Tag: compliance

Categories
Compliance Into the Weeds

Compliance into the Weeds: Responses to PCAOB Proposal On Audits

The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject. Looking for some hard-hitting insights on sanctions compliance? Look no further than Compliance into the Weeds! In this episode, Tom and Matt consider the PCAOB proposal for fraud and compliance audits.
In this episode, we dive into the heated debate surrounding the proposed rule on auditors and fraud risk audits in this episode of Compliance into the Weeds. Compliance professionals and the audit community have contrasting perspectives on the PCAOB proposal to require audit firms to look more aggressively for compliance and legal violations at their client companies and then report any such violations more promptly to the company’s board of directors.
Discover the stipulations compliance professionals want to include, such as meeting with the chief ethics and compliance officer and reviewing the state of the compliance program. On the other hand, hear why the audit community, represented by the PCAOB, opposes the rule, arguing that auditors lack the necessary expertise and that fees would skyrocket without significant benefits. Gain insights into the complexities and challenges of asking auditors to take on compliance responsibilities. Tune in to understand the potential implications of the proposed rule on audit firms, compliance professionals, and investors.

 Key Highlights

·       The PCAOB proposal implications for auditors, with a focus on effects on fraud risk audits.

·       The difference in how compliance professionals and auditors perceive the impending rule.

·       The practical difficulties auditors face when tasked with compliance roles.

·       What are the potential cost and liability hikes for auditors, heralded by the enforcement of the rule?

·       The uncertainties enveloping the approval and implementation process for the proposed rule.

 Resources

Matt 

LinkedIn

Blog Post in Radical Compliance

Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program: Day 6-Six Core Principles for Compliance Incentives

In these podcast episodes, Tom Fox discusses the importance of incorporating incentives and support systems into a company’s compliance program. He presents six core principles for effective compliance incentives, emphasizing the need for simplicity, visibility, and institutional mechanisms to ensure their longevity. Fox also highlights the role of human resources in implementing compliance programs and the positive impact it can have on organizations. By understanding and implementing these principles, companies can create a culture of compliance, reduce the risk of unethical behavior, and enhance their credibility.

I have developed six core principles for incentives, adapted from a MIT Sloan Management Review article, entitled “Combining Purpose with Profits”, and formulated them for the compliance function in an anti-corruption compliance program.

1.     Compliance incentives don’t have to be elaborate or novel.

2.     Compliance incentives need supporting systems if they are to stick.

3.     Support systems are needed to reinforce compliance incentives.

4.     Compliance incentives need a “counterweight” to endure.

5.     Compliance incentive alignment works in an oblique, not linear, way.

6.     Compliance incentive initiatives can be implemented at all levels.

Obviously, this list is not exhaustive. Yet it is now more important than ever that you demonstrate tangible incentives for your employees to gain benefits, both financial and hierarchical, through doing business ethically, in compliance with your own Code of Conduct and most certainly in compliance with relevant anti-bribery laws. It is also a requirement that such actions be documented so they can be demonstrated to the regulators, if they come knocking.

Three key takeaways:

  1. Compliance incentives do not have to be elaborate or novel.
  2. You must create support systems for your compliance incentives.
  3. Compliance incentives should be implemented at all levels.
Categories
The Ethics Experts

Episode 153 – Ilse De Vocht & Germaine Huka

In this episode of The Ethics Experts, Nick welcomes Ilse De Vocht (Director of Compliance) & Germaine Huka (Global Ethics and Compliance Business Partner (Director)) of Galapagos. Ilse has over 25 years of experience in pharma industry in Compliance and Finance. She joined Galapagos in 2023 to set up a compliance framework for the commercialization across Europe of its first medicine. Prior to that, she worked at Takeda and AstraZeneca, driving all elements of a compliance program across mainly Europe. Germaine started her career as a litigation lawyer, and moved into Compliance & Ethics after a few years and has never looked back. She has worked across different industries including Defence & Aerospace, Medical Devices and Pharmaceuticals & Biotech.
https://www.linkedin.com/company/glpg/
https://www.linkedin.com/in/ilsedevocht/
https://www.linkedin.com/in/germaine-huka-3253751a3/

Categories
FCPA Compliance Report

FCPA Compliance Report – Fighting Forced Labor with Supplier Due Diligence

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, Tom welcomes Ragini Bhalla, head of content and PR for Creditsafe, focusing on the North American region, and Steve Carpenter, Country Manager for Creditsafe in Canada. Their discussion centers around a new Canadian law designed to combat human trafficking forced labor, and child labor within supply chains. Throughout the conversation, they shed light on the practices of various multinational corporations, emphasizing the need for cohesive anti-slavery reporting and measures across different jurisdictions. It becomes evident that addressing these critical issues requires collaboration and comprehensive efforts from all parties involved.

A key to compliance with ethical sourcing and compliance with this new Canadian law is through a company’s Supply Chain. Companies must ensure their supply chains are free from forced labor and child labor, and Credit Safe provides services to help. The Canadian Forced Labor Law and the UK’s Modern Slavery Act are steps toward making companies accountable for their actions, but governments must also work with countries like India, Bangladesh, and China to create real change. Non-compliance can lead to fines, customer trust loss, and potential stock dips, and due diligence checks and audits are necessary for companies to protect the integrity of their supply chains. Ethical sourcing is a complex issue requiring collaboration between governments, companies, and experts.

 

Creditsafe is in a unique position to assist companies comply with laws making illegal human trafficking, forced labor, and child labor. In this podcast, you will learn how to investigate your suppliers in a way that enhances your business operations. Once again, this demonstrates that effective compliance leads to more effective business processes, leading to greater profitability.

 Key Highlights

·      Fighting Forced Labor

·      ESG Supply Chain Auditing

·      Canadian Compliance Law

·      Reputational Risk of Non-Compliance

·      Ethical Sourcing

Resources

Ragini Bhalla on LinkedIn

Steve Carpenter on LinkedIn

Creditsafe

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective HR in Compliance: Day 5 – Role of HR in Incentivizing Compliance

Welcome to the August edition of One Month to a More Effective Compliance Program. In the month of August, 2023 we will consider the role of Human Resources in a best practices compliance program.

In this episode, Tom Fox explores the role of HR in implementing effective compliance programs within companies. The episode focuses on the importance of incentivizing compliance and ethical behavior through both financial and non-financial incentives. The Department of Justice’s guidance emphasizes the need for positive incentives, such as personal evaluations, promotions, and rewards for ethics and compliance leadership. The podcast discusses various avenues for implementing incentives, including cash bonuses and non-compensation rewards like t-shirts or ethical awards. It emphasizes the role of HR in driving the right behavior through incentive structures and warns against solely promoting based on financial targets. Overall, the podcast highlights the significance of HR in creating a fully operationalized compliance program that fosters an ethical work environment.

 Three key takeaways:

  1. The DOJ 2023 ECCP specifically calls out incentives for doing business ethically and in compliance.
  2. HR can lead the efforts around incentives.
  3. Incentives go beyond financial rewards.

For more information, check out The Compliance Handbook, 4th edition, available on LexisNexis.com.

Categories
Adventures in Compliance

Adventures in Compliance – Compliance Lessons from The Man with the Twisted Lip

Welcome to a review of all the Sherlock Holmes stories which are collected in the work, “The Adventures of Sherlock Holmes.” The appeared in the Strand Magazine from July 1891 to June 1892. Over 12 episodes, I will be reviewing each story and mine them for leadership, compliance and ethical lessons. In this episode, we consider “The Man with the Twisted Lip” which was originally published by the Strand Magazine in December 1891.  

Summary

The story begins when Watson, called out by a friend Mrs. St. Clair, finds himself in an opium den in the East End of London. While attempting to extract his friend, he encounters Sherlock Holmes in disguise. Holmes is there on a different case involving Neville St. Clair, Mrs. St. Clair’s husband, who was reported missing under mysterious circumstances.

Mrs. St. Clair had seen her husband at a second story window of the opium den, distressed and quickly pulled away from the window. When she rushed to find him, the only people in the room were the landlord and a dirty, disfigured beggar known as Hugh Boone. Despite Boone’s rough exterior, he is known for his eloquence and wit.

Despite no evidence of foul play or indication of St. Clair being there, Mrs. St. Clair insists her husband was in the room. Holmes takes up the case and starts investigating, finding St. Clair’s clothes in the room, but no sign of the man himself.

Boone is arrested and put in a cell, where Holmes observes him closely. Eventually, Holmes discovers that Boone and Neville St. Clair are the same person. St. Clair, a respectable man with a previously high-paying job, had been leading a double life as the beggar Boone. He discovered that he could earn more money begging while disguised as the disfigured Boone, so he maintained this deception to support his family’s comfortable lifestyle.

St. Clair is extremely relieved to be found out, as he was tired of the lie but didn’t know how to get out of it without damaging his family’s reputation. In the end, it is decided that Boone’s ‘disappearance’ would be maintained to protect the family, and St. Clair vows to abandon his alter ego for good.

Compliance Lessons

1.     Honesty and Transparency: The character Neville St. Clair disguises himself and leads a dual life, which eventually leads to misunderstandings and a temporary downfall. In leadership, being open, transparent, and honest is crucial. Leaders who hide important facts or issues from their teams can create mistrust and a lack of confidence.

2.     Understand Different Perspectives: As a beggar, Neville St. Clair was able to understand a different section of society that he normally would not interact with. A good leader must strive to understand the different perspectives within their team, the broader organization, and the external market. This enhances decision-making and ensures that everyone feels heard and valued.

3.     Adaptability: Despite his odd choice, St. Clair displayed a high degree of adaptability by successfully leading a double life. In leadership, circumstances often change rapidly, and the ability to adapt quickly and effectively is vital. Good leaders can handle uncertainty, make necessary adjustments, and guide their teams through changes.

4.     The Importance of Brand: St. Clair manipulated his appearance to fit into different roles. While this is not advisable ethically, it does underscore the impact of a leader’s image on their followers. Leaders need to be mindful of how their behavior, attitude, and professionalism influence others.

5.     Resilience: Despite the hardships he encountered in his double life, St. Clair demonstrated resilience. Leaders often face challenges and obstacles. The ability to bounce back, remain positive, and continue moving forward is a key leadership trait.

6.     Integrity: The absence of integrity in St. Clair’s actions highlights the importance of this trait in leadership. Leaders must maintain high ethical standards and act in a way that is consistent with their words.

Resource

The New Annotated Sherlock Holmes

Categories
Corruption, Crime and Compliance

How to Build a Compliance Compensation System

The DOJ is advocating for increased consequences for individuals who engage in misconduct or fail to exercise proper oversight, via the implementation of compliance compensation programs that include financial penalties. Companies need to develop incentives and penalties in a balanced manner to maintain ethical performance, while ensuring the potential for accountability. A crucial aspect of enforcing these policies is the execution of robust clawback provisions as part of the executive’s contract and bonus terms. These clawbacks can act as a deterrent for misconduct, and their enforceability largely depends on the clarity of their language, among other things. In this episode of Corruption, Crime and Compliance, Michael Volkov explores compliance compensation systems and their role in corporate governance in detail. 

You’ll hear Michael talk about:

  • Clawback provisions are important rules that determine how executives’ contracts and bonus terms can be enforced. Companies have a responsibility to execute robust clawback provisions to ensure accountability and deter misconduct.
  • Compliance programs are becoming increasingly vital to global companies as they grapple with complex legal and economic risks. These programs are crucial in reinforcing compliant behavior and promoting positive corporate citizenship.
  • The DOJ has emphasized the importance of compensation systems and consequence management in corporate compliance programs. Not being proactive in reviewing these systems is considered a serious mistake that requires urgent attention and correction.
  • DOJ’s focus has expanded towards consequence management, seeking to escalate penalties for those involved in misconduct. Companies are required to implement compliance compensation programs focusing primarily on clawbacks.
  • Clawback policies, often limited to senior executives and specific conduct, need to be broadened in their scope and applicability. Notably, the Dodd-Frank Act mandates listed companies to have a written clawback policy for financial restatements resulting from accounting misconduct.
  • Compliance rewards act as a significant incentive for ethical behavior and compliance. Executives and managers who fulfill specific compliance requirements may become eligible for performance-related rewards.
  • Compliance compensation systems must be designed to hold individuals accountable for misconduct. Penalties, including retroactive discipline and financial penalties like clawbacks or deferred compensation systems, can be potent deterrents.
  • A comprehensive compliance compensation system requires careful crafting to minimize litigation and defense possibilities. It involves identifying the executives and managers to be included in the penalty system and determining the corresponding percentage penalties.
  • A company must balance its incentive structure, considering factors like large contingent payouts to executives and ethical performance requirements. Clarity in written policies and employment agreements fortify clawback provisions.
  • Collaboration between business, finance, legal, and HR is pivotal in the design and implementation of effective compliance reward and penalty systems.

 

KEY QUOTES:

“The DOJ wants to add to their risk calculation, and that’s requiring companies to implement compliance compensation programs that include financial penalties against those actors who engage in misconduct, or supervisors that fail to rein in their underlings or conduct proper oversight to ensure compliance.” – Michael Volkov

 

“Companies have to isolate and weigh incentives and bonus structures to make sure that they can still target accountability penalties commensurate with the risk posed by the executive if he or she engages in misconduct.”  – Michael Volkov

 

“The key determinant of clawback enforceability is whether the company has insisted on execution of robust clawback provisions as part of the executive’s contract and bonus terms.” – Michael Volkov

 

Resources:

Michael Volkov on LinkedIn | Twitter

The Volkov Law Group

Categories
Blog

E-com Surveillance: A Proactive Approach

In today’s rapidly expanding digital realm, keeping up with regulatory requirements in E-com surveillance is more than just a necessity—it’s a game-changer. As the world grapples with the challenges brought by the COVID-19 pandemic, efforts in ensuring compliance have dramatically shifted, impacting both personal and professional spaces. This, friends, has become a defining factor in not just maintaining, but enhancing compliance and risk management. Let’s delve into how we can proactively monitor communications, adapt to evolving channels, and leverage technology for our advantage while ensuring data security in cloud-based platforms. Here are some key steps:

  • Establishing a Robust Compliance Program
  • Proactively Monitoring Communications in E-Com Surveillance
  • Adapting to Evolving Communication Channels
  • Deploying AI in Compliance Monitoring

1. Establishing a Robust Compliance Program

With the increasing reliance on e-commerce due to the ongoing global health crisis, keeping up with regulatory compliance has become more of a challenge than ever before. Enhanced surveillance within the e-commerce spectrum has emerged as a critical aspect of any robust compliance program. Companies must diligently monitor all communication transactions to identify any potential misconduct early on. With technology continuously evolving, companies are faced with more diverse sources of data and communication channels than before.

To counteract this, advancements in technology have enabled compliance professionals to monitor these various sources more efficiently and focus on high-risk areas.   With the proliferation of novel communication platforms, regulatory requirements have become more stringent, but also more complex to adhere to. AI has been instrumental in empowering compliance officers, allowing them to better concentrate their efforts. With its ability to filter and prioritize alerts based on risk levels, AI functionality is highly effective in optimizing the e-com surveillance process. Compliance functions must keep pace with the constant changes in the communication landscape, meaning that they need to be adaptable in capturing and recording all essential communications.   Organizations must understand the cruciality of establishing a strong compliance program that aligns with their communication platforms and e-commerce operations. By leveraging high-tech solutions, like AI and machine learning, companies can better monitor and manage risks from a proactive stance, while simultaneously obeying regulatory requirements.

 2. Proactively Monitoring Communications 

In the ever-expanding universe of e-commerce, staying ahead of illicit activities such as fraud, theft, and other misconduct is vital. Key to this is the implementation of effective e-commerce surveillance in every organization, large or small. This involves the proactive monitoring and analyzing of all company communications, from emails to chat messages, for any signs of inappropriate behavior. With the ongoing proliferation of communication channels — each one another avenue for potential exploitation — it’s a gargantuan task that might seem overwhelming. However, thanks to the wonder of technology, we now have the means to keep pace with this turbulent environment. Modern advancements have made it possible to capture a vast array of data sources, despite the varying nature and extent of these channels.

 3. Adapting to Evolving Communication Channels

The digital era has seen an explosion in communication channels. From emails, social media, chat platforms to video conferencing, employees now have myriad ways to communicate, both internally and externally. Consequently, e-com surveillance to monitor such communication pipelines and pin down potential misconduct becomes increasingly complex, yet more essential. Adapting to these evolving channels plays a key role in ensuring significant compliance and risk management.   There are unique challenges that emerge with this diversity of communication channels. First instance, coded language by employees and capturing diverse data sources are some of the hurdles organizations face.

However, technology solutions are evolving as fast as the communication landscape. Key amongst these solutions is the use of AI and machine learning models, which cut through the noise to help compliance officers focus on high-risk areas. Regulators such as the SEC in the US and the FCA in the UK expect companies capture, monitor, and record all communication channels. This means your business must keep up with people’s communication methods and ensure every dialogue is recorded.  Why is this adaptation important? In a nutshell, the vastness and ever-evolving nature of digital communication channels pose a risk. The risk lies in the prospect of misconduct going unnoticed, regulatory guidelines being flouted, and ultimately, organizations facing severe consequences.

Moreover, every new communication platform is an additional data source. Managing this increasing data effectively is crucial for any organization in the current digital age. Adapting to evolving communication channels is not just about managing current risks; it is also about equipping organizations with the necessary technological tools to capture, monitor, and manage potential risks that could emerge with future communication spheres. The progression ensures that there is no lag in surveillance and that organizations are always a step ahead in their risk management.

  1. Deploying AI

Artificial intelligence (AI) and machine learning are critical technological advancements enabling companies to monitor the manifold data sources efficiently. These technologies and perhaps others down the road, are a game-changers, empowering compliance officers to focus on high-risk areas and alerts, moving compliance process from a detect mode to prevent mode. By deploying these advanced methods may lead to more comprehensive data capture and monitoring, thereby promoting a seamless, integrated, and effective e-com surveillance mechanism. This is why the implementation of such a step is a necessity more than an option as we move forward in this data-driven age.

Why is this effective approach to e-com surveillance so crucial? Well, we live in an age of digital ecommerce and remote work after COVID-19, where communication channels have diversified and expanded beyond limits. To stay compliant with regulatory requirements, it is not enough just to keep an eye on traditional messaging. You must embrace these changes and adapt by efficiently monitoring all these channels. With the technology such as AI and machine learning, you can create defensible and explainable models that can precisely show why specific alerts were raised, and others weren’t. This approach is the key to adapting to this ever-evolving world and meeting regulatory expectations, thereby enhancing your compliance protocols in the long run.

The importance of maintaining compliance with regulatory requirements in e-commerce surveillance, especially during this ongoing pandemic, cannot be overstated. As compliance authorities, you have the power to make a significant impact on your organization’s risk management. Today, we’ve delved into the necessity of a strong compliance program, the significance of proactively monitoring communications, the need to adapt to new communication mediums, the benefits of utilizing AI in compliance monitoring, and the importance of securing data on cloud platforms. Each of these steps is instrumental in achieving the desired state of compliance. Let this motivate you to continue striving for excellence in all your compliance efforts. After all, your dedication to strengthening these practices is not just about meeting regulations – it’s about fostering trust and reliability in your organization.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective HR in Compliance: Day 4 – The Reference Check

Hiring the right people for your team is critical to the success of any organization. Unfortunately, it can also be a costly endeavor if the wrong hire is made. According to a survey of 2500 companies, one bad hire can cost an organization more than $25,000 in lost productivity, low morale, and other associated costs. In some cases, the cost can be even higher, with one energy service company estimating the cost of a bad hire at $400,000.

With these staggering costs in mind, it’s clear that companies need to invest in the hiring process to ensure they get the right people. Reference checks are an important part of this process, yet they are often overlooked. This was discussed in a recent episode of One Month More Effective Compliance Program. The episode featured Kevin Ryan, who believes that reference checks are an underutilized part of the hiring process and a key internal control for human resources.

Reference checks are the only way to learn things about prospective employees that can’t be found on a resume. Unfortunately, companies often can’t or won’t give out much more information than confirming dates of employment. To get a more robust appraisal, one should dig up people who will speak candidly about the candidate. Search firms are particularly good at this, and companies should emulate this practice. Asking direct questions to acquaintances can provide direct responses 75% of the time.

The Department of Justice has recognized hiring as a best practice for compliance programs since 2004. According to Kevin Ryan, companies should take the time to get to know the candidate and ask questions that will reveal their values, beliefs, and motivations, as well as their ability to work with others, take direction, and think critically. He recommends that companies take three steps in the hiring process: resume review, in person interview, and reference checks. While the resume is good for establishing the basic qualifications for the job, it doesn’t provide much else.

The hiring process is the first step in operationalizing a compliance program. Reference checks are an important part of this process, as they can help to ensure that the candidate is a good fit for the company. Investing in the hiring process is essential to ensure that the right people are brought on board and to avoid costly mistakes. The Department of Justice has recognized hiring as a best practice for compliance programs since 2004, and reference checks are an underutilized part of the hiring process and a key internal control for human resources.

Three key takeaways:

  1. The hiring process is the first step in operationalizing your compliance program.
  2. The DOJ spoke to hiring as part of a best practices compliance program as far back as 2004.
  3. Reference checks are an underutilized part of the hiring process and a key internal HR control.

For more information, check out The Compliance Handbook, 4th edition, available on LexisNexis.com.

Categories
2 Gurus Talk Compliance

2 Gurus Talk Compliance – Episode 10 – Ethical Remote Workers Edition

What happens when two top compliance commentators get together? They talk compliance of course. Join Tom Fox and Kristy Grant-Hart in 2 Gurus Talk Compliance as they discuss the latest compliance issues in this week’s episode!

Tom and Kristy consider the possibility of an international anti-bribery court, challenges in enforcing judgments against countries without strong anti-corruption laws, and the United States’ unlikely participation. The European Commission issued an adequacy decision regarding data transfers between the US and EU, resolving a long-standing issue, but privacy advocate Max Schrems plans to challenge its validity. The importance of on-site due diligence, and the value of on-site audits and cybersecurity disclosure were also explored. The benefits of remote work, global anti-corruption efforts, AI safeguards, and the dangers of zero tolerance policies were covered as well. The conversation provided insights into various compliance-related topics.

Highlights Include

·      World ABC Court

·      No DOJ control on Cognizant investigation.

·      SEC adopts Cyber disclosure rules.

·      Fight against corruption in Ukraine.

·      Goldilocks Compliance.

·      Data Privacy Framework Program Launches New Website Enabling U.S. Companies to Participate in Cross-Border Data Transfers

·      Site Visits: Sometimes the Best Due Diligence is Done on Foot

·      New Data Reveals that Remote Workers are Likely More Ethical than their Office Counterparts.

·      White House Says Amazon, Google, Meta, Microsoft Agree to AI Safeguards

·      Man Steals Vehicle, Crashes it into Building during Search for WiFi Connection

 Resources 

  1. WSJ Risk and Compliance Journal
  2. FCPA Blog
  3. Radical Compliance
  4. Dept. Of Commerce Press Release
  5. WSJ
  6. Conflicts of Interest Blog
  7. GAB
  8. Fast Company
  9. Fox 35 Orlando

Connect with Kristy Grant-Hart on LinkedIn

Spark Consulting

Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn