Tag: compliance

Categories
Compliance Into the Weeds

Compliance into the Weeds: PCAOB: Expanding Audit Duties – The Impact and Concerns

The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to fully explore a subject. Looking for some hard-hitting insights on sanctions compliance? Look no further than Compliance into the Weeds!

Tom Fox and Matt Kelly are back with another thought-provoking episode discussing the proposed new Audit Standard 2405 by the PCAOB. This new proposal requires auditors to evaluate legal violations and noncompliance that could have a material impact on financial statements. While some people believe this is a good idea, others question the cost and whether audit firms are trained for this task. The discussions covered a range of topics, including internal control evaluations, expanding audit duties, Wells Fargo case study, the potential for increased audit fees, and reporting noncompliance to law enforcement. The hosts urge listeners to read the proposal and provide feedback as the final standard is expected to be approved by the SEC. This is a must-listen for compliance professionals who want to stay up-to-date and think critically about the latest audit news.

 Key Highlights 

·      Auditing Process for Legal and Compliance Issues

·      New Standards for Auditors Beyond Financial Reporting

·      Expanding PCAOB’s Legal Obligations for Auditors

·      Expanding Audit Firm Duties: Impact and Concerns

·      Commenting on Proposed Audit Rule

Notable Quotes:

“This seems like a huge expansion of what auditors have done in the past.”

“Certainly, for example, a large FCPA violation if you’re looking at $1,000,000,000 fine, and that would definitely strike me as material.”

“The proposal to expand the duties of audit firms is a dramatic expansion of what they were previously asked to do, and it is unclear whether they are fully equipped to handle this responsibility.”

“Internal auditors and compliance officers may also have concerns.”

Resources

Matt 

LinkedIn

Blog Post in Radical Compliance

Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

Daily Compliance News: June 14, 2023 – The Digital Nomad Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

  • Why we go into the office now. (Bloomberg)
  • JPMorgan settles with Epstein victims for $290M. (Reuters)
  • Corruption and wildfires. (Eurasianet)
  • The digital nomad goes corporate. (FT)
Categories
Trekking Through Compliance

Trekking Through Compliance – Episode 12 – The Menagerie (Part Two)

In this episode of Trekking Through Compliance, we consider the episode The Menagerie (Part Two), which aired on November 24, 1966, Star Date 3012.4.

This was the original pilot episode presented to NBC. Spock’s trial continues, and the transmitted scene resumes with Pike in 2254 in a cell with a transparent wall. The Talosians begin their “experiment,” which consists of several illusory situations involving Pike and Vina. The Talosians hope that Pike and Vina will mate and find a race of slaves who will reclaim the war-damaged surface of the planet.

That night, Pike can capture the Keeper as he attempts to confiscate the weapons. The captured crew proceeds to the surface. Number One sets her phaser on overload, preferring to die rather than be enslaved. The aliens have found that humans’ “unique hatred of captivity” makes them unsuitable for the Talosians’ plans, which must be abandoned. The crew beams back to the Enterprise.

Back in 2267, the transmission ends as the Enterprise arrives at Talos IV. The court-martial was a ploy to buy time to bring Pike back to Talos IV, where, if willing, he could enjoy the illusion of everyday life. Pike is transported to the planet and rejuvenated Pike.

Compliance Takeaways:

  1. What happens with your counterparty refuses to comply with FCPA requirements?
  2. When the time comes, will you, as a CCO, speak truth to power?
  3. Sometimes failure and being left behind are options.

 Resources
Excruciatingly Detailed Plot Summary by Eric W. Weisstein for The Menagerie (Part Two)
MissionLogPodcast.com-The Menagerie (Parts 1 & 2)

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program with Boards – The Board as an Internal Control

James Doty, former Commissioner of the Public Company Accounting Oversight Board (PCAOB) was once asked if the Board or its sub-committee which handles audits was a part of a company’s internal financial controls. He answered that yes, he believed that was one of the roles of an Audit Committee or full Board. I had never thought of the Board as an internal control but the more I thought about it, the more I realized it was an important insight for any Chief Compliance Officer or compliance practitioner as it also applies to compliance internal control.
In the FCPA Resource Guide, 2nd edition, in the Hallmarks of an Effective Compliance Program, there are two specific references to the obligations of a Board. The first is in Hallmark No. 1, which states, “Within a business organization, compliance begins with the board of directors and senior executives setting the proper tone for the rest of the company.” The second is found under Hallmark No. 3, entitled “Oversight, Autonomy and Resources”, where it discusses that the CCO should have “direct access to an organization’s governing authority, such as the board of directors and committees of the board of directors (e.g., the audit committee).” Further, under the US Sentencing Guidelines, the Board must exercise reasonable oversight of the effectiveness of a company’s compliance program. The Department of Justice’s (DOJ) Prosecution Standards posed the following queries: (1) Do the Directors exercise independent review of a company’s compliance program? and (2) Are Directors provided information sufficient to enable the exercise of independent judgment? Doty’s remarks drove home to me the absolute requirement for Board participation in any best practices or even effective anti-corruption compliance program.

A Board’s oversight is part of effective compliance controls, then the failure to do so may result in something far worse than bad governance. Such inattention could directly lead to a FCPA violation and could even form the basis of an independent SOX violation as to the Board.
Three Key Takeaways

  1. A Board must engage in active oversight.
  2. A Board should review the design of internal controls on a regular basis.
  3. Failure to do so could form the basis for an independent legal violation under SOX.
Categories
Trekking Through Compliance

Trekking Through Compliance – Episode 11 – The Menagerie (Part One)

In this episode of Trekking Through Compliance, we consider the episode The Menagerie (Part One), which aired on November 17, 1966, Star Date 3012.4.

This was the original pilot episode presented to NBC. Set in 2267, and the Enterprise arrives at Starbase 11 in response to a subspace call Spock reported receiving from the former captain of the Enterprise, Christopher Pike, under whom Spock had served. Pike cannot move or communicate other than answering yes/no questions with a device operated by his brainwaves. Pike refuses to communicate with anyone except Spock.

Spock, meanwhile, commandeers the Enterprise by means of falsified recordings of Kirk’s voice and orders the ship to depart under the computer’s control. After several hours, upon learning from the computer that the shuttlecraft does not have enough fuel to return to the starbase, Spock brings them aboard and then gives himself up, confessing to mutiny. Mendez convenes a hearing, at which Spock requests immediate court-martial, which requires three command officers. The tribunal begins, and Spock offers as his testimony what seems to be video footage of the Enterprise’s earlier visit to Talos IV in 2254.

In 2267, the scene is interrupted by a message from Starfleet Command, which reveals that the images they have been viewing are transmitted from Talos IV. Mendez is placed in command of the Enterprise, but Spock begs Kirk to see the rest of the transmission.

Compliance Takeaways:

  1. Leaders must take care of themselves as well as their crew.
  2. What does it mean if a deal is too good to be true?
  3. Trust but verify.

 Resources
Excruciatingly Detailed Plot Summary by Eric W. Weisstein for The Menagerie (Part One)
MissionLogPodcast.com-The Menagerie (Parts 1 & 2)

Categories
FCPA Compliance Report

FCPA Compliance Report – Scott Solomon on Managing Cash Risk Through Compliance

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. Join Tom Fox on the FCPA Compliance Report as he discusses with Scott Solomon, the CEO of Operational Security Solutions (OSS), how they manage compliance and ethical considerations around cash management, particularly for high-risk customers.

In this episode, they talk about the importance of compliance in the financial industry and how OSS helps financial institutions manage their portfolio through best practices. The podcast also touches on the challenges faced by legal cannabis businesses and the gaming industry regarding compliance and cash operations. Listeners will get insights into boutique cash and transit providers’ role in navigating licensing and permitting requirements for cannabis-related cash operations. This informative podcast concludes with contact information and an eagerness to continue the conversation. Don’t miss out on the insights shared in this episode. Tune in now to FCPA Compliance Report with Tom Fox and Scott Solomon.

 Key Highlights:

  • Challenges of Compliance in Handling Cash Transactions
  • Challenges of Compliance in Regulated Industries
  • Cash delivery in the legal cannabis industry
  • Risk Management for Financial Businesses

Notable Quotes

“Our primary customer or partner is a financial institution. So when you look at secure cash management and logistics, it boils down to our specialty is moving cash, and we have the ability in the compliance background to help financial institutions support their high-risk customers.”

“OSS was founded around compliance. A group of former law enforcement personnel, special military operators, and federal regulators got together and saw an opportunity to initially start by consulting.”

“We work with the customer. It doesn’t help us, and it doesn’t help the bank if the customer goes off the rails and becomes non-compliant. So, we want to educate them.”

“I come out of the anti-corruption compliance space; we’ve always looked to the casino world as one of the leaders around AML work simply because it was in their business interest to do.”

Resources

Scott Solomon on LinkedIn

Operational Security Solutions

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program with Boards – Boards Inquiring Up and Down

Where does “tone at the top” start? It is with public and most private U.S. companies at the Board of Directors. But what is the role of a company’s Board in compliance? First, a Board should not engage in management but oversee a CEO and senior management. The Board asks hard questions, risk assessment, and identification.

These factors can be easily adapted to compliance and ethics risk management oversight. Initially, it must be necessary that the Board receive direct access to such information on a company’s policies on this issue. The Board must have quarterly or semi-annual reports from a company’s CCO to either the Audit Committee or the Compliance Committee. Every Board should create a Compliance Committee to deal with compliance issues, as an Audit Committee may more appropriately deal with financial audit issues. A Board Compliance Committee can devote itself exclusively to non-financial compliance. The Board’s oversight role should be to receive regular reports on the company’s compliance program’s structure, actions, and self-evaluations. From this information, the Board can oversee any modifications to managing FCPA risk that should be implemented.

Three key takeaways:

  1. A Board Compliance Committee should provide oversight, not management.
  2. A CCO should use multiple reports to communicate with the Board Compliance Committee.
  3. Board Compliance Committee oversight makes companies more efficient and profitable.
Categories
Daily Compliance News

Daily Compliance News: June 10, 2023 – The Don’t Want No Stinking Compliance Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition:

  • The corruption in belts and suspenders. (WSJ)
  • Alleged Texas AG bribe payor arrested. (Bloomberg)
  • Short seller as due diligence guru. (FCPA Blog)
  • You don’t need any stinking compliance. (FT)
Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program with Boards – OIG Guidance for Boards Regarding Compliance

The OIG white paper “Practical Guidance for Health Care Governing Boards on Compliance Oversight (OIG Guidance), provides an excellent road map for thinking about how to structure a Compliance Committee for your Board and a Board’s obligations. As an introduction, the OIG Guidance states that a Board must act in good faith around its obligations regarding compliance. This means that there must be both a corporation information and reporting system and that such reporting mechanisms provide appropriate information to a Board. It states: The existence of a corporate reporting system is a key compliance program element, which not only keeps the Board informed of the activities of the organization but also enables an organization to evaluate and respond to issues of potentially illegal or otherwise inappropriate activity.

The OIG Guidance sets out four areas of Board oversight and review of a compliance function:

  1. Roles of, and relationships between, the organization’s audit, compliance, and legal departments;
  2. Mechanism and process for issue-reporting within an organization;
  3. Approach to identifying regulatory risk; and
  4. Methods of encouraging enterprise-wide accountability for the achievement of compliance goals and objectives.

The OIG Guidance is an excellent review for not only compliance professionals and others in the healthcare industry but a good primer for Boards around their duties under a best practices compliance program. The U.S. Sentencing Guidelines, the Hallmarks of an Effective Compliance Program, the OIG Guidance, and OIG Corporate Integrity Agreements can be used as baseline assessment tools for Boards and management in determining what specific functions may be necessary to meet the requirements of an effective compliance program.

Three key takeaways:

  1. Information flow up to the Board is critical.
  2. Compliance should be institutionalized in your company as a way of life.
  3. A Board needs to consider all risks.

For more information check out The Compliance Handbook, 3rd edition, available from LexisNexis here.

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program with Boards – Compliance Expertise on the Board

Every Board of Directors needs a true compliance expert sitting at the table. Almost every Board has a former CFO, former head of Internal Audit, or persons with a similar background, and often these are also the Audit Committee members of the Board. Such a background brings a level of sophistication, training, and SME that can help all companies with their financial reporting and other finance-based issues. So why is there, not such compliance SME at the Board level?

This requirement was set out in 2017 in the FCPA Corporate Enforcement Policy, where one of the criteria to be evaluated in a compliance program is “the availability of compliance expertise to the board.” Finally, the 2020 Update to the Evaluation of Corporate Compliance Programs, under the section entitled Oversight, posed the following questions What compliance expertise has been available on the Board of Directors?

The DOJ and Securities and Exchange Commission introduced this concept to the FCPA Resource Guide, 2nd edition. It means that when your company is evaluated by the DOJ, under the factors set out in the 2020 Update and the FCPA Corporate Enforcement Policy, to retrospectively determine if your company had a best practices compliance program in place at the time of any violation, you need to have not only the structure of the Board-level Compliance Committee but also the specific SME on the Board and on that committee.

Three key takeaways:

  1. Boards must have compliance expertise.
  2. Government regulators and shareholder groups have both called for greater compliance expertise on the Board.
  3. Compliance expertise at the Board works up and down as such expertise can be a resource to both the CCO and Compliance Department.

For more information check out The Compliance Handbook, 3rd edition, available from LexisNexis here.