Tag: compliance

Categories
Innovation in Compliance

Building a Stronger Culture of Compliance Through Targeted and Effective Training: Part 4 – A Training Program for 3rd Parties

Welcome to a special 5 part podcast series on building a stronger culture of compliance through targeted and effective training, sponsored by Diligent. Over this series, I will visit with Kunal Agrawal, Director of Customer Success at Diligent; Kevin McCoy, Customer Success Manager at Diligent; Jessica Czeczuga, Director, Compliance and Ethics at Diligent; Andrew Rincón, Client Director at Diligent; and David Greenberg, former CEO and Special Advisor at LRN and Director at International Seaways. Over this series, we will consider the importance of ongoing communications, the value of targeted training, training third parties, and the role of the Board of Directors. In this Part 4, we discuss how to put together a training program for third parties with Andrew Rincón.

Join Tom Fox in an exciting episode about building a stronger culture of compliance through targeted and effective training as he interviews Andrew Rincón. Discover how the compliance industry has evolved and how technology has significantly improved compliance programs. Find out how efficient compliance processes create goodwill for compliance professionals and make them true partners of the business with the help of technology and reliable due diligence partners. Andrew Rincón shares Diligent’s screening and monitoring options for third-party suppliers and the customized anti-bribery and anti-corruption training, available in multiple languages, also perfect for bite-sized, animated micro-learnings. Tune in to learn how to educate distributors and internal gatekeepers on compliance and useful resources for compliance professionals, only on a training program for 3rd parties.

Highlights Include:

  • The Role of Compliance with Distributors
  • Efficient Due Diligence for Distributors
  • Diligent’s Anti-Bribery and Sanctions Screening Solutions
  • Compliance Training & Internal Controls for Distributors
Notable Quotes

“And commission sales agents are certainly recognized as, if not the highest, a high risk, under the FCPA and other compliance regimes.”

“One area the thinking has evolved on, and it sounds like your career and my career, is that due diligence alone is insufficient.”

“So being as efficient as a process. And nowadays, everything moves at the speed of light.”

“But nowadays, with the amount of information that gets published every single day throughout the world, where there’s so much content out there.”

For more information, go to Diligent.com

Join us tomorrow as we conclude our series with a look at the role of the Board of Directors in a compliance program.

Categories
Blog

Building a Stronger Culture of Compliance Through Targeted and Effective Training: Part 3-Defining the Effectiveness of Compliance Training

Welcome to a special 5 part blog post series on building a stronger culture of compliance through targeted and effective training, sponsored by Diligent. Over this series I will visit with Kunal Agrawal, Director of Customer Success at Diligent; Kevin McCoy, Customer Success Manager at Diligent; Jessica Czeczuga, a Principal Instructional Designer; Andrew Rincon, Global Accounts Management Advisor at Diligent; and David Greenberg, former CEO and Special Advisor at LRN and Director at International Seaways. Over this series, we will consider the importance of ongoing communications, the value of targeted training, training third-parties, and the role of the Board of Directors. In this Part 3, we consider the always challenging topic of defining the effectiveness of training with Jessica Czeczuga.

The Department of Justice (DOJ) requirement for ‘effective’ training is one of the most challenging areas for compliance professionals. Fortunately, Jessica Czeczuga is a highly respected Principal Instructional Designer with a remarkable 25-year career in the learning and development field and as a seasoned content creator, Jessica has collaborated with numerous experts to create effective training programs that resonate with different learning styles. I was able to visit with her on some of the key steps to get Improved training effectiveness through micro-learning and metrics.:

1. Adopt micro-learning techniques for content delivery
2. Utilize interruptive training methods for behavior disruption
3. Tailor targeted training for at-risk employees

1. Adopt micro-learning techniques for content delivery. Adopting micro-learning techniques is an essential approach for effectively delivering content to learners, particularly in the realm of compliance training. Micro-learning encompasses the practice of focusing on quick, digestible, and repetitious bursts of learning that serve to reinforce essential concepts while being easily accessible to learners. This method deviates from traditional lecture-style training, power point induced traing and allows for an interruptive and integrative learning experience that caters to the needs of varying learners. Leveraging micro-learning as a tool for training purposes allows for a higher likelihood of information retention and eventual behavior modification, as it allows individuals to reflect on their own learning patterns and apply the concepts in a more seamless way.

Czeczuga believes that by utilizing metrics such as pre and post-test scores and survey feedback to determine the effectiveness of training and cater the approach accordingly, highlighting the importance of collaboration between the compliance and training departments in this process. The adoption of micro-learning for compliance training holds significant importance as it ensures that all employees have a comprehensive understanding of relevant concepts and principles. Given that this understanding forms the basis of an organization’s culture of compliance and ethics, it is crucial to ensure that the training methods employed are effective in communicating this information.

2. Utilize interruptive training methods for behavior disruption. One essential approach to keep in mind when implementing compliance training is the use of interruptive training methods for behavior disruption. Interruptive training takes the form of quick, simple, and repetitious bursts of learning that are easily accessible and cater to different styles of learning. This approach allows for content delivery that is geared towards disrupting employees’ routine and thought patterns to promote engagement, behavior change, and a deeper understanding of the material.

Czeczuga noted this approach can be especially beneficial for sending general compliance messages like anti-bribery or corruption communications to a broad audience. Additionally, she related that pre and post-tests can provide useful metrics to determine the effectiveness of the training, while surveys can offer additional insights into how well the content is resonating with employees. In this way, interruptive training methods not only serve to catch employees’ attention and disrupt thought patterns but also allow for a more objective assessment of training success.

3. Tailor targeted training for at-risk employees. In recent years, there has been a significant shift towards more targeted and efficient training methods, particularly for at-risk employees. As a result, targeted training for at-risk employees ensures that they receive the specialized instruction they need, while also making it more likely that they will retain the information and apply it in their daily work activities. Czeczuga explained that even though there may be a need for longer, more focused training for certain employees who are considered more at risk, micro-learning can still be a highly effective tool for delivering general messages, like those related to anti-bribery. The interruptive nature of micro-learning allows it to be delivered in various modes, catering to the needs of different types of learners.

Czeczuga also emphasized the usefulness of pre- and post-tests as a means of assessing training effectiveness, as well as the value of surveys in gauging learner feedback. The importance of tailoring targeted training for at-risk employees cannot be overstated, as the consequences of compliance failures can be both costly and damaging to an organization’s reputation. Ensuring that these employees have the necessary information and tools to act ethically and responsibly is crucial in promoting a culture of compliance and minimizing risk. Collaborative efforts between compliance and training departments are essential for developing and implementing training strategies that strike the right balance between targeted, in-depth instruction for at-risk employees, and more generalized training for the broader staff. Ultimately, a well-executed and carefully tailored training program will lead to improved effectiveness and a more robust compliance culture throughout the organization.

The importance of effective compliance and training programs cannot be overstated for professionals in this field. The steps outlined above provide a comprehensive approach to building and sustaining a robust training strategy that not only engages your employees but also drives positive behavioral changes. From embracing micro-learning techniques and interruptive training methods to fostering collaboration between departments and reinforcing the message consistently over time, these steps can ultimately transform your organization’s culture into one that values and prioritizes compliance. Seize this opportunity to elevate your training efforts, and witness the remarkable impact on your organization as a whole.

Join us tomorrow for a review of training for 3rd parties.

For more information go to http://diligent.com/compliancetraining.

Categories
Innovation in Compliance

Building a Stronger Culture of Compliance Through Targeted and Effective Training: Part 3 – Defining the Effectiveness of Compliance Training

Welcome to a special 5 part podcast series on building a stronger culture of compliance through targeted and effective training, sponsored by Diligent. Over this series, I will visit with Kunal Agrawal, Director of Customer Success at Diligent; Kevin McCoy, Customer Success Manager at Diligent; Jessica Czeczuga, Director, Compliance and Ethics at Diligent; Andrew Rincón, Client Director at Diligent; and David Greenberg, former CEO and Special Advisor at LRN and Director at International Seaways. Over this series, we will consider the importance of ongoing communications, the value of targeted training, training third parties, and the role of the Board of Directors. In this Part 3, we consider the always challenging topic of defining training effectiveness with Jessica Czeczuga.

Join Tom Fox and Jessica Czeczuga from Diligent in this episode as they discuss how to make compliance training effective. Jessica shares insights from years of creating targeted training materials, emphasizing the shift from traditional classrooms to microlearning. She explains how microlearning enhances comprehension, adaptability, and retention in learners. Tom and Jessica also explore the role of testing and assessments in compliance training and showcase the power of surveys in shaping the culture of compliance within organizations. Take advantage of this informative episode that will transform how you think about compliance, train, and communicate.

Highlights Include:

  • Effective Microlearning for DOJ Training
  • Benefits of Microlearning for Corporate Training
  • The Evolution of Compliance Training Testing
  • Building a Culture of Compliance and Ethics
Notable Quotes:

“Microlearning is probably one of the most effective ways to convey content to your donors.”

“One of the things that I love about microlearning beyond all those other benefits is the ability to put together what we call a multimodal communication campaign.”

“Even with all the benefits of microlearning, there are certain situations where longer and more targeted or focused training may be necessary.”

“But I think if you have a training function and a compliance function, they should always be in communication.”

For more information, go to Diligent.com

Join us tomorrow when we review a strategy for training third parties.

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program with Boards – Board Failures

Next, consider a couple of landmark failures at the Board level around bribery and corruption.

VimpelCom Ltd. In 2015 (now Veon Ltd.), the DOJ alleged that Dutch telecom VimpelCom sought to enter the telecom market through the acquisition of a local player, Unitel, as an entrée into the Uzbekistan market. Unitel made clear to VimpelCom that to have access to, obtain, and retain business in the Uzbeki telecom space, VimpelCom would have to, according to the DPA, “regularly pay Foreign Officials millions of dollars” to Gulnara Karimova, the daughter of the then President of the country. VimpelCom also acquired another entity Butzel, that was at least partially owned by an Uzbeki government official, who hid their interest through a shell company, which was known to VimpelCom. VimpelCom did not articulate a legitimate business reason for the deal and paid $60 million for Buztel.

Ultimately, VimpelCom agreed to pay approximately $800 million in fines for these activities in 2016. 

BizJet. Another FCPA enforcement action involved the Tulsa-based company BizJet International Sales and Support Inc. (BizJet), which had four senior executives convicted for their participation in a bribery scheme. But this case also involved the Board of Directions. In the Criminal Information, it stated that in November 2005:

…at a Board of Directors meeting of the BizJet Board, Executive A, and Executive B discussed with the Board that the decision of where an aircraft is sent for maintenance work is generally made by the potential customer’s director of maintenance or chief pilot, that these individuals are demanding $30,000 to $40,000 in commissions, and that BizJet would pay referral fees in order to gain market share.

In both cases, this is where the rubber hits the road. If a company is willing to commit bribery and engage in corruption to secure business, no amount of doing compliance is going to help. If senior management is ready, willing, and able to lie, cheat and steal, the Board is the final backstop to prevent such conduct. Both the VimpelCom and BizJet Boards sorely failed in their compliance duties.  

Three key takeaways:

  1. Board liability will be severe based upon similar conduct going forward.
  2. Board members must critically challenge management on its conduct.
  3. The Board is the ultimate backstop against bribery and corruption.

For more information, check out The Compliance Handbook, 4th edition, available here.

Categories
Compliance Into the Weeds

Compliance into the Weeds: A Material Weaknesses Catastrophe

The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on sanctions compliance? Look no further than Compliance into the Weeds!

In this episode, co-hosts Tom Fox and Matt Kelly dissect a disastrous 10k report filed by Ammo Incorporated, exposing the company’s shocking governance and compliance breakdown. The lack of personnel, internal control processes, and proper segregation of duties are just some of the material weaknesses that led to this corporate disaster. The hosts provide insightful lessons on what companies should avoid to maintain internal governance, share tips on approaching remediation, and emphasize the importance of self-awareness among senior management and the board. Tune in to hear how this niche investigative story was uncovered, and how Twitter played a crucial role in the investigation. Don’t miss Compliance into the Weeds – the podcast that will change the way you think about governance and compliance!

 Key Highlights 

·      Material weaknesses in internal governance practices

·      Material weaknesses in operations at Ammo

·      Challenges with Ammo Inc.’s strategic shift and internal controls

·      Remediating Company Failures: Story’s Disclosure

 Resources

Matt 

LinkedIn

Blog Post in Radical Compliance

Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program with Boards – Key Board Metrics for Compliance

What are metrics for a Board of Directors around compliance? Former Assistant Attorney General Leslie Caldwell laid out some that the Department of Justice (DOJ) would consider in a review of compliance programs. These metrics are:

  • Does the institution ensure that its directors and senior managers provide strong, explicit, and visible support for its corporate compliance policies?
  • Does the Board maintain a material role in overseeing a company’s overall compliance framework?

These requirements move beyond simply having the correct tone at the top, which every Board should articulate. The 2020 Update to the Evaluation of Corporate Compliance Programs added the following, under Oversight by posing the following questions: What compliance expertise has been available on the board of directors? Have the board of directors and/or external auditors held executive or private sessions with the compliance and control functions? What types of information has the board of directors and senior management examined in their exercise of oversight in the area in which the misconduct occurred?

Based on the foregoing, when determining the Board’s role, begin with two questions. First, does the Board of Directors exercise independent review of a company’s compliance program? Second, is the Board of Directors provided information sufficient to enable the exercise of independent judgment?

Three key takeaways:

  1. The DOJ expects active engagement by a Board around compliance.
  2. Does the Board exercise independent review of the compliance program?
  3. The convergence of the Yates Memo, Caldwell’s metrics, the Evaluation, and FCPA Corporate Enforcement Policy mandate Board metrics around compliance.

For more information, check out The Compliance Handbook, 4th edition, available here.

Categories
31 Days to More Effective Compliance Programs

What Leads to a Successful Board Investigation?

Many companies have an investigation protocol in place when a potential Foreign Corruption Practices Act (FCPA) or other legal issue arises. However, many Boards of Directors do not have the same rigor when it comes to an investigation, which should be conducted or led by the Board itself. The consequences of this lack of foresight can be problematic because if a Board of Directors does not get an investigation, which it handles right, the consequences to the company, its reputation, and value can all be quite severe.

In an article in the Corporate Board magazine, entitled “Successful Board Investigations”; David Bayless and Tammy Albarrán, wrote about five key goals that any investigation led by a Board of Directors must meet.

  • Consider whether you need independent outside counsel.
  • Consider hiring an experienced investigator to lead the internal investigation.
  • Consider the need to retain outside experts.
  • Analyze potential conflicts of interest at the outset and during the investigation.
  • Carefully evaluate whistleblower allegations.
  • Request regular updates from outside counsel, without limiting the investigation.
  • Consider whether an oral report at the conclusion of the investigation is sufficient.

The authors conclude their piece by stating, “By keeping in mind the issues addressed above, the Board will be better prepared for the investigation and readily able to exercise good judgment throughout the review. A well-conducted investigation by the Board may spare the company further disruption and costs associated with follow-on investigations by the regulators, or at the very least minimize the company’s exposure.”

Three key takeaways:

  1. Retain the right counsel. Consider conflicts and appearance.
  2. Carefully evaluate all whistleblower allegations and reject retaliation.
  3. Consider receiving oral reports on an ongoing basis and one lengthy oral report at the end of the investigation.

For more information, check out The Compliance Handbook, 4th edition, available here.

Categories
Principled Podcast

Principled Podcast – S9 E17 – How Compliance Professionals Can “Send the Elevator Back Down”

What you’ll learn on this podcast episode

There are certain people you meet in your professional career that continue to have an impact on you and your industry, long after that initial meeting. For Principled Podcast host Meredith Hunt, that person is Mary Shirley, the former head of Integrity and Compliance Education at Fresenius Medical Care (now head of compliance for Masimo) and co-host of the Great Women in Compliance podcast. In this episode, the two discuss how ethics and compliance professionals can better amplify their peers and build community, using guidance from Mary’s book Sending the Elevator Back Down. They also explore themes from Mary’s upcoming book on how E&C leaders can make the most impact on their programs with limited resources.

Guest: Mary Shirley

Mary Shirley – Grayscale

Mary Shirley is a New Zealand-qualified lawyer with 18 years of ethics and compliance experience that includes working for data privacy and antitrust regulators, in-house and private practice/consultancy across five countries and four regions of the world.  

Mary co-hosts the Great Women in Compliance Podcast, which aims to create a platform for the outstanding achievements of women in the field and share ideas and provide learning opportunities for everyone in compliance. 

She co-authored the book Sending the Elevator Back Down: What We’ve Learned from Great Women in Compliance (CCI Press, 2020) and has a second book highlighting trailblazing and innovative ideas to level up compliance programs, coming out later in 2023.  

She has been bestowed the honor of being named a Compliance Week Top Mind 2019, Trust Across America 2020 Top Thought Leader in Trust, and Excellence in Compliance Awards 2022 Mentor of the Year. 

Host: Meredith Hunt

Meredith Hunt – Grayscale

Meredith Hunt came to LRN in early 2023 as a formidable compliance generalist, with experience in quality management, project management, regulatory compliance, policy drafting, and compliance program implementation and management. As a self-proclaimed compliance “nerd,” Meredith works as an ethics and compliance specialist on LRN’s Advisory team. In thicapacity, she leads LRN’s code of conduct assessment and benchmarking practice and advises clients on how to incorporate code of conduct best practices. Meredith also manages client projects across a range of industries, including code of conduct development and E&C program evaluations. 

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program with Boards – Board Governance and Risk Oversight

One of the ongoing questions from members of the Board of Directors is how to resolve the tension between oversight and management. I recently had the opportunity to visit with Joe Howell, former Executive Vice President (EVP) of Workiva, Inc., on this subject. Howell has worked on and with Boards of Directors at various companies, and I wanted to garner his understanding of the role of a Board, senior management, and a Chief Compliance Officer (CCO). Howell’s short response was an excellent starting point for understanding the role; put sand in management’s shoes.

The key to such a metaphor succeeding is that a Board of Directors, “by continuing to challenge management on these scenarios that management has considered and the stories management is telling itself about what could go wrong,” can “help get management out of its comfort zone by and large executive teams begin to believe themselves when they talk about how well they’re doing. The independent challenge that the board can offer is putting a little bit of sand in the shoe to make sure you’re thinking about things carefully can cause you to step back and focus your resources where they’re needed.”

Howell noted that the role of the Board is not management but oversight, focusing on governance. To do so, an effective Board should challenge senior management not only on what they have planned for but what they may not have considered or may not even know about. He said, “One perfect example is the reputation of those stakeholders involved in the company, and that can be the management team itself, the employees, and the board members themselves.” This is because reputational damage hurts everyone. Howell stated, “It’s essential as we go through some ways the Board can help management in that role. I think the things that make a difference to management is when the Board can be an effective devil’s advocate. Not managing management but helping them in their governing role by helping management to step back and think critically of their underlying assumptions and biases.”

A Board is more than just there to be a rubber stamp for senior management. It must exercise independent judgment, action, and oversight. Further, it is the Board’s role to ask hard, difficult, and probing questions to ensure management is doing its job and has considered other risk possibilities.

Three Key Takeaways:

  1. Boards should force management to open up the company to itself.
  2. Boards should be a grain of sand in the shoe of management.
  3. Boards should ensure senior management is aware of and planning for known and unknown risks.
Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program with Boards – Board Oversight Role over Internal Controls

Best practices compliance program. The first in Hallmark No. 1 states, “Within a business organization, compliance begins with the board of directors and senior executives setting the proper tone for the rest of the company.” The second is found under Hallmark No. 3, entitled “Oversight, Autonomy and Resources,” which says the Chief Compliance Officer (CCO) should have “direct access to an organization’s governing authority, such as the board of directors and committees of the board of directors (e.g., the audit committee).” Further, under the US Sentencing Guidelines, the Board must exercise reasonable oversight of the effectiveness of a company’s compliance program. The DOJ Prosecution Standards posed the following queries: (1) Do the Directors exercise independent review of a company’s compliance program? and (2) Are Directors provided sufficient information to enable independent judgment?

Further, if a company’s business plan includes a high-risk proposition, there should be additional oversight. In other words, there is an affirmative duty to ask tough questions. But it is more than simply having a compliance program in place. The Board must exercise appropriate oversight of the compliance program and the compliance function. The Board must ask hard questions and be fully informed of the company’s overall compliance strategy. Lawyers often speak to and advise Boards on their legal obligations and duties. If a Board’s oversight is part of effective financial controls under Sarbanes Oxley (SOX), that includes effective compliance controls. Failure to do either may result in something far worse than bad governance. It may directly lead to an FCPA violation and could even form the basis of an independent FCPA violation. A company must have a corporate compliance program in place and actively oversee that function. A failure to perform these functions may lead to independent liability of a Board for its failure to perform its allotted tasks in an effective compliance program. Internal controls work together with compliance policies and procedures and are interrelated control mechanisms. There are five general compliance internal controls for a Board or Board subcommittee role for compliance:

Three Key Takeaways:

  1. GTE compliance internal controls are low-hanging fruit. Pick them.
  2. Compliance with internal controls can be both detected and prevented controls.
  3. Good compliance with internal controls is good for business.