Tag: compliance

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Why Compliance Needs a Seat at The Table

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In this episode, we review why compliance needs a seat at the corporate strategy table.

For more information on Ethico and a free White Paper on top compliance issues in 2024, click here.

Categories
Blog

A Shifting Mindset Towards Prevention

It would not be too controversial to say that compliance programs are crucial in ensuring that organizations adhere to legal and ethical standards. That is basically what we are all striving to do. However, many of these programs are reactive, focusing more on problem-solving than prevention. This approach often leads to a lack of resources and initiative for proactive measures, which can ultimately hinder the effectiveness of compliance efforts. What I would ask you to consider today is a shift in your compliance program to prevention through greater engagement.

I have long used the McNulty Maxim’s of (1) What did you do to stop it? (2) What did you do to find out about it? and (3) What did you do to fix it? (Prevent, Detect, Remediate) You may need to shift your compliance mindset regarding your compliance regime. Through proactive measures, such as engaging and frequent training, you can move towards creating a culture of compliance that is both effective and engaging. Ronnie Feldman continually reminds us of the value of using entertainment and comedy in compliance training to make the learning experience enjoyable and memorable.

One of the critical factors impacting the shift towards prevention and engagement is the allocation of resources. Traditionally, compliance programs have focused on detection and investigation, often spending a significant portion of their budget on these reactive measures. However, as Feldman pointed out, this approach can be counterproductive. By investing more in preventative measures, organizations can mitigate risks more efficiently and avoid the need for extensive investigations.

Another essential factor to consider is the impact on employees. Compliance programs relying solely on detection and punishment can create a hostile, fear-based culture. Employees may hesitate to speak up about potential issues or concerns, fearing retribution or negative consequences. On the other hand, a prevention-focused approach that emphasizes engagement and empowerment can foster a culture of trust and psychological safety. When employees feel safe and supported, they are likelier to speak out and ally with their colleagues.

Balancing these factors can be challenging. Compliance professionals must find a way to allocate resources effectively, ensuring that both prevention and detection measures are in place. This requires a shift in mindset and a willingness to invest in proactive measures, even if it means reallocating resources from reactive measures. It also requires a commitment to engaging and empowering leaders within the organization, as they play a crucial role in setting the tone for compliance.

One approach to achieving this shift is through the use of microlearning. Many training professionals have highlighted the value of short, impactful learning modules that can easily integrate into employees’ daily routines. By delivering training in bite-sized pieces, organizations can ensure that employees are consistently engaged and learning without overwhelming them with lengthy and infrequent training sessions.

While shifting compliance programs towards prevention and engagement is compelling, it is essential to acknowledge the challenges associated with implementing such a shift. Resistance to change, limited resources, and competing priorities can all pose obstacles. However, by recognizing the importance of prevention and engagement, organizations can begin to overcome these challenges and make meaningful progress toward a more effective and engaging compliance program.

Shifting compliance programs towards prevention and engagement is a critical step in improving the effectiveness of compliance efforts. By investing more in proactive measures, engaging employees through innovative training methods, and empowering leaders, organizations can create a culture of compliance that is both effective and engaging. While there are challenges associated with this shift, the benefits far outweigh the tradeoffs. Ultimately, a prevention-focused approach mitigates risk more efficiently and creates a positive and engaging compliance culture.

Categories
Into the Chair - Tales from Chief Compliance Officers

Into the Chair, Tales from Chief Compliance Officers: Rafael Capa on Mastering Risk Management for Success in Compliance

Welcome to the latest edition of the Compliance Podcast Network: Into the Chair: Tales from Chief Compliance Officers, which details the journey to and in the role of a Chief Compliance Officer. How does one come to sit in the CCO chair? What are some of the skills a CCO needs to navigate the compliance waters of any company successfully? What are some of the top challenges CCOs have faced, and how did they meet them? These questions and many others will be explored in this new podcast series. Into the Chair: Tales from Chief Compliance Officers is a Comply podcast hosted by Tom Fox and is a production of the Compliance Podcast Network. In this episode, I visit with Rafael Capa, who has a background in risk management and is in compliance.

Rafael Capa is a highly experienced risk management professional with a career spanning over two decades in various sectors, including market risk, counterparty credit risk, liquidity risk, and operational risk. His perspective on the overall risk management strategy is shaped by his extensive experience. It is centered on the belief that it should be proactive, efficient, and tailored to the specific needs of the business lines. Capa emphasizes the importance of identifying, measuring, monitoring, reporting, and remediating risks in compliance and encourages firms to be proactive in assessing and implementing policies and procedures rather than waiting for regulations to be put in place. He also advocates for using data analytics and artificial intelligence in compliance to enhance effectiveness and efficiency. Furthermore, Capa, who holds a certificate in climate risk, underscores the emerging significance of this field in the compliance role and the necessity for compliance to keep pace with risk management in addressing this issue.

 

Key Highlights:

  • Proactive Risk Management Strategy Implementation
  • Building a Proactive Compliance Program with Data Analytics and AI
  • Enhancing Compliance through Customized Risk Assessment

Resources:

Rafael Capa on LinkedIn

Haitong International Securities Group

Comply

Connect with Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Connected Compliance

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In this episode, we consider connected compliance and why compliance needs to get everything under one roof.

For more information on Ethico and a free White Paper on top compliance issues in 2024, click here.

Categories
Blog

Joshua Drew and a Career in FCPA Enforcement and Compliance

I recently had the opportunity to visit with Joshua Drew, formerly a lawyer at the Department of Justice (DOJ) at Main Justice in Washington and also an Assistant US Attorney at the US Attorney’s Office for the District of New Jersey. We visited for an episode of the FCPA Compliance Report podcast.

Drew has recently joined the litigation group at Miller & Chevalier. With his extensive background in the fraud section of the DOJ and in-house roles at companies dealing with False Claims Act cases and FCPA resolutions, Joshua brings a wealth of knowledge and experience to his new position. His expertise will contribute to Miller & Chevalier’s strategic growth.

Drew moved from governmental service to HP, where he was Vice President and Associate General Counsel, Ethics & Anti-Corruption. At the time, HP was in the middle of a major FCPA investigation in the early 2010s. One of Joshua’s notable achievements was his role at HP, managing responses to DOJ and SEC investigations related to potential FCPA violations. During his time at HP, he played a crucial role in improving the internal investigation process, which resulted in a more efficient and practical approach. This experience highlights Joshua’s ability to navigate complex compliance issues and find practical solutions.

From HP, he moved to the company formerly known as VimpelCom, now VEON. He began as Associate General Counsel-Investigations and became the Group’s Chief Ethics & Compliance Officer. VimpelCom was going through an FCPA enforcement action and resolution at the time. He helped guide the company through a rigorous Deferred Prosecution Agreement (DPA) and monitorship. VEON was one of several high-profile FCPA enforcement actions involving telecom companies in Uzbekistan who paid huge bribes, totaling over several billion, to the daughter of the then President of the country, a woman named Gulnara Karimova.

Several factors influenced Joshua’s decision to join Miller & Chevalier. Firstly, he was impressed by the firm’s strong team of lawyers, many of whom he had interacted with during his time in-house at VimpelCom. The firm’s reputation for excellence and expertise in practice areas such as FCPA work, false claims act cases, general litigation, and white-collar defense also aligned well with Joshua’s experience. Additionally, Miller & Chevalier’s strategic focus and subject matter expertise in the issues that arise in a DC practice were appealing to Joshua.

Drew also discussed the new Safe Harbor Policy for Mergers and Acquisitions under the FCPA, which was announced in 2023. This policy encourages companies to disclose potential misconduct and cooperate with DOJ investigations, providing strong incentives for companies to get to the bottom of possible misconduct. Drew emphasized the importance of companies conducting thorough investigations, understanding the facts, and making decisions based on all available information in the company’s best interest. He acknowledged that these decisions can be challenging and require careful judgment.

The move to Miller & Chevalier allows Joshua to leverage his skills and experience to contribute to the firm’s strategic growth. His background in dealing with DOJ enforcement actions and his expertise with monitorships will be valuable assets in building on the firm’s existing work in these areas. Joshua’s role at Miller & Chevalier is focused on litigation, and he aims to bring strength to strength by complementing the skills and experience of the firm’s lawyers.

Joshua’s joining Miller & Chevalier brings the firm a unique blend of DOJ and in-house experience. His expertise in FCPA compliance and internal investigations will be instrumental in helping clients navigate complex compliance issues and mitigate risks. With his strategic approach and commitment to excellence, Joshua is well-positioned to make a significant impact at Miller & Chevalier.

Categories
Compliance Into the Weeds

Compliance into The Weeds: Down The Rabbit Hole on SEC Enforcement Waivers

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode, Tom and Matt go down a rabbit hole regarding the SEC waiving penalties for messaging app violations.

The Securities and Exchange Commission (SEC) has been making headlines for its crackdown on broker dealers who violate record-keeping rules by using off-channel messaging apps like WhatsApp or Snapchat. This has led to hefty fines, yet the SEC has been granting waivers to these same firms, allowing them to continue operating in the securities world. This paradoxical approach has raised eyebrows, including those of Tom Fox and Matt Kelly. Fox finds the SEC’s actions both curious and concerning. He believes that if a waiver program exists, it should be publicly announced and the reasons for granting waivers should be transparent to ensure appropriate scrutiny. Kelly, on the other hand, expresses surprise and disappointment at the lack of transparency from the SEC, suggesting that the waiver program and its reasons should be made clear to the public. Find out more in this fascinating edition of Compliance into the Weeds.

Key Highlights:

  • SEC Sanctions for Off-Channel Messaging Violations
  • SEC Enforcement and Waivers for Internal Violations
  • Cracking down on Off Channel Communications
  • The Need for Public Announcements in SEC Enforcement

Resources:

Matt on Radical Compliance

 Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Tip of the Day

Compliance Tip of the Day: The Competitive Advantage of Data-Driven Compliance

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In this episode, we consider data-driven compliance as a business process and the more data you have and the longer you keep it, the more you can refine your process.

3 key issues to consider:

  1. The value of obtaining the data.
  2. The higher the value added, the greater the chance that it will create a lasting edge.
  3. At what point does additional data no longer enhance value?

For more information on Ethico and a free White Paper on top compliance issues in 2024, click here.

Categories
Great Women in Compliance

Great Women in Compliance – Sabrina Segal on Reimagining Risk Management

Welcome to the Great Women in Compliance Podcast. How can we reimagine risk management? In this episode, Hemma Lomax visits Sabrina Segal, a seasoned third-sector integrity risk and compliance advisor with a legal background. Sabrina is currently in Rwanda as part of an international development and humanitarian assistance team. She hosts Tolerable Risk, a podcast about integrity and compliance in the third sector.

Sabrina shares her perspective on compliance and risk management in the third sector, which is inherently high-risk, largely due to its operation in areas where the private sector may not see value and where government regulation has failed. Sabrina believes that traditional approaches to risk management, which are quantitative-heavy and designed for industries like finance and oil and gas, are unsuitable for the third sector, requiring a more accessible qualitative approach for diverse stakeholders. Drawing from an array of global experiences, Sabrina emphasizes the need for bespoke approaches tailored to the specific needs and constraints of small and medium-sized charities and nonprofits. Sabrina has developed an objective-centered risk management approach for the third sector based on work from her mentor, Timothy Leech. Objective-centered risk management focuses on facilitating the achievement of organizational objectives, collaborating to identify threats and opportunities, and directly influencing decision-making. Sabrina’s compliance and risk management work is designed to improve organizations’ overall programming and impact in the third sector. Still, it has many applications in the private sector and corporate compliance.

Key Highlights:

  • Tolerable Risk Podcast on Tailored Risk Management for Nonprofits

  • Navigating High-Risk Environments: Third Sector Compliance

  • Objective-Driven Risk Analysis and Decision-Making

  • Comprehensive Risk Management Strategy with Active Monitoring

  • The Importance of Involving Stakeholders in Risk Management

  • Quantitative tools and trust in data for risk management

  • Advocacy and Inclusion in Restorative Justice

Resources:

Join the Great Women in Compliance community on LinkedIn here.

Categories
Blog

Tailored Risk Management in the Third Sector

Compliance and risk management are crucial aspects of any organization; the third sector is no exception. In this week’s episode of Great Women in Compliance, hosted by Hemma Lomax, she visited with Sabrina Segal on compliance and risk management in the third sector. The third sector, which includes charities and nonprofits, operates in areas where the private sector doesn’t see value and where government regulations have failed. As a result, risk management becomes even more crucial in these high-risk environments with limited resources.

Sabrina Segal is a seasoned third-sector integrity risk and compliance advisor with a legal background, currently based in Rwanda as part of an international development and humanitarian assistance team. Her perspective on compliance and risk management in the third sector is that it is inherently high risk due to its operation in areas where the private sector does not see value and where government regulations have failed. Segal believes that the current risk management approaches, which are quantitative-heavy and designed for industries like finance and oil and gas, are not suitable for the third sector, which is more qualitative-heavy.

Drawing from her experiences, she emphasizes the need for bespoke approaches tailored to the specific needs and constraints of small and medium-sized charities and nonprofits. Segal has developed a strategy called objective-centered risk management for the third sector, which focuses on achieving objectives, identifying threats and opportunities, and directly influencing decision-making, viewing her work in compliance and risk management to improve organizations’ overall programming and impact in the third sector.

Segal advocates for an objective-centered approach to risk management in the third sector. This approach focuses on achieving objectives rather than simply creating static risk registers and matrices. By tying risk analysis directly to objectives, organizations can better understand the impact of uncertainty on their goals and make informed decisions. This approach also integrates risk management into project management, recognizing the dynamic nature of risks and their effect on objectives.

Compliance and risk management are essential for any organization, but they are significant in the third sector. Non-profit organizations often rely on public trust and funding, making it crucial to maintain a strong reputation. Compliance ensures that organizations adhere to legal and ethical standards, while risk management helps identify and mitigate potential threats to the organization’s mission and sustainability.

Another approach highlighted by Segal is Active Monitoring and Mitigation. This approach involves identifying and addressing threats and opportunities to achieve objectives. By mapping the causes of these threats and opportunities, organizations can implement active monitoring or mitigation steps to minimize risks and maximize opportunities.

One of the challenges faced by the third sector is the lack of quantitative data for risk analysis. While the finance or oil and gas industries can rely on quantitative tools such as Monte Carlo simulations or Bayesian statistics, the third sector often deals with qualitative data and dynamic systems. Segal emphasizes the need for bespoke approaches that work well for charities and nonprofits, tiny and medium-sized organizations with limited resources. She suggests using quantitative tools where possible and creating data trust in the third sector to improve risk management advice. Organizations can identify and assess potential risks more effectively using data-driven approaches. Risk matrices, statistical analysis, and predictive modeling can help quantify risks and prioritize them based on their likely impact. This allows organizations to allocate resources efficiently and make informed decisions to mitigate risks.

Active monitoring and mitigation involve continuously monitoring potential risks and proactively addressing them. Rather than waiting for risks to materialize, organizations in the third sector should adopt a proactive approach. This includes regular assessments, monitoring key performance indicators, and implementing control measures to prevent or minimize the impact of identified risks. By actively monitoring and mitigating risks, organizations can ensure the smooth operation of their programs and protect their stakeholders.

Risk analysis should be closely tied to an organization’s objectives in the third sector. By aligning risk analysis with objectives, organizations can prioritize risks that have the most significant potential to hinder the achievement of their mission. This involves identifying the risks that could impact the organization’s ability to deliver its programs or services. By linking risk analysis to objectives, organizations can develop targeted strategies to manage and mitigate these risks, ensuring the successful fulfillment of their mission.

In addition to risk management, compliance is another critical aspect of the third sector. Segal highlights the role of lawyers and compliance professionals in ensuring restorative justice and breaking the cycle of vengeance. By including all stakeholders and giving voice to the voiceless, lawyers and compliance professionals contribute to the success of restorative justice initiatives and create durable solutions in post-conflict environments.

Overall, compliance and risk management in the third sector require tailored approaches that consider charities and nonprofits’ unique challenges and limited resources. By focusing on objectives, actively monitoring and mitigating risks, and considering unforeseen risks, organizations in the third sector can improve their programming and significantly impact the communities they serve.

Categories
FCPA Compliance Report

FCPA Compliance Report – Navigating DOJ Investigations: Insights from Joshua Drew

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, Tom Fox welcomes Joshua Drew, a Member of Miller & Chevalier who practices in the firm’s white collar and FCPA practice areas.

Joshua Drew, a seasoned attorney with a rich background in the Department of Justice (DOJ) and the Foreign Corrupt Practices Act (FCPA), recently joined the litigation group at Miller & Chevalier. His perspective on joining the firm is largely influenced by his admiration for the team’s expertise, having interacted with several of the firm’s lawyers during his tenure at Vimple.com, now Veon. He also found the firm’s practice areas, particularly FCPA work and general litigation, to be in perfect alignment with his experience. Moreover, he appreciated the firm’s smaller size, strategic focus, and subject-matter expertise, making his decision to join Miller & Chevalier a no-brainer.

To learn more about Joshua Drew’s journey and his insights, join Tom Fox and Joshua Drew on this episode of the FCPA Compliance Report.

Key Highlight:

  • Drews’s extensive Compliance and Litigation Experience
  • Streamlining Investigations and Improving Compliance at HP
  • Life under the monitor at Veon
  • Impressive Team and Strategic Focus at Miller
  • Incentivizing Disclosure and Cooperation in Mergers

Resources:

Joshua Drew on LinkedIn

Miller & Chevalier Chartered

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

 

For more information on Ethico and a free White Paper on top compliance issues in 2024, click here.