Categories
Blog

Panuwat-Shadow Insider Trading and Compliance

Karen Woody is one of the country’s top legal experts on the intricacies of insider trading laws. I recently had the chance to visit with her about a significant case which pushed the boundaries of the case law on this topic. It is the case brought by the SEC against Matthew Panuwat over shadow inside trading, which ended in a conviction against Panuwat. In addition to being a significant new step by the SEC, it  highlighted the need for organizations to navigate the ethical and practical considerations surrounding insider trading.

Panuwat, was a former senior director of business development at Medivation, an oncology-focused biopharmaceutical company. He was accused of using confidential information about Pfizer Inc.’s impending acquisition of Medivation to trade ahead of the news for personal gain. Instead of buying securities of Medivation, Panuwat purchased short-term, out-of-the-money call options of another comparable public company, Incyte Corporation, which he knew from his position at Medivation was ‘in play’.

The lessons from this case highlight the importance of stringent internal controls and policies to prevent insider trading and the misuse of material nonpublic information. It also underscored the need for companies to ensure that employees understand their legal and ethical responsibilities when handling sensitive information.

Woody emphasized the importance of understanding the restrictions imposed by insider trading laws, emphasizing that employees who have access to privileged information about their company cannot trade based on that knowledge. This fundamental principle serves as the cornerstone of insider trading regulations. She further explained the complexities surrounding the enforcement of such laws, pointing out the gray areas that often exist within the legal framework.

Woody laid out several key areas for consideration. The first was for companies to implement 10(b)(5)(1) Plans. Here Woody suggested the use of 10(b)(5)(1)  plans to regulate insider trading practices effectively. These plans dictate when and how company employees can trade stocks based on privileged information. Expanding this traditional mechanism for greater scope could help reduce the windows for legal insider trading and thereby minimize the risk of legal issues arising from insider trading activities. She stressed the importance of restricting employee trading to curb shadow trading and advocates for clear controls over business activities involving sensitive information to prevent breaches and violations.

Next is a more industry-wide prohibition of information. Through the implementation of an industry-wide prohibition on trading to prevent the misuse of inside information. The key is the non-public aspect of this information that someone in Company A can pick up or discern about Company B. By expanding ban regulations and limiting trading windows based on potential insider information, the aim is to enhance fairness and transparency in trading practices.

A third area is around the ‘gray areas’ present in current insider trading laws. By examining and refining existing regulations, the goal is to create a more robust legal framework that ensures compliance and integrity in financial markets. Insider trading laws are constantly evolving, making it crucial for businesses to stay up-to-date with the latest regulations. Regularly updating Insider Trading Policies ensures that employees are aware of their responsibilities and the consequences of engaging in insider trading. It also demonstrates a commitment to ethical behavior and compliance with the law.

It is important for both companies and employees to understand what constitutes material non-public information and the legal implications of trading on such information. Employees should be educated on the types of information that are considered material and the consequences of using it for personal gain. By keeping Insider Trading Policies current and relevant, businesses can better protect themselves from legal repercussions and reputational damage associated with insider trading incidents. It also helps in fostering a culture of integrity and accountability within the organization.

Your company should establish clear guidelines for reporting and investigating suspected cases of insider trading. Having a robust compliance program in place, including regular audits and monitoring, can help prevent and detect insider trading activities. It is also essential to ensure that employees are aware of their obligations under insider trading laws and the importance of upholding ethical standards in their conduct.

Woody highlighted the critical role that ethics and character play in decision-making, especially when dealing with privileged information. She underscores the ethical risks associated with insider trading, which involves breaching confidentiality and using non-public information for personal gain, thus posing a threat to the fairness of financial markets.

Preventing insider trading starts with creating a culture of transparency and ethical behavior within the organization. Encouraging employees to report any suspicious activities and providing clear guidelines on what constitutes insider trading are essential steps. Implementing regular training sessions on insider trading laws and consequences can also help raise awareness among employees.

The Panuwat case sheds light on how balancing legal versus illegal trading practices and defining material non-public information can be a challenging task. As Karen Woody aptly emphasizes, maintaining a strong ethical compass and upholding fiduciary duties are paramount in navigating the intricacies of insider trading laws.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: The Attorney Client Privilege

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In this episode, we consider the parameters of the attorney client privilege.

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Blog

Insights on the EU Corporate Sustainability Due Diligence Directive from GDPR

Regarding corporate social responsibility and data protection, impact assessments and due diligence can seem like a labyrinth of legal jargon and regulatory requirements. However, understanding the importance of these processes is crucial for any corporation looking to not only comply with regulations but also build trust with customers and stakeholders. In this blog post, we will dive into the intricacies of impact assessments and due diligence, answering common questions and providing practical tips for corporations navigating the complexities of the Corporate Sustainability Due Diligence Directive (CSDDD).

We will consider the following questions:

  1. What role does GDPR compliance play in navigating the complexities of the CSDDD?
  2. Why are privacy impact assessments important for the CSDDD?
  3. How can corporations comply with the CSDDD?

In the ever-evolving landscape of corporate responsibility and ethical governance, staying ahead of regulatory directives is crucial for businesses looking to comply and positively impact society and the environment. One such directive that is making waves in the corporate world is the CSDDD. In the wake of its near full adoption by the European Council, the implications of this directive are profound, prompting organizations to rethink their approach to sustainability, human rights, and environmental impact.

The parallels between the CSDDD and the General Data Protection Regulation (GDPR) serve as a reminder of the importance of proactively addressing ethical considerations within corporate governance. Just as with the GDPR, which focuses on data privacy and protection, the CSDDD underscores the necessity of corporate diligence in ensuring environmental responsibility, human rights protection, and fair business practices.

GDPR compliance is a critical component of navigating the complexities of the CSDDD. GDPR sets strict guidelines for how companies handle the personal data of EU citizens. By ensuring compliance with GDPR regulations, corporations can demonstrate their commitment to data protection and privacy, essential for building trust with customers and stakeholders in today’s data-driven world. One of the key components of GDPR compliance is to conduct regular audits of your data processing activities to ensure compliance with GDPR requirements. Implement robust data protection measures, such as encryption and access controls, to safeguard personal data and mitigate the risk of data breaches.

The essence of both GDPR and CSDDD is to take a proactive approach to compliance. By instilling a culture of responsibility within the organization, companies can effectively navigate the complexities of regulatory frameworks like the CSDDD. From conducting impact assessments to tracking progress and publishing annual statements, the directive emphasizes transparency and accountability in corporate operations.

Compliance with the CSDDD requires a proactive approach to data protection and privacy. Corporations must establish robust data governance frameworks, implement privacy-by-design principles, and regularly audit their data processing activities. By prioritizing data protection and privacy, corporations can demonstrate their commitment to responsible data management and build trust with customers and stakeholders. You should work to develop a data protection policy that outlines your organization’s commitment to data protection and privacy. Train employees on data protection best practices and provide ongoing support to ensure compliance with the CSDDD.

This is also true of privacy impact assessments (PIAs), essential for identifying and mitigating privacy risks associated with data processing activities. By conducting a PIA, corporations can assess the potential impact of their data processing activities on individuals’ privacy rights and take steps to minimize any adverse effects. PIAs are especially important in the context of the CSDDD, where data protection and privacy are paramount concerns. You should work to integrate privacy impact assessments into your data processing workflows to identify and address privacy risks proactively. Engage with data protection authorities and stakeholders to ensure transparency and accountability in your privacy practices.

While the CSDDD is a European directive, its reach extends beyond the EU’s borders, impacting US companies with significant operations or income derived from the region. This broad scope necessitates a thorough evaluation of supply chains, supplier relationships, and potential risks associated with non-compliance. The CSDDD’s requirements for due diligence and supplier engagement underscore the interconnected nature of global business operations.

As organizations strive to align with the CSDDD, integrating existing laws and guidelines from related legislation, such as GDPR, becomes essential. From incorporating OECD guidelines to addressing human rights and environmental impact, companies must adopt a comprehensive approach to compliance. By leveraging technological solutions and strategic staffing, businesses can streamline their compliance efforts and enhance their impact on society and the environment.

The convergence of directives like the CSDDD and GDPR heralds a new era of ethical governance for businesses worldwide. By embracing the principles of sustainability, human rights protection, and environmental stewardship, organizations can meet regulatory requirements and contribute to a more responsible and equitable corporate landscape. As we navigate the complexities of corporate responsibility, let us heed the lessons from these directives and strive to do the right thing, both ethically and legally.

Navigating the complexities of impact assessments and due diligence in the context of the CSDDD may seem daunting. Still, with a proactive approach to data protection and privacy, corporations can demonstrate their commitment to responsible data management and build trust with customers and stakeholders. By prioritizing GDPR compliance, conducting privacy impact assessments, and implementing robust data protection measures, corporations can navigate the complexities of the CSDDD effectively.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Employee Rights in an Interview

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In this episode, we consider what employee rights you need to consider during an internal investigation.

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Impact of The Monaco Memo On Investigations

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In this episode, we consider what additional pressure the Monaco Memo put on companies to get their investigations done quickly and to get it done right.

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Sunday Book Review

Sunday Book Review: April 14, 2024 Compliance Books Edition

In the Sunday Book Review, I consider books that would interest the compliance professional, the business executive, or anyone who might be curious.

It could be books about business, compliance, history, leadership, current events, or anything else that might interest me.

In today’s edition of the Sunday Book Review, we look at some of the top books on compliance you should read in 2024.

  • The Business Guide to Effective Compliance and Ethics, by Tony Osborn and Andrew Hayward
  • How to be a Wildly Effective Compliance Officer by Kristy Grant-Hart
  • Fully Compliant by Travis Waugh
  • Governance, Risk Management and Compliance by Richard Steinburg

Resources:

The best compliance books for 2024

For more information on Ethico and a free White Paper on ROI for your compliance program, click here.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: How The Monaco Memo Changed Compliance

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

In this episode, we consider how the Monaco Memo, changed compliance by laying out what, who, and how the DOJ will hold individuals and corporations accountable.

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
2 Gurus Talk Compliance

2 Gurus Talk Compliance: Episode 26 – The Compliance Week Wrap Up Edition

What happens when two top compliance commentators get together? They talk about compliance, of course. Join Tom Fox and Kristy Grant-Hart in 2 Gurus Talk Compliance as they discuss the latest compliance issues in this week’s episode!

In this episode, Tom and Kristy take on a wide variety of compliance related topics.

The Compliance Week National Conference, a premier event in the field of compliance, offered a rich assortment of discussions and insights on various compliance topics, such as AI monitoring, risk assessment, and oversight of the Foreign Corrupt Practices Act (FCPA). Among the expert attendees were compliance professionals Tom and Kristy.

Tom highlighted the invaluable practical discussions led by practitioners, which had direct impact on compliance practices. He found the sessions on risk assessments and third-party risk management to be engaging and informative.

Similarly, Kristy found the conference sessions to be enlightening, notably a keynote on artificial intelligence and a workshop on leadership. She also valued the call for transparency in compliance roles, underscoring the conference’s ability to address recurring compliance challenges.

Both Fox and Grant-Hart’s perspectives were shaped by their extensive experiences and expertise in the field of compliance, highlighting the conference’s appeal to both veterans and newcomers alike.

Highlights Include:

1. Compliance Week Conference Roundup – Key thoughts, takeaways, and moments

2. Ericsson released from DPA.   (WSJ)

3. SEC says self-reporting is critical. (WSJ)

4. Corruption with JFK taxi dispatchers.   (NYPost)

5. No more late night messages from your boss—the Right to Disconnect. (WaPo)

6. Trafigura pleads guilty. (The Maritime Executive)

7. Inside the Russian Shadow Trade for Weapons Parts, Fueled by Crypto (WSJ) 

8. Sam Bankman – Fried is still gambling (The Verge) 

9. The Frustration of CCO Job Searches (Radical Compliance)

10. Florida man put car in cruise control, then partially stood up through sunroof while speeding, deputies say (FOX 35 Orlando)

Resources: 

Kristy Grant-Hart on LinkedIn

Spark Consulting

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

Daily Compliance News: April 11, 2024 – The Panama Papers Goes to Trial Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • The Panama Papers trial begins. (BBC)
  • Crypto says it has turned the compliance corner.  (WSJ)
  • KPMG pays $25MM for cheating. (FT)
  • A former PdVSA minister was arrested for corruption. (Reuters)

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.

Categories
Compliance Into the Weeds

Compliance into The Weeds: The Complexity of Risk Assessments

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject.

Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds!

In this episode, Tom and Matt take a deep dive into the variables a compliance professional should consider when performing a risk assessment. We also say a few words about our experiences in the total solar eclipse of April 8.

Risk assessments in compliance encompass the careful evaluation of both external and internal risks, necessitating a carefully planned process for overseeing various risk assessments within a company. This task, while intricate and often challenging, is a crucial aspect of compliance.

Fox emphasizes the necessity of precisely defining the scope of risk assessments, which could involve assessing external threats, internal controls, or both. He proposes that companies could benefit from the guidance of internal audits, external consultants, or professional service firms.

Similarly, Matt acknowledges its complex and challenging nature. Kelly underscores the importance of a disciplined, coherent approach to managing risk assessments across different parts of an organization, suggesting the possibility of involving assistance from third-party firms or internal audit teams.

Both Fox and Kelly’s perspectives underscore the importance of strategic planning, effective management, and possible external input in conducting risk assessments in compliance programs.

Key Highlights:

  • Comprehensive Approach to Conducting Risk Assessments
  • Collaborative Risk Assessment for Compliance Optimization
  • Enhancing Compliance through Internal Control Testing
  • Strategic Integration of Compliance in Enterprise Risk
  • Celestial Event Viewing: The Influence of Clouds

Resources:

Matt on Radical Compliance

 Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn