Tag: compliance

Categories
Life with GDPR

Life With GDPR: WhatsApp Breach: Hospital’s GDPR Failures Exposed

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. The recent controversy surrounding Nigel Farage’s banking situation highlights the risks and compliance challenges faced by the banking industry in relation to data protection. In this episode, Tom and Jonathan discuss a data breach in a Scottish hospital during the COVID-19 pandemic.

The breach occurred when hospital staff shared patient details on WhatsApp, raising concerns about GDPR compliance. The hospital informed the ICO about the breach but chose not to notify affected patients, highlighting the need for appropriate advice and support when making such decisions. The conversation also explores communication challenges in internal investigations and the privacy and security risks of platforms like WhatsApp. It emphasizes the importance of organizations adapting to the preferences of digital native employees and conducting data protection impact assessments. The podcast also highlights the importance of effective policies, training, and proactive phishing training to prevent cyber-attacks and protect sensitive information.

 

Key Takeaways:

  • Data breach in Scottish hospital
  • The Challenges of Communication in Internal Investigations
  • Importance of Policies and Training
  • Phishing Training Effectiveness

Resources

For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here.

Connect with Tom Fox

Connect with Jonathan Armstrong

Categories
Blog

Geopolitical Risks and Business Opportunities: Part 4 – Factors Impacting European Financial Integration

I recently had the opportunity to visit with Dr. Ian Oxnevad, Director of Geopolitical Risk Intelligence at Infortal Worldwide. This visit was for a podcast series sponsored by Infortal Worldwide entitled Global Risk Review. Dr. Oxnevad is a seasoned expert in geopolitical risk intelligence, with a Ph.D. in political science and a master’s degree in National Security Studies.

Ian Oxnevad is a seasoned expert in geopolitical risks impacting European financial integration and opportunities, with a profound understanding of Europe’s internal and external crises since 2008. We will consider factors affecting European financial integration in Part 4 of this five-part blog post series. Oxnevad’s perspective is that Europe has been grappling with constant internal stressors and external crises, such as banking crises and political upheavals, which pose significant risks to European financial integration. He underscores the need for enhanced risk analysis at the national level and geopolitical risk intelligence to navigate the uncertainties in Europe.

However, Oxnevad also identifies opportunities for US companies, particularly in the energy sector, to export to Europe, especially in the context of a stronger Euro. He further discusses the regulatory risks posed by GDPR and ESG laws in Europe and how US companies must manage these risks. In this blog post, we deeply dive into these complex and evolving geopolitical risks in Europe and their potential impact on financial integration and opportunities.

Europe has been facing many challenges impacting its financial integration and potentially altering the European Union (EU) and the Euro in a recent episode of the Riskology podcast hosted by Tom Fox and featuring Ian Oxnevad, the discussion centered around the geopolitical risks that Europe is currently grappling with and the opportunities that arise amidst these challenges.

One of the key factors affecting European financial integration is the ongoing Russia-Ukraine war. This conflict, coupled with rising energy prices, Middle East instability, and unchecked migration, puts pressure on the region’s financial integration and potentially changes the EU and the Euro as a monetary unit. These external pressures, along with internal populism, ongoing inflation, and high energy costs, are fueling resentment and could significantly impact European integration and its governing laws.

The Russia-Ukraine war has spilled energy inflation, creating monetary instability and supply chain issues. Annual inflation rose by 40% in June 2022 due to the invasion, and it remains high at 16.6% as of February this year. This inflationary pressure affects various aspects of the economy, including consumer spending capacity, production capacity, and manufacturing affordability. Governments have increased spending to offset these costs, further straining the Euro and limiting the ability to navigate these challenges through monetary means.

The pressures Europe faces are not limited to the EU as a whole but extend to the national level. This shift necessitates a greater focus on risk analysis at both levels, as the rules and regulations governing European integration may change suddenly and overnight. The emergence of populism across the EU, as seen in France and the Netherlands, indicates growing animosity towards incumbents and a desire for change. This political upheaval poses risks and uncertainties for businesses operating in Europe, as regulations, taxation, and even the monetary unit itself may be subject to change.

Despite these challenges, there are opportunities for US energy companies to export to Europe. The weakening of the dollar and the strength of the Euro make Europe an attractive export location for US goods and services, including energy. However, regulatory risks and challenges must be carefully considered. Europe’s robust data protection and privacy laws, such as the General Data Protection Regulation (GDPR), and its focus on environmental, social, and governance (ESG) factors present potential risks for US companies. Compliance with these regulations requires careful risk management and due diligence.

ESG initiatives, particularly the push for renewable energy, present countervailing risks. While there is a regulatory push for green energy, the inefficiencies and costs associated with these technologies and the reliance on minerals from regions with questionable labor practices create challenges. Balancing the environmental (E) aspect of ESG with the social (S) and governance (G) aspects requires careful consideration and geopolitical risk intelligence.

The banking sector is also facing turmoil, with institutions like Deutsche Bank and Swiss banks experiencing challenges. While it is unlikely that the German government would allow Deutsche Bank to fail, the stability of these institutions and their role in global monetary and fiscal policy is a concern. The European Central Bank, the Bank of England, and the US Federal Reserve play crucial roles in stabilizing the financial systems, but their ability to navigate these challenges remains to be seen.

In conclusion, the geopolitical risks impacting European financial integration and opportunities are complex and multifaceted. Europe’s response to the Russia-Ukraine war, rising energy prices, Middle East instability, and unchecked migration will shape the future of the EU and the Euro. Balancing the tradeoffs involved in managing these risks, such as the need for defense spending versus protecting consumers, requires careful analysis and risk intelligence. US companies can find opportunities in exporting to Europe, but they must navigate regulatory risks and consider the contradictions within ESG mandates. The banking sector’s stability and global institutions’ role in stabilizing the financial systems are also areas of concern. As Europe faces these challenges, it is crucial to consider the impact on financial integration and opportunities when making decisions.

Please join us tomorrow when we explore geopolitical risks and business opportunities in China and the greater Asia Pacific region.

You can check Dr. Oxnevad in the full five-part Riskology podcast series here.

Categories
Data Driven Compliance

The Uses of Data Driven Compliance: Part 3 – Making the Business Case for Data Driven Compliance

Welcome to Data Driven Compliance. In this podcast, we discuss how to use data to improve and enhance the effectiveness of your compliance program, creating greater business efficiency, all leading to more return on investment for your compliance regime. Join host Tom Fox as he explores how data will drive your compliance program to the next level. This podcast is sponsored by KonaAI.

I recently had the opportunity to visit with Vince Walden, founder and CEO of KonaAI, for a podcast series on the uses of data driven compliance. Over these five podcasts, we will discuss generative AI and ChatGPT in compliance, the profiles of a corrupt payment, making the business case for data-driven compliance, what to ask for and how to ask for it, and some success stories. Part 3 discusses how to make the business case for data-driven compliance.

Vince Walden, a seasoned professional with over 25 years of experience in compliance and risk management, is the founder and CEO of KonaAI, a software company specializing in automating data management for compliance and fraud risk management. Walden believes that compliance professionals play a crucial role in data-driven risk management. He emphasizes the need for these professionals to make a business case for data-driven compliance to both risk professionals and the CFO or head of operations.

According to Walden, data-driven compliance not only aligns with regulatory expectations and avoids risks, but it also improves the overall functioning of the business by identifying hidden money, reducing costs, eliminating waste and fraud, and preventing improper payments. His perspective is shaped by his extensive experience in the field, including his work as a consultant, fraud investigator, and forensic technologist. Join Tom Fox and Vince Walden as they delve deeper into this topic on this episode of Data Driven Compliance.

Key Highlights:

  • The Importance of Data Driven Compliance
  • Effectively Conveying Compliance Value to CFOs
  • The Impact of Data Driven Compliance
  • Maximizing Compliance ROI through Risk Mitigation

Resources:

Connect with Vince Walden on LinkedIn

Check out Kona AI

Connect with Tom Fox on LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 7 – Policies and Procedures

There are numerous reasons to put some serious work into your compliance policies and procedures. They are certainly a first line of defense when the government comes knocking. The 2020 Update made clear that “Any well-designed compliance program entails policies and procedures that give both content and effect to ethical norms and that address and aim to reduce risks identified by the company as part of its risk assessment process.

This statement made clear that the regulators will take a strong view against a company that does not have well-thought-out and articulated policies and procedures against bribery and corruption, which are systematically reviewed and updated. Moreover, having policies written out and signed by employees provides what some consider the most vital communication layer and acts as an internal control. Together with a signed acknowledgment, these documents can serve as evidentiary support if a future issue arises. In other words, the “Document, Document, and Document” mantra applies just as strongly to policies and procedures in anti-corruption compliance.

The specific written policies and procedures required for a best practices compliance program are well-known and long-established. According to the 2020 FCPA Resources Guide 2nd edition, some of the risks companies should keep in mind include the nature and extent of transactions with foreign governments (including payments to foreign officials), use of third parties; gifts, travel, and entertainment expenses; charitable and political donations; and facilitating and expediting payments. Policies help form the basis of expectations for standards of conduct in your company. Procedures are the documents that implement these standards of conduct.

Three key takeaways:

1. Written compliance policies and procedures, together with the Code of Conduct, form the backbone of your compliance program.

2. The DOJ and SEC expected well-thought-out and articulated compliance policies and procedures to be adequately communicated throughout your organization.

3. Institutional fairness for the application of policies and procedures demands the consistent application of your policies and procedures across the globe.

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
Blog

Geopolitical Risks and Business Opportunities: Part 3 – Russia and Rebuilding Ukraine

I recently had the opportunity to visit with Dr. Ian Oxnevad, Director of Geopolitical Risk Intelligence at Infortal Worldwide. Global Risk Review, a podcast series that Infortal Worldwide sponsors was the reason for this visit. Dr. Oxnevad is a seasoned expert in geopolitical risk intelligence, with a Ph.D. in political science and a master’s degree in National Security Studies.

Over this five-part blog series, we will look at the risk profile for US Companies doing business in the following geographic regions: the Middle East, Latin America, Russia and Ukraine, Africa, and the Asia Pacific region. Over this five-part blog post series, we will review Dr. Oxnevad’s views in each one of these regions. Part 3 reviews the business opportunities and risks in Russia and the challenges and opportunities in rebuilding Ukraine.

Dr. Oxnevad deeply understands the issues in Russia and Ukraine. His belief that the upcoming rebuilding of Ukraine will spark a surge of interest from significant US corporations, the EU, and China, potentially resulting in increased corruption and geopolitical risks, shapes his perspective on the global implications and geopolitical risks. Oxnevad emphasizes the need for ongoing due diligence and monitoring by Western companies to navigate potential challenges and uncertainties, such as changes in laws and competition from different countries. He also acknowledges the significant risk of corruption in Ukraine, especially during the rebuilding process, and believes it may take time for EU institutions to mitigate this risk.

The war between Russia and Ukraine has had far-reaching consequences, not only for Europe but also for other parts of the world. Indeed, it has changed business across the globe forever.

One of the key factors to consider is the impact on global food supplies. Russia and Ukraine are major food and grain suppliers, and the war and sanctions have disrupted their production. This has put food supplies at risk, increasing food costs and inflationary pressures worldwide. Countries in Africa and the Middle East, in particular, heavily rely on these food supplies, and the uncertainty surrounding Ukraine’s ability to meet these demands raises concerns.

The rebuilding of Ukraine presents significant opportunities for major corporations from the United States, the European Union, China, and other countries. However, it also raises concerns about corruption and geopolitical risks. Ukraine has been traditionally viewed as a high-risk country for corruption, and the war has only exacerbated this issue. The chaos and emergency in the country create a greater incentive for corruption to exist. President Zelensky’s ability to address these concerns remains to be determined, and it is unlikely that corruption will disappear even if the war were to end abruptly.

From a geopolitical standpoint, the war between Russia and Ukraine has become a proxy war between Russia and the West and China and the West. This further complicates the situation and introduces additional risks. The resolution of the war and the lifting of sanctions will depend on various factors, including Russia’s political landscape and the leadership of President Putin. If Putin remains in power, the sanctions will likely stay in place. However, if there is a change in leadership, lifting sanctions could be a possibility, albeit with careful consideration of Russia’s economic and political landscape.

The rush to capitalize on Ukraine’s rebuilding presents both opportunities and risks. Many countries and corporations will be vying for a stake in Ukraine, increasing the incentives for corruption and other geopolitical risks. Competitors will be aware of the presence of different countries, further complicating the situation. It is crucial for American companies and others to carefully assess the risks associated with corruption in Ukraine and conduct thorough due diligence before engaging in business opportunities.

The international community, including the European Union, NATO, and the United Nations, may play a role in assisting Ukraine in its rebuilding efforts. Establishing the rule of law, policies, and procedures will ensure a successful reconstruction. However, the timing of international involvement is crucial. Rebuilding efforts must occur before existing EU institutions move in to address corruption, as this will help mitigate the associated risks.

In conclusion, rebuilding Ukraine has significant global implications and geopolitical risks. The disruption of food supplies, the rush to capitalize on opportunities, and the challenges associated with corruption must be carefully considered. The resolution of the war and the lifting of sanctions depend on various factors, including Russia’s political landscape. International assistance in rebuilding efforts, particularly in establishing the rule of law, will be crucial. However, it is essential to conduct thorough due diligence and assess the risks before engaging in business opportunities in Ukraine.

Please join us tomorrow when we explore geopolitical risks and business opportunities in Europe.

You can check Dr. Oxnevad in the full five-part Riskology podcast series here.

Categories
Blog

Making the Business Case for Data Driven Compliance

I recently had the opportunity to visit with Vince Walden, founder and CEO of KonaAI, for a podcast series on the uses of data driven compliance. KonaAI is the sponsor of those podcasts. This blog post series will flesh out the podcast show notes. Over the next five blog posts, we will discuss generative AI and ChatGPT in compliance, the profiles of corrupt payments, making the business case for data-driven compliance, what to ask for and how to ask for it, and some success stories. Part 3 will discuss making the business case for data-driven compliance.

Vince Walden, the CEO and founder of KonaAI, is here with me as always. Walden pointed out a dual aspect to this, bringing risk and financial perspectives into play. The risk perspective aligns with meeting expectations from the Department of Justice, SEC, or other regulatory bodies, which include culture alignment and prudent data handling. The financial end deals with a knock-on effect of compliance: a potential improvement in financial performance by curtailing revenue leakage through fraud and improper payments. This is what compliance professionals do every day. In regulated industries, however, it is not simply about convincing others of the necessity. It is also about aligning the company’s tools and methods to meet the expectations of external regulatory bodies. In an ideal world, a company’s compliance goals should align with its business goals. But achieving this balance is easier said than done.

While regulatory compliance is important, businesses are about generating revenue and turning a profit. Balancing compliance with profitability can often seem like a tightrope walk. But businesses need to realize that this balance is possible and beneficial in more ways than one. Compliance and profitability could coexist with the help of a business-savvy compliance tool. Compliance professionals need to distance themselves from a narrow focus on policies and enforcement. A broader perspective, including understanding the importance of data-driven metrics and business context, can position these professionals as valuable contributors to an organization’s bottom line. Yet Walden warned against complacency, saying that professionals who only focus on regulation and leave the business aspect by the wayside can find themselves marginalized.

Increasingly, companies realize the value of having multiple perspectives at the decision-making table. While finance and internal audit have always been pivotal, including compliance in these discussions provides a more rounded view. This broad-based approach can unlock novel insights into operational efficiency, risk mitigation, and more. The dialogue between compliance, finance, and procurement has been improving. Industries like telecommunications, oil and gas, technology, and pharmaceuticals are leading this change, recognizing the value of integrated discussions. Vince stresses the need for transparency in transactions that pose risks to the organization and sees compliance professionals playing a significant role in these discussions.

One of the greatest challenges of being a compliance professional is speaking the language of the CFO and financial stakeholders. Convincing them about the monetary benefits of compliance involves more than just throwing around regulation jargon – it requires the ability to present your case strategically. Compliance professionals understand their audience and tailor their discussions accordingly. He advises professionals to focus on how data-driven compliance can save money, improve efficiencies, and prevent improper payments. This is how to get the CFO and other financial stakeholders on board and win them over with the business case for compliance.

Walden emphasizes the importance of understanding the CFO’s financial language to argue for effectively implementing data-driven compliance. Compliance professionals must demonstrate the return on investment and the success of compliance and fraud risk management programs. Key performance indicators such as dollar recoveries and risks avoided can be used to measure the impact of data-driven compliance. Walden also highlighted the significance of finding hidden money and stopping improper payments before they occur. By utilizing data-driven metrics, compliance professionals can identify the riskiest transactions and prevent fraud, waste, and abuse. This not only aligns with the DOJ’s expectations but also improves the overall functioning of the business.

Also of significance is the role of compliance professionals in finance and procurement. More and more companies are recognizing the need to have compliance professionals at the table when making financial decisions. Compliance professionals must be able to speak the language of CFOs and help them understand the importance of compliance in reducing costs, eliminating waste, and preventing improper payments.

To make a compelling business case, compliance professionals should focus on the financial benefits of data-driven compliance. For example, if a company disburses hundreds of millions or billions of dollars in accounts payable payments to third parties, implementing a risk scoring system can help identify the top ten riskiest transactions at risk for fraud, waste, and abuse. The company can recover millions of dollars by investing a relatively small amount, such as $200,000, resulting in a significant return on investment.

It is also important for compliance professionals to collaborate with finance, procurement, and internal audit teams. The Association of Certified Fraud Examiners (ACFE) and COSO collaborated on writing the COSO Fraud Risk Management Guide, which offers useful advice for running a fraud risk management program. The principles outlined in this guide align with the DOJ’s guidance on effective compliance programs. Compliance professionals should take the initiative to engage with CFOs, heads of accounting, and heads of internal audit to foster collaboration and ensure compliance efforts are aligned with overall business objectives.

Compliance professionals play a vital role in data-driven risk management. By making a compelling business case for data-driven compliance, they can demonstrate the financial benefits, such as preventing fraud, improving cash flow, and uncovering hidden funds. Collaboration with CFOs and other key stakeholders is crucial to ensure compliance efforts are integrated into overall business strategies. Compliance professionals must continue to adapt and evolve their understanding of finance and procurement to effectively communicate the importance of data-driven compliance in mitigating risks and driving business success.

Finally, remember that data-driven compliance can improve financial performance and ROI. By harnessing the power of data to inform compliance activities, professionals in regulated industries can effectively navigate complex regulatory landscapes, minimize risks, and optimize business operations. The steps in making a business case for data-driven compliance lay the foundation for success, enabling professionals to leverage data insights, drive informed decision-making, and, ultimately, drive better business outcomes. Embrace data-driven compliance and unlock the potential for improved financial performance and ROI—within your reach.

 Resources:

Connect with Vince Walden on LinkedIn

Check out KonaAI

Connect with Tom Fox on LinkedIn

Categories
Principled Podcast

Season 10 Episode 1 – How Does the US Department of Justice Evaluate Ethics and Compliance Programs?

What you’ll learn on this podcast episode

The US Department of Justice Criminal Division has been increasingly vocal about what makes organizations’ ethics and compliance programs effective. This input on program effectiveness takes the form of guidance to prosecutors about what questions to ask when companies negotiate to resolve DOJ investigations into corporate wrongdoing on favorable terms. What does this guidance on program effectiveness mean in practice for E&C professionals? In the season 10 premiere of LRN’s Principled Podcast, host Susan Divers speaks with John Michelich, who retired last November after 35 years as a federal prosecutor with the Department of Justice’s Criminal Division. Listen in as they explore how the DOJ evaluates E&C programs, as well as best practices for companies settling misconduct investigations. 

Guest: John Michelich

John Michelich – Grayscale

John Michelich is a retired career prosecutor, who has served at the state, federal, and international levels for 45 years. A native of Illinois, John received his undergraduate education at Illinois Wesleyan University and then attended Drake University Law School in Des Moines, Iowa. For 10 years, John served as Assistant State’s Attorney and First Assistant State’s Attorney in Springfield, Illinois, where he prosecuted all types of state criminal felony violations including armed robbery, aggravated sexual assault and capital murder.   

In 1988, John moved to Washington, DC where he began his 35-year career as a prosecutor with the US Department of Justice, Criminal Division. As a federal prosecutor, John has handled a wide variety of cases including child pornography and obscenity, narcotics distribution and all types of white-collar criminal cases. John served for 30 years as a prosecutor with the Fraud Section of the Criminal Division where he handled numerous cases including health care fraud, bank fraud, telemarketing fraud, commodities and securities fraud and violations of the Foreign Corrupt Practices Act. Because Washington DOJ lawyers are traveling prosecutors, John has handled grand jury proceedings or jury trials in more than two dozen federal districts nationwide from Guam and Hawaii to Puerto Rico, and California to New York. Over his long career, John has tried dozens of jury trials to verdict.  

In 1998, the Justice Department sent John on loan to the United Nations’ International Criminal Tribunal for the Former Yugoslavia, also known as the War Crimes Tribunal, in the Hague, Netherlands, where he handled investigations and Tribunal proceedings involving crimes against humanity and serious breaches of the Geneva Convention that occurred during the Yugoslavian civil war.   

For over 40 years, John has been an active instructor of Trial Advocacy and has appeared regularly on the faculty of the NITA Trial Practice course offered at Georgetown University Law Center. In addition, John has served as an Adjunct Professor at Georgetown, teaching Trial Practice courses to third-year law students. In his retirement, John is available as a legal consultant to trial lawyers to advise them in preparation for jury trials and to consult with corporate counsel concerning internal investigations and to advise them on how to approach the government when there are allegations of wrongdoing, especially foreign bribery. 

John is licensed to practice in the states of Illinois and Iowa, and several federal courts, and is a licensed Solicitor of the Senior Courts of England and Wales.   

Host: Susan Divers

Headshot_Susan_Divers_S7E18_Principled_Podcast

Susan Divers is a senior advisor with LRN Corporation. In that capacity, Ms. Divers brings her 30+ years’ accomplishments and experience in the ethics and compliance area to LRN partners and colleagues. This expertise includes building state-of-the-art compliance programs infused with values, designing user-friendly means of engaging and informing employees, fostering an embedded culture of compliance and substantial subject matter expertise in anti-corruption, export controls, sanctions, and other key areas of compliance.

Prior to joining LRN, Mrs. Divers served as AECOM’s Assistant General for Global Ethics & Compliance and Chief Ethics & Compliance Officer. Under her leadership, AECOM’s ethics and compliance program garnered six external awards in recognition of its effectiveness and Mrs. Divers’ thought leadership in the ethics field. In 2011, Mrs. Divers received the AECOM CEO Award of Excellence, which recognized her work in advancing the company’s ethics and compliance program.

Mrs. Divers’ background includes more than thirty years’ experience practicing law in these areas. Before joining AECOM, she worked at SAIC and Lockheed Martin in the international compliance area. Prior to that, she was a partner with the DC office of Sonnenschein, Nath & Rosenthal. She also spent four years in London and is qualified as a Solicitor to the High Court of England and Wales, practicing in the international arena with the law firms of Theodore Goddard & Co. and Herbert Smith & Co. She also served as an attorney in the Office of the Legal Advisor at the Department of State and was a member of the U.S. delegation to the UN working on the first anti-corruption multilateral treaty initiative.

Mrs. Divers is a member of the DC Bar and a graduate of Trinity College, Washington D.C. and of the National Law Center of George Washington University. In 2011, 2012, 2013 and 2014 Ethisphere Magazine listed her as one the “Attorneys Who Matter” in the ethics & compliance area. She is a member of the Advisory Boards of the Rutgers University Center for Ethical Behavior and served as a member of the Board of Directors for the Institute for Practical Training from 2005-2008.

She resides in Northern Virginia and is a frequent speaker, writer and commentator on ethics and compliance topics. Mrs. Divers’ most recent publication is “Balancing Best Practices and Reality in Compliance,” published by Compliance Week in February 2015. In her spare time, she mentors veteran and university students and enjoys outdoor activities.

Categories
Blog

Profiles of Corrupt Payments

I recently had the opportunity to visit with Vince Walden, founder and CEO of KonaAI, for a podcast series on the uses of data driven compliance. KonaAI is the sponsor of those podcasts. This blog post series will flesh out the podcast show notes. Over the next five blog posts, we will discuss generative AI and ChatGPT in compliance, the profiles of corrupt payments, making the business case for data-driven compliance, what to ask for and how to ask for it, and some success stories. In Part 2, we will consider the profiles of a corrupt payment.

The episode highlighted research by MIT and KonaAI that examined $75 billion in payments from various companies to identify characteristics associated with high-risk payments. For businesses looking to identify and stop improper payments, the MIT and KonaAI research offered useful insights. Key attributes that were found to be associated with high-risk payments included payments made without purchase orders, payments flagged by anti-corruption keywords, and payments that significantly deviated from the norm. These attributes were often relevant in the data that humans tagged as high-risk.

One of the key takeaways from the research is the importance of investigating red flags in sales increases. A case study was presented in the episode, highlighting a suspicious sales increase in a Polish province. Contributions to a charitable organization came with increased sales, which raised questions about potential corruption or bribery. This case study emphasizes that compliance officers and risk professionals must monitor commissions, sales incentives, and margins to identify potential bribery and corruption issues.

Companies are encouraged to leverage data analysis tools like KonaAI to identify high-risk payments and prevent corporate corruption. These tools can help track and identify improper payments, providing transparency and easy access to financial accounting data for compliance professionals. By combining financial accounting data with data analysis capabilities, companies can gain insights into payment patterns and detect anomalies that may indicate potential corruption.

However, it is important to note that tradeoffs are involved in balancing different factors when identifying high-risk payments. Compliance officers and risk professionals must carefully consider the impact of their decisions on the business. The podcast episode highlighted the analogy of brakes on a car, emphasizing that the purpose of brakes is not to slow down but to enable the car to go fast and stop when necessary. Similarly, compliance efforts aim to facilitate business growth while ensuring ethical practices and preventing corruption.

The episode also discussed the challenges of identifying high-risk payments and preventing corporate corruption. One challenge is the need for collaboration among companies in an anonymous way to analyze the profiles of improper payments. The research conducted by MIT and KonaAI demonstrated the potential of such collaboration in identifying common risk triggers and profiles of high-risk payments. However, ensuring data privacy and confidentiality is crucial in such collaborative efforts.

In conclusion, identifying high-risk payments and preventing corporate corruption require a comprehensive approach that combines data analysis, collaboration, and a focus on business growth. The MIT and KonaAI research offers useful insights into the characteristics of high-risk payments. Compliance officers and risk professionals are urged to leverage data analysis tools and closely monitor payment patterns to detect and prevent improper payments. By balancing compliance efforts and business objectives, companies can mitigate corruption risks and foster a culture of transparency and integrity.

Examining data is like peering into a crystal ball that projects the inner workings of a business, but only if you know what to look for. One essential facet is sales performance. Even the tiniest irregularities can be a hint of greater issues at hand, such as improper payments. So, understanding and tracking sales data, be it a sudden sales surge in a particular area or an individual outperforming all expectations, is quite crucial.  Walden emphasized the importance of transparency in analyzing sales data. If figures shoot up in a specific region or uncannily exceptional sales are tied to a particular individual, Vince suggests investigating to find out more. The key here, he describes, is the ability to spot these oddities before they morph into a serious problem. Transparency in financial analysis, Vince implores us, can be a game-changer in tracking down and rectifying improper payments.

Third-party relationships can be as much a source of risk as any other part of a business. Keeping tabs on the financial activities of entities such as distributors, commission sales agents, and joint venture partners is therefore imperative. Monitoring these relationships to minimize the risks of improper payments. Walden suggests that the same strategies used to interpret company data for potential risks can also be utilized for third-party relationships. Compliance officers can pair financial analysis with tools like KonaAI to actively monitor anomalies or suspicious transactions. In this scenario, compliance officers can be armed with the right tools and data to monitor and, if required, mitigate any suspicious financial activities related to third-party relationships.

Extending data analysis to third parties is no longer nice; in today’s compliance and fraud-risk environment, it is a business necessity. Monitoring these outside relationships closely provides another layer of security and reduces the breeding ground for unethical activities like improper payments. By integrating financial data with tools like these, compliance officers can actively keep an eye out for anything unusual. This way, companies are not only ensuring that their internal affairs are in order but are also making sure that their external associations are clean and ethical. It’s an insight into how companies can use strategic data analysis to maintain regulatory compliance.

The bottom line is that compliance officers are the guardrails that keep a company on track. Their role is two-pronged – facilitate business growth and, at the same time, deter the business from veering off into unethical practices. Compliance officers ensure the company is always one step ahead in identifying and addressing compliance risks. A balance between growth enablement and ethical conduct is needed to steer the course towards success.

Finally, as compliance officers, you have the power to make a significant impact by preventing improper payments and preserving your organization’s reputation. By embracing the learnings from this podcast episode, you can confidently navigate the challenges of today’s complex business environment and ensure that your efforts contribute to a culture of transparency and ethical behavior. Together, we can create a stronger, more accountable business world.

Resources:

Connect with Vince Walden on LinkedIn

Check out KonaAI

Connect with Tom Fox on LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 6 – Operationalization of your Code of Conduct

How can you work to operationalize your Code of Conduct as articulated in the DOJ 2023 Evaluation of Corporate Compliance Programs (ECCP)? The 2023 ECCP focuses not on whether a company has a paper compliance program but whether a company is actually doing compliance. A company does compliance by moving it into the functional business units as a part of an overall business process. That is what makes a compliance program effective at the business level. There are several different parts of the 2023 ECCP that touch upon your Code of Conduct.
The Code of Conduct design and implementation process enshrine your company’s values. Those are set by senior management and their input and support for any code project, whether initial draft or update, is critical. This gets to the heart of operationalization and demonstrates how a Code of Conduct can work to meet the DOJ requirements. As an early part of your design and drafting process, you should assemble a cross-functional team. This is important for several reasons. First, diversity in your team will help produce a more well-rounded final product. But having such team diversity will also assist in your benchmarking effort, coupled with those who are going to help you out looking at designs and maybe helping forge the design of the code. Finally, you can use a group to help in the drafting, redrafting and editing process. This diversity will help you to answer all of the DOJ questions from the 2019 Guidance in a manner consistent to support operationalization.
All of these requirements point to getting out and making your Code of Conduct a part of the very fabric of your organization. By using some or all of these strategies, you will have a good starting point. But it is more than simply rollout and training. There must be ongoing communications as well.

Three key takeaways:

  1. What has been the role of senior management in the creation or update of your Code of Conduct?
  2. How have you worked with employees outside the compliance function to lay the groundwork for fully operationalizing your Code of Conduct?
  3. How have you measured the effectiveness of your Code of Conduct training?

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
Innovation in Compliance

Innovation in Compliance – Dr. Laura Purdy on Revolutionizing Healthcare: The Power and Potential of Telemedicine

Innovation comes in many areas and compliance professionals need to not only be ready for it but embrace it. One of those areas is telehealth and telemedicine. My guest in this episode is Dr. Laura Purdy, a true evangelist for both telehealth and telemedicine.

Telemedicine in the Army has become crucial in providing healthcare to remote and deployed soldiers. Dr. Laura Purdy, a family medicine physician with a military background, has been at the forefront of this innovation. Telemedicine allows doctors to provide care remotely, improving access to healthcare in rural areas with limited services. However, the insurance industry’s lack of understanding hinders acceptance of telemedicine. Dr. Purdy encourages patients to try telemedicine, especially cash pay services, for more control over their healthcare choices. Scaling up a telehealth company requires careful consideration of being cash pay or accepting insurance. Regulatory challenges in telehealth include physician licensing, state laws, legal standards, and controlled substances. The future of telemedicine involves seamless integration of virtual and in-person care. Dr. Purdy’s company, AfD Health System, aims to provide accessible care and educational content through Instagram and a developing website. Overall, telemedicine has the potential to revolutionize healthcare delivery, but it requires greater acceptance, understanding, and comprehensive regulation.

Key Highlights

·      Telemedicine in the Army

·      Telemedicine: Improving Access to Healthcare

·      Challenges in Telehealth Regulation

·      The Future of Telemedicine

·      AfD Health System

 Resources

Dr. Laura Purdy on LinkedIn

DrLauraPurdy.com

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn