Tag: compliance

Categories
Principled Podcast

Season 10 Episode 2 – The Importance of Humanizing Ethics and Compliance Programs

What you’ll learn on this podcast episode

Keeping the focus on the human element of ethics and compliance can help E&C programs move from “cop” to “coach.” But what does that look like in practice? In this episode of the Principled Podcast, host Susan Divers talks about the importance of humanizing ethics and compliance with Adam Balfour, the author of Ethics & Compliance for Humans. Listen in as the two discuss best practices that Adam has used over the course of his E&C career, managing regional and global ethics and compliance programs as well as leading areas of global risk management and privacy. 

Guest: Adam Balfour

Adam Balfour – Grayscale

Adam Balfour is on a mission to help make ethics and compliance more relatable and relevant for his fellow human beings. He likes to design ethics and compliance programs that employees can actually relate to, engage with and find useful. Originally from Scotland, Adam worked for a number of years as an attorney for two international law firms in New York before moving to Nashville, Tennessee to work for Bridgestone. He is an active member in the ethics and compliance community, a co-editor of the “Compliance and Ethics: Ideas & Answers” newsletter together with Joe Murphy, Jeff Kaplan, and Rebecca Walker, and CCEP certified. His first book, Ethics & Compliance for Humans, was published by CCI Press and is available now.    

Host: Susan Divers

Headshot_Susan_Divers_S7E18_Principled_Podcast

Susan Divers is a senior advisor with LRN Corporation. In that capacity, Ms. Divers brings her 30+ years’ accomplishments and experience in the ethics and compliance area to LRN partners and colleagues. This expertise includes building state-of-the-art compliance programs infused with values, designing user-friendly means of engaging and informing employees, fostering an embedded culture of compliance and substantial subject matter expertise in anti-corruption, export controls, sanctions, and other key areas of compliance.

Prior to joining LRN, Mrs. Divers served as AECOM’s Assistant General for Global Ethics & Compliance and Chief Ethics & Compliance Officer. Under her leadership, AECOM’s ethics and compliance program garnered six external awards in recognition of its effectiveness and Mrs. Divers’ thought leadership in the ethics field. In 2011, Mrs. Divers received the AECOM CEO Award of Excellence, which recognized her work in advancing the company’s ethics and compliance program.

Mrs. Divers’ background includes more than thirty years’ experience practicing law in these areas. Before joining AECOM, she worked at SAIC and Lockheed Martin in the international compliance area. Prior to that, she was a partner with the DC office of Sonnenschein, Nath & Rosenthal. She also spent four years in London and is qualified as a Solicitor to the High Court of England and Wales, practicing in the international arena with the law firms of Theodore Goddard & Co. and Herbert Smith & Co. She also served as an attorney in the Office of the Legal Advisor at the Department of State and was a member of the U.S. delegation to the UN working on the first anti-corruption multilateral treaty initiative.

Mrs. Divers is a member of the DC Bar and a graduate of Trinity College, Washington D.C. and of the National Law Center of George Washington University. In 2011, 2012, 2013 and 2014 Ethisphere Magazine listed her as one the “Attorneys Who Matter” in the ethics & compliance area. She is a member of the Advisory Boards of the Rutgers University Center for Ethical Behavior and served as a member of the Board of Directors for the Institute for Practical Training from 2005-2008.

She resides in Northern Virginia and is a frequent speaker, writer and commentator on ethics and compliance topics. Mrs. Divers’ most recent publication is “Balancing Best Practices and Reality in Compliance,” published by Compliance Week in February 2015. In her spare time, she mentors veteran and university students and enjoys outdoor activities.

Categories
Blog

Assessing Organizational Culture

Welcome to a special five-part blog series on building a stronger culture of compliance, sponsored by Diligent. In this series I will visit with Yvette Hollingsworth-Clark, Viktor Cuijak, Jessica Czeczuga; Michael Parker; and Alexander Cotoia. In this series, we will consider what is culture, how to assess culture, putting together a strategy to manage culture based upon this assessment, the monitoring of that strategy going forward and using information from your monitoring to engage in continuous improvement of your culture.

Many compliance professionals struggle with the ‘softness’ of culture. However, properly viewed culture can be seen as another type of risk for any organization. Viewed through this lens, culture can then be assessed, managed, monitored and improved as any other business risk. This has become even more important since the announcement in October 2021 by Deputy Attorney General Lisa Monaco, that the Department of Justice would assess corporate culture as a part of any corporate compliance enforcement action. In this Part 2, consider how to assess your culture with Viktor Cuijak.

Cuijak, a chartered accountant with a strong background in finance, audit, and risk consulting, currently serves as the Director of Customer Success and Services at Diligent. With a decade of experience in the Big Four and a focus on governance, risk, and compliance (GRC) objectives, Cuijak firmly believes in the importance of assessing and managing organizational culture as a risk factor. He views culture as a dynamic risk that can have significant consequences if not properly managed, and advocates for standardized and benchmarked culture assessments to provide valuable insights for risk management. Cuijak emphasizes the need for practical guidance on implementation, highlighting the significance of tone at the top and other artifacts such as policies, procedures, and feedback mechanisms in culture assessments. Crucial Role of Culture podcast.

Assessing and managing organizational culture as a risk factor is a crucial aspect of ensuring the success and sustainability of any organization. A compliance professional can begin by the using existing frameworks like COSO (Committee of Sponsoring Organizations of the Treadway Commission) for guidance in assessing and managing organizational culture. This framework provides principles and guidelines that help organizations understand the key factors that impact culture as a risk factor.

The tone at the top, policies, procedures, and feedback mechanisms were identified as key indicators of an organization’s culture. The tone at the top refers to the leadership’s actions and behaviors, which set the tone for the entire organization. Policies and procedures play a crucial role in shaping the desired culture, but it is not enough to simply have them in place. Actions, communications, and responses must align with the stated culture.

One of the key challenges is the nebulous and intangible nature of culture, which can make it difficult to assess and audit. However, Cuijak emphasized that culture can be thought of as just another risk that organizations need to manage. By asking the question, “What can go wrong?” organizations can identify potential risks and gaps in their culture and take steps to address them.

Standardized evaluation was also discussed as a valuable tool for assessing and benchmarking culture. It provides a common language and framework for managing risks associated with culture. By using evaluation tools, organizations can track their progress and identify areas for growth.

Cuijak also emphasized the importance of considering the impact of culture when making decisions. Culture is not just a checklist exercise, but rather a holistic approach that encompasses actions, communications, and responses. It is not enough to have policies and procedures in place; organizations must demonstrate their culture through their actions and communications.

While frameworks like COSO provide principles and guidance, they may not always provide the specific “how” in assessing and managing culture. This is where organizations need to tailor their approach and consider additional tools and techniques that align with their specific needs and goals.

In conclusion, assessing and managing organizational culture as a risk factor is a complex but essential task for organizations. By using existing frameworks, evaluating key indicators, and considering the impact of culture on decision-making, organizations can identify potential risks, address gaps, and create a culture that supports their overall success and sustainability.

Join us tomorrow where we explore creating a strategy to manage culture risk.

Tune into Viktor Cuijak on the Diligent podcast series Unlocking Success: The Crucial Role of Culture in a Best Practices Compliance Program.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 11 – Charitable Donation Enforcement Actions

When is a rose not a rose? When it is a charitable donation not made for philanthropic purposes and violates the FCPA. This was a feature of the Eli Lilly and Company (Lilly) FCPA enforcement action brought by the SEC in 2012, involving a bribery scheme utilized by Lilly in Poland. The scheme and FCPA violations mirrored an earlier FCPA enforcement action, also brought by the SEC as a civil matter, rather than by the DOJ as a criminal matter, against another U.S. entity Schering-Plough, for making charitable donations in Poland which violated the FCPA. One of the remarkable things about both of these enforcement actions, brought almost eight years apart, was that they involved improper payments to the same Polish charitable foundation to wrongfully influence the same Polish government official to purchase products from both of these companies.

Three key takeaways:

  1. Every compliance practitioner should study both the Lilly and Schering-Plough enforcement actions.
  2. What is the purpose of the charitable entity you are making a donation to?
  3. “Document, Document, and Document” your due diligence around donors.

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
Blog

What is Corporate Culture?

Welcome to a special five-part blog series on building a stronger culture of compliance, sponsored by Diligent. In this series I will visit with Yvette Hollingsworth-Clark, Viktor Cuijak, Jessica Czeczuga; Michael Parker; and Alexander Cotoia. In this series, we will consider what is culture, how to assess culture, putting together a strategy to manage culture based upon this assessment, the monitoring of that strategy going forward and using information from your monitoring to engage in continuous improvement of your culture.

Many compliance professionals struggle with the ‘softness’ of culture. However, properly viewed culture can be seen as another type of risk for any organization. Viewed through this lens, culture can then be assessed, managed, monitored and improved as any other business risk. This has become even more important since the announcement in October 2021 by Deputy Attorney General Lisa Monaco, that the Department of Justice would assess corporate culture as a part of any corporate compliance enforcement action. In this Part 1, we ask what is culture with our special guest Yvette Hollingsworth-Clark.

Yvette currently holds the position of Chief Compliance Officer for State Street Corporation  and is on the Board of Directors at Diligent. With a robust background in risk management, Yvette has cultivated a deep understanding of the significance and measurement of corporate culture. She asserts that corporate culture should not be solely managed by the compliance function, but rather owned by the C-suite and executed in various forms. Yvette stressed the need for specific metrics to monitor and promote desired cultural values, such as integrity, and believes that culture can be measured through metrics such as the number of risk decisions overruled, challenged, or implemented correctly. She also highlighted the importance of considering stakeholders such as customers, clients, and third parties when assessing corporate culture.

Yvette emphasized that culture is not solely the responsibility of the compliance function but is owned by the C-suite and executed in various ways throughout the organization. CEOs have a significant role to play in driving corporate culture. They must lead by example, set expectations, and hold managers accountable for adhering to the desired cultural attributes.

One key aspect is the importance of tone from the top. Employees observe the behavior of their senior leaders and often mimic their actions. CEOs need to be conscious of the examples they set, both verbally and through their behavior. Fairness is also crucial in setting the culture of a company. Every decision made by senior leaders, regardless of their position, should demonstrate fairness and align with the desired culture.

The Board of Directors also plays a significant role in shaping and overseeing corporate culture. They need to understand how management defines culture and how ethical issues are managed within the organization. Yvette advises boards to think about the framework of culture more broadly, considering factors such as the company’s reputation to customers and other stakeholders, as well as the employee experience. It is essential to demonstrate how the organization is executing against the cultural attributes that are deemed positive for the company.

Assessing corporate culture is a complex task that requires a balance between art and science. While there are specific metrics that can be used to measure culture, such as risk decisions, policy violations, and disciplinary actions, it is important to anchor the assessment to the specific aspects of culture that are relevant to the organization. Yvette suggests using a suite of metrics that focus on risk excellence and positive indicators of culture, such as employee training, customer treatment, and incident handling.

One must always remember that assessing culture is not a one-size-fits-all approach. It requires organizations to be specific about what their data can answer and what it cannot. A culture assessment is still more of an art than a science, but it is crucial to have a clear understanding of the indicators that align with the organization’s desired culture.

In conclusion, corporate culture is of utmost importance in the financial services industry. It is not only the responsibility of the compliance function but is owned by the C-suite and executed throughout the organization. CEOs must lead by example and set expectations, while the board plays a significant role in shaping and overseeing culture. Assessing culture requires a balance between art and science, with organizations using specific metrics that align with their desired cultural attributes. By prioritizing and measuring culture, financial services organizations can create an environment that promotes ethical behavior, risk excellence, and positive outcomes for all stakeholders.

Join us tomorrow where we explore assessing organizational culture.

Tune into Yvette Hollingsworth-Clark on the Diligent-sponsored podcast series Unlocking Success: The Crucial Role of Culture in a Best Practices Compliance Program.

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Written Standards: Day 10 – Policies and Procedures on Gifts and Business Entertainment

If one were to reflect upon the providing of gifts and business entertainment to foreign governmental officials, one might reasonably conclude that after 40 years of the FCPA, companies might follow its prescriptions regarding gifts and business entertainment. However, there have been some notable FCPA enforcement actions in this area.
The 2012 FCPA Guidance clearly stated the FCPA does not ban gifts and entertainment. Indeed, it specified, “A small gift or token of esteem or gratitude is often an appropriate way for business people to display respect for each other. Some hallmarks of appropriate gift-giving are when the gift is given openly and transparently, properly recorded in the giver’s books and records, provided only to reflect esteem or gratitude, and permitted under local law. Items of nominal value, such as cab fare, reasonable meals and entertainment expenses, or company promotional items, are unlikely to improperly influence an official, and, as a result, are not, without more, items that have resulted in enforcement action by DOJ or SEC.”
These guidelines must be coupled with active training of all personnel, not only on a company’s compliance policy, but also on the corporate and individual consequences that may arise if the FCPA is violated regarding gifts and business entertainment. Lastly, it is imperative that all such gifts and business entertainment be properly recorded, as required by the books and records component of the FCPA.
And, as always, do not forget the gut check test.

Three key takeaways:

  1. Gifts and business entertainment continue to plague companies for compliance violations.
  2. The key is not the amount but of having a policy and procedure and following it.
  3. Always remember to record gifts and business entertainment expenses correctly.

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
Innovation in Compliance

Unlocking Success: The Crucial Role of Culture in Compliance: Part 1 – Yvette Hollingsworth – Clark on What is Culture?

Welcome to a special series on building a stronger culture of compliance through targeted and effective training sponsored by Diligent. I will visit with Yvette Hollingsworth-Clark, Viktor Culjak, Jessica Czeczuga, Michael Parker, and Alexander Cotoia in this series. Over this series, we will consider what culture is, how to assess culture, putting together a strategy to manage culture based upon this assessment, monitoring that strategy in the future, and using information from your monitoring to improve your culture continuously. In Part 1, we ask what culture is with our special guest, Yvette Hollingsworth-Clark.

Yvette Hollingsworth-Clark, a seasoned professional in the financial services industry, currently holds the position of Chief Compliance Officer for State Street Corporation. With a robust background in risk management, Yvette has cultivated a deep understanding of the significance and measurement of corporate culture in the financial sector. She asserts that corporate culture should not be solely managed by the compliance function but rather owned by the C-suite and executed in various forms. Yvette emphasizes the need for specific metrics to monitor and promote desired cultural values, such as integrity. She believes culture can be measured through metrics such as the number of risk decisions overruled, challenged, or implemented correctly. She also highlights the importance of considering stakeholders such as customers, clients, and third parties when assessing corporate culture. Join Tom Fox and Yvette Hollingsworth-Clark on this episode to delve deeper into this topic.

Key Highlights:

  • Measuring and Managing Corporate Culture in Finance
  • Shaping Corporate Culture: Board’s Key Role
  • The Nuances of Assessing Organizational Culture

Ready for Purpose-Driven Compliance? Diligent equips leaders with the tools to build, monitor, and maintain an open, transparent ethics and compliance culture. For more information and to book a demo, visit Diligent.com

Join us tomorrow, where we consider how to assess your culture.

Categories
FCPA Compliance Report

FCPA Compliance Report – Carlos Villagrán Muñoz on Implementing Effective Compliance Programs in Latin America

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, Tom Fox welcomes Carlos Villagrán Muñoz, Chief Compliance Officer at CMPC in Chile. We discuss operationalizing compliance at CMPC and in Latin America.

Carlos Villagrán Muñoz is a seasoned Chilean attorney with considerable experience in implementing and advancing compliance programs in Latin America. His perspective on the subject is shaped by his extensive experience and understanding of the unique challenges in the region. Carlos identifies two major hurdles in implementing effective compliance programs in Latin America: the need to tailor programs to both global and local contexts due to cultural nuances and differing perceptions of corruption and the pressing issue of money laundering, fueled by illegal activities such as corruption, drug trafficking, and human trafficking. He believes that Latin America lags in anti-money laundering efforts, which are crucial in combating corruption, and advocates for compliance programs that address these issues while considering cultural differences. Join Tom Fox and Carlos Villagrán Muñoz as they delve deeper into these topics and more in this episode of the FCPA Compliance Report podcast.

 Key Highlights

·      CMPC’s Compliance Program Addressing Antitrust Infringement

·      Navigating Cultural Nuances and Money Laundering: Compliance Challenges in Latin America

·      CMPC’s Comprehensive Compliance Training Program

·      The Rise of Technologically Savvy Compliance Experts in Chile

·      Dynamic Networking Opportunities for Compliance Professionals

Resources

Carlos Villagrán Muñoz on LinkedIn

The FinCEN Report Company

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Data Driven Compliance

The Uses of Data Driven Compliance: Part 5 – Compliance Successes Using Data Driven Compliance

Welcome to Data Driven Compliance. In this podcast, we discuss how to use data to improve and enhance the effectiveness of your compliance program, creating greater business efficiency, all leading to more return on investment for your compliance regime. Join host Tom Fox as he explores how data will drive your compliance program to the next level. This podcast is sponsored by KonaAI.

I recently had the opportunity to visit with Vince Walden, founder and CEO of KonaAI, for a podcast series on the uses of data driven compliance. Over these five podcasts, we have discussed generative AI and ChatGPT in compliance, the profiles of a corrupt payment, making the business case for data-driven compliance, what to ask for and how to ask for it, and some success stories. In this concluding Part 5, we will look at some compliance successes using a data driven approach.

In the world of business, compliance is a critical aspect that ensures organizations adhere to legal and ethical standards. Compliance not only helps companies avoid legal troubles but also plays a significant role in improving business efficiency and profitability. In this episode, Tom and Vince considered the advanced compliance tools for fraud detection and cost savings. Our discussion entailed a comprehensive analysis of the key factors that impact advanced compliance tools for fraud detection and cost savings, exploring the tradeoffs involved, the challenges faced, and the importance of considering the impact on decision-making.

Key Highlights:

  • Invoice Price Discrepancy Detection and Recovery
  • Compliance-driven Efficiency through Fraud Risk Analysis
  • Shifting Travel Expenses for Manufacturing Observations
  • Integrating Multiple Data Sources for Fraud Detection

Resources:

Connect with Vince Walden on LinkedIn

Check out Kona AI

Connect with Tom Fox on LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 9 – Dynamic Compliance Policies

One of the key changes coming out of the Covid-19 pandemic is the need for dynamism on corporate policies. This message was driven home in a  MIT Sloan Management Review article,“Turbulent Times Demand Dynamic Rules”. The authors believe, “Circumstances can change rapidly in an uncertain world — organizational rules should be designed to change along with them.”

This concept is most appropriate in the compliance arena in the area of risk management. As your risks change, your management of those risks should adapt to the new reality. This is why the DOJ intoned in the 2023 Evaluation of Corporate Compliance Programs (ECCP) that you should assess your risks as they change, modify your risk protocols, monitor your risk management strategy and then update your compliance programs through continuous monitoring.

This dynamic policy process can build dynamic rules to enhance your company’s ability to anticipate and cope with risk changes. When the corporate compliance function embraces experimentation and learning in the creation and reformulation of policies, it builds flexibility into the organization’s structure, processes, and practices. This type of flexibility is essential as we have moved from disaster recovery to business resiliency to business as usual, especially in the field of risk management.

Three key takeaways:

1. After Covid-19, your policies must be as dynamic as your business.

2. There are three general areas to improve the dynamic features of policy creation and improvement; transparency, experimentation and innovation.

3. Garner feedback from your users on the effectiveness of your compliance policies.

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
Blog

Geopolitical Risks and Business Opportunities: Part 5- Doing Business With and In China

I recently had the opportunity to visit with Dr. Ian Oxnevad, Director of Geopolitical Risk intelligence at Infortal Worldwide. This visit was for a podcast series, sponsored by Infortal Worldwide entitled Global Risk Review. Dr. Oxnevad is a seasoned expert in geopolitical risk intelligence, with a PhD in political science and a master’s degree in National Security Studies. In this concluding blog post we look at risks in doing business in China. In this concluding blog post 5, we consider the risks and opportunities for US companies continued business with and in the country of China.

Oxnevad’s perspective on US companies considering leaving China is rooted in his understanding of the potential challenges they face, including political instability and property confiscation. He strongly advises companies to expedite the process of moving their assets out of China, citing the high risks involved, especially in the event of a war. Oxnevad suggests alternatives such as nearshoring or reshoring to safer locations like the United States, and also highlights India as a potential investment destination due to its large domestic market and lack of political issues with the US.

In recent years, China’s strict COVID-19 response and aggressive foreign policy have created political challenges and global inflation. These factors have prompted US companies to consider moving their operations away from China. Smaller Asia-Pacific countries, caught in the crossfire of geopolitical risks, lack the economic stability and military capacity to handle potential conflicts. As a result, India is emerging as a more stable option due to its democratic governance and institutional safeguards. However, Pakistan, with its history of authoritarian rule, security risks, and close ties with China, presents a unique and complex business landscape.

China’s foreign policy has become increasingly aggressive, despite its internal issues with state-owned enterprise debt and lingering resentment over COVID-19. This aggressive stance has raised concerns among American companies and others, leading them to explore options for decoupling from China. The potential risks of war and the resulting instability have become a significant factor in their decision-making process. Companies are now considering near-shoring, ally-shoring, or reshoring their operations to minimize their exposure to China.

One of the key flashpoints in the region is the tension between China and Taiwan. China’s regular incursions into Taiwanese waterways and airspace have raised the possibility of a conflict erupting overnight, with no advanced warning. The situation is further complicated by China’s tensions with India in the Himalayas. Hand-to-hand battles between Indian troops and the Chinese military have occurred, highlighting the long-standing competition between the two countries. The potential for a massive war involving China, Taiwan, Japan, Australia, India, and the US is a real concern, with nuclear weapons adding to the instability.

Given these risks, US companies are exploring alternatives to China, with India emerging as a potential destination. India offers a more stable investment environment compared to China, with its democratic governance and experience with parliamentary procedures. While India has its own internal issues, such as corruption, it still maintains a commitment to democratic principles and the rule of law. Additionally, India’s large domestic market and its central location make it an attractive option for companies looking to diversify their supply chains.

However, it is important to note that India is not without its risks. The country has shown tendencies towards autocracy and strongman rule, although these tendencies are not as pronounced as in some other countries. India’s federal structure and institutional safeguards provide some protection against the consolidation of power by a strongman leader. While no country is immune to political risks, India’s democratic experience and commitment to democratic principles make it a relatively stable option compared to other countries in the region.

The potential risks in China have also raised the question of whether US companies should consider near-shoring or reshoring their operations back to the United States. The government can play a role in facilitating such efforts through tax incentives, grants, and other types of incentives. However, the decision to reshore or near-shore is not without tradeoffs. Companies must weigh the potential benefits of reduced exposure to geopolitical risks against the costs of relocating their supply chains and the potential impact on their relationships with Chinese partners and customers.

In conclusion, US companies are seriously considering leaving China amid the political challenges and geopolitical risks in the region. The potential for conflict, particularly involving Taiwan, has raised concerns about the stability of supply chains and the safety of investments in China. India is emerging as a more stable alternative, with its democratic governance and institutional safeguards. However, companies must carefully consider the tradeoffs involved in relocating their operations and the potential impact on their business relationships. The decision to leave China is not an easy one, but it is a reflection of the increasing uncertainties and risks in the region.

You can check Dr. Oxnevad in the full five-part Riskology by Infortal podcast series here.