Tag: compliance

Categories
Blog

Woodstock and Redesigning Work

On this date in 1969, one of the all-time events in music history, the Woodstock Music & Art Fair, drew to a close after three days of peace, love and rock ‘n’ roll in upstate New York. According to This Day in History, the promoters sold “about 186,000 tickets and expected no more than 200,000 people to show up. Close to half a million people attended Woodstock, jamming the roads around Bethel with eight miles of traffic.” Woodstock certainly brought a new way of thinking about such events. I thought it was a good way to introduce today’s topic of thinking through a different way to redesign your compliance program based on an article in MIT Sloan Management, entitled The Four-Step Process for Redesigning Work by Lynda Gratton. Gratton believes that a “fear of failure weighs heavily on many leaders tasked with managing new workplace expectations. Seeing the challenge as a process is the way forward.” Her piece provides a great way to think about the decision on hybrid or other models of working going forward.

Moreover, this fear is disrupting other areas which demand corporate attention right now and  “has left leaders hypersensitive to issues of retention and unsure what accommodations, if any, will attract and keep talent. They are also apprehensive about what their competitors are doing. This has a ripple effect: Because of the fear of failure, I’ve seen leaders begin to stumble on issues of inclusion, belonging, and identity. Rather than being bold and adopting an experimental mindset, they are falling back to familiar ways of operating and becoming less empathic to what others want. When we fear failure, we retreat to the known.” I would only add the same is true for the corporate compliance function.

Gratton believes all of this means “the way organizations work is in need of a structural overhaul, and that the task of moving forward needs to be worked out by more people than just an organization’s top leadership. Leaders who have confronted their fears and set about this task of overhaul have done it by moving through four crucial steps: understanding people, networks, and jobs; reimagining how work gets done; modeling and testing redesign ideas against core principles; and ensuring the overhaul sticks by taking action widely.” I have adapted her work for the compliance professional.

Understand What Matters

Probably the top fear or concern is the decision to work from home or require workers to return to the office. But the key is “to understand with precision what matters: for example, where and how productive work takes place, what people want, and how knowledge flows.” For instance, being in the office can allow more productivity in crucial tasks particularly around individual thinking, analyzing, and writing. It turned out that for these people, being out of a busy office during lockdown was a plus.

But that is not the only equation as “work, people, and knowledge flow differ across companies.” As Gratton noted from one study participant, “Bringing ideas from across all our disciplines is crucial for us. In the office, we have engineers, designers, planners, technical specialists, and consultants. We want them to talk to each other and bounce ideas off each other.” This leadership clarity allows that “an office-based way of working would maximize highly valued cooperative behavior.”

Reimagine new ways of operating

Understanding the focus of your compliance team can be a key driver of productivity but it can also lessen “fears about pushing for an office-based way of working and enabled them to be imaginative and bold.” For instance, you might try to create opportunities for some employees to work anywhere for three months. Once again this might not work for all companies but if your compliance tasks can lend themselves to this approach it could be useful for you to consider it going forward.

The author reported, “Unilever reimagined the employee contract — the set of promises that employers make to their people.” To that end, “the conglomerate reimagined how to enable employees to work for Unilever while also engaging in other activities such as starting a business, traveling, or caring for a family member. In this model, called U-Work, some employees receive a monthly retainer and earn assignment pay. Importantly, they also get pension support and access to health insurance.” This allows flexibility “between being a full-time employee and being a contractor or agency worker from a third-party organization.”

Model and test new ways of working

Obviously, any model work should be aligned to the company’s purpose or business strategy. Unfortunately for many top-down run businesses, that means treating your employees like children. But if you succeeded during the pandemic (and you had to) you should be able to determine a hybrid way of working that could have a longer-term play.

For compliance that might mean a fuller determination of what being “customer-centric means and how hybrid work would have to align to changing customer needs.” Of course, for a compliance professional, your customer could be a variety of stakeholders such as employees, Supply Chain vendors or other third parties. The author’s overall point is to “be bold and courageous in your attend… in the spirit of being experimental.”

Act and create

A clear concern is that new models of work may end up becoming fads that are never really embedded into the culture of the company or will be discarded at the first sign of a recession or cost cutting. While senior leadership is critical in supporting such initiatives, Gratton identified four ways to deepen engagement and support throughout an organization for such a change.

  1. Managers must be engaged. A series of workshops with them helped create a managerial playbook.
  2. Communication to describe how these new work models would positively impact talent attraction and retention while supporting the strategic aim of the business.
  3. Managers should have open and active communications channels with their teams to make agreements on details such as when employees would work together in the office and when they would engage in focused work at home.
  4. Managers should support each other through peer networks to support and learn from each other.

Gratton ended her piece by challenging leaders to ask themselves three questions: “Where are you now on the journey of redesigning work? Are there steps you need to reengage with in a more purposeful manner? And are you clear about what your biggest priorities are? The actions you take now will create your signature model of work and define the deal that you are making with your employees and your customers.” The same is even more so for a Chief Compliance Officer (CCO) and corporate compliance function.

Categories
Great Women in Compliance

Deb Barrett – On Top of Her Game

Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley.

Deb Barrett is Chief Compliance Officer of Qualcomm.  She shares some insights of what it was like being in a company that has undergone some regulatory scrutiny.  She and Mary Shirley discuss some ways to combat Compliance fatigue – important for any company with a robust Compliance program to consider but particularly ones that have prioritized Compliance initiatives for a period of years.  The episode is rich with takeaways and ideas, including Deb’s thoughts on Compliance KPIs.

 Are you planning on heading to the SCCE CEI in Phoenix in October?  Check out Lisa and Mary’s speaking sessions on the agenda and sign up!  We invite you to say hello and introduce yourself during the conference – it’s going to be a great time.

 The Great Women in Compliance Podcast is on the Compliance Podcast Network with a selection of other Compliance related offerings to listen in to.  If you are enjoying this episode, please rate it on your preferred podcast player to help other likeminded Ethics and Compliance professionals find it.  If you have a moment to leave a review at the same time, Mary and Lisa would be so grateful.  You can also find the GWIC podcast on Corporate Compliance Insights where Lisa and Mary have a landing page with additional information about them and the story of the podcast.  Corporate Compliance Insights is a much appreciated sponsor and supporter of GWIC, including affiliate organization CCI Press publishing the related book; “Sending the Elevator Back Down, What We’ve Learned from Great Women in Compliance” (CCI Press, 2020). If you enjoyed the book, the GWIC team would be very grateful if you would consider rating it on Goodreads and Amazon and leaving a short review.

You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it and we welcome new subscribers to our podcast.

Join the Great Women in Compliance community on LinkedIn here.

Categories
Compliance Into the Weeds

CFPB on Data Protection Minimums

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, we explore the recent CFPB circular which noted a company’s failure to implement adequate data protection measures can qualify as an unfair practice prohibited under the Consumer Financial Protection Act.  Highlights include:

·      The CFPB is going to start bringing charges against more companies for sloppy data protection programs.

·      Three Key data protection security controls.

·      Why CISOs and IT needs to talk to compliance.

·      The role of auditing and monitoring.

·      How and where to get started.

Resources

Matt in Radical Compliance

Categories
GalloCast

Gallocast – Episode 3

Welcome to the GalloCast. You have heard of the Manningcast in football. Now we have the GalloCast in compliance. The two top brothers in compliance, Nick and Gio Gallo, come together for a free-form exploration of compliance topics. It is a great insight on compliance brought to you by the co-CEOs of ComplianceLine. Fun, witty, and insightful with a dash of the two brothers throughout. It’s like listening to the Brothers Gallo talk compliance at the dinner table. Hosted by Tom Fox, the Voice of Compliance. Topics in this episode include:

  • Deshaun Watson appeal.
  • CCO certification. What is a ‘reasonably designed’ compliance program?
  • Documentation and Exceptions.
  • How does transparency help in employee recruitment and retention?
  • Cost of not listening to internal whistleblowers. What are the total costs beyond the fine and penalty?
  • How should compliance officers think about doing business in Taiwan with the increased tensions with China?
  • Why is climate risk a compliance issue?
  • What’s upcoming for the EthicsVerse?

Resources

Nick Gallo on LinkedIn

Gio Gallo on LinkedIn

ComplianceLine

Categories
FCPA Compliance Report

Ty Francis on Assessing Corporate Culture: A Practical Guide to Improving Board Oversight

In this episode of the FCPA Compliance Report, I am joined by Ty Francis, Chief Advisory Officer at LRN. We dive deeply into a recently released LNR/Tapestry Networks Report on Assessing Corporate Culture: A Practical Guide to Improving Board Oversight. Some of the highlights include:

  1. The genesis of this report.
  2. How does the Report serve as a roadmap to a clearer picture of the company’s ethical culture?
  3. How can the Report help determine how to improve culture throughout the enterprise?
  4. Who should a Board collaborate with, and how?
  5. How does the work LRN conducts help organizations foster more effective collaborative cultures?
  6. How do you prioritize culture on the board agenda?
  7. What is the challenge to the board’s culture?
  8. How does a Board measure and monitor?
  9. How does a Board articulate the desired culture?
  10.  How can a Board establish clear communication?

Resources

Ty Francis on LinkedIn

LRN

Assessing Corporate Culture: A Practical Guide to Improving Board Oversight

Tapestry Networks

Categories
Sunday Book Review

August 14, 2022 the Culture edition

In today’s edition of Sunday Book Review:

The Advantage: Why Organizational Health Trumps Everything Else in Business by Patrick Lencioni

Culture by Design: How to Build a High-Performing Culture, Even in the New Remote Work Environment by David J. Friedman

The Culture Code: The Secrets of Highly Successful Groups by Daniel Coyle

Organizational Culture and Leadership by Edgar H. Schein with Peter Schein

Winning Behavior: What the Smartest, Most Successful Companies Do Differently by Terry R. Bacon and David G. Pugh

Resource

5 Top Books on Corporate Culture

Categories
Innovation in Compliance

Passionate About AML with Simon Winchester

 

Simon Winchester is the Vice President of Advanced Technologies at Jumio Corporation. His responsibilities entail building the go-to-market strategies for newly acquired technologies within Jumio and then driving the adoption on a global scale. One of the company’s most recent additions is its AML (anti-money laundering) solutions. Tom Fox welcomes him to this week’s show to talk about current world events and the company’s AML solution. 

 

 

Money Laundering in 2022

Tom asks Simon if money laundering schemes have become more ubiquitous since the Russian invasion of Ukraine. Simon replies that the recent events certainly had an impact. He says that money laundering is “criminals taking illicitly-gained funds and then turning them into legitimate cash or assets which are ideally free of suspicion.” At the core of this criminal process are three themes: placement, layering, and integration. Due to the digital environment we live in today, more people from all demographics are comfortable with digital banking, and criminals now find it easier to launder money, which makes it more difficult to detect. Fortunately, Jumio works hard to provide AML solutions and offer more effective compliance programs. 

 

Key AML Regulations

Tom asks Simon what are some of the key AML regulations that Jumio advises clients on. It mostly depends on where your organization is located in the world, as local enforcement bodies drive AML regulations, Simon responds. These regulations will take a cue from international standards set by the Financial Action Task Force, which functions as a “global AML watchdog”. In the UK, the EU AML directives shape policy and provide guidance. Recently, they brought a new directive into effect which “increased the frequency of regulatory updates to the KYC and AML legislation, and brought a strict obligation to industries that were not previously subjected to severe AML protocol,” Simon tells Tom. 

 

Playing Catch-Up With Money Launderers

Tom asks Simon what Jumio sees as the key components of a successful AML program. Ideally, a company providing AML solutions should have a well-defined plan, Simon says. However, that is not feasible given the current climate. The components of a successful AML program, Simon says, include three steps: 

  • A dedicated compliance officer who is tasked with creating, monitoring and reviewing the compliance program, and staff training. 
  • A written risk-based compliance program with comprehensive AML policies and procedures that are documented. This approach identifies and protects your business from financial crime and includes having the technology in place to support that framework. 
  • An appropriate customer due diligence process, which means vetting your clients to avoid financial crimes. 

 

The Role of a CCO in AML Solutions

Simon believes that “Chief Compliance Officers are the catalyst for the growth and innovation”. He acknowledges how CCOs often get the raw end of the deal and their role in the organization must be scrutinized and changed. With the right AML technologies, compliance team, and effective AML program, a CCO and their team can drive shareholder value through organizational growth. 

 

Resources

Simon Winchester | LinkedIn 

Jumio Corporate | Website | LinkedIn | Twitter 

 

Categories
Blog

Principals of Effective Organizations: Part 1 – David McCullough and the CCO

Last week we lost Vin Scully, this week we lost David McCullough. McCullough was one of America’s greatest living historians. He worked in a variety of formats, including non-fiction books, television and movies. He was a great writer, winning numerous national awards for his books. According to his New York Times (NYT) obituary, “McCullough won Pulitzer Prizes for two presidential biographies, “Truman” (1992) and “John Adams” (2001). He received National Book Awards for “The Path Between the Seas: The Creation of the Panama Canal” (1977) and “Mornings on Horseback” (1981), about the young Theodore Roosevelt and his family.”

Many others knew him from his television work, most notably on Ken Burns The Civil War, and as the host of the American Experience. Not exactly John Facenda-like (i.e., the Voice of God) but as Gary North said, “not imperious, yet not exactly soothing, either — comes on, and we become more calm.” He also noted, “Incredibly, you don’t want him to shut up.” I heartily agree and could have listened to McCullough read the phone book (when there was such a thing).

As for my favorite books, probably No. 1 is The Path Between the Seas. Book about places are a notoriously tricky thing but it was great history, wrapped in a great biography all the while telling a great story. My co-favorite (1A) was his biography John Adams, first and foremost because of the love story between Adams and his wife Abagail, who was truly his partner in his entire life’s work. It also set a standard for telling the story of how Founding Fathers created a new nation in the midst of a bitter war.

I thought McCullough was a good introduction to start a two-part series on business approaches to create an effective compliance. I recently saw an article in the Harvard Business Review (HBR), entitled 10 Principles of Effective Organizations, by Michael O’Malley which also intrigued me about this topic. The effectiveness of a compliance program is an ongoing dialogue but what business strategies can you use to do so. Chief Compliance Officers (CCOs) are good at using the Hallmarks of an Effective Compliance Program, as delineated in the FCPA Resource Guide 2nd edition, as a guide but in this article, the author articulates a set of criteria and goals to meet to maintain the ability of companies to compete and grow. He identifies 10 research-backed principles from the field of organization development to guide companies and I have adapted them for the compliance professional. Today we take up his first five and we conclude tomorrow with his final five.

Encourage cooperation

The central objective of every compliance program is to achieve a cooperative ethical order in an organization to do business ethically and in compliance. From the organizational behavioral perspective, this means removing “divergent motives and antagonistic goals” in an organization.  While getting everyone to row in the same direction is one part, the second part is to keep some group of employees, a business unit or geo-region, from breaking off and taking a short cut in your risk management protocol.

This means you as CCO need to channel your inner Russ Berland and buy lots of pizza for the business unit folks or others in the organization to create “strong social bonds among employees” that will drive all employees to do business in such a desired manner. The author notes, “They are affective bridges back to the organization that positively build relationships and influence performance.” That is certainly a key for every CCO and compliance professional.

Organize for Change

Many “once-great companies have found their final resting places in an expansive graveyard of slow-movers and has-beens. These companies failed because they were unable to adapt to changing conditions and succumbed to capitalism’s unapologetic truth that only the fittest will survive.” Now think about that intonation in the context of 2 years of a pandemic and the Russian invasion of Ukraine and its impact on business on a worldwide basis. Just as business has been buffeted by these winds, so has the compliance profession and its need to respond.

In effective compliance programs, CCOs “upend paralysis by generating a consensus of meaning and action. They build the case for change, create a positive mindset for change, convince others of the value and legitimacy of the change efforts, and battle against systemic forces of institutional inertia that lock companies into their current, misguided trajectories.” This is only truer in 2022 for the reasons I noted above. What the author said about companies applies to compliance even more, “Confidence, conviction, and courage are helpful companions in this journey, as not all change is readily apparent and must be made before there is an evident need for it and the window of opportunity has closed.”

Anticipate the Future

This is something I have talked more and more about, as the “preservation of an organization­ depends on its leaders having the navigational judgment and skill to prepare their companies for what lies ahead.” Once again this is even more so for the compliance function. The author noted that the “short term is undertaken with greater certainty of outcomes. The short term can be very rewarding. The short term provides executives with the continuing authority to lead by demonstrating their effectiveness in producing results.” Yet as we begin to plan towards mid-century, CCOs “must be able to look past nearby obstructions to see clearly what lies beyond.”

Part of that is anticipating your organizations needs both on the sales side and in the Supply Chain. Part of that is having resiliency built into your compliance program so that if China invades Taiwan, you will be able to respond to the inevitable changing landscape. Another part is technology or ComTech. A CCO needs to have tech savvy “people who collectively challenge the assumptions on which their current actions are based in order to imagine other possibilities. As Thomas Kuhn maintained, if your conception of the world is that it is flat, you will see things one way; if your conception is that it is round, you will see things in quite other ways. But you cannot see the implications of roundness until you suspend belief in flatness.”

Remain Flexible

Compliance must be at once disciplined, resilient and flexible, “reacting to the unexpected during turbulent times and flexibly bending when rushes of demand are placed on” it, then bounce back into shape “once the need for transformation has passed.” This can largely be achieved through improved use of ComTech and by aligning that tech to meet new challenges. Here the author also speaks to the need of “a simple creative additive of divergent thinking.” What you may not need on your compliance team is another lawyer but a data scientist, behavioral psychologist or a training expert. Compliance is changing and as a CCO you need to be ready to embrace the change to deliver the top compliance services to your customer, your company employees.

Create Distinctive Spaces

Interestingly, coming out of a two-year (and still ongoing) pandemic, the author believes there is  a “link between the quality of a work environment and employees’ health, satisfaction, and performance.” This means if you are going to require your compliance team back in the office, the “basic dimensions of environmental indoor quality such thermal comfort, air quality, lighting, acoustic quality, and the ergonomic features of furnishings positively relate to enhanced performance.” Not only will it make your compliance team more effective, but it will also help in the competition for talent acquisition and retention.

Join us tomorrow where we conclude our review and note that Grease is the word.

Categories
Greetings and Felicitations

Winnie the Pooh Explains Compliance: Part 5 – Winnie the Pooh as CECO (Think, Think, Think)

This week I have explored compliance through a five-part podcast series, as seen through the lens of Winnie the Pooh and the characters living in the Hundred Acre Woods. I want to conclude my series by looking at Winnie the Pooh himself through the lens of the Chief Ethics and Compliance Officer (CECO).

Pooh may be a bit naive and slow-witted, but he is also friendly, thoughtful and steadfast. Although he and his friends agree that he is “a bear of very little brain”, Pooh is occasionally acknowledged to have a clever idea, usually driven by common sense. Pooh is also a talented poet; his poems and “hums frequently punctuate the stories”. Although he is humble about his slow-wittedness, he is comfortable with his creative gifts. When Owl’s house blows down in a windstorm, trapping Pooh, Piglet and Owl inside, Pooh encourages Piglet (the only one small enough to do so) to escape and rescue them all by promising that “a respectful Pooh song” will be written about Piglet’s feat. Later, Pooh muses about the creative process as he composes the song.

Pooh is very social. Christopher Robin is his closest friend, Piglet, and often chooses to spend his time with one or both of them. But he also habitually visits the other animals, often looking for a snack or an audience for his poetry as much as for companionship. His kind-heartedness means he goes out of his way to be friendly to Eeyore, visiting him, bringing him a birthday present, and building him a house, despite receiving mostly disdain from Eeyore.

We need to recall that the DOJ started from the position that the role of compliance and ethics in an organization was co-equal. Winnie the Pooh reminds us of that foundational building block. Pooh also reminds us that a CECO is a social animal. Just as he is friends with all the animals and characters we have visited this week, you as a compliance professional should make friends with all the corporate functions they represented this week: sales, HR, finance and legal. If you find you run out of hunny to pass around, you can always resort to the Russ Berland strategy of pizza.

Even though this is the final offering in this week’s blog post on Compliance in the Hundred Acre Woods, do not feel blue. We will have another week of Pooh later this summer for more compliance lessons. And if you do feel blue in the interim, check out this YouTube clip of the Pooh theme song. And always remember, when all else fails;

“Think, Think, Think”

Categories
Greetings and Felicitations

Winnie the Pooh Explains Compliance: Part 4 – Piglet and Finance

This week I am exploring a five-part series on compliance as seen through the lens of Winnie the Pooh and the characters who live in the Hundred Acre Woods. Today I discuss Pooh’s best friend, Piglet, and use Piglet to consider the role of finance in a compliance program.

Piglet has some great adventures (or sometimes misadventures), such as giving Eeyore a birthday balloon that pops or getting lost in the Hundred Acre Wood mist and helping to rescue Pooh and Owl after they are trapped in Owl’s fallen house. My favorite Piglet tale is when Eeyore mistakenly offers Piglet’s house as a new home for Owl after his house has blown down. Piglet nobly agrees to let Owl have the house, at which point Pooh asks Piglet to live with him, and Piglet accepts. This poignant story shows the true meaning of friendship and any Pooh story I know.

I cannot think of any character more able to illustrate the role of finance in compliance than Piglet. He is obsessed with keeping things neat and tidy and sometimes has an inferiority complex, although his friends think highly of him. Sort of like finance.

Finance has roles in the prevention, detection and remediates prongs of any compliance program. In the prevent prong, this is most particularly true around offshore payments, generally defined as payments made to a location other than the home domicile of the payee or the location where the services were delivered. If a Tunisian agent who performs services in Dubai asks for payment in a location other than Dubai or Tunisia, that will qualify as an offshore payment. If you train people in finance on this issue, they may well pick up the phone and notify compliance when they see a request for payment in a geographic location separate from one of the two standard payment venues. When properly documented, those types of communications demonstrate that your compliance program is operationalized into the fabric of the organization.

The bottom line is that not only can finance be one of the compliance function’s strongest corporate allies but that the role of finance, by its nature, works to operationalize compliance. This is because to implement the appropriate internal controls around compliance, finance must know the specific requirements of compliance know what kinds of issues are likely to come up that might create a risk of bribery and corruption, all leading to an understanding of the appropriate compliance internal controls to implement around payments.

Join me tomorrow when I conclude with Winnie the Pooh and his influence on the Chief Ethics and Compliance Officer (CECO) role.