In today’s edition of Daily Compliance News:
· FCC Member Carr asks FB and Google to banish TikTok. (WSJ)
· U.K. Fines Johnson Matthey Subsidiary Over Syria Sanctions. (WSJ)
· SCt guts EPA, Clean Air Act. (NYT)
· DOJ to investigate NYPD Sex Crimes Unit. (Bloomberg)
Tag: DOJ
In today’s edition of Daily Compliance News:
- DOJ dismisses the Haitian bribery case. (WSJ)
- Do LatAm ABC fight losing steam? (Nearshore America)
- FT opines Ramaphosa has not done enough re: Corruption. (FT)
- Wells Fargo shareholder sues over sham diversity program. (Reuters)
After the Russian invasion of Ukraine, the world of business will never be the same again. Deputy Attorney General (DAG) Lisa Monaco recently said that the world’s “geopolitical landscape is more challenging and complex than ever. The most prominent example is of course Russia’s invasion of Ukraine.” It is “nothing less than a fundamental challenge to international norms, sovereignty and the rule of law that underpins our society.” This is even more so in the current business climate.
Over this five-part series, I will consider how business will never again be the same and how a confluence of events of events has changed business forever. I am joined in this exploration by Brandon Daniels, Chief Executive Officer (CEO) of Exiger. We will explore the irrevocable changes in Supply Chain, trade and economic sanctions, anti-corruption, cyber-security and environmental, social and governance (ESG). In Part 3, we continue our explorations of changes wrought by the Russian invasion of Ukraine, in the realm of anti-bribery and anti-corruption (ABC) compliance and enforcement.
The World Economic Forum estimates that over $3 trillion is lost annually to the global economy due to the scourge of corruption. Corruption does more than simply steal money from the world economy. According to the United States Strategy On Countering Corruption, (Strategy), “Corruption robs citizens of equal access to vital services, denying the right to quality healthcare, public safety, and education. It degrades the business environment, subverts economic opportunity, and exacerbates inequality. It often contributes to human rights violations and abuses, and can drive migration. As a fundamental threat to the rule of law, corruption hollows out institutions, corrodes public trust, and fuels popular cynicism toward effective, accountable governance.”
Writing for the World Economic Forum, Delia Ferreira Rubio, Nicola Bonucci and Rachel Davidson Raycraft linked the fight regarding economic and trade sanctions to bribery and corruption. They connected the monies stolen by oligarchs and strongmen through a variety of strategies to bribery and corruption. Taking this connection a step further, they noted “the close relationship between corruption and conflict”, as laid out in the UN Sustainable Development Goal (SDG) 16 – Peace, Justice and Strong Institutions. As with the Strategy, UN SDG 16, “is grounded in the principles of anti-corruption, including targets such as reducing illicit finance, corruption and bribery; and developing effective, accountable and transparent institutions at all levels.”
ABC enforcement is well-known and there are two decades of the modern era of Foreign Corrupt Practices Act (FCPA) enforcement. This modern era began after the connection was established between corruption and terrorism, most notably from the events of 9/11. However, now ABC is seen as a key component of both global security and global prosperity. The Biden Administration recognized these components when it announced that ABC is now seen as a National Security Threat to the US, when it announced its Strategy in December 2021.
The Strategy laid out five pillars of the US government’s increased emphasis on ABC enforcement and compliance. Pillar 1 spoke to modernizing, coordinating, and resourcing US government efforts to fight corruption. Pillar 2 dealt with curbing illicit financing. Pillar 3 was about holding corrupt actors accountable. Pillar 4 broadened the approach beyond a US-only perspective to discuss a broader multilateral anti-corruption architecture. Pillar 5 also enhanced a more holistic approach by discussing improving diplomatic engagement and leveraging foreign assistance to advance these goals.
All of this means more information and analysis, including search and data collection, by using “information more effectively to understand and map corruption networks and related proceeds, and dynamics, and tailor prevention and enforcement related actions, as well as build the evidence base around effective assistance approaches.” The next improved information sharing within the US government, private companies and across international boundaries. It also includes holding corruption actors accountable, curbing illicit financing and bolstering international cooperation and actions.
Another key area laid out in the Strategy was the increased focus on the “transnational dimensions of corruption.” This means more than simply looking at the usual geographic areas recognized as high risks of corruption by tackling transnational organized crime through “understanding and disrupting networks, tracking flows of money and other assets, and improving information and intelligence sharing across U.S. departments and agencies, and, as appropriate, with international and non-governmental partners.”
The Strategy set the stage for changes wrought by the Russian invasion of Ukraine. Daniels said that bribery and corruption are not “lone wolf crimes”; as they do not occur in a vacuum. They are almost always associated with attempts to hide illegal payments through money-laundering and often are done in conjunction with anti-competitive crimes such bid-rigging or similar acts. Moreover, bribery and corruption leads to constraints in the marketplace through awarding of business in decidedly non-legal manners. Daniels went on to state, “We don’t think of this as a cost of doing business for two reasons. One, because it does go alongside very often autocratic governments. Two, such actions go with it, such as disinformation.”
One of the consequences of the dramatic increase in economic and trade sanctions is that corruption will be the enhanced risk of bribery and corruption. This can occur as impacted businesses and sanctioned individuals look for ways to evade sanctions through the use of bribery and corruption. Some of the ways they will try to avoid and evade sanctions will be through smuggling, setting up shell companies, money laundering and self-dealing, all facilitated by bribery and corruption.
An unintended, but no less powerful example of the nefarious impacts of bribery and corruption, has been demonstrated by the Russian Army in the invasion of Ukraine. It has been the abject failure of the Russian Army to be able to keep a modern army functioning in the field. The Russian Army has been plagued by equipment that did not function and non-existent parts and stores which were all sold off on the Black Market by corrupt Russian government officials. In many ways, criminals simply siphoned away the stores of the Russian Army due to bribery and corruption.
Finally, as DAG Lisa Monaco stated, the role of compliance professionals as gatekeepers has dramatically changed. The Department of Justice (DOJ) clearly views corporate citizens as key allies in this fight. Rubio, Bonucci and Raycraft noted that gatekeepers “play an indispensable role in the enforcement and realization of laws and regulations that target illicit finance.” Anti-bribery and anti-corruption compliance has been forever changed by the Ukraine War as it is clear that “by controlling, distributing and managing wealth, gatekeepers control, distribute and manage global power – and, in effect, global security.” Anti-bribery and anti-corruption compliance and enforcement will never be the same again, literally on a worldwide basis.
After the Russian invasion of Ukraine, the world of business will never be the same again. Deputy Attorney General (DAG) Lisa Monaco recently said that the world’s “geopolitical landscape is more challenging and complex than ever. The most prominent example is of course Russia’s invasion of Ukraine.” It is “nothing less than a fundamental challenge to international norms, sovereignty and the rule of law that underpins our society.” This is even more so in the current business climate.
Over this five-part series, I will consider how business will never again be the same and how a confluence of events of events has changed business forever. I am joined in this exploration by Brandon Daniels, Chief Executive Officer (CEO) of Exiger. We will explore the irrevocable changes in Supply Chain, trade and economic sanctions, anti-corruption, cyber-security and environmental, social and governance (ESG). In Part 4, we continue to explore the changes wrought by the Russian invasion of Ukraine, in the realm of cybersecurity.
The Russian invasion of Ukraine gave everyone else an understanding of how serious cybersecurity really was from a defense perspective and not just from a corporate risk management perspective. According to Daniels, it drove home the clear message in cybersecurity that the United States is in a non-kinetic war with Russia and China. Over the past decade the theft of intellectual property (IP) through cybercrime has steadily increased but Russia and China are essentially “showering the US with attacks” and specifically Russia is attempting to compromise “US facilities and technologies since the crisis” began.
A second and equally important point on cybersecurity, is how interconnected it is to commerce. Countries such as Russia and China are clearly using both state and non-state businesses to further the ambitions of the state. These attacks have been particularly prevalent in supply chain where 80% of the largest cyber-attacks that have occurred, have been supply chain attacks. This means that you may have integrated some software into your organization through a vendor, but somewhere earlier in that software development, in that vendor’s purchasing of under underlying software capabilities, there was a malicious piece of software that was planted by a state-owned actor, a non-state actor or a criminal network. This interconnectedness between third party and supply chain, risk management and cyber risk management was made so much more explicit from the Russian invasion of Ukraine.
Daniels pointed out that companies may have “vendors that are owned one to two degrees away by Russian oligarchs and those Russian oligarchs might be using the fact that we use their software one to two degrees away as an entry point to steal classified information about what the US government is doing in” an area such as critical infrastructure. Once again, the nature of cybersecurity and its interconnectedness with third party and supplier risk management, was “another revelation that came out of this crisis and this conflict.”
One of the continuing themes from the Russian invasion of Ukraine is the interconnectedness of risks which will never be the same. Some of these we have previously explored such as supply chain, trade and economic sanctions and anti-bribery and anti-corruption. There are others such as crypto and ESG as well. This can all lead to a perception of complexity which could overwhelm risk management and other business professions thinking through how to manage these risks.
Daniels suggested an approach which assesses your vendors in their environment for four quadrants of risk: operational, foreign ownership, financial health and reputational risk. After you have established your risk appetite you will need to assess every vendor on an individual and singular basis. You should have a process where each vendor coming through your company’s pipeline follows an onboarding process that manages to your risk appetite and then monitors for risks that could pull a vendor above your risk threshold. If a vendor falls outside of your risk appetite for any of these key areas, you should review the use of that vendor in more detail.
There are other risk profiles you should consider. One is industry risk, which means what critical industries are you relying upon. Daniels noted that a cloud hosting company should be concerned with computing resources, bandwidth, power, or fiber optic resources. He said, “Don’t try to boil the ocean, just look at your critical industries and see where you might have issues that are coming up that could be problematic” for your industry.
Finally, another key risk area to consider is jurisdictional risk. This means reviewing the locations of your facilities. Daniels said, “I look at where my top or most critical products are being manufactured. Again, if I’m a cloud hosting company, it might be the microelectronics that I use to power computing resources, to determine where the concentration of manufacturing locations.” But the key is to take it in bite size chunks by company, industry, and jurisdiction, and then monitor so you can at least maintain a reactive posture on upcoming events. By doing so this enables your company to do continuous maturing and evolution thereby increasing complexity and efficacy to continuously improve that program to start to work towards proactive risk management.
After the Russian invasion of Ukraine, the world of business will never be the same again. Deputy Attorney General (DAG) Lisa Monaco recently said that the world’s “geopolitical landscape is more challenging and complex than ever. The most prominent example is of course Russia’s invasion of Ukraine.” It is “nothing less than a fundamental challenge to international norms, sovereignty and the rule of law that underpins our society.” This is even more so in the current business climate.
Over this five-part series, I will consider how business will never again be the same and how a confluence of events of events has changed business forever. I am joined in this exploration by Brandon Daniels, Chief Executive Officer (CEO) of Exiger. We will explore the irrevocable changes in Supply Chain, trade and economic sanctions, anti-corruption, cyber-security and environmental, social and governance (ESG). In Part 2, we continue to explore the changes wrought by the Russian invasion of Ukraine, in the realm of economic and trade sanctions.
According to Daniels, one of the keys on the nature of sanctions on punitive economic activities, is to endure that you are having the right impact and through a set of comprehensive sanctions. You must do so while “making sure that you’re not hurting your allies and partners that can help unwind some of these undesirable or intolerable geopolitical situations.” This means that when thinking about economic sanctions, it is not simply a consideration of the implemented economic sanctions; it is a broader consideration of “a comprehensive set of economic and trade policies that have been codified into legislation, through regulation and rulemaking, that set the tone for sanctions in the future sanctions and economic prohibitions in the future.”
Two precursors to the development of the US economic and trade sanctions response to the Russian invasion of Ukraine were the increase in economic and trade sanctions utilized by the Trump Administration and, most significantly, the passage of the National Defense Authorization Act on January 1, 2020, which included the Anti-Money Laundering (AML) Law of 2020. This was the first update of federal AML laws since the Patriot Act was passed in the wake of 9/11. Both of these seemingly disparate developments set the stage so that Russia invaded Ukraine and the Biden Administration, along with most western democracies, came down levying economic and trade sanctions in very short order against certain Russian individuals, Russian companies and against Russia itself.
The US government had also been ramping up its economic and trade sanctions enforcement over the past several years. DAG Monaco has said that three such cases have led to over $1 billion in fines and penalties alone over the past 10 years, adding “so we’re by no means starting on a blank canvas.” However, “what you have seen in the last few months is something completely different…The scope of the sanctions imposed on Russia by the United States and its allies and partners are of a new order of magnitude…We are pouring resources into sanctions enforcement, and you have seen and will continue to see results.” Indeed, she categorized economic and trade sanctions enforcement as “the new FCPA.” But it’s not just the war in Ukraine that has prompted a new level of intensity and commitment to sanctions enforcement. We have turned a corner in our approach. Over the last couple of months, I’ve given notice of that sea change by describing sanctions as “the new FCPA.”
Daniels noted that these new rounds of sanctions based upon the Russian invasion of Ukraine are actually broader and more comprehensive because they strive to get at the root of an issue, which is intelligence gathering by state and non-state actors from US businesses. He pointed to the examples of the Chinese companies ZTE Corporation and Huawei Technologies Co., Ltd., which are subject to bans from the Federal Communications Commission (FCC) but who still might be suppling chips to suppliers down your supply chain and more nefariously using those chips to engage in intelligence gathering and industrial espionage.
The economic and trade sanctions, put in place before the Russian invasion of Ukraine and those levied thereafter, are designed to not simply punish Russia but also interdict their ability to wage war. This means sanctions will be used to disrupt the Russian ability to fund the war through its banking sectors. Yet another set of reasons are to change non-democratic and unethical behaviors by making the cost to engage in these behaviors so high through economic and trade sanctions.
One of the most interesting consequences in the area has been the increase in and much more highly publicized increase in whistleblowers. Once again, the AML Law of 2020 set the stage for this by including a bounty provision that any person or entity involved in reporting an economic and trade sanctions violation would be eligible for up to 30% bounty on any recovery. Perhaps the most visible byproduct of this has been the worldwide hunt for the multi-million up to billion-dollar yachts of Russian oligarchs. Whistleblowers and bounty hunters are actively looking for these yachts to turn their locations over to American authorities who can seize them.
But these seizures are only one step. As Daniels noted, because the AML Law of 2020 also helps uncover the companies who own these yachts and the companies who own those companies. In other words, transparency. Here one only need to think of the Panama Papers, the Pandora Papers and the Paradise Papers to understand why the light of day is the best disinfectant for enforcing economic and trade sanctions.
Once again, as with supply chain, the government is now looking for businesses to help in this fight. The US government has enlisted the private sectors as key partners in the implementation of economic and trade sanctions to allow the US government “to go after those who profit from corruption and crime around the world — whether they are sanctions-evading oligarchs or office-holding bribe recipients. Working with our partners, we can ensure that corrupt regimes will be held responsible — whether we’re seizing yachts or freezing slush funds.”
After the Russian invasion of Ukraine, the world of business will never be the same again. Deputy Attorney General (DAG) Lisa Monaco recently said that the world’s “geopolitical landscape is more challenging and complex than ever. The most prominent example is of course Russia’s invasion of Ukraine.” It is “nothing less than a fundamental challenge to international norms, sovereignty and the rule of law that underpins our society.” This is even more so in the current business climate.
Over this five-part series, I will consider how business will never again be the same and how a confluence of events has changed business forever. I am joined in this exploration by Brandon Daniels, Chief Executive Officer (CEO) of Exiger. We will explore the irrevocable changes in Supply Chain, trade and economic sanctions, anti-corruption, cyber-security and environmental, social and governance (ESG). In Part 1, we begin with changes in the supply chain as there may well be no area of businesses which has experienced the tectonic shifts that have occurred in the marketplace over the past couple of years than in Supply Chain.
Daniels identified three key reasons for these shifts. The first began with the realization of the untenable actions of the major player on the US supply chain, China. This realization had begun pre-pandemic, when it became clear of the massive theft of US intellectual property by Chinese businesses which led to a huge counterfeit goods problem coming out of China. Daniels estimated that “70% of the world’s counterfeit market is driven by China.” The second was the slave labor issue with China, particularly the Uyghurs. This extensive use of slave labor gave China an economic advantage which in many cases could not be overcome. It was economic warfare by another name.
All of this was exacerbated by the pandemic and we saw what it meant to have an economic and geopolitical adversary as one of your key suppliers during a true worldwide healthcare crisis. This confluence of events led to several key changes in thinking about supply chain. First, supply chain efficacy is not about weather events, it is not about logistics, it is not about just in time. There are much broader sets of issues for supply chain that had not come to the fore previously but came much more clearly into focus, such as geopolitical tensions. According to Daniels, “we realized that supply chain is multifaceted in terms of issues.”
Next came the recognition of the need for more and greater government oversight and regulation. The need to stamp out modern slavery led to the passage of the Uyghur Forced Labor Prevention Act. This law significantly expanded compliance requirements for companies to certify that goods made with forced labor in the Xinjiang Uyghur Autonomous Region of the People’s Republic of China do not enter the United States. Interestingly, the law created the presumption that all goods produced in Xinjiang were produced using forced labor, with the burden of proof resting on companies to demonstrate that materials, parts, and goods originating in China were not mined, produced, or manufactured wholly or in part in Xinjiang. There was also a business and government realization that many of the key rare earth elements and minerals widely used in US manufacturing process came from China and now Russia.
Daniels put all of this into perspective when he said, “you had this big earthquake in the pandemic, but then you had all these fault lines that we didn’t realize that were on the edge of a precipice. We were in these really brittle places and just all fell apart with the Russian invasion of Ukraine. From rare earth elements like neodymium which is used in securing a F35 to electric car batteries, to metals and heavy metals used in standard manufacturing processes such as aluminum, iron and neon; supply chain disruptions were all acerbated by the Russian invasion of Ukraine on top of the ongoing disruptions from the pandemic and beyond.”
Finally, was a new element to the supply chain calculus, what Daniels termed “the ethical conundrum.” Russia has engaged in a brutal unjustified war that has disrupted the flow of goods and services from both Russia and Ukraine. Neon, a key element for processing chips, is heavily concentrated in Ukraine as are some of our largest outsourced engineering software companies. As the US and EU governments have responded with a series of harsher and more robust economic and trade sanctions the pressures on supply chain have increased. You must look at greater and more ongoing due diligence and greater sustainability.
These issues have moved beyond simply national security issues in the governmental and public sector. As DAG Monaco said, “Increasingly, you and your clients are on the front lines in responding to these geopolitical realities…our goal is not only to hold people accountable, but to disrupt these threats using all the tools available to us.” Private companies must understand they are now a part of what Daniels characterized as “continuous non-kinetic warfare.”
But in addition to this new type of warfare of which every business is now a part of going forward, it all ties back to US economic prosperity. While this was clear in the US adversarial relationship with China pre-pandemic; it accelerated during the pandemic and now after the Russian invasion of Ukraine. If you could not get a mask so that you could go to work during the pandemic, that health issue became an economic issue. If you were doing business with a Russian oligarch, the reputational damage to your top line will negatively impact your company, perhaps in a material manner.
Tomorrow we consider why economic and trade sanctions will never be the same.
Welcome to a special five-part podcast series on compliance insights, sponsored by Traliant. Over this series, we will discuss key issues that Traliant is helping to lead and define the online training industry going forward. Over this five-part series, I will visit with John Arendes, Chief Executive Officer (CEO) at the company, on what is new at New Traliant and what the Department of Justice (DOJ) has communicated to the compliance community regarding its expectations around online training and communications; Maggie Smith, Vice President of Human Resources at Traliant on the role of DEI in your corporate ESG program; and Scott Schneider, Head of Content Development at Traliant on your Code of Conduct and anti-corruption training. In this Episode 4, I visit with Scott Schneider, VP of Innovation at Traliant, on the evolution and importance of the corporate Code of Conduct. Highlights include:
- Culture is the key driver, and your Code of Conduct is the foundation for a broader discussion of what regulators look for in a compliance program.
- How has the Code of Conduct evolved?
- Your Code of Conduct should be more than simply aspirational, and your Code of Conduct training helps drive home values, ethics & culture.
Welcome to a special five-part podcast series on compliance insights, sponsored by Traliant. Over this series, we will discuss key issues that Traliant is helping to lead and define the online training industry in going forward. Over this five part series I will visit with John Arendes, Chief Executive Officer (CEO) at the company on what is new at New Traliant and what the Department of Justice (DOJ) has communicated to the compliance community regarding its expectations around online training and communications; Maggie Smith, Vice President of Human Resources at Traliant on the role of DEI in your corporate ESG program; and Scott Schneider, Head of Content Development at Traliant on your Code of Conduct and anti-corruption training. In this Episode 2, I visit with John Arendes on DOJ communications around its expectations for training. Highlights include:
- In DAG Lisa Monaco’s October 2021 speech, she said the DOJ would focus on corporate culture as a key indicia of compliance.
- The DOJ has made clear that while longer form online training is satisfactory, they expect companies to develop short, direct compliance training for employees.
- Since the release of the Evaluation of Effective Compliance Programs, the DOJ has mandated, effective and targeted compliance training.
Categories
DOJ Training Expectations
Welcome to a special five-part blog post series on the New Traliant, sponsored by Traliant, LLC. Over this series, we will discuss key issues that Traliant is helping to lead and define the online training industry in going forward. I will visit with John Arendes, Chief Executive Officer (CEO), on what is new at Traliant and what the Department of Justice (DOJ) has communicated to the compliance community regarding its expectations around online training and communications; Maggie Smith, Vice President of Human Resources, on the role of diversity, equity and inclusion (DEI) in your corporate environmental, social and governance (ESG) program; and Scott Schneider, Head of Content Development, on your Code of Conduct and anti-corruption training. In Episode 2, I visit with John Arendes on DOJ communications around its expectations for training.
There have been multiple communications from the regulators over the past couple of years about what they expect in training, first at the federal level from the DOJ and the Securities and Exchange Commission (SEC) and second at the stage level as many state regulators have also communicated what their expectations are around training. Last October, the Deputy Attorney General (DAG) Lisa Monaco gave a speech where she announced changes under the Biden administration’s DOJ enforcement of the Foreign Corrupt Practices Act (FCPA) and other white-collar crimes. For the first time the DOJ talked about corporate culture, and Monaco said that companies and compliance officers need to assess culture. Moreover, the DOJ would look at a company’s culture in an enforcement action.
All of this means that companies must strengthen their training and communications. Arendes said, “when you look at the very top of an issue it is always stemming from a culture at the top of an organization.” He believes culture should be inclusive, diverse and respectful. This means moving beyond the standard or even traditional ‘check-the-box’ training. This DOJ assessment of corporate culture will require companies go “beyond just checking the box.” Companies need training which offers practical advice, case studies, and address real life scenarios.
This is key to Traliant training, “it’s based on real life. When we talk with our customers, they also say to us and communicate, here’s our culture and here’s what we’re trying to get to. How do you help us with that?” The Traliant approach is to create an entire program of courses that interlocks to each other, to create a learning and engagement experience that we hope will help a company in either changing their culture or reinforcing it, in a documented effective manner.
Another key that Arendes mentioned for anyone evaluating online training is the granularity of the training. For instance, basic discrimination and harassment training for the healthcare community is different for the restaurant environment. You should begin with your vertical, or specific training. In healthcare that would be training based on the healthcare environment. This means your training is targeted right to the audience. From there you should look for the creation of scenarios with different job positions, doing those different scenarios. Arendes provided the example of a nurse, working with a doctor is different from a receptionist working with the doctor.
We concluded with a discussion of the DOJ mandate for shorter, more focused compliance communications as a supplement to deeper dive training. Here the Traliant approach is called ‘Spark’. In this approach, the training is designed to ‘spark’ a conversation. Organizations will periodically use such communications to challenge the entire organization which can facilitate ongoing conversations about specific aspects of culture. From DEI to safety to ESG, to doing business ethically and in compliance. This also fits directly into the DOJ prescription of short, focused communications which can be effective. These can also be well documented so that if a regulator comes knocking you can quickly and efficiently demonstrate targeted, effective communications.
While Arendes cautioned that such short, focused training should not be seen as a deep drive or comprehensive training, it can supplement deeper and richer training. Shorter training can work well to reinforce deeper training. You can roll out these shorter trainings at multiple times throughout the year to “give reinforcement to spark these conversations.” He concluded, here at Traliant, “We have a whole standard library of those that come right out on the box with our library subscription and people are using them continuously, to do this reinforcement throughout the year. Based on their effectiveness and this new DOJ approach, I see those becoming more and more important to compliance programs.”
Join us for our next episode where we look at DEI training.
Check out the podcast with John Arendes this blog post is based upon here.
