Categories
Blog

Compliance Lessons Learned: Building Meaningful Workplace Connections

In today’s business environment, compliance professionals are often praised for their pivotal role in fostering ethical, sustainable, and resilient corporate cultures. A recent HBR article, What Employers Get Wrong About How People Connect at Work, provides a compelling framework that compliance officers can integrate into their strategies to strengthen organizational integrity and trust.

The authors believe that connections in the workplace are commonly thought of as a single dimension that prioritizes interpersonal relationships with co-workers. However, the authors have identified that connections in the workplace are made up of four interrelated and essential elements: employee connections with their colleagues, leader, employer, and role. This more accurate and nuanced view of workplace connections has implications for how organizations can design intentional talent strategies to create workplaces where employees are committed, engaged, and performing. They introduce the CLEAR framework to help facilitate transformative workplace lessons. I have adapted their ideas for the compliance professional.

  • Colleague Connection: Compliance as a Collaborative Endeavor

In compliance, collaboration is non-negotiable. The CLEAR framework emphasizes the importance of trust and mutual support among colleagues, a principle that extends seamlessly into compliance programs. When employees feel connected to their peers, they are more likely to share insights and raise concerns, a cornerstone of effective whistleblowing mechanisms. For compliance professionals, this means building platforms and safe spaces for employees to collaborate. Initiatives like ethics roundtables or cross-departmental compliance champions can foster peer-to-peer connections, encouraging the open exchange of ideas and concerns about compliance issues.

  • Leader Connection: Ethical Leadership in Action

The article identifies leader connection as a key factor, noting that 70% of the variance in team engagement is attributed to managerial quality. For compliance professionals, this underscores the need for leadership at all levels to embody ethical conduct. Leaders who communicate, provide constructive feedback, and model ethical behavior are indispensable in embedding compliance into an organization’s DNA. You should work to train your business leaders to be compliance ambassadors. This means both senior managers and middle managers as well. Equip them with tools to integrate compliance into their everyday leadership practices, from reinforcing training to discussing real-world ethical dilemmas with their teams.

  • Employer Connection: Aligning Compliance with Corporate Values

A strong employer connection, where employees see their work as meaningful and aligned with organizational goals, is critical. Compliance professionals are central in shaping this narrative by linking ethical practices to the company’s mission. When employees view compliance as an enabler of corporate success rather than a hindrance, their engagement deepens. Positioning compliance as a competitive business advantage and using internal communications to highlight how ethical practices contribute to the organization’s reputation, financial health, and long-term success will further align your employees with your overall goal of doing business ethically and in compliance.

  • Role Connection: Engaging Through Purpose

Role connection thrives when employees find satisfaction in their work and see clear pathways for growth. Compliance means integrating ethical considerations into individual roles and responsibilities. Employees who understand how their job contributes to the company’s compliance goals are likelier to take ownership of ethical behavior. Here, your compliance team should work to tailor compliance training to individual roles. Move beyond generic programs to create targeted, role-specific training that shows employees how compliance intersects with their day-to-day responsibilities.

  • CLEAR Connections and the Return-to-Office Debate

The authors critique a narrow focus on colleague connections in return-to-office mandates, warning that neglecting other CLEAR elements can undermine employee engagement. For compliance teams, this presents a nuanced challenge. Remote work can dilute compliance oversight, but rigid in-office policies may harm trust and morale. This will allow your compliance function to adopt flexible compliance monitoring strategies. Use technology to maintain oversight while respecting diverse work arrangements and ensure employees feel trusted and supported regardless of where they work. 

  • The Patchwork Principle: Balancing Connection Needs

The authors propose the “patchwork principle,” urging leaders to adopt a portfolio of policies that reflect employees’ diverse connection preferences. Compliance teams can take inspiration from this approach to design policies that address various needs while ensuring alignment with regulatory requirements. The DOJ has long clarified that your compliance program should be based on your company’s compliance risks. This means you should customize your compliance program. Consider employee demographics, cultural nuances, and risk profiles when designing policies and procedures, ensuring they resonate across the organization.

Final Thoughts: CLEAR Insights for Compliance Success

The CLEAR framework challenges compliance professionals to think beyond policies and procedures, emphasizing the human connections that underpin ethical behavior. By fostering meaningful relationships across these four pillars, compliance leaders can build a culture that adheres to regulations and thrives on trust, engagement, and integrity.

Incorporating these lessons is not simply about compliance but redefining how organizations connect, collaborate, and succeed. By adopting these principles, compliance professionals can lead the way in creating workplaces that are not only compliant but also connected and committed to excellence.

Categories
FCPA Compliance Report

FCPA Compliance Report: Unlocking Financial Gains Through Proactive Compliance: Insights with Nicolas Tollet

Welcome to the award-winning FCPA Compliance Report, the longest running podcast in compliance. In this edition of the FCPA Compliance Report, Tom Fox cross post the first episode of a new podcast series from Nicolas Tollet, partner at Hughes, Hubbard and Reed

In this episode, Tollet delves into the substantial financial benefits stemming from robust compliance measures. Tollet recounts a company’s journey through two deferred prosecution agreements (DPAs) related to bribery and corruption allegations in Africa and Brazil, detailing how proactive compliance actions saved the company approximately $100 million. He emphasizes the crucial role of an independent monitor and in-depth compliance reviews in identifying and mitigating misconduct. Tollet explores the implementation of compliance policies and training programs, drawing comparisons with high-profile cases like Walmart’s FCPA settlement, to illustrate the long-term financial stability and operational integrity gained through early compliance investment.

Highlights in this Episode:

  • The First Deferred Prosecution Agreement (DPA)
  • The Second DPA and Lava Jato Investigation
  • Compliance as a Competitive Advantage
  • Detecting and Addressing Misconduct
  • Remediation and Strengthening Compliance
  • Financial Benefits of Compliance
  • Comparing with Walmart FCPA Case

 Resources:

Nicolas Tollet at Hughes Hubbard & Reed

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

For an audio/video version of the Compliance Kids book, Speaking Up is AWESOME, contact Tom Fox.

Categories
Blog

TD Bank: Part 3 – Lessons Learned for Compliance

We continue our exploration of the resolution of the AML/BSA enforcement action involving the TD Bank US (the Bank) wholly owned by the TD Bank Group,  a publicly traded (NYSE: TD) international banking and financial services corporation headquartered in Toronto, Canada. Today, we explore some key lessons learned for the AML compliance professional. We begin with what Attorney Merrick Garland noted: “Three money laundering networks took advantage of TD Bank’s failed anti-money laundering system.”

The 3 Money-Laundering Scheme

The David Scheme

Da Ying Sze, also known as David, used the Bank as a money laundering and unlicensed money transmitting scheme for which he pled guilty in 2022. David conspired to launder and transmit over $653 million, with more than $470 million laundered through TDBNA. He bribed bank employees with over $57,000 in gift cards to facilitate the scheme. David laundered money by depositing large amounts of cash, sometimes exceeding $1 million in a single day, into accounts opened by other individuals. He also instructed bank employees to send wires and issue official checks. The Bank needed to correctly identify David as the person conducting the transactions in over 500 CTRs, which covered more than $400 million in transaction value, despite David directly depositing large cash sums into accounts he allegedly did not control.

Bank Insiders

Five Bank employees provided material assistance to a second money laundering scheme, which laundered millions of dollars from the United States to Colombia. The five individuals, referred to as “TDBNA Insiders,” held various positions within the bank, including Financial Service Representative, Retail Banker, Assistant Store Manager, and Store Supervisor at TDBNA stores in New Jersey and Florida. These insiders helped the money laundering networks by opening accounts and providing dozens of ATM cards used to launder funds through high-volume ATM withdrawals. They also assisted in maintaining these accounts by issuing new ATM cards and overcoming internal controls and freezes on account activity. Through these actions, approximately $39 million was laundered through the bank. Despite significant internal red flags, TDBNA did not identify the insiders’ involvement in the money laundering scheme until law enforcement arrested Insider-1 in October 2023.

Shell Company Scammers

From March 2021 through March 2023, a money laundering organization known as “MLO-1,” which claimed to be involved in the wholesale diamond, gold, and jewelry business, maintained accounts for at least five shell companies at the Bank. These accounts moved approximately $123 million in illicit funds through the bank. The Bank knew these shell companies were connected, sharing the same account signatories. Despite these red flags, The Bank did not file a Suspicious Activity Report (SAR) on MLO-1 until law enforcement notified the bank in April 2022. By then, MLO-1’s accounts had been open for over 13 months and had transferred nearly $120 million through TDBNA.

Lessons Learned

This enforcement action is a sobering reminder of compliance’s critical role in preventing and detecting financial crimes like money laundering. With over $470 million laundered in one scheme, $39 million moved through insiders, and $123 million transferred via shell companies, significant compliance failures occurred.  Of course, these are only a part of the $18.3 trillion in transactions that the Bank does not monitor due to its conscious compliance failures. These incidents underscore the importance of maintaining robust internal controls, employee oversight, and proper reporting mechanisms.

Failing to Detect Obvious Red Flags

In this case, one of the most glaring issues is the bank’s failure to identify the obvious red flags associated with laundering large sums of money. In the case of David, the Bank failed to file accurate CTRs for over $400 million in transactions. David regularly deposited enormous amounts of cash, over $1 million in a single day, into accounts opened by others, yet the bank failed to link him to these transactions.

The key takeaway for compliance professionals is to ensure that their systems are calibrated to flag suspicious activities, especially when transactions exceed certain thresholds. Large cash deposits, frequent activity involving multiple accounts, and nominee account holders should always trigger enhanced due diligence and review. Automated systems must be updated and combined with human oversight to catch these patterns.

The Role of Corrupt Employees in Facilitating Money Laundering

The involvement of the Bank Insiders in the second laundering scheme is a textbook example of how internal corruption can undermine even the most sophisticated compliance programs. These employees assisted money laundering networks by opening accounts, providing ATM cards, and circumventing internal controls and account freezes. In exchange, they received bribes, showing the vulnerability of staff in critical roles.

This scenario mandates why employees must undergo regular anti-bribery and anti-corruption training to reinforce the consequences of accepting bribes and engaging in unethical behavior. In addition, a strong compliance culture should include mechanisms for detecting internal misconduct, such as anonymous reporting systems and independent audits to identify corrupt employees early. Creating ethical guardrails within your organization, alongside frequent checks and balances, can protect against insider threats.

CTRs and SARs Must be a Priority

A key regulatory requirement under the Bank Secrecy Act (BSA) is the filing of Currency Transaction Reports (CTRs) and Suspicious Activity Reports (SARs). The Bank’s failure to file accurate CTRs in David’s case and delayed filing of SARs in the Shell Company Scammers scheme underscores how devastating the consequences can be when compliance teams do not take their regulatory obligations seriously. Even after identifying that shell companies were linked to each other by shared account signatories, the Bank failed to act quickly, allowing nearly $120 million to be laundered through their systems.

The timely filing of CTRs and SARs is not just a best practice; it is a regulatory requirement. Compliance officers must ensure that processes for flagging suspicious activity are effective and swift. Training staff to recognize when CTRs and SARs are needed and implementing systems that automatically flag transactions for review will help ensure compliance with reporting obligations.

Third-Party Risk and Shell Companies: Know Your Customer (KYC) Failures

The shell companies used to launder $123 million demonstrate a significant lapse in the bank’s Know Your Customer (KYC) protocols. The Bank knew the shell companies were linked by the same account signatories yet failed to act for over a year. This gap in KYC enforcement allowed significant funds to pass through without appropriate scrutiny or action.

KYC processes should be foundational to every compliance program. Regular reviews and enhanced due diligence are required when dealing with high-risk entities like shell companies. Compliance professionals should prioritize the identification of ultimate beneficial ownership (UBO) and remain vigilant when patterns suggest potential fraud, even if account openings appear legitimate at first glance. Your KYC protocols must also integrate ongoing monitoring, not just one-time checks.

The Consequences of Ignoring Red Flags

Across all three schemes, the Bank ignored significant internal red flags—whether employees directly deposited large sums of cash, insiders actively assisting in laundering activities, or shell companies linked by shared signatories. Compliance must be more than just a checkbox exercise. Red flags must be taken seriously and escalated quickly to prevent further damage.

Compliance teams must be empowered to act decisively when red flags are raised. This includes having the authority to freeze accounts, file reports, and escalate issues to senior management and regulatory authorities when needed. Additionally, a strong culture of compliance, backed by leadership, should encourage immediate action when suspicious activity is detected.

Monitoring and Auditing: Preventing Future Failures

Finally, this case reveals the importance of ongoing monitoring and regular auditing. In all three schemes, the Bank failed to sufficiently monitor account activities and employees, which allowed the laundering schemes to continue for extended periods. Regular audits and automated transaction monitoring systems are essential to detect and prevent similar issues.

Auditing and monitoring systems should be built into your compliance framework, focusing on high-risk accounts, employees, and geographies. By continuously reviewing and auditing compliance processes, teams can identify gaps early and prevent further exploitation. Technology can be key in monitoring, but human oversight is critical to analyzing more complex behavior patterns.

This enforcement action is a stark reminder of the consequences of weak compliance controls, employee corruption, and failure to act on red flags. For compliance professionals, the lessons from this case are clear: robust internal controls, continuous training, effective KYC procedures, and timely reporting are essential to preventing and detecting money laundering. By learning from these failures, compliance officers can strengthen their programs and ensure their organizations remain vigilant in the fight against financial crime.

I will explore this matter in depth over the next several blog posts. Tomorrow, I will consider the Bank’s culture and flat cost paradigm.

Resources

OCC

OCC Press Release

Consent Order 

Civil Money Penalty 

DOJ

TD Bank US Holding Company Information

TD Bank N.A. Information

TD Bank US Holding Company Plea Agreement and Attachments

TD Bank N.A. Plea Agreement and Attachments

Merrick Garland Remarks

Nicole Argentieri Remarks

Categories
Compliance Into the Weeds

Compliance into the Weeds: Adventures in Squeezing Out Compliance – TD Bank’s Flat Cost Paradigm

The award-winning Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds!

In this episode, Tom Fox and Matt Kelly take a deep dive into the TD Bank BSA and AML enforcement action, which led to $3 billion in fines and penalties.

Tom and Matt discuss TD Bank’s conscious strategy of not raising the budget, known as the Flat Cost Paradigm or Zero Expense Growth Paradigm, and how this strategy severely restricted the Bank’s compliance and AML functions. This tactic aimed to increase profits by keeping expenditures flat year after year. The impact of this strategy is particularly evident in the global AML team’s expenditures on the U.S. anti-money laundering program, which decreased in 2021 compared to 2018. Despite significantly growing U.S. assets and net income, the bank refrained from increasing its budget for essential programs, a fact highlighted in the Justice Department indictment. The Bank’s strategy serves as a clear warning about the dangers of prioritizing profits over compliance.

Key Highlights:

  • Introduction to the Flat Cost Paradigm
  • Details of the Budget Strategy
  • Impact on Anti-Money Laundering Efforts
  • Financial Growth Amidst Budget Constraints

Resources:

  1. Blogs

Matt in Radical Compliance

Tom in the FCPA Compliance and Ethics Blog

  1. Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

  1. Enforcement Related Material

OCC

OCC Press Release

Consent Order 

Civil Money Penalty 

 DOJ

TD Bank US Holding Company Information

TD Bank N.A. Information

TD Bank US Holding Company Plea Agreement and Attachments

TD Bank N.A. Plea Agreement and Attachments

Merrick Garland Remarks

Nicole Argentieri Remarks

Categories
Blog

TD Bank: Part 2 – When Profits Trump Compliance: A Recipe for Corporate Disaster

We continue our exploration of the resolution of the AML/BSA enforcement action involving TD Bank US (the Bank), which is wholly owned by TD Bank Group, a publicly traded (NYSE: TD) international banking and financial services corporation headquartered in Toronto, Canada. TD Bank Group is one of the thirty largest banks in the world and the second-largest bank in Canada.

The enforcement action came in with a $3 billion penalty against the Bank, which has pled guilty to charges relating to the Bank Secrecy Act (BSA), which requires financial institutions to maintain programs to detect and report suspicious activity by their customers. The Bank also settled a series of civil investigations by the Treasury Department’s Financial Crimes Enforcement Network (FinCEN), the Federal Reserve, and the Office of the Comptroller of the Currency (OCC), which mandated a Monitor to oversee the building out of the Bank’s compliance program and imposed an asset cap limiting the growth of the Bank’s U.S. retail business as a result of the breakdown of its controls.

This TD Bank case is right up there with Siemens, Petrobras, Odebrecht, Goldman Sachs, and Volkswagen as some of the most basic violations of corporate law we have ever seen. All of the above cases involved bribery and fraud, and the Bank case involved a violation of the most basic requirement of the BSA and the most basic tenets of an anti-money laundering compliance program. Moreover, the Bank’s conduct was not 20 years ago or even 10 years ago, as the conduct began in 2018, and the illegal conduct was right up to this past year. What led to these failures?

Failures at the Top

For the Bank, it all started at the top, where the very senior executives at the Bank decreed that no additional funds would be made available for compliance, compliance updates, or new technological solutions designed to make fulfillment of compliance obligations more efficient. This funding strangulation was termed the “flat cost paradigm” across the Bank’s operations. As a result, the Bank “willfully failed to remediate persistent, pervasive, and known deficiencies in its AML program, including (a) failing to substantively update its transaction monitoring system, which is used to detect illicit and suspicious transactions through the Bank, between 2014 and 2022 despite rapid growth in the volume and risks of the Bank’s business and repeated warnings about the outdated system.”

According to the TD Bank US Holding Company Information, this policy was pursued by the Bank Audit Committee and by the Bank’s Chief Anti-Money Laundering Officer during the relevant period, and the Bank’s BSA Officer both knew there were long-term, pervasive, and systemic deficiencies in the Defendants’ U.S. AML policies, procedures, and controls. This led to the Bank monitoring only approximately 8% of the volume of transactions because it omitted all domestic automated clearinghouse transactions, most check activity, and numerous other transaction types from its automated transaction monitoring system. Due to this failure, the Bank did not monitor approximately $18.3 trillion of transactions between January 1, 2018, through April 12, 2024.

It is not as if the Board of the Bank and its Canadian overlords were unaware of these deficiencies. As far back as 2013, FinCEN and the OCC brought enforcement actions against the Bank for its failures in its AML program. The Bank’s Board of Directors specifically signed off on the resolution of this enforcement action. IN 2018, the OCC characterized the Bank’s “planning, delivery, and execution of AML technology systems and solutions as insufficient. Specifically, the OCC highlighted the delays in implementing multiple AML technology projects and found those delays to be directly linked to nearly all of TDBNA’s outstanding AML program issues.”

Internal Audits at the bank also identified specific deficiencies in the bank’s AML and BSA compliance programs. In 2018, Internal Audit determined that the Bank’s high-risk jurisdiction transaction monitoring scenarios were using an outdated list of high-risk jurisdictions, meaning the bank’s scenarios were not designed to generate alerts on the jurisdictions currently deemed to be high-risk. Again, in 2020, Internal Audit identified AML compliance deficiencies related to the governance and review of transaction monitoring scenarios.

External third-party consultants also identified deficiencies in the Bank’s AML/BSA programs. One consultant “commented that “increased volumes and regulatory requirements” would pressure AML operations to meet demands and deadlines. The same consultant concluded that the Bank’s required testing of its transaction monitoring scenarios— which assessed whether scenarios were adequately capturing suspicious activity— took twice as long as the industry average.” A second consultant noted the Bank had “sub-optimal [transaction monitoring] scenarios” due, in part, to “outdated parameters” that generated a large volume of alerts that limited the Bank’s ability to focus on high-risk customers and transactions.” Finally, a third consultant “identified numerous limitations in the Bank’s transaction monitoring program, including technology barriers to developing new scenarios or adding new parameters to existing scenarios.”

Knowledge at the Bottom

Perhaps the craziest thing about the Bank’s failures in AML/BSA was that everyone was in on the joke: the Board, senior management, Bank employees, and ‘the bad guys.’ One conversation went like this:

AML Technologist: what do the bad guys have to say about us Lol

AML Manager: Easy target

AML Technologist:  damnit

AML Manager: Old scenarios; old CRR; tech agility is poor to react to changes

AML Manager: Bottomline: we have not had a single new scenario added since we first implemented the SAS

Another example cited in the Information was the following: “Other employees, both in AML and retail, consistently commented on the Bank’s instant messaging platform about the Bank’s motto, “America’s Most Convenient Bank,” and directly linked it to the Bank’s approach to AML. For example, a US-AML employee noted that a reason the Bank had not stopped one of the below-referenced money laundering typologies was because “we r the most convenient bank lol.”

Finally, this example from the information section states that “employees at multiple levels understood and acknowledged the likely illegality of David’s activity. In August 2020, one TDBNA store manager emailed another store manager and remarked, “You guys need to shut this down, LOL.” In late 2020, another store manager implored his supervisors (several TDBNA regional managers) to act, noting that “[i]t is getting out of hand, and my tellers are at the point that they don’t feel comfortable handling these transactions.” In February 2021, one TDBNA store employee saw that David’s Network had purchased more than $1 million in official bank checks with cash in a single day and asked, “How is that not money laundering,” to which a back-office employee responded, “oh it 100% is.” “

In his remarks, Attorney General Merrick Garland cited three examples where Bank employees knew money laundering was ongoing.

  1. In February 2021, one TD Bank store employee saw that David’s network had purchased over $1 million in official bank checks with cash in a single day. The employee asked, “How is that not money laundering?” A back-office employee responded, “Oh, it 100% is.”
  2. In a second, separate money laundering scheme, five TD Bank employees conspired with criminal organizations to open and maintain accounts at the bank that were used to launder $39 million to Colombia, including drug proceeds.
  3. In yet a third scheme, a money laundering network maintained accounts at TD Bank for at least five shell companies. It used those accounts to move over $100 million in illicit funds through the bank.

The bottom line is that everyone knows that the Bank facilitated money laundering and BSA violations. Why? The Bank consciously decided not to fund the compliance function or pay for any upgrades or updates, all in the name of its ‘flat cost paradigm.’

I will explore this matter in some depth over the next several blog posts. Tomorrow, I will consider money-laundering schemes.

Resources

 OCC

OCC Press Release

Consent Order 

Civil Money Penalty 

DOJ

TD Bank US Holding Company Information

TD Bank N.A. Information

TD Bank US Holding Company Plea Agreement and Attachments

TD Bank N.A. Plea Agreement and Attachments

Merrick Garland Remarks

Nicole Argentieri Remarks

Categories
Blog

The DOJ Boeing Conundrum

The Department of Justice (DOJ) is currently in a conundrum over its Deferred Prosecution Agreement (DPA) for the Boeing 737 Max crashes. Understanding the implications of the DOJ’s upcoming decision on whether to prosecute Boeing under the existing criminal law is crucial. This decision carries significant weight and presents a multifaceted challenge for Boeing and the broader corporate compliance and governance landscape.

The criminal justice system’s fundamental purpose encompasses several key aspects: retribution, justice for victims, and the rehabilitation of offenders. While straightforward when applied to individuals, these principles become more complex in the context of corporate entities. For the families of the 346 victims of the 737 Max crashes, justice might mean seeing Boeing held criminally accountable, literally with senior executives or even Board members facing criminal charges. This desire for justice is understandable and necessary for those who have suffered immeasurable loss.

However, the broader societal interest in maintaining a safe and reliable aviation industry adds complexity. Ensuring that Boeing undergoes a cultural shift towards prioritizing safety over profit is crucial to preventing future tragedies. This balance between justice for the families of the crash victims and ongoing public safety is at the heart of the DOJ’s dilemma.

At the core of this issue is Boeing’s corporate culture. The company’s aggressive pursuit of profit and rapid production schedules has led to significant safety oversights. Incidents such as the recent mid-flight door detachment from a Boeing airliner and allegations of using falsified or contaminated titanium underscore ongoing safety concerns. Addressing these issues necessitates a fundamental shift in Boeing’s approach to safety and governance.

Compliance officers face the daunting task of ensuring that DPAs are effectively implemented. Boeing’s situation raises critical questions about the enforcement of DPAs, the criteria for determining violations, and the appropriate remedies when violations occur. The rarity of formal DPA violations adds to the uncertainty and complexity.

The DOJ’s decision on Boeing involves balancing multiple interests: the victims’ families, Boeing’s employees, the air-traveling public, and the broader economic and national economic and national security implications of Boeing’s operations. As the “People’s Law Firm,” the DOJ must navigate these diverse and often conflicting interests to reach a peaceful resolution.

A key consideration is whether financial penalties alone can drive meaningful corporate reform. Historical evidence suggests that financial penalties, while necessary, may not suffice to instill lasting cultural change. More stringent measures, such as operational limits and enhanced monitoring, may be required.

The concept of a monitorship is particularly relevant. A monitor could provide ongoing oversight and guidance, ensuring Boeing meets stringent compliance standards. Transparency in monitoring, including public disclosure of monitor reports, could enhance accountability and public trust.

The Federal Aviation Administration (FAA) also plays a crucial role. However, the FAA’s past performance overseeing Boeing raises questions about its ability to enforce safety standards effectively. Ensuring that the FAA undergoes its cultural transformation and maintains rigorous oversight is essential for any comprehensive solution.

Boeing’s status as a major aircraft manufacturer has significant implications for national security and the economy, which makes its case unique. Compliance professionals in other industries must recognize that the consequences of non-compliance can vary significantly based on a company’s strategic importance. While some companies might face severe penalties or even closure, critical industries like aviation may require more nuanced solutions to balance justice and operational continuity.

Compliance officers should closely monitor the DOJ’s handling of Boeing’s DPA. The potential introduction of CEO and Chief Compliance Officer (CCO) certifications for compliance program effectiveness in future DPAs is a significant development. These certifications could greatly impact how compliance programs are designed and evaluated, making it crucial for compliance officers to stay informed and prepared.

The Boeing case underscores the complexities of enforcing corporate compliance in industries with significant public safety implications. The DOJ’s decision will likely set important precedents for future DPAs and compliance practices. As we await the DOJ’s final decision, it’s clear that achieving justice and ensuring safety requires a multifaceted approach, balancing financial penalties, operational oversight, and cultural transformation.

For compliance professionals, the key takeaway from this case is the importance of robust compliance programs and the necessity of adapting to new regulatory expectations. The introduction of CCO certifications, the potential for increased transparency in monitorships, and the evolving nature of DPA enforcement are all critical factors to consider in developing and maintaining effective compliance strategies. Compliance officers must remain vigilant and adaptable, drawing lessons from high-profile cases like Boeing’s to enhance compliance programs and contribute to a safer and more accountable corporate landscape.

Categories
Blog

Incentivizing Compliance

In today’s business landscape, fostering a culture of ethics and compliance is more crucial than ever. It not only ensures legal adherence but also promotes trust, integrity, and long-term success. One powerful tool in achieving this cultural shift is the strategic use of incentives. In this blog post, we will explore the significance of incentivizing ethical behavior within organizations, the role of human resources (HR) in designing effective incentive structures, and how data-driven insights can drive a culture of compliance and integrity.

The Department of Justice’s 2023 ECCP underscored the importance of incentives and rewards in promoting ethical conduct. It asks companies to consider the implications of their incentives and rewards on compliance and ethical behavior. Furthermore, it encourages organizations to provide specific examples of actions taken, such as promotions or awards denied, due to compliance and ethical considerations. This guidance highlights the significance of incentives in driving a culture of ethics and compliance.

When it comes to incentivizing ethics and compliance, the first thought that often comes to mind is financial rewards. While these can indeed send a strong message about the importance of compliance, it’s important to recognize that incentives go beyond monetary compensation alone. In fact, non-financial incentives can be equally effective in driving ethical behavior.

One powerful non-financial incentive is public recognition of ethical behavior. Acknowledging employees who consistently exhibit integrity and compliance can be a powerful motivator for others to follow suit. Whether it’s a simple pat on the back, an ethical award, or a t-shirt identifying an employee as engaging in ethical behavior, these gestures can go a long way in reinforcing the importance of doing business the right way.

To truly embed a culture of ethics and compliance within an organization, incentives should be integrated into the hiring and promotion process. HR plays a pivotal role in this aspect, ensuring that compliance evaluations and rewards are part of an employee’s discretionary bonus. By making compliance performance a key factor in promotion decisions, companies can send a clear message that ethical behavior is valued and rewarded.

Human resources professionals are experienced in implementing incentives and can effectively measure and incentivize behavior. By leveraging data-driven insights, HR can identify key metrics to evaluate compliance performance and align incentives accordingly. This approach ensures that the right type of behavior is driven throughout the organization, reinforcing a culture of compliance and integrity.

From these general guidelines, I have developed six key principles for developing and delivering incentives into your compliance regime.

The Power of Supporting Systems. Compliance incentives alone may not be sufficient to drive desired behavior. To make these incentives stick, it’s crucial to establish a compliance support system that operationalizes pro-compliance incentives at different levels within the organization. These systems reinforce the importance of compliance and make it visible to employees, ensuring consistent commitment throughout the company.

Incentives Must Be for All. Compliance incentives to be implemented at all levels of the company, from senior management to lower-level employees. It’s essential to recognize that compliance professionals and internal audit staff play a vital role in promoting compliance within the organization. By acknowledging their efforts and providing tangible incentives, companies can highlight the significance of compliance and make it an integral part of the company’s DNA.

Global Consistency. In addition to fairness in your incentive program, compliance incentives should be consistent for employees both within and outside of the United States. Global enforcement of the compliance program not only ensures fairness but also enhances the credibility of the incentive system. By treating all employees equally, regardless of their location, companies foster a culture of compliance and ethical business practices.

Designed to Endure. Creating your incentive program to endure is crucial to ensure the longevity of compliance incentives, especially during financial downturns. A counterweight acts as an institutional mechanism that enforces a continued focus on nonfinancial goals, such as compliance. It prevents compliance incentives from being discarded when other goals take precedence. By incorporating a counterweight into the incentive system, companies can maintain their commitment to ethical practices, even in challenging times.

Compliance Incentives Alignment. You must align your compliance incentives to work in an oblique manner, rather than following a linear approach. This means integrating compliance goals into employees’ daily tasks and responsibilities, making it a natural part of their work. By consistently emphasizing compliance as part of the company’s DNA, organizations can foster a culture where ethical practices are valued and rewarded.

Support Systems. Support systems are critically important for the success of compliance incentives. These systems should be in place even during downturns or cutbacks to support compliance and ethical business practices. They should reinforce the importance of compliance and provide employees with tangible incentives to engage in ethical behavior. By documenting compliance actions, companies can also demonstrate their commitment to regulators if necessary.

Incentivizing ethics and compliance is not just a tick-the-box exercise; it is a powerful tool for driving cultural change within organizations. By integrating incentives into the hiring and promotion process, HR professionals can reinforce the importance of ethical behavior. Data-driven insights enable organizations to measure and incentivize compliance effectively. Whether through financial rewards or non-monetary gestures, incentives play a vital role in promoting a culture of ethics and compliance. Let’s embrace the power of incentives and work towards building organizations that prioritize integrity, compliance, and long-term success.

Always remember, compliance incentives do not have to be elaborate or novel; they need to be consistent and aligned with the company’s values. By implementing enduring compliance incentives and creating a counterweight, you can ensure that ethical behavior remains a priority, even in challenging times. Build a culture of compliance and reap the benefits of an ethically driven organization.

Categories
Blog

Mastering ChatGPT: Ethical Challenges of ChatGPT

In this Part 2 of a five-part blog post series, I am considering the revolution wrought by ChatGPT. Today we consider how and, more importantly, why AI developers and industry professionals need to garner insights into the ethical considerations surrounding AI and ChatGPT. With the guidance of AI expert and founder of Red Hat Media, Larry Roberts, we will delve into the complexities of AI ethics, including data privacy, misinformation, bias, and job displacement. Roberts’s extensive field knowledge and experience make him a relatable source for understanding the challenges and best practices in implementing ethical AI solutions. By addressing these ethical concerns head-on, this article will equip you with the necessary tools and knowledge to navigate the ethical landscape of AI development, ensuring responsible and informed decision-making. Say goodbye to uncertainties and us as we demystify AI ethics, paving the way for a more ethically sound AI industry.

Human in the Loop

Human in the Loop (HITL) is an interaction model involving a human operator in AI decision-making. Due to their unpredictability, HITL scenarios often occur when definitive responses are difficult for AI systems to generate without human intervention. HITL emphasizes that human input and collaboration are critical in AI development, as an AI alone may only partially account for unforeseen situations.  Larry Roberts discusses the ‘Human in the Loop’ approach extensively. He highlights examples where human intervention was necessary to prevent unforeseen outcomes, implying the indispensability of human involvement in AI usage and development. Larry reiterates that even with advances in AI technology, human input remains vital to ensure quality results and prevent unexpected consequences.

AI Ethics and Best Practices

AI ethics is the study of the ethical issues related to the development and application of AI. It includes accountability, privacy, intellectual property, discrimination, bias, and job displacement. Fostering a deeper understanding and implementation of AI ethics ensures that advancements in AI technology are a force for good, benefiting humanity as a whole.  Referencing the episode, Larry Roberts provides an in-depth discussion on AI ethics. He emphasizes that understanding the perspectives of AI developers is paramount to accurate assessment and mitigation of bias. Recognizing the issues surrounding job displacement due to AI implementation, Larry suggests the potential of AI to create new opportunities, underlining the necessity of monitoring and adapting to the evolving AI landscape.

Securing Data Privacy and GDPR Compliance

The digital revolution has brought to the fore the importance of securing data privacy and tick-marking all requirements of the General Data Protection Regulation (GDPR) across industries. The speed and sky-rocketing impact of artificial intelligence (AI) technologies necessitate special attention to these aspects. As data forms the lifeblood of AI systems, ensuring the secure handling of this data keeps prominence. Equally significant is the adherence to GDPR policies, which is a step beyond data privacy, focusing on EU citizens’ fundamental rights. Non-compliance can lead to severe penalties. Addressing these requirements is more than just about legal and ethical obligations; it’s about building trust with the end users, enhancing business reputation, and ensuring that privacy concerns or non-compliance issues do not hold back AI’s fantastic potential.

Mitigating the Misuse of AI Tools

As we consider the suitability of AI technologies for various tasks, it’s crucial to discuss the potential for misuse. With the pervasiveness of AI in our digital landscape, there’s an increasing risk of these technologies being exploited. One of the leading concerns revolves around ethical use, mainly because AI technologies like chatbots can process vast amounts of data, some of which can be sensitive or private. Consequently, the misuse of AI tools could result in a breach of privacy and security, making it significantly vital to establish preventative measures.

As we strive to achieve an increased understanding of AI ethics and best practices for implementation, let us remember that great power comes with great responsibility. By staying informed, remaining vigilant, and consistently reassessing our practices, we can pave the way for a future where AI serves as a force for good. Join us tomorrow when we consider how ChatGPT will transform compliance training.

For more information on Larry Roberts, check out Red Hat Media.

Categories
Creativity and Compliance

Do We Really Have to do E&C Training?

Where does creativity fit into compliance? In more places than you think. Problem-solving, accountability, communication, and connection – all take creativity. Join Tom Fox and Ronnie Feldman on Creativity and Compliance, part of the award-winning Compliance Podcast Network. In this episode, Tom and Ronnie continue their short series of provocative statements on compliance training and communications, followed by a discussion. In this episode, Ronnie pitches today’s question to Tom on is ethics and compliance training is required? Highlights include:

·      Is E&C training required by law?

·      Why doesn’t E&C training work?

·      Why not spend your time doing things that help?

·      How E&C training can promote speak-up culture.

·      Why E&C training provides tools and resources.

·      How E&C training gets leadership involved.

Resources:

Ronnie Feldman (LinkedIn)
Learnings & Entertainments (LinkedIn)
Ronnie Feldman (Twitter)

Learnings & Entertainments (Website)

60-Second Communication & Awareness Shorts – A variety of short, customizable, quick-hitter “commercials” including songs & jingles, video shorts, newsletter graphics & Gifs, and more. Promote integrity, compliance, the Code, the helpline and the E&C team as helpful advisors and coaches.

Workplace Tonight Show! Micro-learning – a library of 1-10-minute training and communications wrapped in the style of a late-night variety show that explains corporate risk topics and why employees should care.

Custom Live & Digital Programing – We’ll develop programming that fits your culture and balances the seriousness of the subject matter with more engaging delivery.

Tales from the Hotline – check out some samples.