Tag: compliance

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program with Boards – The Board as an Internal Control

James Doty, former Commissioner of the Public Company Accounting Oversight Board (PCAOB) was once asked if the Board or its sub-committee which handles audits was a part of a company’s internal financial controls. He answered that yes, he believed that was one of the roles of an Audit Committee or full Board. I had never thought of the Board as an internal control but the more I thought about it, the more I realized it was an important insight for any Chief Compliance Officer or compliance practitioner as it also applies to compliance internal control.
In the FCPA Resource Guide, 2nd edition, in the Hallmarks of an Effective Compliance Program, there are two specific references to the obligations of a Board. The first is in Hallmark No. 1, which states, “Within a business organization, compliance begins with the board of directors and senior executives setting the proper tone for the rest of the company.” The second is found under Hallmark No. 3, entitled “Oversight, Autonomy and Resources”, where it discusses that the CCO should have “direct access to an organization’s governing authority, such as the board of directors and committees of the board of directors (e.g., the audit committee).” Further, under the US Sentencing Guidelines, the Board must exercise reasonable oversight of the effectiveness of a company’s compliance program. The Department of Justice’s (DOJ) Prosecution Standards posed the following queries: (1) Do the Directors exercise independent review of a company’s compliance program? and (2) Are Directors provided information sufficient to enable the exercise of independent judgment? Doty’s remarks drove home to me the absolute requirement for Board participation in any best practices or even effective anti-corruption compliance program.

A Board’s oversight is part of effective compliance controls, then the failure to do so may result in something far worse than bad governance. Such inattention could directly lead to a FCPA violation and could even form the basis of an independent SOX violation as to the Board.
Three Key Takeaways

  1. A Board must engage in active oversight.
  2. A Board should review the design of internal controls on a regular basis.
  3. Failure to do so could form the basis for an independent legal violation under SOX.
Categories
Trekking Through Compliance

Trekking Through Compliance – Episode 11 – The Menagerie (Part One)

In this episode of Trekking Through Compliance, we consider the episode The Menagerie (Part One), which aired on November 17, 1966, Star Date 3012.4.

This was the original pilot episode presented to NBC. Set in 2267, and the Enterprise arrives at Starbase 11 in response to a subspace call Spock reported receiving from the former captain of the Enterprise, Christopher Pike, under whom Spock had served. Pike cannot move or communicate other than answering yes/no questions with a device operated by his brainwaves. Pike refuses to communicate with anyone except Spock.

Spock, meanwhile, commandeers the Enterprise by means of falsified recordings of Kirk’s voice and orders the ship to depart under the computer’s control. After several hours, upon learning from the computer that the shuttlecraft does not have enough fuel to return to the starbase, Spock brings them aboard and then gives himself up, confessing to mutiny. Mendez convenes a hearing, at which Spock requests immediate court-martial, which requires three command officers. The tribunal begins, and Spock offers as his testimony what seems to be video footage of the Enterprise’s earlier visit to Talos IV in 2254.

In 2267, the scene is interrupted by a message from Starfleet Command, which reveals that the images they have been viewing are transmitted from Talos IV. Mendez is placed in command of the Enterprise, but Spock begs Kirk to see the rest of the transmission.

Compliance Takeaways:

  1. Leaders must take care of themselves as well as their crew.
  2. What does it mean if a deal is too good to be true?
  3. Trust but verify.

 Resources
Excruciatingly Detailed Plot Summary by Eric W. Weisstein for The Menagerie (Part One)
MissionLogPodcast.com-The Menagerie (Parts 1 & 2)

Categories
FCPA Compliance Report

FCPA Compliance Report – Scott Solomon on Managing Cash Risk Through Compliance

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. Join Tom Fox on the FCPA Compliance Report as he discusses with Scott Solomon, the CEO of Operational Security Solutions (OSS), how they manage compliance and ethical considerations around cash management, particularly for high-risk customers.

In this episode, they talk about the importance of compliance in the financial industry and how OSS helps financial institutions manage their portfolio through best practices. The podcast also touches on the challenges faced by legal cannabis businesses and the gaming industry regarding compliance and cash operations. Listeners will get insights into boutique cash and transit providers’ role in navigating licensing and permitting requirements for cannabis-related cash operations. This informative podcast concludes with contact information and an eagerness to continue the conversation. Don’t miss out on the insights shared in this episode. Tune in now to FCPA Compliance Report with Tom Fox and Scott Solomon.

 Key Highlights:

  • Challenges of Compliance in Handling Cash Transactions
  • Challenges of Compliance in Regulated Industries
  • Cash delivery in the legal cannabis industry
  • Risk Management for Financial Businesses

Notable Quotes

“Our primary customer or partner is a financial institution. So when you look at secure cash management and logistics, it boils down to our specialty is moving cash, and we have the ability in the compliance background to help financial institutions support their high-risk customers.”

“OSS was founded around compliance. A group of former law enforcement personnel, special military operators, and federal regulators got together and saw an opportunity to initially start by consulting.”

“We work with the customer. It doesn’t help us, and it doesn’t help the bank if the customer goes off the rails and becomes non-compliant. So, we want to educate them.”

“I come out of the anti-corruption compliance space; we’ve always looked to the casino world as one of the leaders around AML work simply because it was in their business interest to do.”

Resources

Scott Solomon on LinkedIn

Operational Security Solutions

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program with Boards – Boards Inquiring Up and Down

Where does “tone at the top” start? It is with public and most private U.S. companies at the Board of Directors. But what is the role of a company’s Board in compliance? First, a Board should not engage in management but oversee a CEO and senior management. The Board asks hard questions, risk assessment, and identification.

These factors can be easily adapted to compliance and ethics risk management oversight. Initially, it must be necessary that the Board receive direct access to such information on a company’s policies on this issue. The Board must have quarterly or semi-annual reports from a company’s CCO to either the Audit Committee or the Compliance Committee. Every Board should create a Compliance Committee to deal with compliance issues, as an Audit Committee may more appropriately deal with financial audit issues. A Board Compliance Committee can devote itself exclusively to non-financial compliance. The Board’s oversight role should be to receive regular reports on the company’s compliance program’s structure, actions, and self-evaluations. From this information, the Board can oversee any modifications to managing FCPA risk that should be implemented.

Three key takeaways:

  1. A Board Compliance Committee should provide oversight, not management.
  2. A CCO should use multiple reports to communicate with the Board Compliance Committee.
  3. Board Compliance Committee oversight makes companies more efficient and profitable.
Categories
Daily Compliance News

Daily Compliance News: June 10, 2023 – The Don’t Want No Stinking Compliance Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition:

  • The corruption in belts and suspenders. (WSJ)
  • Alleged Texas AG bribe payor arrested. (Bloomberg)
  • Short seller as due diligence guru. (FCPA Blog)
  • You don’t need any stinking compliance. (FT)
Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program with Boards – OIG Guidance for Boards Regarding Compliance

The OIG white paper “Practical Guidance for Health Care Governing Boards on Compliance Oversight (OIG Guidance), provides an excellent road map for thinking about how to structure a Compliance Committee for your Board and a Board’s obligations. As an introduction, the OIG Guidance states that a Board must act in good faith around its obligations regarding compliance. This means that there must be both a corporation information and reporting system and that such reporting mechanisms provide appropriate information to a Board. It states: The existence of a corporate reporting system is a key compliance program element, which not only keeps the Board informed of the activities of the organization but also enables an organization to evaluate and respond to issues of potentially illegal or otherwise inappropriate activity.

The OIG Guidance sets out four areas of Board oversight and review of a compliance function:

  1. Roles of, and relationships between, the organization’s audit, compliance, and legal departments;
  2. Mechanism and process for issue-reporting within an organization;
  3. Approach to identifying regulatory risk; and
  4. Methods of encouraging enterprise-wide accountability for the achievement of compliance goals and objectives.

The OIG Guidance is an excellent review for not only compliance professionals and others in the healthcare industry but a good primer for Boards around their duties under a best practices compliance program. The U.S. Sentencing Guidelines, the Hallmarks of an Effective Compliance Program, the OIG Guidance, and OIG Corporate Integrity Agreements can be used as baseline assessment tools for Boards and management in determining what specific functions may be necessary to meet the requirements of an effective compliance program.

Three key takeaways:

  1. Information flow up to the Board is critical.
  2. Compliance should be institutionalized in your company as a way of life.
  3. A Board needs to consider all risks.

For more information check out The Compliance Handbook, 3rd edition, available from LexisNexis here.

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program with Boards – Compliance Expertise on the Board

Every Board of Directors needs a true compliance expert sitting at the table. Almost every Board has a former CFO, former head of Internal Audit, or persons with a similar background, and often these are also the Audit Committee members of the Board. Such a background brings a level of sophistication, training, and SME that can help all companies with their financial reporting and other finance-based issues. So why is there, not such compliance SME at the Board level?

This requirement was set out in 2017 in the FCPA Corporate Enforcement Policy, where one of the criteria to be evaluated in a compliance program is “the availability of compliance expertise to the board.” Finally, the 2020 Update to the Evaluation of Corporate Compliance Programs, under the section entitled Oversight, posed the following questions What compliance expertise has been available on the Board of Directors?

The DOJ and Securities and Exchange Commission introduced this concept to the FCPA Resource Guide, 2nd edition. It means that when your company is evaluated by the DOJ, under the factors set out in the 2020 Update and the FCPA Corporate Enforcement Policy, to retrospectively determine if your company had a best practices compliance program in place at the time of any violation, you need to have not only the structure of the Board-level Compliance Committee but also the specific SME on the Board and on that committee.

Three key takeaways:

  1. Boards must have compliance expertise.
  2. Government regulators and shareholder groups have both called for greater compliance expertise on the Board.
  3. Compliance expertise at the Board works up and down as such expertise can be a resource to both the CCO and Compliance Department.

For more information check out The Compliance Handbook, 3rd edition, available from LexisNexis here.

Categories
Trekking Through Compliance

Trekking Through Compliance-Episode 6-Mudd’s Women

In this episode of Trekking Through Compliance, we consider the episode Mudd’s Women, which aired on October 13, 1966, Star Date 1329.1.

Harry Mudd attempts to evade the Enterprise with his small class J cargo ship and leads it into an asteroid field. The Enterprise extends its shields over Harvey’s ship, burning out three of its four lithium crystals. The crew of the Enterprise becomes fascinated with the three beautiful women Mudd has been transporting.
As a result of the destruction of three of its lithium crystals, the Enterprise is forced to divert to Rigel 12 to obtain new crystals. Mudd makes his bargain with the lithium miners on the planet. At Mudd’s prompting, the miners offer to provide Kirk with lithium only in exchange for Mudd’s freedom and the three women. Kirk learns the women’s beauty secret: Mudd has been providing them with the Venus drug. Kirk beams down to collect the lithium from Childress while providing Evie with red gelatin she believes to be the Venus drug. Evie believes herself again to be beautiful and unintentionally reveals her natural inner beauty. In the end, Kirk gets his lithium, Evie remains with Childress, and Mudd is taken into custody.
Compliance Takeaways:
  1. How can your risks change, and are you prepared?
  2. A CCO needs to understand you may not be telling the truth to them.
  3. Have you added the Modern Slavery requirements to your compliance regime?
Resources
The story synopsis comes from the Excruciatingly Detailed Plot Summary by Eric W. Weisstein for Mudd’s Women.
Additional insights from the MissionLogPodcast.com episode Mudd’s Women
Categories
Great Women in Compliance

Great Women in Compliance – Carolyn Renzin on Compliance at FanDuel

Welcome to the Great Women in Compliance Podcast, hosted by Mary Shirley and Lisa Fine.

Over the past few years, it seems like fantasy sports and online gaming have a higher profile than ever, and they are part of a rapidly growing industry. Today’s guest, Carolyn Renzin, is the Chief Legal and Compliance Officer at FanDuel, which is one of the leaders in that space. In a wide-ranging discussion, Carolyn and Lisa discuss building a compliance function at the same time an industry framework is being built, and how she has grown her team. She also talks about FanDuel’s commitment to integrity – both as an organization and for professional sports in general.

Her analogy between sports and her role is one we can all keep in mind – “you play offense, we play defense, and we need each other.”

You can find the Great Women in Compliance Podcast on the Compliance Podcast Network where you can find several other resources and podcasts to keep you up to date in the Ethics and Compliance world. You can also find the GWIC podcast on Corporate Compliance Insights where you can learn more about the podcast, stream prior episodes and catch up on Mary’s monthly column “Living Your Best Compliance Life.”

Corporate Compliance Insights is a much-appreciated sponsor and supporter of GWIC, including affiliate organization CCI Press publishing the related book; “Sending the Elevator Back Down, What We’ve Learned from Great Women in Compliance” (CCI Press, 2020). If you enjoyed the book, the GWIC team would be very grateful if you would consider rating it on Goodreads and Amazon and leaving a short review.  Don’t forget to send the elevator back down by passing on your copy to someone who you think might enjoy reading it when you’re done, or if you can’t bear parting with your copy, consider it as a holiday or appreciation gift for someone in Compliance who deserves a treat.

If you enjoyed the book, the GWIC team would be very grateful if you would consider rating it on Goodreads and Amazon and leaving a short review.  Don’t forget to send the elevator back down by passing on your copy to someone who you think might enjoy reading it when you’re done, or if you can’t bear parting with your copy, consider it as a holiday or appreciation gift for someone in Compliance who deserves a treat.

You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it and we welcome new subscribers to our podcast.

Join the Great Women in Compliance community on LinkedIn here.

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program with Boards – Prudent Discharge of Board Obligations

What are the obligations of a Board member regarding the FCPA? Are the obligations of the Compliance Committee under the FCPA at odds with a director’s “prudent discharge of duties to shareholders”? Do the words prudent discharge even appear anywhere in the FCPA? In the case of Stone v. Ritter, the proposition is found that “a duty to attempt in good faith to assure that a corporate information and reporting system, which the board concludes is adequate, exists.” From the case of In re Walt Disney Company Derivative Litigation, she drew the principle that directors should follow the best practices in ethics and compliance. The Board has the role of monitoring the performance of the compliance function, including monitoring the performance of it using customary economic metrics and overseeing compliance with applicable laws and regulations.

While the Board is not responsible for auditing or ferreting out compliance problems, it is responsible for determining that the company has an appropriate system of internal controls. The Board should also monitor company policies and practices that address compliance and matters affecting the public perception and reputation of the company. Every company should ensure that it conducts appropriate compliance training for employees and conducts regular compliance assessments. Finally, the Board must take appropriate action if and when it becomes aware of a material problem it believes management is not properly handling.
There is no reference to prudent discharge in the FCPA itself. However, a Board member might think more than twice about the prudent discharge of duties to the shareholders as both the DOJ and SEC now might wish to look into a Board’s prudent discharge of duties under the FCPA.

Three key takeaways:

  1. What is prudent discharge?
  2. What is your process for doing compliance at the Board level?
  3. A Board must have active rather than passive engagement around compliance.

For more information, check out The Compliance Handbook, 3rd edition, available from LexisNexis here.