Tag: compliance

Categories
Daily Compliance News

Daily Compliance News: October 31, 2024 – The Happy Halloween Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • Sri Lanka to probe corruption in tanker disaster. (Al Jazeera)
  • AstraZeneca China BU President under investigation. (FT)
  • Trafigura faces $1bn hit for corruption in Mongolia. (Bloomberg)
  • Supply Chain woes and compliance. (WSJ)

 

Categories
Blog

It’s The Great Pumpkin Charlie Brown – Lessons in Process Validation Through Continuous Monitoring

Halloween is almost upon us, and we celebrate the greatest Halloween cartoon in the world’s history, “It’s the Great Pumpkin, Charlie Brown,” which premiered in 1966. As usual, the story revolves around the Peanuts gang, who are preparing for Halloween; Linus writes his annual letter to the Great Pumpkin, despite Charlie Brown’s disbelief, Snoopy’s laughter, Patty’s assurance that the Great Pumpkin is a fake, and even his sister Lucy’s violent threat to make her brother stop.

On Halloween night, the gang goes trick-or-treating. On the way, they stop at the pumpkin patch to ridicule Linus, missing the festivities as he has done every year. Undeterred, Linus is convinced that the Great Pumpkin will come, and he even persuades Charlie Brown’s little sister, Sally, to remain with him and wait. At 4:00 AM the following day, Lucy notices Linus is not in his bed. She finds her brother asleep in the pumpkin patch, shivering. She brings him home and puts him to bed. Later, Charlie Brown and Linus are at a rock wall, commiserating about the previous night’s disappointments. Although Charlie Brown attempts to console his friend, admitting he has also done stupid things, Linus angrily vows that the Great Pumpkin will come to the Pumpkin Patch next year.

In corporate compliance, much like in the world of It’s the Great Pumpkin, Charlie Brown, expectations must meet reality. In the compliance world, Linus’s actions might be likened to a company that sets up its processes without validating or monitoring them continuously. Year after year, Linus is let down because he needs to adjust his process or monitor his outcomes in real time. This is where the critical lesson in process validation through continuous monitoring becomes clear: Hope without validation is not a strategy. Let’s dive deeper into the compliance lessons from this Halloween favorite.

The Importance of Process Validation

Linus believes that his sincere faith in the Great Pumpkin will yield results. However, more than faith is needed to cut it in compliance. In the same way, companies may implement policies and procedures they believe will lead to effective compliance, but they need to validate these processes to be sure. Process validation is essential for ensuring that your compliance program operates as intended. From anti-bribery controls to third-party risk management, validating that processes work under real-world conditions ensures you aren’t waiting in a metaphorical pumpkin patch, hoping for good results.

As a compliance professional, you must validate that a process works after designing it, whether it is a transaction monitoring system or a third-party due diligence program. You must validate through testing, audits, and benchmarks to see if it’s achieving your desired outcomes.

The Role of Continuous Monitoring

Linus returns to the same pumpkin patch every year, never adjusting his approach and hoping that next time will be different. This is akin to organizations that implement processes without continuous monitoring—hoping things will change but never keeping a close eye on what’s happening in real-time. In the compliance space, continuous monitoring means maintaining oversight of key processes and using data-driven metrics to spot potential problems before they grow into major risks. Whether monitoring third-party interactions, employee transactions, or internal controls, compliance officers must ensure that data is continuously fed into the system. When a process is off-course, continuous monitoring allows you to catch it early and correct it before it becomes a regulatory issue.

Every compliance professional should understand that continuous monitoring is essential for refining compliance processes. Regularly assess your systems, keep track of anomalies, and make necessary adjustments. It’s about being proactive, not reactive.

Adjusting to Changing Realities

One of the more poignant lessons from It’s the Great Pumpkin, Charlie Brown, is that Linus doesn’t adjust his expectations despite repeated failures. He continues to sit in the pumpkin patch year after year. In compliance, ignoring evidence and sticking to outdated processes can lead to serious issues. Regulations change, risks evolve, and market conditions shift. A process that was valid last year may no longer be effective under new regulations or circumstances. The only way to ensure your compliance program stays relevant is through ongoing adjustments based on continuous feedback.

As the corporate compliance expert, you must ensure that your compliance processes evolve with changing regulatory landscapes. Use the data from continuous monitoring to validate that your program remains robust in real-time conditions.

Clear Communication and Buy-In

Throughout It’s the Great Pumpkin, Charlie Brown, Linus is adamant about the arrival of the Great Pumpkin, but he fails to bring others along with him. His friends and even his sister don’t believe in his mission, leaving him alone in the pumpkin patch.

This illustrates the importance of communication and getting buy-in from your stakeholders in the compliance world. If compliance officers or departments communicate the value of continuous monitoring and validation, the rest of the organization will be engaged and supportive. Building an ethical culture requires alignment across all levels, from senior management to line employees. With it, your compliance efforts may be more cohesive than Linus’s pumpkin patch vigil.

Effective compliance depends on clear communication and organizational buy-in for the compliance professional. Ensure everyone understands the importance of continuous monitoring and how it safeguards the organization.

Linus’s faith in the Great Pumpkin may not pay off in It’s the Great Pumpkin, Charlie Brown, but for compliance professionals, validation and continuous monitoring can deliver real results. Compliance is about something other than waiting in the pumpkin patch, hoping things work out. It’s about ensuring your processes are tested, validated, and continuously monitored to catch risks early and compliance remains proactive rather than reactive.

Moreover, by watching the TV show, reading this blog, and, most importantly, applying these lessons, compliance officers can avoid the fate of Linus, ensuring their processes are strong, dynamic, and capable of delivering the results they need to meet today’s regulatory demands. I hope you can watch It’s the Great Pumpkin, Charlie Brown again this year. I did. When you watch, think about the compliance implications. Will anyone ever set a ‘second set of eyes’ on the Great Pumpkin? If not, will it ever be validated? I hope you will be safe and dry if you are trick-or-treating tonight.

Doug Cornelius Responds:

Are you trying to say that the Great Pumpkin is not real?

Just wait ’til next year, Tom Fox. You’ll see!

Next year, at this same time, I’ll find a pumpkin patch that is really sincere! And I’ll sit in that pumpkin patch until the Great Pumpkin appears. He’ll rise out of that pumpkin patch and fly through the air with his bag of toys.

The Great Pumpkin will appear! And I’ll be waiting for him!

I’ll be there! I’ll sit in that pumpkin patch… and see the Great Pumpkin. Just wait and see, Tom Fox. I’ll see that Great Pumpkin.

I’ll SEE the Great Pumpkin!

You wait, Tom Fox.

Doug Cornelius Responds:

Are you trying to say that the Great Pumpkin is not real?

Just wait ’til next year, Tom Fox. You’ll see!

Next year, at this same time, I’ll find a real sincere pumpkin patch! And I’ll sit in that pumpkin patch until the Great Pumpkin appears. He’ll rise out of that pumpkin patch and fly through the air with his bag of toys.

The Great Pumpkin will appear! And I’ll be waiting for him!

I’ll be there! I’ll sit in that pumpkin patch… and see the Great Pumpkin. Just wait and see, Tom Fox. I’ll see that Great Pumpkin.

I’ll see the Great Pumpkin!

Just wait, Tom Fox.

Categories
Blog

Navigating Compliance in Interesting Times

I once had a boss whose catchphrase was, ‘May you live in interesting times.’ That applied back in the first decade of this century and is even more appropriate now. In a world that often feels like it is constantly shifting beneath our feet, the role of the corporate compliance professional has never been more crucial or challenging. In recent New York City Bar Association Compliance Institute remarks, Principal Associate Deputy Attorney General Marshall Miller offered timely insights on the Department of Justice’s (DOJ) evolving approach to corporate criminal enforcement. His message was that compliance professionals are essential to organizational success, national security, and the broader rule of law.

  • Individual Accountability as the Cornerstone of Corporate Compliance

Miller emphasized that individual accountability remains a primary focus of the DOJ’s corporate criminal enforcement. According to Miller, they are prosecuting individuals at the top or throughout the corporate hierarchy, as it sends a strong message that misconduct is not tolerated and reinforces deterrence across the board.

For compliance officers, this focus on individual accountability reinforces the importance of training and awareness programs that help employees understand the personal stakes of unethical behavior. Compliance programs must communicate that misconduct has consequences for the organization and those directly involved.

This means compliance professionals should regularly update training modules to reinforce the personal consequences of non-compliance. Consider scenarios that show employees how individual misconduct can lead to legal repercussions, strengthening the deterrence message.

  • Transparency and Consistency in Enforcement Policies

One of the most significant updates shared by Miller is the DOJ’s emphasis on clarity, consistency, and predictability across its corporate enforcement policies. In past years, self-reporting or cooperating with investigations was often perceived as a gamble. Today, under new DOJ guidelines, a clear framework outlines expectations, rewards cooperation, and even encourages voluntary self-disclosure of misconduct.

This transparency is a game-changer for compliance professionals, who often need concrete examples and assurances to secure buy-in from executives and board members. Compliance leaders can now present a more straightforward business case for ethical behavior, outlining the risks of non-compliance and the potential benefits of self-disclosure.

Every corporate compliance function should leverage the DOJ’s published guidelines to develop a compliance strategy that aligns with the DOJ’s expectations. Create resources for your leadership team that show the tangible benefits of voluntary self-disclosure, including reduced penalties and favorable resolutions.

  • Empowering Whistleblowers and Enhancing Self-Disclosure Programs

Miller announced the launch of a new two-part DOJ whistleblower program that provides different rules and incentives based on whether the whistleblower was involved in criminal conduct. For those not involved, a DOJ awards program now provides a percentage of forfeited funds to the whistleblower. For those involved, whistleblower non-prosecution agreements are available.

This change holds significant implications for compliance programs. Whistleblower protection and incentive structures must be communicated and properly managed, ensuring employees know their rights and the benefits of reporting unethical behavior. With DOJ’s strong support, compliance leaders can strengthen whistleblower protections and encourage a culture of transparency.

Expanding whistleblower training and reporting channels to reflect the DOJ’s updated stance would be best. Emphasize protection and incentivization and ensure employees understand how these policies can benefit them if they report wrongdoing.

  • The Role of Incentives and Compensation Clawbacks in Compliance

The DOJ’s updated compliance approach emphasizes the role of compensation structures in promoting compliance or enabling unethical behavior. DOJ now evaluates incentive structures as part of every criminal resolution, rewarding companies that utilize clawbacks when executives are involved in misconduct.

For compliance professionals, this focus on compensation is an opportunity to align reward structures with ethical performance. Compliance officers can work with human resources to design and implement compensation plans that deter risky behavior by incorporating elements such as escrow accounts for bonuses and clawback provisions for executives involved in wrongdoing.

This means every corporate compliance function and personnel should collaborate with HR to develop compensation structures that support compliance goals, such as incorporating ethical behavior as a performance metric or establishing escrow accounts that hold bonuses contingent on compliance-related performance.

  • Strengthening Governance Structures for Accountability

Miller’s remarks also underscore the need for solid governance frameworks that prevent misconduct from slipping through the cracks. Accountability measures, from board oversight to compliance committee functions, ensure corporate misconduct is detected early and handled appropriately. He noted that companies with rigorous internal governance structures and compliance frameworks are more likely to avoid criminal charges.

For compliance leaders, this means assessing and strengthening their organization’s governance structures to support effective oversight. It also means advocating for periodic audits, third-party evaluations, and regular reviews of compliance policies to keep governance on track. Conduct a governance review to identify potential gaps in oversight and ensure that compliance officers have the authority to raise concerns without interference. Advocate for regular compliance audits and policy updates to keep pace with regulatory developments.

  • Preparing for Emerging Risks Related to National Security and Technology

Miller highlighted increasing corporate criminal investigations involving national security, particularly in the construction, agriculture, telecommunications, and technology sectors. Fueled by sanctions evasion and emerging technologies like artificial intelligence, national security risks are now a major focal point for the DOJ.

Compliance programs need to reflect this shift. Compliance professionals must prioritize emerging risks, especially cybersecurity, AI, and national security. Integrating these areas into the broader compliance program ensures that companies are prepared for the expanding scope of corporate crime.

You should update risk assessments to include national security risks and develop response plans for data security, sanctions compliance, and AI ethics. Equip your compliance team to monitor these evolving threats through specialized training and cross-functional collaboration.

  • A Call to Compliance Professionals: The Business Case for Compliance

Miller concluded with a direct call to compliance professionals, emphasizing the DOJ’s commitment to empowering compliance leaders to advance corporate ethics and compliance. He stressed the importance of making a compelling business case for compliance, using DOJ’s guidelines to advocate for investment in robust compliance programs.

In today’s regulatory environment, compliance is a strategic advantage, not a cost center. Compliance officers must seize this moment to champion the business case for ethics, highlighting the DOJ’s transparent policies and the tangible benefits of voluntary self-disclosure, cooperation, and strong compliance frameworks.

Position your compliance program as an essential part of your business strategy. Use DOJ’s new approach as a lever to secure greater resources and authority, demonstrating that investing in compliance can directly impact organizational resilience and profitability.

  • Final Thoughts

Principal Associate Deputy Attorney General Marshall Miller’s remarks signal a turning point for compliance professionals, who are no longer seen as gatekeepers but as strategic partners in risk management and national security. With the DOJ’s commitment to transparent enforcement policies, expanded whistleblower incentives, and a stronger emphasis on accountability, compliance officers have a clear mandate to champion ethical business practices.

These changes offer a roadmap for compliance leaders to build stronger programs that protect their organizations and reinforce their role as trusted advisors in corporate governance. By adopting the DOJ’s updated principles, compliance professionals can safeguard their organizations, enhance their credibility, and make a compelling case for a proactive approach to corporate ethics.

In our “interesting times,” compliance is no longer just about rules and regulations. It is about building an integrity culture that benefits the organization and the broader community.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Managing New Risks – Lessons from The Creature from The Black Lagoon

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

How does the discovery of the Creature from the Black Lagoon guide a compliance professional in managing new and emerging risks?

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Branding Lessons for Compliance from Count Dracula

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

How can Count Dracula inform your Compliance Branding? In more ways than you think.

Categories
Innovation in Compliance

Innovation in Compliance: Revolutionizing Compliance: AI’s Role in Shaping The Future of Compliance Financial Institutions

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast.

In this episode, Tom Fox has an enlightening discussion with John Sun, CEO of Spring Labs, sponsor of this podcast, as they delve into the transformative impact of AI on compliance in the financial sector.

John shares his journey from a Chief Risk Officer at Avant to leading Spring Labs, an AI company focused on creating innovative compliance tools for financial institutions. The episode explores the significant gap in existing compliance tools and the company’s contributions to making compliance processes more efficient and adoptable. They cover the challenges faced by compliance professionals in communicating the value of these tools to quantitative-oriented stakeholders and highlight how AI-powered solutions like Zanko ComplianceAssist, Agent Assist, and Customer Assist are enhancing efficiency and accuracy.

Additionally, the conversation touches on how AI is being used to convert unstructured conversational data into actionable insights, leading to better business decisions and process improvements. This episode offers valuable insights for financial institutions aiming to use customer feedback as a strategic resource and emphasizes the growing importance of AI in compliance and data management.

Key Highlights:

  • The Genesis of Spring Labs
  • Strategic Value of Compliance Management
  • Leveraging AI in Compliance
  • Streamlining Customer Service with AI
  • Leveraging Data for Business Efficiency
  • AI’s Role in Structuring Data
  • Future of AI in Compliance

Resources:

John Sun on LinkedIn

Spring Labs

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

Creating, Strengthening, and Maintaining Corporate Culture: Lessons from The Mummy

Ed. Note: This week, leading up to Halloween, I will examine lessons for compliance professionals through the lens of the great Universal Movie Monsters: Frankenstein, Wolfman, Dracula, and The Mummy. Our final offer is Boris Karloff’s original film version of The Mummy. 

===========================================================

In the 1932 classic The Mummy, Boris Karloff’s portrayal of Imhotep reveals a lesson far beyond the supernatural realm: the dangers of neglecting the past and allowing an ancient curse to resurface. The movie’s central theme of resurrection and control reflects what happens in corporate culture when old habits, unaddressed problems, or toxic elements re-emerge due to inattention. Building a strong, resilient corporate culture is crucial for compliance professionals, not unlike guarding against an ancient curse that could unravel the organization.

In her recent speech at the SCCE conference, Nicole Argentieri provided valuable insights into the importance of creating, strengthening, and maintaining corporate culture. Her message was clear: corporate culture is not a static entity. Like Imhotep’s curse, it can decay if not properly maintained, leading to disastrous consequences. The 2024 Evaluation of Corporate Compliance Programs (2024 ECCP) emphasizes the importance of culture in mitigating compliance risks, making it clear that companies must prioritize their corporate ethos as a proactive strategy for risk management.

The Origins of Corporate Culture: Digging into the Foundations

In The Mummy, the archaeological team unknowingly unleashes a destructive force by uncovering and neglecting the historical warning signs of the curse. This is analogous to companies that need more of their corporate culture. Just as the archaeologists ignored the history behind Imhotep’s tomb, companies often overlook the foundational values and behaviors that drive their internal culture.

Argentieri’s speech underscores the importance of understanding where your corporate culture comes from. The 2024 ECCP stresses the need for companies to actively cultivate a culture of compliance, ethics, and integrity. It’s not enough to have values written in a code of conduct—those values must be woven into the company’s fabric, from leadership to the newest employee.

The origins of a corporate culture come directly from leadership. Just as the resurrection of Imhotep was enabled by human error, a toxic or lax corporate culture can take root if leaders do not actively promote ethical behavior. Compliance professionals must work with leadership to ensure the company’s mission, values, and expectations are clearly communicated and consistently upheld. Without this strong foundation, the “mummy” of unethical behavior can quickly rise.

Resurrecting Old Problems: The Danger of Neglect

In The Mummy, Imhotep’s curse returns because it was never truly addressed; it was sealed away but not eradicated. This is a powerful metaphor for what happens in corporate culture when old issues, such as poor leadership behavior, unethical practices, or lack of accountability, are allowed to fester. If left unchecked, these issues can resurface and cause significant harm to the organization.

Argentieri’s speech touched on this very point. Moreover, the 2024 ECCP requires companies to identify and address the risks that could undermine their culture. Compliance professionals must proactively monitor the workplace for signs of cultural erosion. These issues must be confronted head-on, whether lax attitudes toward compliance, a lack of whistleblower protections, or unethical leadership practices.

Regular audits, surveys, and employee feedback mechanisms are critical tools for uncovering hidden problems before they escalate. By monitoring corporate culture at regular intervals, compliance professionals can prevent “mummies” from reawakening and wreaking havoc on the organization.

Leadership: The Keepers of the Tomb

In The Mummy, the characters who succeed are the ones who recognize the danger and take action to stop it. For a company to maintain a strong culture, leadership must play an active role. The tone from the top is crucial in shaping the behavior of the entire organization. Leaders who demonstrate a commitment to compliance and ethical behavior set the standard for others to follow.

Argentieri highlighted the importance of leadership in her speech, noting that the DOJ expects company leadership to be fully engaged in promoting and maintaining a culture of compliance. The 2024 ECCP calls for leadership to demonstrate commitment to compliance in words and actions. This includes regular involvement in compliance activities, support for compliance personnel, and a clear message that ethical behavior is non-negotiable.

Just as the characters in The Mummy had to confront the curse with courage and resolve, corporate leaders must take ownership of the company’s ethical standards. They are the keepers of the tomb, ensuring that the organization’s values and principles are protected from decay.

Strengthening the Culture: Continuous Vigilance

One of the key themes of The Mummy is the importance of vigilance. Imhotep’s return resulted from human negligence—those responsible did not take the necessary precautions to prevent his resurrection. Similarly, a company’s corporate culture can weaken without continuous effort to maintain and strengthen it.

Argentieri’s speech clarified that the DOJ wants companies to maintain their corporate culture proactively. The 2024 ECCP expects companies to actively monitor their culture, assess risks, and adjust their compliance programs as needed. This requires a commitment to continuous improvement, strengthening internal controls, updating policies, and providing regular training to employees at all levels.

A strong compliance program evolves with the organization. Just as archaeologists learn from the past to protect the future, compliance officers must learn from past mistakes and adjust their strategies to prevent future failures. This might mean revisiting training programs, adjusting disciplinary measures, or enhancing whistleblower protections.

Maintaining a Culture of Compliance: The Final Seal

The ending of The Mummy reminds us that threats can be contained, but only with the right tools and vigilance. In the corporate world, maintaining a culture of compliance is an ongoing process. It requires a commitment to ethical behavior, continuous monitoring, and strong leadership. A company’s corporate culture must be seen as a living entity—one that requires nurturing, attention, and protection.

The 2024 ECCP provides clear guidelines for how companies can maintain a strong culture of compliance. It emphasizes clear communication, regular training, and leadership engagement. Compliance professionals ensure these elements are in place, and the culture remains strong even as new risks emerge.

Learning from The Mummy

The Mummy teaches us that neglecting the past can have dangerous consequences; the same is true for corporate culture. If a company fails to build, strengthen, and maintain its culture of compliance, it risks allowing unethical behavior to resurface, potentially leading to disastrous outcomes.

Argentieri’s recent SCCE speech and the 2024 ECCP offer a roadmap for compliance professionals. By focusing on strong leadership, continuous monitoring, and proactive risk management, companies can create a culture that not only withstands the test of time but also thrives in an ever-changing business environment.

The curse of Imhotep may have been fiction, but the risks facing corporate culture are all too real. Compliance professionals must act as guardians, ensuring that their organizations are protected from ethical missteps that can lead to the unearthing of far more dangerous threats.

Categories
Adventures in Compliance

The Casebook of Sherlock Holmes – Investigative Lessons from The Adventure of The Mazarin Stone

In this new season of Adventures in Compliance, host Tom Fox takes a deep dive into the Sherlock Holmes collection The Case-Book of Sherlock Holmes  by Arthur Conan Doyle. It is a final set of twelve Sherlock Holmes short stories by Arthur Conan Doyle, first published in the Strand Magazine between October 1921 and April 1927. In this episode, we consider the story, the Adventure of the Mazarin Stone. In this story, Sherlock Holmes investigates a case involving a master jewel thief and Holmes investigative techniques. This story provides several valuable investigative lessons for the 21st century compliance professional.

Fox explores how the investigative brilliance of Sherlock Holmes can be applied to modern corporate compliance. Fox translates Holmes’ detective methods into valuable compliance strategies. He discusses how creative investigative techniques, effective witness handling, and quick resolution tactics from Holmes’ era can benefit today’s compliance professionals. With reference to the 2024 updates to the DOJ Whistleblower Financial Incentive Program, Fox emphasizes the importance of timely action, collaboration with external authorities, and attention to detail.

Highlights Include:

  • Holmes’ Clever Tactics and the Jewel Thief
  • Internal Investigative Lessons for Compliance Professionals
  • Maintaining Control in Tense Situations
  • Staying Focused on Objectives
  • Gathering Evidence Discreetly
  • Handling Key Witnesses

Resources:

The New Annotated Sherlock Holmes

Sherlock Holmes FAQ by Dave Thompson

For an audio/video version of the Compliance Kids book, Speaking Up is AWESOME, contact Tom Fox. 

Connect with Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
FCPA Compliance Report

FCPA Compliance Report: Navigating Global Compliance and Risk – Lessons from The Pager Attacks

Welcome to the award-winning FCPA Compliance Report, the longest running podcast in compliance. In this edition of the FCPA Compliance Report, Tom Fox visits with Dr. Ian Oxnevad and Chris Mason from Infortal Worldwide about the Israeli attack on Hezbollah through its pagers and explores what all of this means for the compliance professional.

The podcast explores the compliance and supply chain ramifications stemming from pagers licensed by a Taiwanese company to a Hungarian firm which were subsequently used to disrupt Hezbollah’s operations. This incident serves as a springboard for discussing the broader implications for global businesses, emphasizing the essential role of due diligence in complex supply chains. The episode offers insightful commentary on how Hezbollah’s lack of scrutiny over their suppliers led to vulnerabilities that were exploited by Israel, acting as a cautionary tale for organizations everywhere. Key topics include the unexpected ways legitimate companies can be compromised, the pervasive nature of risk management, and the importance of vetting and verifying partners across all industries to maintain business integrity and reputation.

Highlights in this Episode:

  • Attack on Hezbollah
  • Compliance and Supply Chain Issues
  • Payment Anomalies and Red Flags
  • Lessons Learned and Risk Management
  • The Importance of Knowing Your Risk Profile
  • Unintended Consequences and Risk Management
  • Final Thoughts on Supply Chain Vulnerabilities

Resources:

Infortal Worldwide

Dr. Ian Oxnevad on LinkedIn

Chris Mason on LinkedIn

Tom Fox

Instagram

Facebook

YouTube

Twitter

Categories
Blog

Supporting Whistleblowers: Lessons from Lon Chaney’s The Wolfman

Ed. Note: This week, leading up to Halloween, I will examine lessons for compliance professionals through the lens of the great Universal Movie Monsters: Frankenstein, Wolfman, Dracula, and The Mummy. Today, we use Lon Chaney’s original film version of The Wolfman. 

===========================================================

Of all the great Universal movie monsters, my favorite is found in the 1941 film The Wolfman. Lon Chaney’s portrayal of Larry Talbot offers more than just a classic horror story about a man who becomes a werewolf. It’s a tale of isolation, fear, and a struggle for survival in the face of an overwhelming and terrifying transformation. In short, it is the most psychological of all the Universal movie monsters. Much like a corporate whistleblower, Talbot finds himself caught in a situation where the truth is a burden, and no one wants to listen. Instead of being understood and supported, he is feared, rejected, and left to fend for himself.

For compliance professionals, The Wolfman provides a vivid metaphor for the journey of whistleblowers. Whistleblowers often find themselves isolated, facing potential retaliation, and struggling to navigate the consequences of their decision to report wrongdoing. In this post, we’ll explore how to create a culture that encourages whistleblowers to come forward, keeps them informed throughout the process, and protects them from retaliation, all through the lens of The Wolfman. We will also assess the 2024 Evaluation of Corporate Compliance Programs (2024 ECCP) and Nicole Argentieri’s commentary on these issues.

Creating a Safe Space: Encouraging Whistleblowers to Come Forward

In The Wolfman, Larry Talbot is plagued by the knowledge of his transformation, but he finds no one willing to help or believe him. He is trapped in his new reality, just as whistleblowers can feel trapped by the knowledge of corporate misconduct. The first step in supporting whistleblowers is creating an environment where they feel safe and encouraged to speak up.

The 2024 ECCP underscores the importance of building a culture where employees feel empowered to raise concerns without fear. It emphasizes the need for companies to proactively encourage internal reporting mechanisms, making it clear that the company values integrity and transparency. Compliance professionals must ensure that reporting channels are available, actively promoted, and trusted.

In her commentary on the 2024 ECCP, Nicole Argentieri highlights that one key element in encouraging whistleblowers is leadership’s tone from the top. Executives and senior management must demonstrate a commitment to ethical behavior, ensuring that whistleblowing is accepted and valued. Whistleblowers need to know that their reports will be taken seriously and their concerns will be addressed.

Talbot’s cries for help go unheard in The Wolfman, leading to disastrous consequences. In the corporate world, businesses must avoid this fate by ensuring whistleblowers are not ignored or dismissed. The 2024 ECCP recommends that companies provide multiple, accessible channels for reporting, including anonymous options so that employees feel comfortable coming forward regardless of their circumstances.

Transparency Throughout the Process: Keeping Whistleblowers Informed

Just as Larry Talbot struggles with the unknown and is left in the dark about his fate, whistleblowers often find themselves cut off after making a report. They may need clarification about what’s happening with their complaint, whether it’s being investigated, and the next steps. This lack of communication can discourage future whistleblowers and lead to feelings of abandonment.

The 2024 ECCP stresses the importance of maintaining open lines of communication with whistleblowers throughout the investigation process. Once a report has been made, it is critical to keep whistleblowers informed about the status of their complaint. This does not mean sharing sensitive investigation details but providing regular updates so that the whistleblower knows their concerns are being taken seriously.

Argentieri has echoed this sentiment, noting that one of the most common frustrations whistleblowers face is a lack of transparency after they come forward. She argues that compliance teams must ensure whistleblowers are not wondering what will happen next. A well-managed whistleblower program includes clear communication protocols that keep whistleblowers engaged and reassured.

In The Wolfman, Talbot’s inability to find answers drives him to despair. Businesses must avoid this by ensuring whistleblowers feel supported and heard throughout the process. Compliance officers should regularly touch base with whistleblowers, letting them know that their concerns are being addressed, that their identity is being protected and that appropriate actions are being taken.

Protection from Retaliation: Safeguarding Whistleblowers

One of the central themes in The Wolfman is Larry Talbot’s fear of being hunted and rejected. Similarly, whistleblowers often fear retaliation, whether in the form of termination, demotion, or ostracization. Protecting whistleblowers from retaliation is a legal obligation and a moral imperative that helps foster a culture of compliance and trust.

The 2024 ECCP strongly emphasizes retaliation protections. It advises that companies must have robust policies to prevent retaliation and provide clear avenues for whistleblowers to report any retaliatory behavior. This means more than just having a policy on paper—compliance teams must actively enforce these protections and monitor for any signs of retaliation.

Nicole Argentieri has weighed in on this issue, noting that while many companies claim anti-retaliation policies, enforcement can be lacking. She emphasizes the need for companies to create a system of checks and balances to ensure that retaliation does not occur, particularly in the form of subtle, indirect actions that might otherwise go unnoticed. Retaliation doesn’t always come as a formal firing—it can be a change in duties, exclusion from meetings, or a negative shift in workplace relationships.

In The Wolfman, Talbot becomes a hunted figure, chased down by those who fear and misunderstand him. In the corporate world, whistleblowers must never feel like they are being hunted or targeted for their decision to report misconduct. The ECCP advises companies to protect whistleblowers and offer additional support services, such as counseling, if needed, to help them navigate the emotional strain of coming forward.

Building a Culture of Trust and Integrity

The most important lesson from The Wolfman is the need for trust. Larry Talbot finds himself abandoned and isolated because the people around him refuse to trust his warnings. A strong compliance program must avoid this trap by building a culture of trust and integrity. Employees need to believe that they will be treated fairly, protected, and supported if they come forward with a report.

The 2024 ECCP highlights that trust is the foundation of a successful compliance program. Companies must work to build an environment where whistleblowers are seen as vital contributors to the company’s ethical health. This includes recognizing the courage it takes to come forward and offering praise or acknowledgment for whistleblowers who help protect the company from greater risks.

Argentieri has noted that companies should integrate their whistleblower programs into the broader corporate culture, making whistleblowing a routine and accepted part of the business rather than an extraordinary act of bravery. This normalization of whistleblowing helps to remove the stigma and encourages more employees to speak up when they see something wrong.

Creating a Supportive Whistleblower Program

The Wolfman offers us a powerful analogy for the journey of whistleblowers within a company. Like Larry Talbot, whistleblowers often face fear, isolation, and a lack of support. However, the lessons from The Wolfman, coupled with the guidance from the 2024 ECCP and Nicole Argentieri’s commentary, provide a roadmap for how companies can create a more supportive environment for whistleblowers.

Encouraging whistleblowers starts with creating a culture where employees feel safe and empowered to report misconduct. Keeping them informed throughout the process is essential for maintaining their trust and confidence. Finally, protecting whistleblowers from retaliation ensures that they—and others—continue to feel comfortable raising concerns.

By building a robust and transparent whistleblower program, compliance professionals can help their organizations navigate the complexities of corporate risk, protect their employees, and safeguard the company’s reputation. In doing so, they avoid the tragic fate of The Wolfman and create an environment where the truth is not a burden but a pathway to a stronger, more ethical company.

Join us tomorrow for our final consideration of compliance through the classic Universal Movie Monsters lens as we consider corporate culture and Boris Karloff’s version of The Mummy.