Categories
Innovation in Compliance

Operationalizing Compliance: Part 5-Overwhelmed, yet? with Taylor Edwards

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. Over this series, we consider a variety of ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer and how to avoid being overwhelmed. In our Part 5 conclusion, I am joined by Taylor Edwards to discuss how compliance professionals can prevent from being overwhelmed by all of ‘this’.

Highlights from this episode include:

·      Unpack your program through critical examination.

·      Know your history and understand how you got where you are.

·      Face data but do not be paralyzed by it. .

·      It’s about being real and accountable.

For more information go to TheBroadcat.com

Categories
Blog

Operationalizing Compliance: Part 5-Overwhelmed, yet?

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. Over this series, I have visited with Jennifer May, Director of Compliance Advisory; Taylor Edwards,  Director of Sales; Xinia Pirkey, Design Manager; Alex Klingelberger, Chief Executive Officer (CEO) and Jaycee Dempsey, Director of Customer Success. We consider a variety of ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer and how to avoid being overwhelmed. In our Part 5 conclusion, I am joined by Taylor Edwards to discuss how compliance professionals can prevent from being overwhelmed by all of ‘this’.

Compliance professionals can be overwhelmed by all the information coming out of the regulators such as the Department of Justice (DOJ) and Securities and Exchange Commission (SEC). In 2022, this included the Monaco Memo and several major Foreign Corrupt Practices Act (FCPA) enforcement actions. Edwards suggested starting from the position of “how does that apply to me?” From there you can “get real with yourself about where things may not be perfect, but also provide insights into where you can start to work on your program.” He added that the key is “recognizing that it’s OK not to have a perfect program.” What the DOJ wants is for you to assess your own program, spot the weaknesses, rank them and then remediate your ranked list going forward. Edwards concluded; you should determine “what’s the next one thing I can work on? Sometimes it’s a matter of taking small baby steps, but just recognizing that there are needed to be taken.”

One of the key components of the Monaco Memo was the cementing of corporate culture as a factor the DOJ would evaluate in any enforcement action. This formalized the remarks made by Deputy Attorney General Monaco in October 2021. Edwards maintains that a “big aspect of this is the listening function of an organization.” He will often engage a client with the questions about listening, “Have you done any listening within the organization? Have you surveyed, have you had a focus group? Have you had some kind of forum for employees? Have you gathered or crowdsourced any of that from within the organization?”

Unfortunately, that answer is often no. Edwards believes that if you recognize the need to understand and to work within the landscape of your company culture, you must  accept the fact you will be required to do a better job of getting out into the business and understanding what the culture looks like outside of the corporate compliance office. He added, “listening plays a huge role.” Having conversations “across different parts of the business help inform not only your understanding of the culture, but then how you can go in and influence it for the better, influence it to be more ethical and compliant.”

We then turned to the DOJ’s 2020 Update to the Evaluation of Corporate Compliance Programs mandates around risk assessments, which move from biennial or even annual risk assessments to risk assessments when your risks change. This is a key area where compliance professionals often feel overwhelmed. Here Edwards suggested taking ‘bite sized or small chunks” to improve your program. Edwards pointed to training as the DOJ has moved far beyond the prior metric of completion rates.  He said, “if you are focused on a 100% completion rate and that is the outcome you’re trying to achieve, then your focus will be on a Learning Management Systems tool that allows you to easily assign modules to a 100% of your workforce. However, if the outcome you are really focused on is compliance, good behavior, making sure that laws and regulations do not get breached, then your focus should be how do I influence behavior as opposed to having a hundred percent completion rate?”

This means you need to emphasize the behavioral element. You can start to do things like “monitoring, which can seem overwhelming for a lot of groups, and it typically gets underinvested in.” But if your focus is on the prevention aspect, then you need to “go out there and see what people are doing wrong currently so you can an address it and stop it.” This can be down with a process mindset; “on a risk-by-risk basis, on a task-by-task basis or a on a process-by-process basis where you peel back the onions of the organization to see if there are any potential pitfalls in our current process.”

The bottom line is there are a variety of approaches you can take to move your program forward. The key is to identify your program weaknesses and begin the remediation process.

For more information go to TheBroadcat.com

Categories
Innovation in Compliance

Operationalizing Compliance: Part 4 – Effectiveness, Redux with Alex Klingelberger

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. Over this series, we consider various ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer, and how to avoid being overwhelmed. In Part 4, I am joined by Alex Klingelberger, CEO at Broadcat, where we deeply dive into effectiveness.

Highlights from this episode include:

  • Compliance training must stay away from the patronizing training material.
  • The DOJ pronouncements on clawbacks put pressure on senior management.
  • Bilateral communication is a critical component of a best practices compliance program.
  • Compliance engagement is more than between your compliance function and employees. It is when employees engage each other about compliance topics as well.

For more information, go to TheBroadcat.com.

Categories
Innovation in Compliance

Operationalizing Compliance: Part 3 – Jaycee Dempsey on Operationalizing Compliance

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. Over this series, we consider various ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer, and how to avoid being overwhelmed. In Part 3, I am joined by Jaycee Dempsey to discuss operationalizing your compliance program through employee engagement and participation.

Highlights from this episode include:

·      Compliance is a team sport.

·      The DOJ pronouncements on clawbacks put pressure on senior management.

·      Middle managers are where the rubber meets the road.

·      Document Document Document

For more information, go to TheBroadcat.com

Categories
Blog

Operationalizing Compliance: Part 3-Jaycee Dempsey on Operationalizing Compliance

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. Over this series, I visit with Jennifer May, Director of Compliance Advisory; Taylor Edwards,  Director of Sales; Xinia Pirkey, Design Manager; Alex Klingelberger, Chief Executive Officer (CEO) and Jaycee Dempsey, Director of Customer Success. We consider a variety of ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer and how to avoid being overwhelmed. In Part 3, I am joined by Jaycee Dempsey to discuss operationalizing your compliance program through employee engagement and participation.

We began with break down what operationalizing compliance. Dempsey said it’s “making compliance training not something that is done on a one-time basis, on a routine basis like once a year, but rather something that is integrated into the day-to-day work for all your employees. It means that you are training them on what they actually are doing that creates or mitigates risk versus compliance concepts generally.”

From there she had the most interesting insight that compliance at its most basic is a “team sport.” As a compliance professional or even compliance function “you can’t be everywhere at once, nor should you be. You need to engage your employees. You have to speak the language of the business, because that’s what gets you the seat at the table.” She also believes that business executives have an important role to play as their “attitude towards compliance trickles down to the rest of the organization and that your employees are looking up to them. If your leadership is not talking about ethics and compliance regularly, it will affect the entire culture of the organization no matter what you’re trying to do in the compliance team.” This means you “need to have them on board and they also need reminding of their role in operationalizing compliance.”

As important as your senior leaders are and their role in compliance, Dempsey believes middle managers “may be even more impactful than your C-Suite.” As a compliance practitioner you must make “sure that you’re reaching out to them as well.” But once again it is giving middle managers the tools, training and communications to be effective as the first point of contact for many employees who wish to speak up and raise a concern.

But in addition to being an initial point of contact for employees who want to speak up, middle managers are the folks that are engaging day-to-day with their teams. Middle managers make decisions on raises, promotions, what projects their people are on. A middle manager is often the position that is the next step in an employee’s career ladder. This means that employees are “paying very close attention to the way that their manager acts, the things that they say and the way that they think up.” Dempsey had the insight that “middle managers are a living, breathing, real life example of what the organization promotes, no matter what’s said on paper.” This means that in many ways “they’re also key to operationalizing compliance.”

Many compliance professional do not think of our employees as customers. Dempsey believes a compliance function should do so “because essentially your role is like an internal marketing agency. You’re trying to influence behavior.” It is also about “making actual meaningful change in the way that people do their jobs, while making sure that you are reducing risk.” This means a compliance function should be focused on “delivering guidance at that moment when they need it with very concrete steps, be in a position you can provide them with information on what you need to do to be successful in your position.”

Another insight Dempsey had from marketing is the term “seven different ways, seven different times.” This is not simply “copying and pasting the same message over and over.” It is “thinking through the different ways that you can message your employees what is available to you.” It can be a variety of strategies and tactics. It can be internal social media, “utilizing those flat panels that are in break rooms, in front of elevators or near the cafeteria or simply pushing out screensavers on everyone’s computer, with those quick reminders or a desktop shortcut to your reporting hotline.” It can also be more old school such as “emails from the compliance team from leaders and your middle managers.” Finally, “embedding checklists and decision trees and into your processes and making sure that you’re providing toolkits to your managers and leaders for discussion-based training is a key for documentation.”

Join us in Part 4 where we look at effectiveness, redux.

For more information go to TheBroadcat.com

Categories
Innovation in Compliance

Operationalizing Compliance: Part 2 – Compliance Program Design Jennifer May and Xinia Pirkey

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. Over this series, we consider various ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer, and how to avoid being overwhelmed. In Part 2, I am joined by Jennifer May and Xinia Pirkey to consider your compliance program design.

Highlights from this episode include:

·      Your communications should resonate with your employees.

·      Aesthetic draws an employee in, but content grabs their attention.

·      Clarity and relevance are key elements.

·      Document Document Document

For more information, go to TheBroadcat.com

Categories
Blog

Operationalizing Compliance: Part 2-Compliance Program Design

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. Over this series, I visit with Jennifer May, Director of Compliance Advisory; Taylor Edwards,  Director of Sales; Xinia Pirkey, Design Manager; Alex Klingelberger, Chief Executive Officer (CEO) and Jaycee Dempsey, Director of Customer Success. We consider a variety of ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer and how to avoid being overwhelmed. In Part 2, I am joined by Jennifer May and Xinia Pirkey to consider your compliance program design.

May began that the key is relevance and clarity. If your training or communication is not relevant, it really does not “matter how perfect the design is or even how perfect the message is, if it is being shared with someone that’s the wrong person, it will fall flat”. In other words, your compliance team is “just wasting time blanketing the entire workplace with some piece of information that does not apply to most of them.” Regarding clarity, she said, “If you are not clear about what it is you want them to do, what the behavior is that you are trying to achieve, you will lose their attention there as well.” All of this can lead to wasted time for your employees and wasted effort for your compliance team, “potentially even starting to lose some credibility.”

Pirkey is a design professional so comes at these issues from a different perspective from May or myself. Pirkey said, “we use design, from my point of view, to leverage the content to be on point to the audience that will receive it.” As a design professional, you must always consider the user experience so “we have to think about the users and who we are trying to target.” She added,  “As a designer, I come in and I try to interpret the content and I try to interpret as much as I can and ask the questions, such as “Who is this for? What am I trying to say? How do I want them to read this step by step?” You must always be cognizant not only about the audience, but also how we are projecting to them.”

Next, we considered how effective content can create credibility for your compliance function or conversely, ineffective content can demean your compliance function credibility. Pirkey began by noting that it is all about content, intoning, “we start with content.” Interestingly, she said that “a lot of times this means that we’ve come up with a format, whether it is a decision tree, an infographic, a written piece of content or other; and it is in a manner we can project it as job aid to our audience.” She also noted that conversely, there are times “we have to go back to the drawing board and decide, OK, this does not work as a decision tree. We need to think about a different format, a contrast example, or another approach.”

We closed with a discussion of the ‘secret sauce’ to creating great compliance communications tools. May believes it “is that back and forth and the community of diverse voices that we have, because we all have such unique experiences in our professional backgrounds.” When you couple this with the intent and “focus on trying to help organizations make these communications as simple, easy, straightforward” you can begin to achieve great compliance messaging. “Blending these approaches, the design method, thinking in that way, being collaborative with each other, being open with each other, and then doing that same thing on the backside with our clients too; that is the secret sauce. That’s the thing that makes Broadcat successful and a really awesome place to work with and work for.”

Join us in Part 3 where we look at operationalization.

For more information go to TheBroadcast.com

Categories
Innovation in Compliance

Operationalizing Compliance: Part 1 – Compliance Program Effectiveness Jennifer May

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. We consider various ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer, and how to avoid being overwhelmed. In Part 1, I am joined by Jennifer May to consider compliance program effectiveness.

Highlights from this episode include:

·      What is and is not effective?

·      Identify silos and work through them.

·      Compliance is not a closed-book test.

·      Document Document Document

For more information, go to TheBroadcat.com

Categories
Blog

Operationalizing Compliance: Part 1 – Compliance Program Effectiveness

Welcome to a special five-part podcast series on Operationalizing Your Compliance Program, sponsored by Broadcat LLC. Over this series, I visit with Jennifer May, Director of Compliance Advisory; Taylor Edwards,  Director of Sales; Xinia Pirkey, Design Manager; Alex Klingelberger, Chief Executive Officer (CEO) and Jaycee Dempsey, Director of Customer Success. We consider a variety of ways to more fully operationalize your compliance regime, including the design and effectiveness of your communications, why the operationalization of compliance is a team sport, why simply data is not the answer and how to avoid being overwhelmed. In Part 1, I am joined by Jennifer May to consider what is compliance program effectiveness.

We began with one of the most well-worn words in compliance that still challenges compliance professionals, that being ‘effectiveness’. May said that it is not about getting a hundred percent completion on some sort of training module, which unfortunately in many ways has become the benchmark or the metric used. Instead, it is about getting information to individuals so you can get the right outcomes. Effectiveness is not represented by clicks but rather it is about outcomes.

You should start by identifying your highest risk activities. Begin by asking questions, which might include “Are you having good (or bad) outcomes when it comes to those risky activities? And if you’re not, why are you not? Do your employees understand what it is that they are supposed to be doing and when they are supposed to be doing it? What are those behaviors and the outcomes that we want to change or need to change to get to the appropriate outcomes?”

By asking such questions and delivering training and communications on those topics and areas, you begin to see a shift in people. It is not about a click; the result is compliant behavior. Shifting the focus and conversation to what those outcomes are allows you to start thinking about training in a different way and you can start to see how effectiveness can begin to be impacted by solid training that focuses on outcomes.

May analogized it to a closed-book or open-book test. She does not believe employees should think of compliance as a “closed-book test.” Compliant behavior is not something that you should keep behind a curtain. Your information should be out there and available to any employee who needs it in the moment that they need it. If there is a risk to manage; that is when they will need it. But if your employees need such information “the next time and the next time, and every time subsequent to that, then that’s okay too. There’s no reason why keeping that compliance information hidden or keeping it locked away and making them remember it is going to make them more effective or, more appropriately, compliant in their behaviors. Providing that information upfront and always when they need it, is really the key.”

Obviously, compliance folks cannot be everywhere all at once. Your compliance function may be a single person or a small team. Further, they cannot morph themselves into covering every single risk and every single moment of the organization every time. That is why the closed-book test does not do them any good as they cannot “be standing over someone’s shoulder every time talking about why then need to do something, what they need to do and how they need to do it.” Keep an open book approach and make compliance information openly available whenever employees need it.

We concluded with a few thoughts on credibility for your compliance program, which May believes is a very important concept for compliance. and had an interesting take on that issue. She said that credibility “honors employees as professionals in the work that they are doing.” This ties into “being open about the resources that are available, encouraging them to use them, encouraging them to find them, and perhaps, most importantly, encouraging them to reach out when they have a question.” May sees all this as a part of that credibility. This leads to engagement on a level which is about what they do and demonstrating that you, as the compliance professional, are there to support them.

Join us in Part 2 where we look at program design.

Resources

For more information, check out Broadcat here.

Categories
This Week in FCPA

Episode 284 – The Holmes Found Guilty Edition


Jay returns from a lengthy holiday assignment to join Tom to look at some of the week’s top compliance and ethics stories this week in the Holmes Found Guilty edition.
Stories

  1. Elizabeth Holmes was found guilty. The Verdict (WSJ), What does it mean for Silicon Valley? (NYT), What about the victims? (Bloomberg), Will Holmes serve any time? (Fortune)
  2. 2022 to be a critical year in ESG reportingMike Munro and Guido Van Druen in a CCI.
  3. Top D&O stories from 2021. Kevin LaCroix in D&O Diary
  4. Airbnb spanked over Cuba. Mengqi Sun in WSJ Risk & Compliance Journal.   
  5. MorganStanley fined $60MM over a data breach? Aaron Nicodemus in Compliance Week (sub req’d).
  6. China’s new ABC guidelines. Andrew Reeves and Rongxin Huang in the FCPA Blog.  
  7. The ‘G’ in ESG. Lawrence Heim in PracticalESG.
  8. Key areas for BOD oversight in 2022. Holly Gregory in Harvard Law School Forum on Corporate Governance
  9. Audrey Harris joins AMI.
  10. Broadcat sold. Broadcat Press Release.

Podcasts 

  1. Want some fun? Join Tom and One Stone Creative co-founder Megan Dougherty to explore the full MCU. In their most recent posting, check out Episode 3, Iron Man.  
  2. In January on The Compliance Life, I visited Valerie Charles, a partner at StoneTurn. Val has one of the most interesting journeys in compliance. In Part 1, she discusses her academic background and early professional career. 
  3. The Compliance Podcast Network welcomes Professor Karen Woody and her new podcast, Classroom Insider. Karen interviews some of her students to tell insider trading history in this unique pod. Check out Episode 1, where they discuss the history of insider trading. In  Episode 2, the disclosure or abstain rule. Episode 3 will take up narrowing the scope of the disclose or abstain rule. 
  4. Mikhail Reider-Gordon returns in Lies, Spies & Corporate Crimes: The Wirecard Saga, with Season 2, Episode 2 The Vagabond Rapping At Your Door.
  5. Check out 31 Days to a More Effective Compliance Program returns, which runs from January 1 to January 31. Available on the Compliance Podcast NetworkMegaphoneiTunes, and other top podcast platforms. 

Tom Fox is the Voice of Compliance and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.