I have been — and continue to be– hyper-focused on the proper role and responsibilities of Chief Compliance Officers. Not that I see any cause for alarm, but it is easy to lose focus in the sea of so-called hot issues — ESG, Diversity, Climate Change, Threats to Democracy, Cybersecurity and Data Privacy, each of which is an important component and focus for organizations. All of these issues intersect, are interdependent and should be addressed through organizational commitment. But I want to take a step back and return to an issue of importance — the proper role of CCOs. To do so, we need to remind everyone about basic requirements, lessons learned and ways forward to meet the fast-changing times. CCOs have to maintain and then advance their positions. In my view, given the interdependence of all the important issues mentioned above, the role of the CCO has become even more critical. In this episode, Michael Volkov reviews the standards applicable to the CCOs function in an effective compliance program.
Tag: compliance
Where does creativity fit into compliance? In more places than you think. Problem-solving, accountability, communication, and connection – they all take creativity. Join Tom Fox and Ronnie Feldman on Creativity and Compliance, part of the award-winning Compliance Podcast Network. In this episode, Tom and Ronnie continue their shorts series on provocative statements on compliance training and communications, followed by discussion. In this episode, Ronnie riffs on the question is it OK to laugh at work? Highlights include:
o Common excuses for not doing things creatively.
§ we’re a conservative company
§ we take the issues very seriously
§ it doesn’t fit our culture
§ my boss doesn’t have a sense of humor
§ we’re global
o How to build a business case because entertainment and learning is more effective.
§ emotional connections
§ memory and recall
§ stands out in a noisy environment
§ It open people up
§ It helps increase airtime and exposure
o The Fun Theory
o Other examples in life
Resources:
Ronnie Feldman (LinkedIn)
Learnings & Entertainments (LinkedIn)
Ronnie Feldman (Twitter)
Learnings & Entertainments (Website)
60-Second Communication & Awareness Shorts – A variety of short, customizable, quick-hitter “commercials” including songs & jingles, video shorts, newsletter graphics & Gifs, and more. Promote integrity, compliance, the Code, the helpline and the E&C team as helpful advisors and coaches.
Workplace Tonight Show! Micro-learning – a library of 1-10-minute trainings and communications wrapped in the style of a late-night variety show, that explains corporate risk topics and why employees should care.
Custom Live & Digital Programing – We’ll develop programming that fits your culture and balances the seriousness of the subject matter with a more engaging delivery.
Tales from the Hotline – check out some samples.
Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley.
Mary met Archana Shastri on her first day of work as Legal and Compliance Counsel at Tata Communications in Singapore in 2010. The two were peers and became fast friends, bonding quickly as two of the quieter colleagues and, in fact, the only two Compliance colleagues in the Singapore headquarters.
Archana, though now a Singaporean citizen, originally hails from India, and Mary asked Archana about some of the country’s cultural characteristics that might be of interest to Compliance Officers. Archana also generally shares an update on the Asia Pacific region and comments on levels of activity from some of the local Compliance regulators and authorities.
Mary asked Archana what she would like European and US-headquartered companies to know about the Asia Pacific region – Mary wholeheartedly stands behind Archana’s points on this one!
Archana also details what it was like to study for her Master’s Degree in Anti-Corruption studies, a course based in Vienna.
Archana wraps up the episode with some general commentary on the state and development of data privacy law in the Asia Pacific region.
Are you planning on heading to the SCCE CEI in Phoenix in October? Check out Lisa and Mary’s speaking sessions on the agenda and sign up! We invite you to say hello and introduce yourself during the conference – it’s going to be a great time.
The Great Women in Compliance Podcast is on the Compliance Podcast Network with a selection of other Compliance-related offerings to listen to. If you enjoy this episode, please rate it on your preferred podcast player to help other like-minded Ethics and Compliance professionals find it. You can also find the GWIC podcast on Corporate Compliance Insights, where Lisa and Mary have a landing page with additional information about them and the podcast’s story. Corporate Compliance Insights is a much-appreciated sponsor and supporter of GWIC, including affiliate organization CCI Press publishing the related book, “Sending the Elevator Back Down, What We’ve Learned from Great Women in Compliance” (CCI Press, 2020).
You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it, and we welcome new subscribers to our podcast.
Join the Great Women in Compliance community on LinkedIn here.
The Compliance Life details the journey to and in the role of a Chief Compliance Officer. How does one come to sit in the CCO chair? What are some of the skills a CCO needs to success navigate the compliance waters in any company? What are some of the top challenges CCOs have faced and how did they meet them? These questions and many others will be explored in this new podcast series. Over four episodes each month on The Compliance Life, I visit with one current or former CCO to explore their journey to the CCO chair. This month, my guest is Joe Burke, most recently the Chief Ethics & Compliance Officer and Employment Counsel, Quest Software Inc.
In this concluding episode, Burke looks down the road for compliance in the following areas. Data privacy and trade compliance take center stage. How the new ownership model provided by Private Equity provides challenges and opportunities. The long, slow march to ethics and tone.
How do we inspire through influence through the teaching of compliance?
Resources
Joe Burke LinkedIn Profile
Erica Salmon Byrne is the President of Ethisphere and Chair of the Business Ethics Leadership Alliance. Ethisphere is a company that believes that companies that focus on building a sustainable business will outperform their peers that do not. Tom Fox welcomes her to this week’s show to talk about Ethisphere’s innovative new service called The Sphere.
What is The Sphere?
Tom asks Erica to describe The Sphere and why she is so excited about the launch. For more than 15 years, Ethisphere has been collecting data on the programmatic practices of the world’s most ethical companies through their questionnaire, called the Ethics Quotient, Erica explains. They realized a demand for solid benchmarking within the compliance space, and decided to democratize their data access. This was the birth of The Sphere – a subscription-based service that allows you to select the topic you are interested in getting data on and gain access to a multitude of resources.
Peer Data: A Powerful Tool
Tom asks Erica what makes peer data so important and powerful for a CCO. Whenever you’re going to make a business proposition, she replies, the first question you will be asked is ‘What are other people doing?’. Businesses want to compare their practices and progress to their peers’. This is to avoid being dubbed “a weak antelope” – you don’t necessarily want to be ahead of the pack, you just want to ensure that you have a functioning practice compared to your competitors. So how to determine you’re in that comfortable middle position of the pack? The answer is data analysis. When you present the relevant data to your CFO or compliance team, they tend to believe in your leadership and vision more.
Resources
Erica Salmon Byrne | LinkedIn | Twitter
Today we conclude our series on a Federal Anti-Kickback enforcement action which was announced last week, involving the Oregon based medical device manufacturer Biotronik Inc. (Biotronik). Today, I want to consider the corruption schemes and the lessons learned for the compliance professional. As stated in the Settlement Agreement, Biotronik “knowingly caused the submission of false claims for payment to federal healthcare programs by providing remuneration to physicians to induce them to use Biotronik’s CRM devices in violation of the Anti-Kickback Statute, 42 U.S.C. § 1320a-7b(b).”
I. The Bribery Schemes
a. Abuse of Training Programs
The Settlement Agreement alleges “Biotronik knowingly paid excessive payments to physicians with a purpose of inducing and rewarding their use of Biotronik’s pacemakers, defibrillators, and other cardiac devices. One of ways the company did so was through “its new employee training program (“Training Program”) by knowingly paying some of its physician customers (“Training Physicians”) to provide excessive employee trainings.” Under this scheme, the Training Physicians were to be paid a fixed fee of approximately $400.00 each time a Biotronik employee trainee received training during one of the Training Physician’s CRM implant procedures. For instance, under the Training Program implant procedure, the “Training Physician was supposed to educate the employee trainee on Biotronik’s devices and teach how to assist a physician during an implant procedure.”
However, it was the sales team which set up these training programs. Biotronik’s compliance and training functions warned that “Biotronik’s salespeople had too much influence in the selection of Training Physicians, that the Training program and resulting payments were being over- utilized, and that the goal of educating Biotronik employees could be achieved without paying Training Physicians.” However, “Biotronik permitted trainees to attend an excessive number of training procedures for which Training Physicians received payment from Biotronik without first conducting an adequate assessment of the trainee’s need for additional training.”
To further line the pockets of the Training Physicians, “salespeople, including managers, intentionally prevented otherwise qualified trainees from successfully completing the Training Program, not because they needed additional training, but rather as a means of ensuring that the trainee could attend more trainings, thereby purportedly justifying additional payments to Training Physicians.” Biotronik also knowingly paid Training Physicians for some trainings that either never occurred or was of little or no value to trainees. This included paying one “Training Physician for certain trainings for which there was no trainee physically present to observe the implant procedure.”
b. Lavish Entertainment
The Settlement Agreement also alleged that “Biotronik knowingly paid for lavish meals, entertainment, and travel for certain physicians who are known to Biotronik and the United States (hereinafter the “Subject Physicians”) with a purpose of inducing and rewarding their use of Biotronik’s pacemakers, defibrillators, and other cardiac devices.” The company “did not require sign in sheets for lavish meals with physicians and did not use adequate methods to verify the number or identity of attendees or to confirm whether the meals were for a legitimate business purpose.”
This led to some Biotronik employees falsifying “receipts and participant lists, making it possible to exceed the company’s compliance spending limit per attendee.” These meals and outings often included little or no legitimate business discussion. There was also the amount of the entertainment expense, which included “winery tours, annual office holiday parties, and lavish meals with certain Subject Physicians and their guests at high-end restaurants.” Yet another example of spending far too much on entertainment was “one Subject Physician’s international business class airfare and honoraria in the thousands of dollars for a short, 30-minute talk at an international conference.”
II. Biotronik Remediation
No doubt one of the reasons Biotronik did receive the settlement amount was that, at some point, it recognized the issues and instituted remediation. With the training programs “beginning in 2017, Biotronik added new compliance measures and oversight of the Training Program, limited the number of Training Program events, and reduced payments made in connection with such Training Program events.” In April 2021, Biotronik hired a new Vice President of Compliance and was able to get the lavish entertainment under control by adding “new compliance measures related to the provision of meals and travel to healthcare providers which provided additional employee training, imposed new restrictions, and improved oversight to identify and prevent meal and travel policy violations.”
III. Lessons Learned
There are multiple lessons here for the compliance professional outside the laws under which Biotronik ran afoul. Perhaps the clearest and foremost is that compliance not only needs visibility into areas of risk about also some modicum of control. In the area of Physician Training, the Settlement Agreement specifically noted that the Biotronik compliance function “warned that Biotronik’s salespeople had too much influence in the selection of Training Physicians, that the Training program and resulting payments were being over-utilized, and that the goal of educating Biotronik employees could be achieved without paying Training Physicians.” Here a control should have been put in place which required compliance approval before payments and reimbursements were made for the training. This is similar to a compliance oversight and control of expenses paid or reimbursed to foreign government officials in a Foreign Corrupt Practices Act (FCPA) compliance program.
Interestingly, the Department of Justice (DOJ) also discussed a more nuanced approach to determining if the Physician’s Training is both initially warranted and then continues to be warranted. This is ongoing monitoring. Obviously for Biotronik, one of their risks was when the company paid for training provided by doctors who could also prescribe the company’s products and services. The risk to the company is similar to the risk of an internationally focused company doing business with foreign governments or state-owned enterprises, under the FCPA. If you are paying out monies for training and that puts you in a high-risk category, you need to make sure those receiving the training are required to receive it or even need it.
Under the lavish spending on entertainment and travel, the same type of analysis can apply. The key is both “reasonable spending and business purpose.” The amount spent must be reasonable for the time, locale and participants. There should also be an articulated business purpose for the dinner or other event.
Under the FCPA, there is no threshold that a Company can establish a value for business entertainment. However, I believe there are clear guidelines which should be incorporated into your business expenditure policy, which should include the following:
- A reasonable balance must exist for bona fide business entertainment during an official business trip.
- All business entertainment expenses must be reasonable.
- The business entertainment expense must be commensurate with local custom and practice.
- The business entertainment expense must avoid the appearance of impropriety.
- The business entertainment expense must be supported by appropriate documentation and properly recorded on the company’s book and records.
The incorporation of these concepts into a compliance policy is a good first step towards preventing potential violations from arising, but it must be emphasized that they are only a first step. There must be procedures to implement these policies. At a minimum, you must require a business justification from the business representative requesting to provide the gift or business entertainment. Next it should be reviewed and approved by a front-line compliance professional. Then, depending on the amount and nature of the request, it may need Chief Compliance Officer (CCO) approval. Finally, if there is a Compliance Committee it should go to that Committee for a final check to make sure everything is in order.
These guidelines must be coupled with active training of all personnel, not only on a company’s compliance policy, but also on the corporate and individual consequences for violation of the policy. Lastly, it is imperative that all such business entertainment be properly recorded, as required by the books and records component of the FCPA.
And, as always, do not forget the gut check test.
Bill J. Allen died last week. Not familiar with the name? Then check out his New York Times (NYT) obituary. Perhaps outside of Illinois or Ohio, he ran one of the most brazen state legislature corruption schemes around, in the state of Alaska. His power and influence were so great that he was the cooperating witness who brought down a sitting Senator, Ted Stevens, although the Indictment was withdrawn after conviction but before sentencing due to prosecutorial misconduct.
Allen held court at a suite at the Westmark Baranof, a luxury Art Deco hotel four blocks from the State Capitol in Juneau, where he and his cronies “dished out money and told their visitors what they wanted in return. Mr. Allen and his circle seemed to revel in their shamelessness. He and Mr. Smith always booked Suite 604, and Mr. Allen always sat in the same chair. He bragged that he kept $100 bills in his front pocket, the easier to dole them out to friendly politicians. The girlfriend of one politician even had hats embroidered with the letters CBC, for “Corrupt Bastards Club.””
Allen and his brazen corruption schemes seem like a good way to introduce the concluding Part 3 of my series on fostering an ethical culture through psychological safety. This series is based on a recent article in the MIT Sloan Management Review, Summer edition, entitled “Fostering Ethical Conduct Through Psychological Safety” by Antoine Ferrère, Chris Rider, Baiba Renerte, and Amy Edmondson. In Part 1 we introduced the concept of psychological safety and why it is so important to creating an ethical culture in a business. In Part 2, we considered how to determine the state of psychological safety in your organization. Today in Part 3 we consider what happens in an organization where psychological safety is lacking and steps an organization can take to remedy this deficiency.
The authors believe that “when psychological safety is lacking, it may be a consequence of the employee having witnessed unethical behavior.” Moreover, the inversion of psychological safety “correlated to the quantity of unethical behavior noticed. Put simply, the more unethical behavior a person saw, the more likely they were to feel psychologically unsafe. This suggests that the experience of seeing more unethical behavior may diminish the psychological safety experienced by an employee.” Simply put if your bosses engage not only in corrupt behavior but simply unethical behavior, it will send a message throughout the organization that reporting unethical behavior will not be favored. One only need think of Jes Staley, former Chief Executive Officer (CEO) of Barclay’s who engaged in illegal behavior in attempting to unmask an internal whistleblower. In November 2021, Staley resigned amid a regulatory probe into whether he mischaracterized his relationship with the financier and sex offender Jeffrey Epstein. In many ways Barclays has never recovered.
The authors basically state the obvious when they write, “it makes intuitive sense that being in a work environment where unethical behavior is prevalent might diminish psychological safety.” Put another way “people are most reluctant to speak up in ethically troubled environments, where we most need them to do so.” This is an important issue for every Chief Compliance Officer (CCO) and business leader. To overcome such a deficiency, they found that “several other factors correlated with strong speak-up behavior, keeping everything else constant: moral engagement, moral attentiveness, and organizational justice combined with clarity of expectations.”
Moral engagement. As a CCO you should endeavor to create an atmosphere where ethical conduct matters, “so that when employees recognize a potentially unethical situation, they will be motivated to do what’s right.” At Novartis International AG, the authors noted the company “created a decision-making framework called the Decision Explorer to support associates in making ethical decisions. Rooted in the company’s code of ethics, the tool helps employees work through a situation to surface ethical considerations.”
Moral attentiveness. You can educate employees to recognize the ethical dimensions of situations. They point to the example at Novartis who “runs practical ethics training sessions that immerse employees in hypothetical scenarios where they must practice ethical decision-making. Another approach is to have managers highlight examples of ethical and unethical behavior with their teams and encourage dialogue on workplace ethics. Such grassroots employee contributions build trust and commitment by giving employees a role in strengthening the code of behavior by which they are expected to live.”
Organizational justice. Obviously talk is cheap and it is actions, not deeds, that matter. The Department of Justice (DOJ) has made clear in the Update to the Evaluation of Corporate Compliance Programs that the keeper and responsibility of institutional justice sits with the CCO and the authors find that this same concept “is vital to building a reputation of organizational justice.”
Clarity of expectations. CCOs must communicate a clear message to employees so that employees will have “an understanding of organizational standards and are clear about expectations.” Second, CCOs must act decisively in response to employee reports of misconduct to show that there are consequences for unethical behavior. To foster greater psychological safety, coach and empower line managers to create safe spaces for discussing ethical concerns, and help them react appropriately when such issues are raised.
The siloed nature of this issue must also be addressed. As previously noted, this issue touches multiple corporate disciplines including HR, ethics and integrity, risk management, legal and compliance. There must be a cross-functional approach in building a culture of ethics and performance. For example, Novartis created a cross-functional working group focused on the notion of ethical leadership.
The authors concluded, “Building a psychologically safe environment to facilitate speaking up about ethical conduct is relevant to both company reputation and long-term business performance. Unethical conduct can remain hidden for a time but is likely to be discovered eventually, causing far more harm than if it were caught and corrected early. Psychological safety thus can help organizations respond and improve quickly instead of allowing misconduct and unethical behavior to fester and further degrade workplace psychological safety, thus triggering a vicious cycle.” Every compliance professional should use the research from the authors study to craft a program to create or improve the psychological safety at your organization. The authors frankly state that organizations which have relied on speak-up channels or ombudspersons as mechanisms for reporting unethical behavior is no longer sufficient. “They need to be complemented by efforts to actively shape and promote an ethical climate in which managers are equipped to support employees’ ability to say what they think and react appropriately to what they hear.”
According to Juan Toribio, writing in MLB.com, Blake Grice waited patiently with his right hand raised for about two minutes to hear his name called inside the Dodgers’ interview room. When he was finally noticed, LA Dodgers star pitcher Clayton Kershaw asked “Whatcha got?” The 10-year-old related that his dying grandfather, Graham, had created a bucket list of things he still wanted to do, one of which was to meet Kershaw. Blake was credentialed by MLB to attend the Post-Game Press Conference and when he did, he dedicated the moment to his now deceased grandfather.
As reported by Toribio, Blake told Kershaw ““My grandpa loved you. He watched the 1988 [World] Series and he wanted to meet you and Vin Scully one day. So this moment is important to me because I’m meeting you for him.” Before he finished telling Kershaw the story, Blake began to cry” and Kershaw responded by going over to Blake and consoling him with a hug. Kershaw the said to him, “Come here, dude, great to meet you. Thanks for telling me. That took a lot of courage to tell me that. Great to meet you. Your granddad sounded like an awesome guy. Thanks for coming up.””
With a nod of the (St. Louis Cardinals) hat to Tim Erblich for sending me this story, I thought it was a very good way to introduce Part 2 of my series on advancing ethical culture through psychological safety. This series is based on a recent article in the MIT Sloan Management Review, Summer edition, entitled “Fostering Ethical Conduct Through Psychological Safety” by Antoine Ferrère, Chris Rider, Baiba Renerte, and Amy Edmondson. The authors believe “there are a number of things organizations can do to make it more likely that people will speak up when they observe unethical behaviors.” But one key is psychological safety, defined by co-author Edmondson as “a shared belief held by members of a team that the team is safe for interpersonal risk-taking” — or, put another way, that “we can say what we think” or “be ourselves around here.” Today, we look at how to determine the state of psychological safety in your organization.
The authors’ research concluded that while many employees “said that they spoke up after witnessing perceived unethical behavior, a substantial minority said that they did not speak up.” The authors found that “those who felt less psychologically safe were significantly less likely to report those behaviors via channels where organizational leaders might act on them.” Conversely, employees “who felt the most psychologically safe were most likely to have reported the misconduct they observed. This held true even after taking into account a range of other psychological factors that could influence incident reporting, such as perceived levels of organizational justice, fairness, and trust. Psychological safety is therefore important for more than just team effectiveness and well-being; it may also be critical for forming strong ethical cultures where employees feel comfortable speaking up.”
Interestingly, the authors realize the non-siloed nature of psychologically safety at the workplace. They note that ethics, risk management, legal and compliance functions, plus Human Resources (HR) all share an interest in fostering such an environment. This mandates a cross-functional approach as an essential requirement of molding an organization’s culture to include psychological safety. The authors believe, “Managers throughout a company must become aware of the blind spots created by a psychologically unsafe environment, along with the associated risk of underreported misconduct.” They also caution that a formal program such as a reporting hotline “may capture only a fraction of the problematic behaviors that occur.” This leads the authors to posit that gauging psychological safety “may help companies determine whether misconduct is being reported and, in turn, enhance the effectiveness of their formal speak-up programs.”
After 15 years of the Department of Justice (DOJ) and other regulators talking about “tone at the top”; the authors credit that most organizations appear to have senior leadership that talks about ethics positively. They believe “CEOs emphasize that integrity is a core value of their organizations, and that point is reiterated in calls with shareholders and during employee town hall meetings.” Unfortunately, while this messaging is important, the research indicated “it is not sufficient to prevent the derailers of ethical conduct that occur deep within an organization.”
The authors recognize what compliance professionals have known for some time, that it is middle managers, and “not just official speak-up channels are often on the front lines when it comes to hearing about unethical behavior.” They found that 80% of employees who did report internally, went to their direct managers, who are almost always in middle management. This is because middle managers are the company leaders play who play the critical role in ensuring that an employee speaking up feels supported and heard. The authors noted, “Our data shows that how line managers act has a disproportionate impact on the way potentially unethical behavior is addressed within organizations.”
Unfortunately, simply because a middle manager may feel psychologically safe you must not assume that their direct reports feel the same way. Confirming the findings from the ECI Report of its 2021 Global Business Ethics Survey, “managers and senior leaders tend to feel more psychologically safe than their employees and have a more positive perception of their organization’s ethical climate than the rest of the workforce. When you put these two findings together it makes clear that the higher up in the organization you go, there may well be “an ethical blind spot. That makes the role of team managers even more important when it comes to fostering an environment conducive to both engaging in ethical behavior and talking about ethics in an open, constructive way.”
The authors also confirmed a greater problem which is that “in a global context, psychological safety is not uniform across nations.” Survey respondents from “the Americas and Europe tended to score higher on psychological safety than respondents from Asia.” This suggests to the authors that “the potential effectiveness of tailoring interventions that promote speaking up in order to address the specific circumstances of different groups of employees.” Moreover, “global organizations that seek to build psychological safety must assess its various region-specific drivers and derailers to adjust their activities to specific seniorities and cultures.”
Join us tomorrow in Part 3 where we consider why a company that does not have psychological safety throughout it can not only be so toxic but in serious danger as well.
Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley.
In this week’s episode of Great Women in Compliance, Mary brings the team back from break with an interview with Mia Reini, a Compliance leader at the Home Depot. Mia tells us about her efforts to bring Home Depot’s Compliance awareness initiatives external to the company as a goal, discusses the difference between risk management and compliance, and gives tips for policy governance.
We often get asked whether we accept recommendations or nominations for GWIC guests – the answer is absolutely! We’ll be happy to receive any suggestions and feedback – send them through to podcast@greatwomenincompliance.com detailing what makes the individual stand out as a great woman in compliance. Please note that we are not an advertising agency and do not accept nominations for vendor marketing to ensure consistently high-quality episodes.
The Great Women in Compliance Podcast is on the Compliance Podcast Network with a selection of other Compliance-related offerings to listen to. If you are enjoying this episode, please rate it on your preferred podcast player to help other like-minded Ethics and Compliance professionals find it. You can also find the GWIC podcast on Corporate Compliance Insights, where Lisa and Mary have a landing page with additional information about them and the podcast’s story. Corporate Compliance Insights is a much-appreciated sponsor and supporter of GWIC, including affiliate organization CCI Press publishing the related book, “Sending the Elevator Back Down, What We’ve Learned from Great Women in Compliance” (CCI Press, 2020).
You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it, and we welcome new subscribers to our podcast.
Join the Great Women in Compliance community on LinkedIn here.
