoes Fox’s sentiments on the need for continuous monitoring and the involvement of business units in risk management.

They also note that both the DOJ and SEC are ramping up their focus on data analytics for corporate compliance, setting higher expectations, especially for larger corporations. This shift is not only transforming the landscape of corporate compliance but also reshaping the way companies approach self-disclosure of misconduct. Join Fox and Kelly on this episode of the Compliance into the Weeds podcast as they delve deeper into the implications of the DOJ and SEC’s increasing focus on data analytics for corporate compliance.

Key Highlights:

  • The Importance of Continuous Data Analytics
  • Bank of America’s Compliance Risk Management
  • Effective Monitoring and Surveillance in Financial Services
  • DOJ’s Expectations for Corporate Data Analytics
  • Uncovering Fraud Through Data Analytics

Resources:

Matt’s blog posts in Radical Compliance

A $12M Lesson on Data Analytics

Some Vague Hints on Analytics, FCPA 

 Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
GalloCast

Gallocast – Episode 10 – The Seven Year Anniversary Edition

Welcome to the GalloCast. You have heard of the Manningcast in football. Now we have the Gallocast in compliance. The two top brothers in compliance, Nick and Gio Gallo, come together for a free-form exploration of compliance topics. It is a great insight on compliance brought to you by the co-CEOs of ComplianceLine. Fun, witty, and insightful with a dash of the two brothers throughout. It’s like listening to the Brothers Gallo talk compliance at the Sunday dinner table. Hosted by Tom Fox, the Voice of Compliance.

This podcast episode focuses on the importance of proper oversight and diligence when it comes to CCOs and other corporate leaders. The discussion highlights the implications of the Supreme Court’s ruling on diversity hiring, the need for internal controls implementation, the potential of ESG investment ROI, the consequences of unethical behavior, and the need for Deutsche Bank to address its culture of ethics. This episode emphasizes the need to create a culture of compliance and oversight within organizations in order to protect against fraud and mismanagement.to navigate these challenging issues in the corporate world. Tune in to GalloCast now!

Key Highlights

  • FTX CCO charged
  • Diversity after Supreme Court. Is it still important?
  • At what level should you apply DD to new hires? Executive level or something else
  • ESG-positive or negative for shareholders
  • BOA follows Wells Fargo with a fake accounts scandal.
  • KPMG caught cheating in The Netherlands
  • Deutsche Bank fails to meet DPA requirements.

Resources

Nick Gallo on LinkedIn

Gio Gallo on LinkedIn

Ethico

Tom Fox

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
2 Gurus Talk Compliance

2 Gurus Talk Compliance – Florida Man Moves Outside of Florida

What happens when two top compliance commentators get together? They talk compliance of course. Join Tom Fox and Kristy Grant-Hart in 2 Gurus Talk Compliance as they discuss the latest compliance issues in this week’s episode! This week on the podcast, we discussed a variety of financial fraud and corruption cases that have recently come to light. From Bank of America’s creation of millions of fake accounts to KPMG getting caught cheating in the Netherlands, these cases serve as a reminder to the importance of strong compliance programs and the need for companies to be proactive in preventing fraud. Additionally, the DOJ is utilizing data analytics to enhance their ability to prosecute FCPA cases, while Women in Compliance work to empower and support female professionals in the industry. Finally, the Florida Man Scam highlights the need to be aware of the potential for scams and to exercise caution when giving out personal information.

Highlights Include

·      Bank of America Scandal

·      Navex Survey

·      Corruption in Singapore

·      KPMG Cheating Scandal

·      Kenneth Polite Reflects

·      Lisa Osofsky Reflects

·      Women in Compliance

·      Florida Man Should Stay in FL

·      Contracts and Emojis

 

Resources 

  1. WSJ Risk and Compliance Journal
  2. FCPA Blog
  3. Radical Compliance
  4. Dutch News
  5. WSJ Risk and Compliance Journal
  6. DOJ Press Release
  7. 2023 Navex Survey
  8. Reuters
  9. Compliance Week
  10. BBC

Connect with Kristy Grant-Hart on LinkedIn

Spark Consulting

Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn