Tag: compliance

Categories
Blog

What is Corporate Culture?

Welcome to a special five-part blog series on building a stronger culture of compliance, sponsored by Diligent. In this series I will visit with Yvette Hollingsworth-Clark, Viktor Cuijak, Jessica Czeczuga; Michael Parker; and Alexander Cotoia. In this series, we will consider what is culture, how to assess culture, putting together a strategy to manage culture based upon this assessment, the monitoring of that strategy going forward and using information from your monitoring to engage in continuous improvement of your culture.

Many compliance professionals struggle with the ‘softness’ of culture. However, properly viewed culture can be seen as another type of risk for any organization. Viewed through this lens, culture can then be assessed, managed, monitored and improved as any other business risk. This has become even more important since the announcement in October 2021 by Deputy Attorney General Lisa Monaco, that the Department of Justice would assess corporate culture as a part of any corporate compliance enforcement action. In this Part 1, we ask what is culture with our special guest Yvette Hollingsworth-Clark.

Yvette currently holds the position of Chief Compliance Officer for State Street Corporation  and is on the Board of Directors at Diligent. With a robust background in risk management, Yvette has cultivated a deep understanding of the significance and measurement of corporate culture. She asserts that corporate culture should not be solely managed by the compliance function, but rather owned by the C-suite and executed in various forms. Yvette stressed the need for specific metrics to monitor and promote desired cultural values, such as integrity, and believes that culture can be measured through metrics such as the number of risk decisions overruled, challenged, or implemented correctly. She also highlighted the importance of considering stakeholders such as customers, clients, and third parties when assessing corporate culture.

Yvette emphasized that culture is not solely the responsibility of the compliance function but is owned by the C-suite and executed in various ways throughout the organization. CEOs have a significant role to play in driving corporate culture. They must lead by example, set expectations, and hold managers accountable for adhering to the desired cultural attributes.

One key aspect is the importance of tone from the top. Employees observe the behavior of their senior leaders and often mimic their actions. CEOs need to be conscious of the examples they set, both verbally and through their behavior. Fairness is also crucial in setting the culture of a company. Every decision made by senior leaders, regardless of their position, should demonstrate fairness and align with the desired culture.

The Board of Directors also plays a significant role in shaping and overseeing corporate culture. They need to understand how management defines culture and how ethical issues are managed within the organization. Yvette advises boards to think about the framework of culture more broadly, considering factors such as the company’s reputation to customers and other stakeholders, as well as the employee experience. It is essential to demonstrate how the organization is executing against the cultural attributes that are deemed positive for the company.

Assessing corporate culture is a complex task that requires a balance between art and science. While there are specific metrics that can be used to measure culture, such as risk decisions, policy violations, and disciplinary actions, it is important to anchor the assessment to the specific aspects of culture that are relevant to the organization. Yvette suggests using a suite of metrics that focus on risk excellence and positive indicators of culture, such as employee training, customer treatment, and incident handling.

One must always remember that assessing culture is not a one-size-fits-all approach. It requires organizations to be specific about what their data can answer and what it cannot. A culture assessment is still more of an art than a science, but it is crucial to have a clear understanding of the indicators that align with the organization’s desired culture.

In conclusion, corporate culture is of utmost importance in the financial services industry. It is not only the responsibility of the compliance function but is owned by the C-suite and executed throughout the organization. CEOs must lead by example and set expectations, while the board plays a significant role in shaping and overseeing culture. Assessing culture requires a balance between art and science, with organizations using specific metrics that align with their desired cultural attributes. By prioritizing and measuring culture, financial services organizations can create an environment that promotes ethical behavior, risk excellence, and positive outcomes for all stakeholders.

Join us tomorrow where we explore assessing organizational culture.

Tune into Yvette Hollingsworth-Clark on the Diligent-sponsored podcast series Unlocking Success: The Crucial Role of Culture in a Best Practices Compliance Program.

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Written Standards: Day 10 – Policies and Procedures on Gifts and Business Entertainment

If one were to reflect upon the providing of gifts and business entertainment to foreign governmental officials, one might reasonably conclude that after 40 years of the FCPA, companies might follow its prescriptions regarding gifts and business entertainment. However, there have been some notable FCPA enforcement actions in this area.
The 2012 FCPA Guidance clearly stated the FCPA does not ban gifts and entertainment. Indeed, it specified, “A small gift or token of esteem or gratitude is often an appropriate way for business people to display respect for each other. Some hallmarks of appropriate gift-giving are when the gift is given openly and transparently, properly recorded in the giver’s books and records, provided only to reflect esteem or gratitude, and permitted under local law. Items of nominal value, such as cab fare, reasonable meals and entertainment expenses, or company promotional items, are unlikely to improperly influence an official, and, as a result, are not, without more, items that have resulted in enforcement action by DOJ or SEC.”
These guidelines must be coupled with active training of all personnel, not only on a company’s compliance policy, but also on the corporate and individual consequences that may arise if the FCPA is violated regarding gifts and business entertainment. Lastly, it is imperative that all such gifts and business entertainment be properly recorded, as required by the books and records component of the FCPA.
And, as always, do not forget the gut check test.

Three key takeaways:

  1. Gifts and business entertainment continue to plague companies for compliance violations.
  2. The key is not the amount but of having a policy and procedure and following it.
  3. Always remember to record gifts and business entertainment expenses correctly.

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
Innovation in Compliance

Unlocking Success: The Crucial Role of Culture in Compliance: Part 1 – Yvette Hollingsworth – Clark on What is Culture?

Welcome to a special series on building a stronger culture of compliance through targeted and effective training sponsored by Diligent. I will visit with Yvette Hollingsworth-Clark, Viktor Culjak, Jessica Czeczuga, Michael Parker, and Alexander Cotoia in this series. Over this series, we will consider what culture is, how to assess culture, putting together a strategy to manage culture based upon this assessment, monitoring that strategy in the future, and using information from your monitoring to improve your culture continuously. In Part 1, we ask what culture is with our special guest, Yvette Hollingsworth-Clark.

Yvette Hollingsworth-Clark, a seasoned professional in the financial services industry, currently holds the position of Chief Compliance Officer for State Street Corporation. With a robust background in risk management, Yvette has cultivated a deep understanding of the significance and measurement of corporate culture in the financial sector. She asserts that corporate culture should not be solely managed by the compliance function but rather owned by the C-suite and executed in various forms. Yvette emphasizes the need for specific metrics to monitor and promote desired cultural values, such as integrity. She believes culture can be measured through metrics such as the number of risk decisions overruled, challenged, or implemented correctly. She also highlights the importance of considering stakeholders such as customers, clients, and third parties when assessing corporate culture. Join Tom Fox and Yvette Hollingsworth-Clark on this episode to delve deeper into this topic.

Key Highlights:

  • Measuring and Managing Corporate Culture in Finance
  • Shaping Corporate Culture: Board’s Key Role
  • The Nuances of Assessing Organizational Culture

Ready for Purpose-Driven Compliance? Diligent equips leaders with the tools to build, monitor, and maintain an open, transparent ethics and compliance culture. For more information and to book a demo, visit Diligent.com

Join us tomorrow, where we consider how to assess your culture.

Categories
FCPA Compliance Report

FCPA Compliance Report – Carlos Villagrán Muñoz on Implementing Effective Compliance Programs in Latin America

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, Tom Fox welcomes Carlos Villagrán Muñoz, Chief Compliance Officer at CMPC in Chile. We discuss operationalizing compliance at CMPC and in Latin America.

Carlos Villagrán Muñoz is a seasoned Chilean attorney with considerable experience in implementing and advancing compliance programs in Latin America. His perspective on the subject is shaped by his extensive experience and understanding of the unique challenges in the region. Carlos identifies two major hurdles in implementing effective compliance programs in Latin America: the need to tailor programs to both global and local contexts due to cultural nuances and differing perceptions of corruption and the pressing issue of money laundering, fueled by illegal activities such as corruption, drug trafficking, and human trafficking. He believes that Latin America lags in anti-money laundering efforts, which are crucial in combating corruption, and advocates for compliance programs that address these issues while considering cultural differences. Join Tom Fox and Carlos Villagrán Muñoz as they delve deeper into these topics and more in this episode of the FCPA Compliance Report podcast.

 Key Highlights

·      CMPC’s Compliance Program Addressing Antitrust Infringement

·      Navigating Cultural Nuances and Money Laundering: Compliance Challenges in Latin America

·      CMPC’s Comprehensive Compliance Training Program

·      The Rise of Technologically Savvy Compliance Experts in Chile

·      Dynamic Networking Opportunities for Compliance Professionals

Resources

Carlos Villagrán Muñoz on LinkedIn

The FinCEN Report Company

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Data Driven Compliance

The Uses of Data Driven Compliance: Part 5 – Compliance Successes Using Data Driven Compliance

Welcome to Data Driven Compliance. In this podcast, we discuss how to use data to improve and enhance the effectiveness of your compliance program, creating greater business efficiency, all leading to more return on investment for your compliance regime. Join host Tom Fox as he explores how data will drive your compliance program to the next level. This podcast is sponsored by KonaAI.

I recently had the opportunity to visit with Vince Walden, founder and CEO of KonaAI, for a podcast series on the uses of data driven compliance. Over these five podcasts, we have discussed generative AI and ChatGPT in compliance, the profiles of a corrupt payment, making the business case for data-driven compliance, what to ask for and how to ask for it, and some success stories. In this concluding Part 5, we will look at some compliance successes using a data driven approach.

In the world of business, compliance is a critical aspect that ensures organizations adhere to legal and ethical standards. Compliance not only helps companies avoid legal troubles but also plays a significant role in improving business efficiency and profitability. In this episode, Tom and Vince considered the advanced compliance tools for fraud detection and cost savings. Our discussion entailed a comprehensive analysis of the key factors that impact advanced compliance tools for fraud detection and cost savings, exploring the tradeoffs involved, the challenges faced, and the importance of considering the impact on decision-making.

Key Highlights:

  • Invoice Price Discrepancy Detection and Recovery
  • Compliance-driven Efficiency through Fraud Risk Analysis
  • Shifting Travel Expenses for Manufacturing Observations
  • Integrating Multiple Data Sources for Fraud Detection

Resources:

Connect with Vince Walden on LinkedIn

Check out Kona AI

Connect with Tom Fox on LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 9 – Dynamic Compliance Policies

One of the key changes coming out of the Covid-19 pandemic is the need for dynamism on corporate policies. This message was driven home in a  MIT Sloan Management Review article,“Turbulent Times Demand Dynamic Rules”. The authors believe, “Circumstances can change rapidly in an uncertain world — organizational rules should be designed to change along with them.”

This concept is most appropriate in the compliance arena in the area of risk management. As your risks change, your management of those risks should adapt to the new reality. This is why the DOJ intoned in the 2023 Evaluation of Corporate Compliance Programs (ECCP) that you should assess your risks as they change, modify your risk protocols, monitor your risk management strategy and then update your compliance programs through continuous monitoring.

This dynamic policy process can build dynamic rules to enhance your company’s ability to anticipate and cope with risk changes. When the corporate compliance function embraces experimentation and learning in the creation and reformulation of policies, it builds flexibility into the organization’s structure, processes, and practices. This type of flexibility is essential as we have moved from disaster recovery to business resiliency to business as usual, especially in the field of risk management.

Three key takeaways:

1. After Covid-19, your policies must be as dynamic as your business.

2. There are three general areas to improve the dynamic features of policy creation and improvement; transparency, experimentation and innovation.

3. Garner feedback from your users on the effectiveness of your compliance policies.

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
Blog

Geopolitical Risks and Business Opportunities: Part 5- Doing Business With and In China

I recently had the opportunity to visit with Dr. Ian Oxnevad, Director of Geopolitical Risk intelligence at Infortal Worldwide. This visit was for a podcast series, sponsored by Infortal Worldwide entitled Global Risk Review. Dr. Oxnevad is a seasoned expert in geopolitical risk intelligence, with a PhD in political science and a master’s degree in National Security Studies. In this concluding blog post we look at risks in doing business in China. In this concluding blog post 5, we consider the risks and opportunities for US companies continued business with and in the country of China.

Oxnevad’s perspective on US companies considering leaving China is rooted in his understanding of the potential challenges they face, including political instability and property confiscation. He strongly advises companies to expedite the process of moving their assets out of China, citing the high risks involved, especially in the event of a war. Oxnevad suggests alternatives such as nearshoring or reshoring to safer locations like the United States, and also highlights India as a potential investment destination due to its large domestic market and lack of political issues with the US.

In recent years, China’s strict COVID-19 response and aggressive foreign policy have created political challenges and global inflation. These factors have prompted US companies to consider moving their operations away from China. Smaller Asia-Pacific countries, caught in the crossfire of geopolitical risks, lack the economic stability and military capacity to handle potential conflicts. As a result, India is emerging as a more stable option due to its democratic governance and institutional safeguards. However, Pakistan, with its history of authoritarian rule, security risks, and close ties with China, presents a unique and complex business landscape.

China’s foreign policy has become increasingly aggressive, despite its internal issues with state-owned enterprise debt and lingering resentment over COVID-19. This aggressive stance has raised concerns among American companies and others, leading them to explore options for decoupling from China. The potential risks of war and the resulting instability have become a significant factor in their decision-making process. Companies are now considering near-shoring, ally-shoring, or reshoring their operations to minimize their exposure to China.

One of the key flashpoints in the region is the tension between China and Taiwan. China’s regular incursions into Taiwanese waterways and airspace have raised the possibility of a conflict erupting overnight, with no advanced warning. The situation is further complicated by China’s tensions with India in the Himalayas. Hand-to-hand battles between Indian troops and the Chinese military have occurred, highlighting the long-standing competition between the two countries. The potential for a massive war involving China, Taiwan, Japan, Australia, India, and the US is a real concern, with nuclear weapons adding to the instability.

Given these risks, US companies are exploring alternatives to China, with India emerging as a potential destination. India offers a more stable investment environment compared to China, with its democratic governance and experience with parliamentary procedures. While India has its own internal issues, such as corruption, it still maintains a commitment to democratic principles and the rule of law. Additionally, India’s large domestic market and its central location make it an attractive option for companies looking to diversify their supply chains.

However, it is important to note that India is not without its risks. The country has shown tendencies towards autocracy and strongman rule, although these tendencies are not as pronounced as in some other countries. India’s federal structure and institutional safeguards provide some protection against the consolidation of power by a strongman leader. While no country is immune to political risks, India’s democratic experience and commitment to democratic principles make it a relatively stable option compared to other countries in the region.

The potential risks in China have also raised the question of whether US companies should consider near-shoring or reshoring their operations back to the United States. The government can play a role in facilitating such efforts through tax incentives, grants, and other types of incentives. However, the decision to reshore or near-shore is not without tradeoffs. Companies must weigh the potential benefits of reduced exposure to geopolitical risks against the costs of relocating their supply chains and the potential impact on their relationships with Chinese partners and customers.

In conclusion, US companies are seriously considering leaving China amid the political challenges and geopolitical risks in the region. The potential for conflict, particularly involving Taiwan, has raised concerns about the stability of supply chains and the safety of investments in China. India is emerging as a more stable alternative, with its democratic governance and institutional safeguards. However, companies must carefully consider the tradeoffs involved in relocating their operations and the potential impact on their business relationships. The decision to leave China is not an easy one, but it is a reflection of the increasing uncertainties and risks in the region.

You can check Dr. Oxnevad in the full five-part Riskology by Infortal podcast series here.

Categories
Blog

Compliance Successes Using Data-Driven Compliance

I recently had the opportunity to visit with Vince Walden, founder and CEO of KonaAI for a podcast series on the uses of data driven compliance. KonaAI is the sponsor of those podcasts. This blog post series will flesh out the podcast show notes. Over the next five blog posts, we will discuss generative AI and ChatGPT in compliance, the profiles of a corrupt payment, making the business case for data-driven compliance, what to ask for and how to ask for it and some success stories. In this Part 5, we will look at some compliance successes using a data-driven approach.

As always, I am joined by Vince Walden, founder and CEO of KonaAI. There is a quiet revolution happening in the realm of compliance. It’s one that, if harnessed correctly, can turn a typically reactive process into a proactive strategy. I am of course talking about data-driven compliance. By making use of the vast amounts of data your organization collects, you can uncover potential compliance risks before they turn into actual problems. This approach can be a game-changer, not just for your role as a compliance officer, but also for your organization’s overall risk management strategy. No longer will you be caught off guard. Instead, you’ll be leading the charge, armed with real-time insights and actionable data.

Sometimes, we face unintended consequences in a business setting – consequences that occur unexpectedly because of actions taken. They could be beneficial, like improvements to the business or reduced costs. Or, they could point to underlying issues that need addressing. However, these consequences can become visible only when multiple risk triggers are considered. Here’s the interesting bit. Vince underscored the importance of considering multiple risk triggers when analyzing data. Relying on just one test or indicator won’t cut it. It isn’t just one anomaly that signals an issue. The convergence of multiple risk signals helps in identifying the potential problem areas.

Compliance is not simply about rules and regulations. It is about understanding and managing risks, ultimately leading to better business decision-making. When well-executed, it can yield great rewards or “compliance wins”. One example is identifying high-risk areas in your business and managing them proactively. A high-risk business unit in high-risk FCPA environments. By analyzing their fraud risks, the company found that salespeople wound up spending quite a bit on gifts, travel, and entertainment for foreign officials to secure a sale. The solution? Limit setting. Not only did it save them money, but decreased the sales cycle, and the cherry on top – a clientele of higher quality.

Using data analysis techniques to improve business efficiency is of utmost importance in today’s business environment. By leveraging data analysis, you have the power to identify bottlenecks, streamline processes, and optimize your operations. This not only saves time and resources but also enhances overall compliance and risk management efforts. With every step you take towards harnessing the power of data, you are paving the way for increased business efficiency and success in your industry.

Compliance is the critical aspect that ensures organizations adhere to legal and ethical standards. Compliance not only helps companies avoid legal troubles but also plays a significant role in improving business efficiency and profitability. Data driven  of advanced compliance tools for fraud detection and cost savings was discussed. This article aims to provide a comprehensive analysis of the key factors that impact advanced compliance tools for fraud detection and cost savings, exploring the tradeoffs involved, the challenges faced, and the importance of considering the impact on decision-making.

One of the advanced compliance tools discussed in the episode is Unit Price Analysis. This tool utilizes advanced technology to identify discrepancies in vendor invoices, potentially saving companies significant amounts of money. By comparing prices charged for the same product by the same vendor in different locations, contract compliance can be achieved. As Walden explained, even a small difference in unit prices can translate into substantial recoveries when multiplied by tens of thousands or hundreds of thousands of units. This tool highlights the importance of scrutinizing vendor invoices and ensuring fair pricing across different locations.

To effectively detect fraud and ensure compliance, it is crucial to integrate multiple data sources into compliance monitoring programs. As Vince Walden mentions, transparency is key, and integrating various data sources brings that transparency into play. By pulling in third-party payments, due diligence work, sanctions lists, whistleblower hotline data, and other indicators, companies can gain actionable insights and identify improper payments and risk scoring. The ability to put in multiple risk triggers and analyze data from various sources allows for a more comprehensive and accurate assessment of potential risks.

However, implementing advanced compliance tools for fraud detection and cost savings is not without its challenges. It is essential to know when to stop reviewing transactions or high-risk activities. Risk scoring frameworks help prioritize the most critical transactions, but continuous improvement is necessary to update the models and identify any missed risk triggers. Additionally, the complexity of integrating multiple data sources and implementing advanced compliance tools requires careful planning and consideration.

The impact of advanced compliance tools for fraud detection and cost savings goes beyond financial benefits. These tools can change the character of the people who interact with the company. By shifting the responsibility of travel expenses to foreign officials, the company not only achieved significant cost savings but also attracted decision-makers who came to sign contracts. This unexpected outcome demonstrates the power of compliance and fraud risk prevention in improving business efficiency and quality of customers.

In conclusion, advanced compliance tools for fraud detection and cost savings play a crucial role in ensuring legal and ethical standards are met while improving business efficiency and profitability. Unit Price Analysis and Fraud Risk Analysis are just two examples of such tools discussed in the podcast episode. By integrating multiple data sources, implementing risk scoring frameworks, and continuously improving compliance models, companies can achieve transparency, identify risks, and make informed decisions. However, it is important to consider the challenges and tradeoffs involved in implementing these tools. Ultimately, the impact of advanced compliance tools extends beyond financial benefits, positively influencing the overall business environment.

Resources:

Connect with Vince Walden on LinkedIn

Check out Kona AI

Connect with Tom Fox on LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 8: Revising Your Policies and Procedures

More than simply having a Code of Conduct, compliance policies and procedures are required. As former Assistant Attorney General Lanny Breuer articulated, “Your compliance program is a living entity; it should be constantly evolving.” The 2012 FCPA Guidance stated, “When assessing a compliance program, DOJ and SEC will review whether the company’s Guiding Principles of Enforcement have taken steps to ensure that the Code of Conduct remains current and effective and whether a company has periodically reviewed and updated its code.”

After considering these issues, you should benchmark your current policies and procedures against those of other companies in your industry. If you decide to move forward, I suggest a process that can be fully documented to include revisions to your compliance policies and procedures. These points are a useful guide to not only thinking through how to determine if your policies and procedures need updating but also taking practical steps to tackle the problem. You should begin the process now if it has been more than five years since the last update. It is far better to review and update if appropriate than wait for a massive FCPA investigation to go through the process.

Three key takeaways:

  1. You should do so now if you have not revised your compliance policies and procedures in the past five years.
  2. Set a timeline and budget and stick to it in the compliance policy and procedure revision process.
  3. Document your process of revision to demonstrate a more complete operationalization of your compliance program.

Check out The Compliance Handbook, 4th edition, here for more information.

Categories
Data Driven Compliance

The Uses of Data Driven Compliance: Part 4 – What to Ask For and How to Ask For It

Welcome to Data Driven Compliance. In this podcast, we discuss how to use data to improve and enhance the effectiveness of your compliance program, creating greater business efficiency, all leading to more return on investment for your compliance regime. Join host Tom Fox as he explores how data will drive your compliance program to the next level. This podcast is sponsored by KonaAI.

I recently had the opportunity to visit with Vince Walden, founder and CEO of KonaAI, for a podcast series on the uses of data driven compliance. Over these five podcasts, we will discuss generative AI and ChatGPT in compliance, the profiles of a corrupt payment, making the business case for data-driven compliance, what to ask for and how to ask for it, and some success stories. In Part 4, we discuss what data a CCO needs to ask for and how to do so.

Vince Walden brings knowledge and experience in continuous compliance monitoring and risk assessment processes. Walden’s perspective on the topic is that it should be approached as a journey, not a one-time program. He emphasizes the importance of proactive risk assessments and continuous monitoring, advocating for an iterative approach demonstrating constant improvement in compliance efforts. This perspective is shaped by his belief that meeting regulatory expectations requires a diligent and ongoing commitment to improvement.

Walden also suggests that data sources should be identified based on the results of the fraud risk assessment and that the ease of obtaining the data should be considered when prioritizing analytics projects. To delve deeper into what data a CCO should ask for and how to ask for it, join Tom Fox and Vince Walden on this Data Driven Compliance podcast episode.

Key Highlights:

  • Continuous improvement through risk assessments and monitoring
  • Effective risk assessment through diverse data sources
  • Uncovering hidden relationships through expense categories

Resources:

Connect with Vince Walden on LinkedIn

Check out Kona AI

Connect with Tom Fox on LinkedIn