Tag: compliance

Categories
Greetings and Felicitations

Ethics Madness

Welcome to the Greetings and Felicitations, a podcast where I explore topics which might not seem to be directly related to compliance but clearly influence our profession. In this episode, Jason Meyer and Tom Fox continue the annual tradition begun by Jason of Ethics Madness, a show where we look at the intersection of sports and ethics during March Madness. We have used a variety of social media over the years to broadcast Ethics Madness and this year we use the podcast format. Highlights include:

1. Greetings, and welcome to Ethics Madness, a crossover episode of on Eight Mindsets and Greetings and Felicitations.
2. About the ethics madness concept and history.
3. Ethics and sports:
A. Formula 1
B. Russian doping at the Olympics.
4. Ethics and hoops.
A. Women’s March madness, and the ethics story behind why this is the first year we can say that March Madness for the Women’s Tournament. Plus USWNT Soccer and equal pay agreement.
B. Men’s March madness – Michigan, Juwan Howard and the handshake ritual.
5. Sports as an apt metaphor in compliance communications and training.
6. Odds and ends.
7. Takeaways and a Theme Song.
Resources
Jason Meyer on LinkedIn
Leadgood
Eight Mindsets Podcast

Categories
Blog

Attributes of a Toxic Corporate Culture

Corporate culture is finally being acknowledged as a key ingredient in a successful business, particularly one which operates ethically and in compliance. The Department of Justice (DOJ) formally recognized the need to assess corporate culture in the speech by Deputy Attorney General Lisa Monaco to the ABA White Collar Conference in October 2021. But what are some indicia of good culture and more importantly what are some indicia of a toxic culture? A recent article in the MIT Sloan Management Review provided some guidance. In Why Every Leader Needs to Worry About Toxic Culture, Donald Sull, Charles Sull, William Cipolli and Caio Brighenti posited that by pinpointing the elements of toxic culture in a company, its leaders focus on addressing the issues that lead employees to disengage and quit. These ideas have significant importance for the compliance function as it navigates corporate culture, both in assessing and improving it.
Moreover, the Chief Compliance Officer (CCO) and corporate compliance function were identified in the 2020 Update to the Evaluation of Corporate Compliance Programs as the keepers of institutional justice and institutional fairness. This mean recognizing and then preventing a toxic culture from spreading and infecting your entire organization is squarely in the compliance wheelhouse. The article lays out key red flags for every CCO and compliance professional to look for in assessing culture. Finally, for any company with a toxic culture, the chances are much greater to be defrauded by its own employees or to defraud others through bribery and corruption by violating such laws as the Foreign Corrupt Practices Act (FCPA).
The authors identify behaviors that they call “the Toxic Five attributes”, being “disrespectful, noninclusive, unethical, cutthroat, and abusive – poison corporate culture in the eyes of employees. While organizational culture can disappoint employees in many ways, these five elements have by far the largest negative impact on how employees rate their corporate culture and have contributed most to employee attrition throughout the Great Resignation.” As a CCO or compliance professional you need to be on the watch for them and take steps to remedy them if you see or hear about them.
Non-inclusive Behavior
This is about whether your employees are “treated fairly, made to feel welcome, and included in key decisions.” It is “the most powerful predictor of whether employees view their organization’s culture as toxic. It applies to all demographic groups; “gender, race, sexual identity and orientation, disability, and age.” It can be outright discrimination to the equally invidious but more subtle conflicts of interests of nepotism and playing favorites. The topic of non-inclusiveness includes “terms like “cliques,” “clubby,” or “in crowd” that indicate that some employees are being excluded without specifying why.”
Disrespectful Behavior
The authors found that “feeling disrespected at work has the largest negative impact on an employee’s overall rating of their corporate culture of any single topic.” Lack of respect can occur in many areas. The most obvious is the lack of a speak up culture where employees understand it is useless to raise issues to management; whether serious matters such as FCPA violations to more straight-forward ideas such as process improvement. It can also be something as simple as whether or not to return to the office on a fulltime basis and whether management listens to employees about their desires to continue working from home or utilize some type of hybrid working arrangement. The authors noted, “whether you analyze culture at the level of the individual employee or aggregate to the organization as a whole, respect toward employees rises to the top of the list of cultural elements that matter most.”
Ethical Behavior
The authors believe that ethics “is a fundamental aspect of culture that matters at both the organizational and individual levels.” Interestingly, there are several different aspects to ‘ethics’ that every CCO needs to consider. Unethical behavior is “about integrity and ethics within an organization.” It also includes dishonesty, which “employees described dishonest behavior in many ways”, from outright lying to making false promises to shading the truth to simply “sugarcoating.” Under regulatory compliance employees talked about failure to comply with applicable regulations, including failure around safety standards.
Cutthroat Behavior
I found this category fascinating as it included both uncooperative co-workers and the lack of harmonization across organizational silos. This was not simply “friction in coordination” but situations where “employees talked about colleagues actively undermining one another.” It included what the authors termed as a “vivid lexicon to describe their workplace, including “dog-eat-dog” and “Darwinian” and talked about coworkers who “throw one another under the bus,” “stab each other in the back,” or “sabotage one another.””
Abusive Behavior
Having worked in law firms long ago, I understand abusive behavior. The authors called it “sustained hostile behavior toward employees” including such actions as “bullying, yelling, or shouting at employees, belittling or demeaning subordinates, verbally abusing people, and condescending or talking down to employees.” While one would hope such behaviors do not exist in the 21st century, they apparently still do. 0.8% of the employees surveyed for the article described their manager as abusive, however, when employees did mention abusive managers, it significantly depressed a corporate culture.
What CCOs and compliance professionals should try to drive forward is a “culture that is inclusive, respectful, ethical, collaborative, and free from abuse by those in positions of power.” But the authors caution that these are really the “baseline elements of a healthy corporate culture.” Employees want more than the basics and other stakeholders in an organization want companies to have strong official core values. In an interview with LRN’s Susan Divers, she called it the ‘value in values’. From the compliance professional’s perspective in means values like integrity, collaboration, respectful, and DEI.

Categories
The ESG Compliance Podcast

Leading Compliance Efforts as CCOs with Kristy Grant-Hart


Compliance and ethics expert Kristy Grant-Hart joins us as she discusses the importance of the compliance function, how it plays into each aspect of ESG, and how CCOs are the most well-suited to take the first step in corporate ESG efforts.
Watch ▶️ Leading Compliance Efforts as CCOs with Kristy Grant-Hart:
Key points discussed in the episode:
✔️ Kristy Grant-Hart talks about the current situation at Spark Consulting, a book she co-authored, The Compliance Entrepreneurs Handbook, and its impact.
✔️ Compliance is a driver for reputation enhancement. People not only vote with their dollars but also their employee time.
✔️ Kristy Grant-Hart says the ability to gather people and put programs into a framework is what CCOs must have to lead ESG efforts. The 7 Elements of Effective Compliance Program can guide CCOs in creating an ESG program and its monitoring and implementation.
✔️ California becomes the first state to pass a gender-diversity-centered initiative. The social element of diversity goes deeper into the working conditions in the supply chain, sustainably-sourced products, and low carbon emissions.
✔️ With ESG, companies can be part of the solution. Bigger names shouldn’t receive the brunt of the blame as businesses of all sizes should be accountable.
✔️ With the UK Modern Slavery Act, ESG has been placed at the forefront, pressuring companies to disclose the truth in what transpires in their supply chains.
✔️ Having a strong law background, Kristy Grant-Hart and Thomas Fox exchange ideas on the significance of lawyers in ESG endeavors. Learning the new jargon and talking to experts can help ease the hesitation to delve into this playing field.
✔️ CCOs are encouraged to be the frontrunners in compliance as they hold the authority to create a significant impact on a corporate scale. The ability to be relevant is a great opportunity in compliance.
Kristy Grant-Hart is a compliance and data privacy thought leader specializing in transforming compliance departments into in-demand business assets. She’s been featured in the Wall Street Journal, Financial Times, Compliance Week, Compliance and Ethics Professional Magazine, and many others. She was named a Trust Across America 2019 Top Thought Leader in Trust.
She is the CEO of Spark Compliance Consulting, a London, Los Angeles, New York, and Chicago-based consultancy providing pragmatic, pro-business, proportionate compliance ethics solutions. She is the creator of Compliance Competitor, an facilitated online training game built on business simulation software.
She’s the author of the best-selling book, “How to Be a Wildly Effective Compliance Officer.”
LinkedIn: https://www.linkedin.com/in/kristygranthart/
—————————————————————————-
Do you have a podcast (or do you want to)? Join the only network dedicated to compliance, risk management, and business ethics, the Compliance Podcast Network. For more information, contact Tom Fox at tfox@tfoxlaw.com.

Categories
Innovation in Compliance

Managing Compliance Complexity with Mac Bartine


 
Mac Bartine is the CEO of SmartRIA, a market-leading compliance software platform. Tom Fox welcomes him to this week’s show to talk about his company’s services and contributions to the compliance sector, what SmartRIA offers clients in terms of cybersecurity, and the future of technology solutions.  
 

 
The Minimum Viable Product
The Minimum Viable Product (MVP) is the first part of the startup process for platforms. It is recognizing the problems within your platforms and also believing that you can solve them. Mac explains to Tom that the problem SmartRIA solution identified in terms of the MVP is the compliance obligations. So many individuals are not experienced in managing compliance in their given industries, and so need a source of structure that understands where they are. SmartRIA offers them that, as well as the tools and frameworks needed. 
 
Vendor Due Diligence & Data Governance
Vendor due diligence and vendor management are key to managing cybersecurity risk. “You have to understand who you’re working with and what precautions they’re taking as a business to protect you from cyber risk,” Mac tells Tom. Having access to the proper documentation that reflects this is also important. SmartRIA has a plethora of different policies and procedures to protect clients’ data and takes the lists of vendors their clients have and itemizes each risk. Data governance falls under the same bracket as due diligence, that is, who has access to the vendors and what devices they use to access the data from those vendors.
 
SmartRIA as an SEC Solution
The solutions that you use for compliance obligations have to be done in a way that documents everything as it happens. “If it isn’t documented, it didn’t happen,” Mac says. Internal auditors aren’t in the position of giving the benefit of the doubt because they have no evidence of due diligence. SmartRIA has the tools to help its clients through this by way of PDF files, workflows, and documents. 
 
To The Future
Tom asks Mac what the future will be like for technology solutions. Regulations in every industry are going to increase. “Across every industry, there is an increasing need for cybersecurity-related evidence, and tracking of what’s happening in that space,” Mac says. Data governance and vendor due diligence are big parts of that, but compliance management is going to also become more important.
 
Resources
Mac Bartine | LinkedIn | Twitter 
SmartRIA
 

Categories
FCPA Compliance Report

Susan Divers on the LRN Ethics & Compliance Program Effectiveness Report


In this episode of the FCPA Compliance Report, I am joined Susan Divers, Director of Thought Leadership at LRN. We discuss recently released LRN Ethics & Compliance Program Effectiveness Report. Highlights in include:

  • What is the LRN Ethics & Compliance Program Effectiveness Report?
  • What does it measure?
  • How is it generated?
  • Why is culture so critical?
  • What are the values in values?
  • What is LRN’s High Performance Premium?
  • What are the roles of managers and leaders?
  • What are the keys to effective training?
  • What will the new normal for compliance programs look like going forward?
  • The issue of culture and values down the road into 2025 and beyond.

Resources
Susan Divers
LRN Ethics & Compliance Program Effectiveness Report

Categories
Corruption, Crime and Compliance

Episode 229 – DOJ Charges TV Producer with Violations of Crimea – Related Sanctions Program


In another indication of DOJ’s aggressive approach to enforcement of sanctions against Russia, DOJ announced the indictment of a TV producer for violations of the Crimea-Related Russian sanctions program. As outlined in the indictment, Jack Hanick, a former Fox News executive, was indicted for sanctions violations stemming from his long-time relationship with a prohibited Russian oligarch (Specially Designated National) relating to the creation and promotion of the Russian Television Network.
In this episode, Michael Volkov reviews DOJ’s indictment and the facts surrounding Hanick’s conduct.

Categories
Blog

Sales incentives and Compliance

Sales incentives continue to be an area where Chief Compliance Officers (CCOs) and compliance professionals work refine their compliance regimes. In the 2020 Update to the Evaluation of Corporate Compliance Programs (Update), Incentives and Disciplinary Measures, the Department of Justice (DOJ) stated:

Incentive System — Has the company considered the implications of its incentives and rewards on compliance? How does the company incentivize compliance and ethical behavior? Have there been specific examples of actions taken (e.g., promotions or awards denied) as a result of compliance and ethics considerations? Who determines the compensation, including bonuses, as well as discipline and promotion of compliance personnel?

When considering how a company could use incentives to further a compliance program, and the role of HR in this process, we should also consider how incentives might lead to the converse, as they did in the now-infamous Wells Fargo fraudulent-accounts scandal. When you misalign these two concepts with a faulty sales strategy it can lead to a catastrophic failure, literally costing the company millions of dollars in fines, loss of business, and depreciation of shareholder value.

The sales incentives under which Wells Fargo came to such grief is a simple, and even benign, story of the cross-selling of products. After all, large banks cross-sell their clients all the time, and nobody seems to blink an eye at the cross-selling McDonalds engages in every time you buy a Big Mac when the representative asks if you would like fries with it. Yet there are other reasons for engaging in this type of business practice. Each and every time a company has a touchpoint, particularly a commercial touchpoint, with a business, it strengthens the relationship.

At Wells Fargo, however, what started off as a legitimate, legal and beneficial business strategy became not only high-risk, but illegal because of the manner in which Wells Fargo administered its approach to cross-selling. As with any sales initiative, if a company wants to push cross-selling, it will set up incentives for encouraging the sales team to engage in such behavior. This can be done by increasing commissions around the service or product being emphasized, such as the bank’s products. Companies can also increase sales by making clear that you will be evaluated on how much you sell a product or service. In other words, whether you receive a bonus, pay raise or even keep your job will be evaluated, in some part, on how much you cross-sell.

You can even have a hybrid of the above, which may be the worst of all worlds. At Wells Fargo, employees were evaluated for continuing employment by supervisors on cross-selling. Yet the employees did not receive the same financial incentives as the supervisors to make such cross-selling. Branch managers and supervisors could receive bonuses of up to $10,000 per month for meeting cross-selling quotas, whereas employees who hit their monthly quotas received, in addition to continued employment, $25 gift cards.

What about variable compensation? That is compensation based on alterable factors such as total sales, sales relative to a region, product line or other group. Some of the questions you might ask are: What does your bonus program consist of? Is it corporate performance based? Is it group performance based? Personal as in “eat what you kill”? Or is it some combination of all of the above?

A variable system can also lead to ethics and compliance failures. One reason could be similar to Wells Fargo—very high goals but no direction for employees on how to get there, coupled with a lack of communication between management and line employees, meaning there was raw fear from employees to inform their immediate supervisor of bad news. Conversely, it could be the supervisors who do not want to hear such bad news—for example, if your company has singular focus on numbers, meaning that is the single judge of your worth as an employee. Answering some of these questions if they arise can help you to understand the design of incentive plans and allow monitoring of incentive plans to identify underlying links that may arise through compliance violations.

Whatever your incentive structure, there will be employees who try to game the system. Some will do it with the tacit or explicit approval of management. You, as the CCO, may be required to act.

Categories
The Compliance Life

Audrey Harris-Move to Affiliated Monitors


The Compliance Life details the journey to and in the role of a Chief Compliance Officer. How does one come to sit in the CCO chair? What are some of the skills a CCO needs to success navigate the compliance waters in any company? What are some of the top challenges CCOs have faced and how did they meet them? These questions and many others will be explored in this new podcast series. Over four episodes each month on The Compliance Life, I visit with one current or former CCO to explore their journey to the CCO chair. This month, my guest is Audrey Harris, who handled FCPA cases prior the explosion of FCPA enforcement actions in the early 2000’s, sat in the CCO Chair, led compliance program work back in private practice and now is Managing Director for Global Anti-corruption, Compliance, Ethics & Non-Financial Risk at Affiliated Monitors Inc.

In this concluding episode, Audrey reflects on a key lesson which led her to join AMI. It is that an external monitor can be  a Value-Add proposition for all-sides, Company Business, Company Compliance, External Counsel, Enforcement/Regulators and other Stakeholders. It is not a second investigation, nor should it be seen as a “gotcha”. Rather a monitor can present  a path that can protect stakeholder and grow business, especially in this time of heightened awareness to social license and reputational risk. Audrey concludes that she loves the concept of turning a challenge into an opportunity and working at AMI on a monitorship team provides that opportunity.

Resources

 Audrey Harris on LinkedIn

Audrey Harris on Affiliated Monitors, Inc.

Categories
Blog

Using Agile for Compliance Innovation

Driving innovation in your compliance program is still seen as one of the most difficult challenges for every Chief Compliance Officer (CCO) or compliance professional. I was therefore intrigued by a recent article in the Harvard Business Review (HBR), entitled Purposeful Business the Agile Way by Darrell Rigby, Sarah Elk and Steve Berez, which discussed how business leaders can “transform a profit-maximizing system into a purpose-driven one without jeopardizing the future of their businesses and their own careers.”
Interestingly, the authors came to their approach due to the post pandemic great resignation, which they posit business leaders have no clue as to why there is such employee action and equally importantly how to adapt to it, stating, “For decades managers trusted influential economists who promised that if businesses maximized profits, an invisible hand would generate greater benefits for all society. That isn’t happening the way they said it would.” Yet business executives went overboard on creating value for shareholders as their only focus. The authors believe that such a myopic approach robs other “stakeholders of value.” That has certainly been the case for businesses treatment of employees. The authors conclude, “One recent manifestation: Record numbers of people are quitting their jobs, and others are hitting picket lines to demonstrate a growing conviction that life is too short to waste on demoralizing work. Concern about social inequities and environmental damage is escalating. The system is out of balance, and the situation is getting worse.”
Business executives stand at the turning point. They can continue down a destructive path or adapt. However, the problem is that most business leaders are afraid to change, afraid to create multiple stakeholders, as opposed to focusing solely on shareholders and do not want to listen to their employees. The authors believe, “agile ways of working can help, turning squishy debates about corporate purpose into real actions and results.” It provided to me numerous tangible ideas about how to drive innovation in the compliance arena. I have adapted the authors ideas for a corporate compliance program. The authors posit several concrete steps you can take, which every CCO and compliance professional should consider for their compliance regime.
Create a Microcosm
The authors suggest an approach not unlike Design Thinking. Here are some of their suggestions.

  • Assemble a multidisciplinary team, including experts outside your silo.
  • Develop deep empathy for users, exploring their goals and frustrations.
  • Examine the current system to identify the causes of those frustrations.
  • Envision a more purposeful system.
  • Describe changes that might improve the system.
  • Prioritize and sequence them.
  • Test potential improvements.
  • Adapt to unexpected effects and side effects.
  • Scale up solutions that enrich the lives of stakeholders affordably.

Every CCO should be comfortable with these suggestions and steps.
Continuous Monitoring Leading to Continuous Improvement
Compliance, like business purpose, should not be viewed as a mechanical watch. In 2008, I heard then Deputy Attorney General (DAG) Lanny Breuer say that a best practices compliance program needed to be nimble and agile. Obviously, continuous monitoring and continuous improvement are mandated parts of a best practices compliance program in 2022. Where the authors expand on this basic component for any compliance program is around five questions you should ask about your compliance innovation.
These include: Does your compliance initiative support your strategic objectives and create important benefits for the stakeholders who have the most impact on the success of your business? Will multiple stakeholders actively support your compliance initiative? Will your investment in this compliance initiative create greater value for a wide variety of stakeholders, more “than would simply writing a check to a more economical innovator?” Finally, your compliance initiative should “test specific hypotheses and mitigate adverse side effects before scaling up the project.”
Do the Right Thing
Setting financial targets is one way of goal setting. However, as the authors note, “Agile helps flip that approach, focusing first on creating value for stakeholders and then on earning adequate profits in the process. Instead of asking, How can we improve profitability without damaging customer and employee satisfaction? they ask, How can we enrich the lives” of various stakeholder’s and employees?
In the 2020 Update to the Evaluation of Corporate Compliance Programs, the Department of Justice (DOJ) made clear that CCOs and the corporate compliance functions were the holders of institutional justice and institutional fairness in a company. In other words, you already have the obligation. Therefore, doing the right thing for both employees and other stakeholders is not something new for compliance professionals.
Prioritize Collaboration
If there is one thing compliance must do it is collaborate. Compliance generally does not have a hammer it can bring down but must lead through influence and working with others. Moreover, engagement with a wide variety of stakeholders in your company is a much better way to get something down as those stakeholders involved will be invested in the outcome if the are involved in its creation.
In the world of agile, the authors report, “A central reason for the success of agile ways of working is that they prioritize teamwork over individual performance. Research by the Standish Group, which has studied the success of IT projects since 1994, shows that agile teams improve software innovation by more than 60%, on average, and by 100% when the innovation is large and complex. Two-thirds of agile teams across a wide range of business functions report better cross-functional alignment, and 60% register higher team morale, according to the State of Agile Report by Digital.ai, a company focused on digital transformations.”
The bottom line is that by embracing these agile concepts, a CCO has a much better chance of implementing innovative change in their compliance program.

Categories
Innovation in Compliance

Taxman: Tax and ESG


 
In this episode of Taxman, Tom Fox and Tracy Howell conclude the special series by discussing a topic that has yet to be explored by most: tax and ESG. 
 

 
How Tax and ESG Intersect
Tracy tells Tom, “There are external forces pulling tax into the ‘S’ and ‘G’ of ESG.” In the social sector, different jurisdictions have different tax rates and laws, and as companies begin to operate in a tax-efficient manner, their activities will gravitate towards lower tax regimes. Tracy adds, “You’ve got forces trying to push the concept of ‘fair share’ rather than compliance with tax laws of different jurisdictions.” Governance-wise, it’s becoming more common for companies to be required to talk about their compliance tax audits. 
 
The Role of Tax in a Company
With the growing pressures on ESG transparency, there’s a push to standardize reporting and scorecarding of companies based on their tax transparency. This would include things like the reporting of an organization’s effective tax rate. 
 
Tax and ESG in Multinational Organizations 
Institutional investors play a major role in impacting the activities of a multinational company. When making investment decisions, these entities heavily incorporate ESG scorecards with tax transparency, further emphasizing the need for a relationship between the two sectors. 
 
Resources
Tom Fox’s Email
Tracy Howell | Email | LinkedIn