Tag: compliance

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 14 – The Problem with Facilitation Payments

The original version of the Foreign Corrupt Practices Act (FCPA), enacted in 1977, contained an exception for payments made to non-US officials who performed duties that were “essentially ministerial or clerical”. In 1988 Congress responded by amending the FCPA under the Omnibus Trade and Competitiveness Act to clarify the scope of the FCPA’s prohibitions on bribery, including the scope of permitted facilitation payments. An expanded definition of “routine governmental action” was included in the final version of the bill, reflecting the intent of Congress that the exceptions apply only to the performance of duties listed in the subcategories of the statute and actions of a similar nature. Congress also meant to make clear that “ordinarily and commonly performed actions”, with respect to permits or licenses, would not include those governmental approvals involving an exercise of discretion by a government official where the actions are the functional equivalent of “obtaining or retaining business for, or with, or directing business to, any person.”

Three key takeaways:

  1. Many companies still struggle with facilitation payments.
  2. What are the five listed purposes for facilitation payments?
  3. The facilitation payment exception is narrowly construed by both the courts and the Justice Department.

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
Blog

Leveraging Technology for Culture Monitoring

Welcome to a special five-part blog series on building a stronger culture of compliance, sponsored by Diligent. In this series I will visit with Yvette Hollingsworth-Clark, Viktor Cuijak, Jessica Czeczuga; Michael Parker; and Alexander Cotoia. In this series, we will consider what is culture, how to assess culture, putting together a strategy to manage culture based upon this assessment, the monitoring of that strategy going forward and using information from your monitoring to engage in continuous improvement of your culture.

Many compliance professionals struggle with the ‘softness’ of culture. However, properly viewed culture can be seen as another type of risk for any organization. Viewed through this lens, culture can then be assessed, managed, monitored and improved as any other business risk. This has become even more important since the announcement in October 2021 by Deputy Attorney General Lisa Monaco, that the Department of Justice would assess corporate culture as a part of corporate compliance enforcement action. In this Part 4, we consider review how to monitor your culture risk  strategy for effectiveness with Michael Parker.

Michael Parker is a seasoned compliance professional with extensive experience in cultivating and sustaining a compliance culture within businesses. He asserts that there is no universal approach to establishing a compliance culture, emphasizing the necessity of providing options and guidance to employees, rather than merely imposing rules. Parker underscores the importance of continuous engagement and communication in managing compliance culture risks, and the crucial role of leadership in setting the tone for compliance and fostering an ethical culture throughout the organization. He also acknowledges the significance of incentives in promoting compliance, but stresses that the approach to incentivizing employees should be customized to individual circumstances and should include a clear understanding of the consequences of non-compliance.

Leadership plays a pivotal role in fostering a culture of compliance. Executives must lead by example and embody the organization’s mission and values. As Michael Parker emphasizes, it is not just about telling employees what to do but guiding them towards making the right decisions. Providing options and knowledge is essential, as people may unknowingly make decisions that go against policies or regulations due to a lack of information.

To ensure ongoing engagement, businesses should view compliance as an ongoing process rather than a one-time activity. This approach involves continuous listening and asking for feedback from employees. It is important to provide guidance rather than just guidelines, helping individuals understand the purpose behind compliance policies. By championing the organization’s values and mission, leadership can create a trickle-down effect, encouraging employees to align their actions with the desired culture.

Incentives also play a significant role in promoting compliance. Just as third parties have an incentive to complete certifications and engage in compliance efforts to do business with a company, employees have a vested interest in working for an organization that upholds ethical standards. By aligning incentives with compliance initiatives, businesses can motivate employees to actively participate in maintaining a compliance culture.

Technology can be a valuable tool in monitoring and educating employees about compliance. Micro-learning courses, compliance training videos, quizzes, and surveys can be used to deliver targeted and concise information. Short videos with quizzes can help raise awareness and educate employees on compliance topics. Surveys, when kept short and incentivized, can provide valuable insights into the effectiveness of compliance efforts and help measure the culture of compliance within the organization.

Tracking and storing compliance-related information is essential for transparency and visibility. Utilizing applications with dashboards can help businesses monitor engagement, track completion rates of training videos, and collect survey responses. This data can provide compliance officers with valuable information for ongoing monitoring and identifying areas that require additional training or education.

I believe the key is in viewing culture as a risk and applying risk management principles to assess and monitor compliance efforts. By treating culture as a risk, businesses can assess their compliance risk, identify gaps, and remediate as necessary. This approach allows for a systematic and proactive approach to managing compliance culture.

However, creating and maintaining a compliance culture is not without its challenges. Compliance fatigue can occur if communication and education efforts become overwhelming or burdensome. To combat this, shorter and more interactive methods, such as micro-learning and office hours, can be implemented. These shorter bursts of information align with today’s culture of brief and engaging content, making compliance education more accessible and less burdensome.

In conclusion, creating and maintaining a compliance culture in businesses requires a multifaceted approach. Leadership must champion the organization’s values and mission, while incentives and technology can motivate and educate employees. Viewing culture as a risk and applying risk management principles can help businesses assess and monitor their compliance efforts. By considering the impact on employees and adapting communication and education methods to align with today’s culture, businesses can foster a strong compliance culture that promotes ethical behavior and regulatory adherence.

Join us tomorrow where we explore the continuous improvement of corporate culture.

Tune into Michael Parker on the Diligent podcast series Unlocking Success: The Crucial Role of Culture in a Best Practices Compliance Program.

Categories
Innovation in Compliance

Unlocking Success: The Crucial Role of Culture in Compliance: Part 4 – Michael Parker on Monitoring Culture

Welcome to a special series on building a stronger culture of compliance through targeted and effective training sponsored by Diligent. I will visit with Yvette Hollingsworth-Clark, Viktor Culjak, Jessica Czeczuga, Michael Parker, and Alexander Cotoia in this series. Over this series, we will consider what culture is, how to assess culture, putting together a strategy to manage culture based upon this assessment, monitoring that strategy in the future, and using information from your monitoring to improve your culture continuously. In Part 4, we visit with Michael Parker to discuss a strategy to monitor your culture in the future.

Michael Parker is a seasoned compliance professional with extensive experience cultivating and sustaining a business compliance culture. He does not believe there is a one-stop,  universal approach to establishing a compliance culture, emphasizing the necessity of providing options and guidance to employees rather than merely imposing rules. Michael underscores the importance of continuous engagement and communication in managing compliance culture risks and the crucial role of leadership in setting the tone for compliance and fostering an ethical culture throughout the organization. He also acknowledges the significance of incentives in promoting compliance. Still, he stresses that incentivizing employees should be customized to individual circumstances and include a clear understanding of the consequences of non-compliance. Join Tom Fox and Michael Parker as they delve deeper into how to monitor your compliance program after you have created a culture management strategy in this episode of Unlocking Success: The Crucial Role of Culture in Compliance Best Practices podcast episode.

Key Highlights: 

  • Building a Compliance-Focused Leadership Culture
  • Leveraging Technology for Compliance Monitoring and Training
  • Driving Compliance Culture Through Executive Leadership

Ready for Purpose-Driven Compliance? Diligent equips leaders with the tools to build, monitor, and maintain an open, transparent ethics and compliance culture. For more information and to book a demo, visit Diligent.com.

 Join us tomorrow in our concluding episode, where we continuously consider how to improve culture in the future.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 13 – Policies on Political Contributions

The FCPA states, “The FCPA’s anti-bribery provisions apply to corrupt payments made to (1) “any foreign official”; (2) “any foreign political party or official thereof”; (3) “any candidate for foreign political office”; or (4) any person, while knowing that all or a portion of the payment will be offered, given, or promised to an individual falling within one of these three categories. Although the statute distinguishes between a “foreign official,” “foreign political party or official thereof,” and “candidate for foreign political office,” the term “foreign official” in this guide generally refers to an individual falling within any of these three categories.” Government policies affect the commercial environment. A company is subject to legislation and regulation that affects how it conducts its business and generates value for its investors. Participating in the political process is part of a business strategy to protect a company’s interests.

Most international businesses have strategy to engage in the political process with a view to the long-term interests of the company and to promote and protect its interests. All political contributions and expenditures on behalf of the Company and management reports on these political contributions and expenditures should be reported to the Board of Directors annually. No political contributions may be made or promised unless written pre-approval has been obtained from the corporate compliance function.

Three key takeaways:

  1. Political candidates are covered by the FCPA.
  2. What is the business purpose for the contribution?
  3. Do not make contributions towards candidates who can award your company business.

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 12 – Policies on Charitable Donations

What should your compliance policy and procedures on charitable donations look like? What should you prohibit or even caution against? The starting point is the 2012 FCPA Guidance regarding charitable donations. The information on the red flags from the Opinion Releases and the best practices, as set out in the 2020 FCPA Resource Guide, have been available for some time. From the Schering-Plough and Lilly enforcement actions, your policy should consider the timing of charitable donations to see if they are at or near the time of the awarding of new or continued business. Finally, in managing the relationship, you now need to look at overall increases in sales to determine if they are tied to a pattern of charitable donations. By looking at the timing and quantum of charitable donations, internal audit may be able to ascertain that a spike in sales is tied to corrupt conduct.

Three key takeaways:

1.What are the basic inquiries to make around charitable donations?

2.Use all of the communication tools the DOJ has provided; written guidance, enforcement actions and Opinion Releases to inform your charitable donation policy.

3. Document, Document, and Document the basis of your charitable donations risk assessment.

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
Innovation in Compliance

Unlocking Success: The Crucial Role of Culture in Compliance: Part 3 – Jessica Czeczuga on Creating a Strategy to Manage Culture

Welcome to a special series on building a stronger culture of compliance through targeted and effective training sponsored by Diligent. I will visit with Yvette Hollingsworth-Clark, Viktor Culjak, Jessica Czeczuga, Michael Parker, and Alexander Cotoia. Over this series, we will consider what culture is, how to assess culture, putting together a strategy to manage culture based upon this assessment, monitoring that strategy in the future, and using information from your monitoring to improve your culture continuously. In Part 3, we visit with Jessica Czeczuga on how to develop a strategy to manage your culture risk.

Jessica Czeczuga is a seasoned professional with over two decades of experience in training and development, specializing in areas such as finance, quality, compliance and ethics, leadership, and communication training. Jessica brings a unique perspective to the compliance space, emphasizing the pivotal role of managers in shaping and reinforcing company culture. She believes that managers, the most influential group within an organization, should be adequately trained to align with the desired culture and equipped with the necessary tools to communicate and reinforce cultural values effectively. Jessica also advocates for collaboration between compliance professionals and HR to improve culture, leveraging their counseling skills and creating clear processes for reporting and addressing culture-related issues. Join Tom Fox and Jessica Czeczuga as we dive deeply into this topic in this Unlocking Success: The Crucial Role of Culture podcast episode.

Key Highlights: 

  • The Impact of Managers on Company Culture
  • Collaborative Partnership: HR and Compliance Driving Reporting
  • The Role of Managers in Shaping Culture

Ready for Purpose-Driven Compliance? Diligent equips leaders with the tools to build, monitor, and maintain an open, transparent ethics and compliance culture. For more information and to book a demo, visit Diligent.com.

 Join us tomorrow, where we consider how to monitor culture going forward.

Categories
Innovation in Compliance

Unlocking Success: The Crucial Role of Culture in Compliance: Part 2 – Viktor Culjak on Assessing Culture

Welcome to a special series on building a stronger culture of compliance through targeted and effective training sponsored by Diligent. I will visit with Yvette Hollingsworth-Clark, Viktor Culjak, Jessica Czeczuga, Michael Parker, and Alexander Cotoia in this series. Over this series, we will consider what culture is, how to assess culture, putting together a strategy to manage culture based upon this assessment, monitoring that strategy in the future, and using information from your monitoring to improve your culture continuously. In Part 2, we visit with Viktor Culjak to discuss assessing culture.

Viktor Culjak is a chartered accountant with a strong finance, audit, and risk consulting background. Currently serves as the Director of Customer Success and Services at Diligent. With a decade of experience in the Big Four and a focus on governance, risk, and compliance (GRC) objectives, Viktor firmly believes in assessing and managing organizational culture as a risk factor. He views culture as a dynamic risk that can have significant consequences if not properly managed and advocates for standardized and benchmarked culture assessments to provide valuable insights for risk management. Viktor emphasizes the need for practical guidance on implementation, highlighting the significance of tone at the top and other artifacts such as policies, procedures, and feedback mechanisms in culture assessments. Join Tom Fox and Viktor Culjak as we delve deeper into assessing culture on this episode of the Unlocking Success: The Crucial Role of Culture podcast.

Key Highlights: 

·      Assessing and Auditing Organizational Culture

·      Creating a Culture of Effective Communication

·      Evaluating Culture Alignment for Continuous Improvement

Ready for Purpose-Driven Compliance? Diligent equips leaders with the tools to build, monitor, and maintain an open, transparent ethics and compliance culture.

For more information and to book a demo, visit Diligent.com

 Join us tomorrow, where we consider how to create a culture management strategy.

Categories
Principled Podcast

Season 10 Episode 2 – The Importance of Humanizing Ethics and Compliance Programs

What you’ll learn on this podcast episode

Keeping the focus on the human element of ethics and compliance can help E&C programs move from “cop” to “coach.” But what does that look like in practice? In this episode of the Principled Podcast, host Susan Divers talks about the importance of humanizing ethics and compliance with Adam Balfour, the author of Ethics & Compliance for Humans. Listen in as the two discuss best practices that Adam has used over the course of his E&C career, managing regional and global ethics and compliance programs as well as leading areas of global risk management and privacy. 

Guest: Adam Balfour

Adam Balfour – Grayscale

Adam Balfour is on a mission to help make ethics and compliance more relatable and relevant for his fellow human beings. He likes to design ethics and compliance programs that employees can actually relate to, engage with and find useful. Originally from Scotland, Adam worked for a number of years as an attorney for two international law firms in New York before moving to Nashville, Tennessee to work for Bridgestone. He is an active member in the ethics and compliance community, a co-editor of the “Compliance and Ethics: Ideas & Answers” newsletter together with Joe Murphy, Jeff Kaplan, and Rebecca Walker, and CCEP certified. His first book, Ethics & Compliance for Humans, was published by CCI Press and is available now.    

Host: Susan Divers

Headshot_Susan_Divers_S7E18_Principled_Podcast

Susan Divers is a senior advisor with LRN Corporation. In that capacity, Ms. Divers brings her 30+ years’ accomplishments and experience in the ethics and compliance area to LRN partners and colleagues. This expertise includes building state-of-the-art compliance programs infused with values, designing user-friendly means of engaging and informing employees, fostering an embedded culture of compliance and substantial subject matter expertise in anti-corruption, export controls, sanctions, and other key areas of compliance.

Prior to joining LRN, Mrs. Divers served as AECOM’s Assistant General for Global Ethics & Compliance and Chief Ethics & Compliance Officer. Under her leadership, AECOM’s ethics and compliance program garnered six external awards in recognition of its effectiveness and Mrs. Divers’ thought leadership in the ethics field. In 2011, Mrs. Divers received the AECOM CEO Award of Excellence, which recognized her work in advancing the company’s ethics and compliance program.

Mrs. Divers’ background includes more than thirty years’ experience practicing law in these areas. Before joining AECOM, she worked at SAIC and Lockheed Martin in the international compliance area. Prior to that, she was a partner with the DC office of Sonnenschein, Nath & Rosenthal. She also spent four years in London and is qualified as a Solicitor to the High Court of England and Wales, practicing in the international arena with the law firms of Theodore Goddard & Co. and Herbert Smith & Co. She also served as an attorney in the Office of the Legal Advisor at the Department of State and was a member of the U.S. delegation to the UN working on the first anti-corruption multilateral treaty initiative.

Mrs. Divers is a member of the DC Bar and a graduate of Trinity College, Washington D.C. and of the National Law Center of George Washington University. In 2011, 2012, 2013 and 2014 Ethisphere Magazine listed her as one the “Attorneys Who Matter” in the ethics & compliance area. She is a member of the Advisory Boards of the Rutgers University Center for Ethical Behavior and served as a member of the Board of Directors for the Institute for Practical Training from 2005-2008.

She resides in Northern Virginia and is a frequent speaker, writer and commentator on ethics and compliance topics. Mrs. Divers’ most recent publication is “Balancing Best Practices and Reality in Compliance,” published by Compliance Week in February 2015. In her spare time, she mentors veteran and university students and enjoys outdoor activities.

Categories
Blog

Assessing Organizational Culture

Welcome to a special five-part blog series on building a stronger culture of compliance, sponsored by Diligent. In this series I will visit with Yvette Hollingsworth-Clark, Viktor Cuijak, Jessica Czeczuga; Michael Parker; and Alexander Cotoia. In this series, we will consider what is culture, how to assess culture, putting together a strategy to manage culture based upon this assessment, the monitoring of that strategy going forward and using information from your monitoring to engage in continuous improvement of your culture.

Many compliance professionals struggle with the ‘softness’ of culture. However, properly viewed culture can be seen as another type of risk for any organization. Viewed through this lens, culture can then be assessed, managed, monitored and improved as any other business risk. This has become even more important since the announcement in October 2021 by Deputy Attorney General Lisa Monaco, that the Department of Justice would assess corporate culture as a part of any corporate compliance enforcement action. In this Part 2, consider how to assess your culture with Viktor Cuijak.

Cuijak, a chartered accountant with a strong background in finance, audit, and risk consulting, currently serves as the Director of Customer Success and Services at Diligent. With a decade of experience in the Big Four and a focus on governance, risk, and compliance (GRC) objectives, Cuijak firmly believes in the importance of assessing and managing organizational culture as a risk factor. He views culture as a dynamic risk that can have significant consequences if not properly managed, and advocates for standardized and benchmarked culture assessments to provide valuable insights for risk management. Cuijak emphasizes the need for practical guidance on implementation, highlighting the significance of tone at the top and other artifacts such as policies, procedures, and feedback mechanisms in culture assessments. Crucial Role of Culture podcast.

Assessing and managing organizational culture as a risk factor is a crucial aspect of ensuring the success and sustainability of any organization. A compliance professional can begin by the using existing frameworks like COSO (Committee of Sponsoring Organizations of the Treadway Commission) for guidance in assessing and managing organizational culture. This framework provides principles and guidelines that help organizations understand the key factors that impact culture as a risk factor.

The tone at the top, policies, procedures, and feedback mechanisms were identified as key indicators of an organization’s culture. The tone at the top refers to the leadership’s actions and behaviors, which set the tone for the entire organization. Policies and procedures play a crucial role in shaping the desired culture, but it is not enough to simply have them in place. Actions, communications, and responses must align with the stated culture.

One of the key challenges is the nebulous and intangible nature of culture, which can make it difficult to assess and audit. However, Cuijak emphasized that culture can be thought of as just another risk that organizations need to manage. By asking the question, “What can go wrong?” organizations can identify potential risks and gaps in their culture and take steps to address them.

Standardized evaluation was also discussed as a valuable tool for assessing and benchmarking culture. It provides a common language and framework for managing risks associated with culture. By using evaluation tools, organizations can track their progress and identify areas for growth.

Cuijak also emphasized the importance of considering the impact of culture when making decisions. Culture is not just a checklist exercise, but rather a holistic approach that encompasses actions, communications, and responses. It is not enough to have policies and procedures in place; organizations must demonstrate their culture through their actions and communications.

While frameworks like COSO provide principles and guidance, they may not always provide the specific “how” in assessing and managing culture. This is where organizations need to tailor their approach and consider additional tools and techniques that align with their specific needs and goals.

In conclusion, assessing and managing organizational culture as a risk factor is a complex but essential task for organizations. By using existing frameworks, evaluating key indicators, and considering the impact of culture on decision-making, organizations can identify potential risks, address gaps, and create a culture that supports their overall success and sustainability.

Join us tomorrow where we explore creating a strategy to manage culture risk.

Tune into Viktor Cuijak on the Diligent podcast series Unlocking Success: The Crucial Role of Culture in a Best Practices Compliance Program.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 11 – Charitable Donation Enforcement Actions

When is a rose not a rose? When it is a charitable donation not made for philanthropic purposes and violates the FCPA. This was a feature of the Eli Lilly and Company (Lilly) FCPA enforcement action brought by the SEC in 2012, involving a bribery scheme utilized by Lilly in Poland. The scheme and FCPA violations mirrored an earlier FCPA enforcement action, also brought by the SEC as a civil matter, rather than by the DOJ as a criminal matter, against another U.S. entity Schering-Plough, for making charitable donations in Poland which violated the FCPA. One of the remarkable things about both of these enforcement actions, brought almost eight years apart, was that they involved improper payments to the same Polish charitable foundation to wrongfully influence the same Polish government official to purchase products from both of these companies.

Three key takeaways:

  1. Every compliance practitioner should study both the Lilly and Schering-Plough enforcement actions.
  2. What is the purpose of the charitable entity you are making a donation to?
  3. “Document, Document, and Document” your due diligence around donors.

For more information, check out The Compliance Handbook, 4th edition, here.