Tag: consequence management

Categories
Blog

The NBA, Data Driven Compliance and Jontay Porter

One of the best examples I have recently seen of the power of data-driven compliance is playing out in real-time in the NBA. It is the Jontay Porter betting scandal. This event drove home why transparency and robust data analytics can help identify illegal acts in real time, moving compliance from detective to proactive.

Background

The background to the story is both sad and tragic. As reported by ESPN, betting sites grew suspicious when a large amount of money was made on prop bets for Porter. The bets were: “In the game on Jan. 26 against the LA Clippers, there was increased betting interest on the under for Porter props, which for the night were set at around 5.5 points, 4.5 rebounds, and 1.5 assists. There was also an over/under for Porter’s made 3-pointers, which was 0.5.”

Additionally, “At least one other U.S. sportsbook detected unusual betting interest on the game’s Porter props. A sportsbook industry source told ESPN that multiple betting accounts attempted to bet large amounts, upward of $10,000 and $20,000, on Porter under in the January game against the Clippers. Betting limits on NBA player props vary by sportsbook and customer but are typically around $1,000 to $2,000.

The second part of the suspicious transaction was that in that game itself, “Porter played just four minutes before leaving the game because of what the Raptors said was an aggravation of an eye injury he had suffered four days earlier against the Memphis Grizzlies. Porter did not score against the Clippers but had three rebounds and one assist, and he did not attempt a 3, meaning the under-hit on all of the props.” According to the Draft Kings, the under on Porter’s 3-pointers was the biggest money winner for bettors of any NBA player props from games that evening.

A second set of anomalous information came in on March 20. In a game on that night, “Porter played just three minutes before exiting because of what the Raptors said was an illness and did not return. He did not score after attempting one shot and had two rebounds.

Sportsbooks had his over/under set at around 7.5 points and 5.5 rebounds. The next day, DraftKings Sportsbook reported in a media release that Porter’s prop bets were the No. 1 moneymaker from the night in the NBA.”

Anomalous Data

Another ESPN article reported that “the NBA’s investigation found that Porter revealed information about his health to a known sports bettor ahead of a March 20 game against the Sacramento Kings. According to the NBA, another bettor who was privy to the information placed a $80,000 same-game parlay bet featured under Porter’s statistics and would win $1.1 million. Porter played for three minutes before leaving the game with an illness. The bet, which was placed at DraftKings, was not paid.” This is in addition to multiple Sportsbooks that “reported a spike in betting interest on the under on several of Porter’s statistics ahead of a Jan. 26 game against the Los Angeles Clippers.”

Finally, and most damningly, Porter was also betting on NBA games. “The league investigation revealed Porter placed at least 13 bets on NBA games using an associate’s online betting account. According to the league, the bets ranged from $15 to $22,000, totaling $54,094. The NBA said the total payout from those bets was $76,059, with net winnings of $21,965. None of the bets involved any in which Porter played. Three bets were parlays, including one that included a bet on the Raptors to lose. All three bets lost, according to the NBA.”

 Lessons for Compliance

  1. Transparency

There are several key lessons for compliance in this sordid tale. The first is around transparency. It is not about the legalization of gambling; gambling on NBA games has always occurred. It is about the oversight that legalization has brought about. In other words, gambling has moved out of the shadows and into the light of day. There is increased regulatory oversight and reporting. The NBA itself noted that “it was alerted to the suspicious activity by licensed sportsbooks and an organization that monitors legal betting markets. Las Vegas firm U.S. Integrity, which works with sportsbooks, leagues, and state gaming regulators, monitored Porter’s abnormalities and said it is “proud to continue to support the NBA in initiatives relating to regulated sports betting.”

The legalization of gambling has increased the amount of money involved. However, having that much money means more oversight and better processes for determining anomalous patterns. Why? Because it is a business for these Sportsbooks and sites like Draft Kings. Not only is it a business, but its customers must have faith that the games are not crooked, which is exactly what the NBA demands.

  1. Data Analytics

The second, equally important lesson is about data analytics. Data analytics did not determine that Porter had illegally revealed information about his health. Data analytics determined an unusual pattern of betting on small bets on a minor player, all in a very big way. In other words, the data identified anomalies that could be further investigated. Every data analytics program should crunch massive GTE spending, marketing spending, charitable donations, third-party spending, and any other place funds could be generated to determine if a pot of money is needed to fund a bribe.

Moreover, once your data program is set up, you can monitor these areas in real-time. This will allow you to spot any unwarranted trends and patterns. Based on the investigation, you can suspend the activities. If further action is necessary, you can then take it. But it all begins with data analytics.

  1. Consequence Management

We now move to the tragic part of this story. As a direct consequence of his actions, Jontay Porter has been banned from playing in the NBA for life. For the compliance professional, the lesson is that the Department of Justice demands swift action, including termination and clawbacks for executives who are part of a bribery or corruption scheme.

Categories
Blog

Ten Top Lessons from Recent FCPA Settlements – Lesson No. 8, Enhancing Your Compliance Program

Over the past 15 months, the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) have made clear, through three Foreign Corrupt Practices Act (FCPA) enforcement actions and speeches, their priorities in investigations, remediations, and best practices compliance programs. Every compliance professional should study these enforcement actions closely for the lessons learned and direct communications from the DOJ. They should guide not simply your actions should you find yourself in an investigation but also how you should think about priorities.

The three FCPA enforcement actions are ABB from December 2022, Albemarle from November 2023, and SAP from January 2024. Taken together, they point out a clear path for the company that finds itself in an investigation, using extensive remediation to avoid monitoring and providing insight for the compliance professional into what the DOJ expects in an ongoing best practices compliance program.

Over this series of blog posts, I will lay out what I believe are the Top Ten lessons from these enforcement actions for compliance professionals who find themselves in an enforcement action. Today, we continue with Number 8, Enhancement of Compliance. The DOJ has clarified that any company undergoing an FCPA enforcement action must significantly enhance its compliance program with a budget, headcount, and expertise in reporting, investigations, and consequence management processes.

Albemarle

The Albemarle NPA cited several remedial actions by the company that helped Albemarle obtain superior results regarding the discounted fine and penalty. These steps were taken during the pendency of the DOJ investigation so that when the parties were ready to resolve the matter, Albemarle had built out an effective compliance program and had tested it. The NPA provided that Albemarle

  • Strengthening its anti-corruption compliance program by investing in compliance resources, expanding its compliance function with experienced and qualified personnel, and taking steps to embed compliance and ethical values at all levels of its business organization;
  • Transformed its business model and risk management process to reduce corruption risk in its operation and to embed compliance in the business, including implementing a go-to-market strategy that resulted in eliminating the use of sales agents throughout the Company, terminating hundreds of other third-party sales representatives, such as distributors and resellers, and shifting to a direct sales business model;
  • Provided extensive training to its sales team, restructuring compensation and incentives so that compensation is no longer tied to sales amounts;
  • Used data analytics to monitor and measure the compliance program’s effectiveness and
  • It engaged in continuous testing, monitoring, and improvement of all aspects of its compliance program, beginning almost immediately after identifying misconduct.

The NPA noted that Albemarle engaged in holdbacks, as they did not pay bonuses to certain employees involved in the conduct or those with oversight. The NPA said, “During its internal investigation, the Company withheld bonuses totaling $763,453 from employees suspected of wrongdoing.” The illegal behavior involved people who “(a) had supervisory authority over the employee(s) or business area engaged in the misconduct; and (b) knew of, or were willfully blind to, the misconduct.” This effort was important because it allowed Albemarle to get an extra fine reduction of a dollar for every dollar they spent on the investigation.

Indeed, Deputy Attorney General Lisa Monaco cited the Albemarle FCPA resolution: “The company received a clawback credit for withholding bonuses for employees who engaged in misconduct. Not only did Albemarle keep the bonuses that would have gone to wrongdoers, but the company also received an offset against its penalty for the same amount. That’s money saved for Albemarle and its shareholders—and a concrete demonstration of the value of clawback programs.”

SAP

SAP did an excellent job in its remedial efforts to build out its compliance program. In addition to the prior discussions of SAP’s remedial efforts, the DOJ also pointed out the company’s Enhancement of Compliance. Here, the company significantly increased the budget, resources, and expertise devoted to compliance, restructuring its Offices of Ethics and Compliance to ensure adequate stature, independence, autonomy, and access to executive leadership; enhancing its code of conduct and policies and procedures regarding gifts, hospitality, and the use of third parties; and improving its reporting, investigations, and consequence management processes.

Next were the holdback actions SAP engaged in. The DPA noted SAP withheld bonuses totaling $109,141 during its internal investigation from employees who engaged in suspected wrongdoing in connection with the conduct under investigation or who both (a) had supervisory authority over the employee(s) or business area engaged in the misconduct and (b) knew of, or were willfully blind to, the misconduct, and further engaged in substantial litigation to defend its withholding from those employees, which qualified SAP for an additional fine reduction in the amount of the withheld bonuses under the DOJ’s Compensation Incentives and Clawbacks Pilot Program.

ABB

According to the ABB Plea Agreement, ABB “took a lot of corrective actions,” such as hiring experienced compliance staff and, after figuring out what caused the behavior described in the Statement of Facts, spending a lot more money on compliance testing and monitoring across the whole company; putting in place targeted training programs and extra case-study sessions on-site; and continuing to test and monitor to as This final point was expanded on in the SEC Order, which reported that all employees involved in the misconduct were terminated.

Additionally, ABB essentially created its monitoring program to test its compliance program and report to the DOJ. In a section entitled “Written Work Plans, Reviews, and Reports,” ABB agreed to conduct a first review and prepare a first report, followed by at least two follow-up reviews and reports. But more than simply reporting, ABB decided to create and submit for review a work plan for this ongoing testing of its compliance program, as the program was detailed in the DPA. The DPA specified, “No later than one (I) year from the date this Agreement is executed, the Company shall submit to the Offices a written report setting forth:

  • a complete description of its remediation efforts to date;
  • a complete description of the testing conducted to evaluate the effectiveness of the compliance program and the results of that testing; and
  • It proposes to ensure that its compliance program is reasonably designed, implemented, and enforced so that the program is effective in deterring and detecting violations of the FCPA and other applicable anti-corruption laws.”

The bottom line is that all these companies worked very hard to significantly enhance their compliance programs, with a budget, headcount, and expertise in their reporting, investigations, and consequence management processes. None of the actions by these companies were particularly new or even innovative, as with the innovations around data analytics programs. Indeed, these strategies have been available from the DOJ since at least the first edition of the FCPA Resource Guide in 2012. It was, however, the work of each company to understand the deficiencies in their compliance programs and their superior efforts to upgrade them.

Categories
31 Days to More Effective Compliance Programs

31 Days to a More Effective Compliance Program: Day 2 – 2023 Evaluation of Compliance Programs: Incentives and Consequences

The 2023 ECCP had significant changes regarding compliance-based incentives, both financial and non-financial; consequence management; messaging apps; and ancillary matters.

I.    Incentives

This section begins with a new introduction that makes clear the seriousness in which the DOJ views incentives, both financial and other types of incentives. The ECCP states, “The design and implementation of compensation schemes play an important role in fostering a compliance culture.”

The ECCP also added a new section on financial incentives, which directs prosecutors to specifically evaluate how a company designs and applies financial incentives. These four questions basically breakdown into the following continuum: (1) Assessment, (2) Analysis, (3) Implementation; and (4) Monitoring.

II.   Consequence Management

The DOJ has been talking about clawbacks for some time now. However, the revised language of the ECCP puts more rigor into what the DOJ is now mandating.

 a.   Clawbacks

The DOJ has made it clear that companies need to seek to recover amounts paid out to executives that were illegally received as corporate compensation. This could include both salary, stock options, similar payments, or discretionary bonuses. All of this means every compliance program will need to analyze each of these components as set out.

b.    Consequence Management

The DOJ also mandated that compliance programs take a deeper dive into their entire financial incentive program—both incentives and disincentives. While there is some overlap with the clawback language, there is quite a bit of newness in these areas. The DOJ’s hotline and speak-up reports directly relate to a company’s culture of compliance.

Three key takeaways:

1. The 2023 ECCP brought significant changes to both financial incentives and negative consequences as well.

2. The new financial incentive analysis is: (1) Assessment; (2) Analysis, (3) Implementation; and (4) Monitoring.

3. Clawbacks and Consequence Management are related but separate parts of a best practices compliance program.

Categories
Blog

Compliance Lessons from Venice: Incentives, Consequences and Compliance

This week I am running a three-part blog post series and three-part podcast series on compliance lessons from one of the most beautiful cities on earth, Venice. We will consider how construction in Venice can inform your compliance program, how the Venice ship building and repair business located in the Arsenale inform both corporate culture and your compliance program and how Venice created the first modern day hotline reporting system. In this second blog post and accompanying podcast we look at the Venetian ship building and ship repair industry centered in the Arsenale District and how they created a culture of compliance with the workers and implemented strategies which informed modern day compliance programs.

The Arsenale district in Venice serves as a historical example of the implementation of a corporate culture and implementation of a compliance program. This district was a significant maritime hub from the mid-1200s to the mid-1400s, known for its innovative shipbuilding techniques, which were considered state secrets. To protect this valuable intellectual property, the Venetian Fathers established a series of incentives and punishments that can inform best practices in compliance programs today.

One of the key takeaways from the Arsenale district is the importance of balancing incentives and discipline in a compliance program. This concept is emphasized by the Department of Justice (DOJ) and the Securities and Exchange Commission (SEC). Companies can learn from this historical example by implementing clear procedures and consequences for violations, publicizing disciplinary actions as a deterrent, and offering positive incentives to encourage adherence to ethical business practices.

On the consequence side, the Venetian Fathers forbade skilled workers from leaving the city to work in neighboring or rival cities, establishing the first non-compete agreement. Additionally, those caught sharing state secrets faced summary execution after excruciating torture. While these specific punishment techniques may not be applicable in modern corporate America, they highlight the need for severe consequences for violations.

In terms of incentives, the Arsenale district focused on job security. Layoffs were unheard of, and if someone lost their job due to injury or mishap, they received enough compensation to sustain themselves in the city. Furthermore, the company provided funeral expenses and assistance to the family of a deceased worker, ensuring their well-being.

The dual focus on keeping shipbuilding secrets within the city and incentivizing loyalty among workers aligns with the DOJ and SEC’s emphasis on incorporating both incentives and discipline into compliance programs. According to the guidance provided by these regulatory bodies, companies should have clearly defined procedures that are applied reliably and promptly, with punishments commensurate with the violation. Publicizing disciplinary actions internally, where appropriate, can serve as a deterrent and demonstrate the consequences of unethical actions.

However, the guidance also highlights the importance of positive incentives. The DOJ and SEC recognize that rewards for following a company’s internal code of conduct and conducting business ethically can drive compliant behavior. These incentives can take various forms, such as personal evaluations, promotions, rewards for improving compliance programs, and recognition for ethical behavior.

Companies can integrate incentives into their DNA through the hiring and promotion process. Senior management hires and promotions should include a compliance component, ensuring that individuals who prioritize compliance are recognized and rewarded. By making compliance evaluations a part of every employee’s overall evaluation, companies can further incentivize compliance.

The Arsenale district serves as a valuable historical example of the tradeoffs involved in balancing incentives and discipline in a compliance program. While severe punishments were imposed to protect state secrets, the district also prioritized job security and support for workers and their families. This approach highlights the importance of considering the impact on employees when making decisions about compliance program implementation.

In conclusion, the Arsenale district in Venice provides valuable insights into the implementation of a compliance program. By balancing incentives and discipline, companies can establish clear procedures and punishments for violations, publicize disciplinary actions as a deterrent, and offer positive incentives to drive compliant behavior. The historical example of the arsenal district emphasizes the importance of considering the impact on employees when making decisions about compliance program implementation.

Categories
Compliance Into the Weeds

Compliance into the Weeds – Remediation During an Enforcement Action

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to more fully explore a subject. Looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode, Tom and Matt take a deep dive into the issue of how and whether you should remediate during an enforcement action.

The importance of early and continuous remediation of compliance issues cannot be overstated. It is a critical aspect of maintaining a healthy relationship with regulators and ensuring effective strategies are in place to address any uncovered issues. Tom firmly believes in the necessity of initiating the remediation process as early as possible, even during the investigation phase. He emphasizes the importance of regular communication with regulators and the potential risks of delaying remediation.

Matt echoes Fox’s sentiments. He highlights the confidence that early remediation brings to compliance officers and the increased likelihood of successful resolution. Join Tom Fox and Matt Kelly as they delve deeper into this topic in this episode of the Compliance into the Weeds podcast.

 Key Highlights:

  • Proactive Remediation for Effective Compliance Management
  • Navigating Personnel Matters During Remediation
  • Logical and Consistent Employee Discipline Compliance
  • Remediation Strategies for Confident Compliance Officers

 Resources:

Matt on Radical Compliance

Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
31 Days to More Effective Compliance Programs

One Month to a More Effective Compliance Program: Day 9 – Clawbacks

In this podcast series, host Tom Fox explores the growing emphasis on clawback provisions in compliance programs and employee compensation.

Tom Fox delves into the crucial topic of clawback provisions in compliance programs and employee compensation. In light of the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) prioritizing individual accountability for misconduct, clawbacks have become essential in promoting ethical behavior and ensuring compliance. So, let’s dive in and explore the significance of clawbacks in today’s evolving compliance landscape.

Understanding Clawbacks and Incentive-Based Compensation:

Clawbacks, as discussed in the podcast, are provisions that enable organizations to reclaim incentive or bonus funds from employees engaged in misconduct. They serve as a powerful deterrent and hold individuals accountable for their actions. Previously, clawbacks were not seen as necessary, but the DOJ now mandates their inclusion in compensation agreements.

The DOJ’s Focus on Ethical Business Practices:

The DOJ, in its pursuit of punishing officers and employees who fail to conduct business ethically, has made clawbacks a part of best practices compliance programs. To evaluate a company’s compliance program, the DOJ and SEC consider whether the organization has appropriate disciplinary procedures in place. Publicizing disciplinary actions internally and under local law can have a deterrent effect, emphasizing the importance of transparent consequences for misconduct.

The Role of Clawbacks in Compliance Programs:

Having clawback provisions is now seen as a crucial aspect of a good corporate compliance culture. It promotes compliant behavior and demonstrates a company’s commitment to its compliance program. The DOJ investigates whether corporations have included clawback provisions in their compensation agreements and taken steps to execute on such agreements. This highlights the significance of documenting and reflecting these policies and procedures in a company’s own compensation practices.

The SEC’s Final Rule on Clawbacks:

The SEC’s final rule, titled “Listing Standards for Recovery of Erroneously Awarded Compensation,” directs issuers to establish policies for recovering incentive-based compensation in the event of required accounting restatements. This rule applies to both Big R and Little R restatements and provides guidance in the anti-corruption world. Companies are now required to claw back incentive compensation erroneously received by current or former executives during the three-year period preceding the required restatement date.

Ensuring Compliance with Clawbacks:

It is essential for companies to construct well-documented clawback programs that align with the SEC’s guidance. The recoverable amount may differ from what executives would have received based on the required restatement, emphasizing the need for clarity and transparency in compensation agreements. Additionally, the SEC’s final rule prohibits companies from obtaining indemnity insurance to protect executives from clawbacks, further reinforcing the importance of accountability.

Conclusion:

As we’ve explored in this episode, clawbacks play a vital role in promoting ethical behavior and compliance within organizations. The DOJ’s emphasis on individual accountability and the SEC’s final rule on clawbacks demonstrate the evolving landscape of compliance. By implementing well-documented clawback provisions, companies can deter misconduct, hold individuals accountable, and showcase their commitment to ethical practices. Remember, incorporating clawbacks into your compliance program is not just a regulatory requirement but a practical step towards fostering a culture of integrity and responsibility.

 Three key takeaways:

1. The DOJ now mandates clawbacks in a compliance program.

2. The SEC has passed a clawback rule apart from the Monaco Memo.

3. Your clawback program should be well-documented.

For more information, check out The Compliance Handbook, 4th edition, available on LexisNexis.com.

Categories
Blog

The Week That Was in Compliance – The ECCP: Part 2 – Consequence Management

In addition to the speeches presented at the ABA’s 38th Annual National Institute on White Collar Crime, by Deputy Attorney General Lisa Monaco (2023 Monaco Speech) and Assistant Attorney General Kenneth A. Polite (Polite Speech); there was the release of the 2023 U.S. Department of Justice Criminal Division Evaluation of Corporate Compliance Programs (ECCP). Today we review another new addition to the ECCP, that being ‘consequence management’. This certainly includes clawbacks but there is also other language which compliance professionals will need to incorporate into their compliance program beyond clawbacks.

The Department of Justice (DOJ) has been talking about clawbacks for some time now. However, the revised language of the ECCP puts more rigor around what the DOJ is now mandating. This section begins by noting that financial penalties as well as financial incentives can influence employee behavior and that prosecutors are now required to consider both aspects. It states:

“By way of example, prosecutors may consider whether a company has publicized disciplinary actions internally, where appropriate and possible, which can have valuable deterrent effects. Prosecutors may also consider whether a company is tracking data relating to disciplinary actions to measure effectiveness of the investigation and consequence management functions. This can include monitoring the number of compliance-related allegations that are substantiated, the average (and outlier) times to complete a compliance investigation, and the effectiveness and consistency of disciplinary measures across the levels, geographies, units or departments of an organization…Some companies have also enforced contract provisions that permit the company to recoup previously awarded compensation if the recipient of such compensation is found to have engaged in or to be otherwise responsible for corporate wrongdoing. Finally, prosecutors may consider whether provisions for recoupment or reduction of compensation due to compliance violations or misconduct are maintained and enforced in accordance with company policy and applicable laws…Compensation structures that clearly and effectively impose financial penalties for misconduct can deter risky behavior and foster a culture of compliance.”

Clawbacks

With the Pilot Program and other announcements in the Monaco and Polite speeches, the DOJ has made clear that companies need to seek to recover amounts paid out to executives which were illegally received as corporate compensation. This could include both salary, stock options or similar payments or discretionary bonuses. Regarding your corporate clawback protocol itself, the ECCP poses the following questions:

  • What percentage of executive compensation is structured to encourage enduring ethical business objectives?
  • Are the terms of bonus and deferred compensation subject to cancellation or recoupment, to the extent available under applicable law, in the event that non-compliant or unethical behavior is exposed before or after the award was issued?
  • Does the company have a policy for recouping compensation that has been paid, where there has been misconduct?
  • Have there been specific examples of actions taken (e.g., promotions or awards denied, compensation recouped or deferred compensation cancelled) as a result of compliance and ethics considerations?

All of this means every compliance program will need to analyze each of these components as set out. It will also require a review of executive contracts to determine if there are clawback provisions set out in each employment contract. If there are no such provisions, they will need to be inserted. Finally, what “specific examples of actions taken” does a company have to show to the DOJ should they come knocking?

Consequence Management

The DOJ also mandated that compliance programs take a deeper dive into their entire financial incentive program; both incentives and dis-incentives. While not previously discussed in speeches, these new requirements seem to flow from the general statements made by both Monaco and Polite over the past year. In this area, the ECCP mandates the following inquiries:

  • How has the company ensured effective consequence management of compliance violations in practice?
  • What insights can be taken from the management of a company’s hotline that provide indicia of its compliance culture or its management of hotline reports?
  • How do the substantiation rates compare for similar types of reported wrongdoing across the company (i.e. between two or more different states, countries, or departments) or compared to similarly situated companies, if known?
  • Has the company undertaken a root cause analysis into areas where certain conduct is comparatively over or under reported?
  • What is the average time for completion of investigations into hotline reports and how are investigations that are addressed inconsistently managed by the responsible department?
  • What percentage of the compensation awarded to executives who have been found to have engaged in wrongdoing has been subject to cancellation or recoupment for ethical violations?
  • Taking into account the relevant laws and local circumstances governing the relevant parts of a compensation scheme, how has the organization sought to enforce breaches of compliance or penalize ethical lapses?
  • How much compensation has in fact been impacted (either positively or negatively) on account of compliance-related activities?

Obviously, there is some overlap with the clawback language but there is quite a bit new in these questions. The DOJ ties hotline and speak up reports directly to a company’s culture of compliance. This is almost a direct tie back to the findings of Kyle Welch in his seminal work on a speak up culture. But the DOJ goes on to ask about substantiation rates, closure rates, consistent and fair application of discipline (and rewards when called for) and root cause analysis; which are not simply technical aspects of compliance programs but are concrete steps companies can implement to engender trust with employees that their concerns will be taken seriously and then acted upon when they are raised. Once again, as with clawbacks, these are levels of analysis that many compliance programs have not yet taken but are now required to do so.

Join us tomorrow when we consider messaging apps under the revised ECCP.