Categories
Daily Compliance News

Daily Compliance News: September 8, 2023 – The Slow Creep of Corruption Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance brings to you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Categories
10 For 10

10 For 10: Top Compliance Stories For the Week Ending August 26, 2023

Welcome to 10 For 10, the podcast which brings you the week’s Top 10 compliance stories in one podcast each week. Tom Fox, the Voice of Compliance brings to you, the compliance professional, the compliance stories you need to be aware of to end your busy week. Sit back, and in 10 minutes hear about the stories every compliance professional should be aware of from the prior week. Every Saturday, 10 For 10 highlights the most important news, insights, and analysis for the compliance professional, all curated by the Voice of Compliance, Tom Fox. Get your weekly filling of compliance stories with 10 for 10, a podcast produced by the Compliance Podcast Network.

  • Venezuela makes last ditch appeal re: CITGO. (Reuters)
  • SFO drops ENRC investigation. (FT)
  • Poverty a direct result of corruption. (Time)
  • Is due diligence over in China? (FCPABlog)
  • Ukraine institutes whistleblower bounty program. (BusinessInsider)
  • Nigerian ex-Energy Minister arrested for corruption by FCA. (Reuters)
  • Ex-Vitol employee to face FCPA charges. (WSJ)
  • ABC ex-prosecutor surges in Guatemalan Presidential race. (WaPo)
  • Lithium batteries scrutinized under UFLPA. (Reuters)
  • More Odebrecht indictments coming. (WSJ)

You can check out the Daily Compliance News for four curated compliance and ethics related stories each day, here.

Connect with Tom 

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

Messaging Compliance in a Shifting Regulatory Landscape: The Current and Shifting UK Regulatory Landscape

Are you ready to learn how to implement electronic communications capture and supervision in your firm for better compliance and prevention of regulatory violations? Is messaging compliance giving your compliance function headaches. Welcome to a special 5 part blog post series on messaging compliance in a shifting regulatory landscape, sponsored by Global Relay. For this Part 3, I visited with Rob Mason on the current state of UK regulations on messaging apps and where it may be headed.

Staying ahead of the curve when it comes to the shifting UK regulatory landscape is vital for financial institutions and their compliance professionals. Keeping pace with the FCA’s evolving priorities, as well as ensuring ongoing compliance with GDPR and data protection, can have significant effects on the smooth functioning of your institution. Enhancing operational resilience and implementing effective employee communication monitoring are essential steps to take, in addition to exploring resources for regulatory technology solutions. By remaining updated and flexible, compliance professionals in the UK can successfully navigate the complexities of regulatory changes, ultimately resulting in an improved understanding of current and upcoming UK regulations.

Here are some key steps:

  • Understand FCA’s evolving priorities and focus
  • Keep up-to-date with GDPR and data protection
  • Enhance operational resilience in your institution
  • Implement effective employee communication monitoring
  • Explore resources for regulatory technology solutions

 1. Understand FCA’s evolving priorities and focus.

Navigating the shifting UK regulatory landscape as a financial institution can be complex, but a key step is understanding the evolving priorities and focus of the Financial Conduct Authority (FCA). As the FCA shifts its focus towards a broader oversight approach, financial institutions must remain up-to-date with emerging regulations and adapt their internal processes accordingly. This comprehensive understanding of FCA priorities is vital for compliance professionals, as it enables them to mitigate potential risks, ensure data protection, and maintain operational resilience in an ever-changing regulatory environment.

Mason noted the FCA’s increased focus on retail and consumer financial services in addition to wholesale markets, which has led to a broader oversight approach and also highlighted the importance of data protection and the impact that GDPR regulations and Brexit have had on the UK’s regulatory environment.  Understanding the FCA’s evolving priorities and focus is crucial for compliance professionals in the UK, as it allows them to better adapt to the rapidly changing regulatory landscape. Being knowledgeable about current regulations and anticipating future changes can help institutions maintain compliance, safeguard data, and ensure operational resilience in the face of potential challenges. By staying informed and proactive, compliance professionals can successfully navigate the shifting UK regulatory landscape and contribute to the overall success and stability of their organizations.

 2. Keep up-to-date with GDPR and data protection.

With the ever-changing regulatory landscape in the UK, remaining up-to-date with GDPR and data protection is more crucial than ever for financial institutions. One of the significant changes that has come to focus in recent times is the GDPR, which greatly impacts how businesses collect, store, and process personal data. Data protection concerns have now begun to take center stage not only in Europe but also across the globe. By understanding the requirements of GDPR and other data protection laws, financial institutions can adapt to the changes and avoid costly fines or reputational damage.

Mason said that Europe has been ahead of the curve when it comes to data protection concerns, and how new developments, such as Brexit, have further emphasized the significance of GDPR in the UK. He also discussed how monitoring employee communications became increasingly critical for large organizations to prevent scandals. By keeping up with these regulatory changes and understanding the impact they have on organizations, compliance professionals can better equip themselves to face the challenges that lie ahead.  The importance of staying up-to-date with GDPR and data protection for compliance professionals in the UK cannot be understated.

These regulations help build a strong framework that ensures the protection of customer data, which is at the heart of any financial institution. Besides preventing financial and reputational damage, being compliant with GDPR and data protection laws allows organizations to maintain customer trust, demonstrate transparency, and ultimately contribute to the long-term success of their business. For financial institutions, being knowledgeable about these laws is not just a matter of regulatory compliance, but also a vital factor in creating a sustainable, ethical, and client-centric business. As the regulatory environment continues to evolve, staying ahead of the curve will prove indispensable for financial institutions and their compliance professionals.

 3. Enhance operational resilience in your institution.

In today’s rapidly changing regulatory environment, financial institutions must be agile and proactive in order to stay ahead of the curve. Enhancing operational resilience is a key step in achieving this goal, as it allows organizations to effectively manage unexpected disruptions and challenges. A strong operational resilience framework not only prevents potential losses but also helps maintain stability and reputation in the face of adversity. To successfully navigate the shifting UK regulatory landscape, financial institutions must invest in the necessary resources, infrastructure, and skill sets required for effective risk management, business continuity, and crisis response mechanisms. In this context, it is crucial for these institutions to regularly assess their resilience measures and adopt best practices in line with emerging industry trends and regulations.

Strengthening operational resilience safeguards the institution from potential losses and reputational damage, ensuring long-term success in a capricious regulatory landscape. Moreover, addressing operational risks effectively is crucial in mitigating negative consequences on a larger scale, preventing widespread financial contagion. As the UK financial sector undergoes constant transformation, compliance professionals must be equipped to adapt quickly to emerging challenges. By prioritizing operational resilience and staying abreast of the latest industry trends, these professionals will be better prepared to navigate the shifting UK regulatory landscape, protecting both their institutions and their clients from potential adverse effects.

As a compliance professional in the UK, it’s essential to keep up with the shifting regulatory landscape in order to ensure your financial institution can effectively overcome any obstacles. Staying informed about the FCA’s priorities, GDPR, and data protection regulations is key to maintaining a strong compliance strategy. Additionally, focus on enhancing operational resilience, monitoring employee communications, and seeking out resources for regtech solutions. By doing so, you’ll not only stay compliant but also foster a more secure and thriving financial institution.

Join me tomorrow where we review the recently released Global Relay report, Compliant Communications 2023.

For more information on Global Relay, click here.

Categories
FCPA Compliance Report

Mary Inman on Top FCA Recoveries and Issues from 2022

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. In this episode, I am joined by with Mary Inman, a partner at Constantine Cannon. We discuss the recently released US Fraud statistics and preventative measures with Inman. Inman explains that the US Department of Justice put out statistics on the False Claims Act for 2022, with healthcare dominating the recovered funds. Inman discusses how whistleblowers can still launch cases, even if the government does not join in, and encourage listeners to report fraud to their respective insurance departments if it later results in higher premiums for their organizations.

Key Topics:

·      The Increase of Managed Care Plans in Medicare [00:04:16]

·       The Power of Whistleblowing and the Impact of Joining Government Cases [00:08:19]

·      Medicare and Medicaid Fraud in California and Florida [00:12:21]

·       Impact of Insurance Fraud on Premiums [00:16:44]

·      The False Claims Act and the Escobar Decision [00:26:09]

Notable Quotes

1.      “And they were basically paying kickbacks to their they know who the physicians are, who are the largest prescribers of their drugs. And they were paying kickbacks to encourage them to basically discourage them from prescribing their competitors’ products and to direct it to them.”

2.     “What happened here is that Mallinckrodt improperly calculated their rebate by claiming that the drug they developed in 1990 was a new drug in 2013. And so that allowed them to greatly decrease the amount of the rebate they would have owed to the Medicaid program.”

3.    “It’s another kind of false billing scenario. It was notable to me that we had 2 big settlements.”

4.     “The whistleblower had accused the Association of shifting costs that it shouldn’t have reimbursed onto the Florida Medicaid program.

 Resources:

Mary Inman on Linkedin

Constantine Cannon

Tom Fox on LinkedIn

Categories
Daily Compliance News

Daily Compliance News: October 26, 2022 the Texas Two Step Edition

In today’s edition of Daily Compliance News:

  • Take off those Adidas. (NYT)
  • Tech lessening productivity. (Bloomberg)
  • FCA goes after greenwashing. (Reuters)
  • Is the Texas two-step legal corruption? (FT)
Categories
Daily Compliance News

October 18, 2022 the Monk Charged with Fraud Edition

In today’s edition of Daily Compliance News:

·       Credit Suisse settles yet another fraud case with US regulators. (FT)

·       AT&T settles domestic corruption charges. (ABCNews) 

·       Monastery GC and Monk charged in fraud. (Law.com)

·       SCt turns down FCA cases. (Reuters)

Categories
Daily Compliance News

September 27, 2022 the $900MM Edition

In today’s edition of Daily Compliance News:

  • Biogen is to pay $900MM for kickbacks. (WSJ)
  • The US sanctions the Bosnian prosecutor. (Barron’s)
  • TikTok may face $29MMf fine. (NYT)
  • Fireworks expected. (Reuters)
Categories
Daily Compliance News

September 3, 2022 the All DOJ Edition

In today’s edition of Daily Compliance News:

  • Phillips is to pay 24MM for FCA claims.
  • $10MM was awarded to companies manufacturing defeat devices.
  • Bayer is to pay $40MM for alleged kickbacks and bribery.
  • Two NGO officers were charged with violating the FCPA.

Resources

Today’s stories came from the DOJ Press site, found here.

Categories
Compliance Into the Weeds

Lessons from the Biotronik Anti-Kickback Enforcement Action

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, we take a deep dive into the recent settlement by Biotronik with the DOJ over allegations of the violation of the Anti-Kickback Statue  Highlights include:

  • Background facts.
  • Training programs as cover for bribes.
  • What is lavish entertainment?
  • What were the internal control failures?
  • Controls for high-risk payments.
  • Lessons learned for the ABC compliance professional.

Resources

Tom in the FCPA Compliance and Ethics Blog

Part 1-Background

Part 2-the Bribery Schemes and Lessons Learned

Matt in Radical Compliance

Categories
Blog

Biotronik Anti-Kickback Enforcement Action: Bribery Schemes and Lessons Learned

Today we conclude our series on a Federal Anti-Kickback enforcement action which was announced last week, involving the Oregon based medical device manufacturer Biotronik Inc. (Biotronik). Today, I want to consider the corruption schemes and the lessons learned for the compliance professional. As stated in the Settlement Agreement, Biotronik “knowingly caused the submission of false claims for payment to federal healthcare programs by providing remuneration to physicians to induce them to use Biotronik’s CRM devices in violation of the Anti-Kickback Statute, 42 U.S.C. § 1320a-7b(b).”

I. The Bribery Schemes

 a. Abuse of Training Programs

The Settlement Agreement alleges “Biotronik knowingly paid excessive payments to physicians with a purpose of inducing and rewarding their use of Biotronik’s pacemakers, defibrillators, and other cardiac devices. One of ways the company did so was through “its new employee training program (“Training Program”) by knowingly paying some of its physician customers (“Training Physicians”) to provide excessive employee trainings.” Under this scheme, the Training Physicians were to be paid a fixed fee of approximately $400.00 each time a Biotronik employee trainee received training during one of the Training Physician’s CRM implant procedures. For instance, under the Training Program implant procedure, the “Training Physician was supposed to educate the employee trainee on Biotronik’s devices and teach how to assist a physician during an implant procedure.”

However, it was the sales team which set up these training programs. Biotronik’s compliance and training functions warned that “Biotronik’s salespeople had too much influence in the selection of Training Physicians, that the Training program and resulting payments were being over- utilized, and that the goal of educating Biotronik employees could be achieved without paying Training Physicians.” However, “Biotronik permitted trainees to attend an excessive number of training procedures for which Training Physicians received payment from Biotronik without first conducting an adequate assessment of the trainee’s need for additional training.”

To further line the pockets of the Training Physicians, “salespeople, including managers, intentionally prevented otherwise qualified trainees from successfully completing the Training Program, not because they needed additional training, but rather as a means of ensuring that the trainee could attend more trainings, thereby purportedly justifying additional payments to Training Physicians.” Biotronik also knowingly paid Training Physicians for some trainings that either never occurred or was of little or no value to trainees. This included paying one “Training Physician for certain trainings for which there was no trainee physically present to observe the implant procedure.”

b.  Lavish Entertainment

The Settlement Agreement also alleged that “Biotronik knowingly paid for lavish meals, entertainment, and travel for certain physicians who are known to Biotronik and the United States (hereinafter the “Subject Physicians”) with a purpose of inducing and rewarding their use of Biotronik’s pacemakers, defibrillators, and other cardiac devices.” The company “did not require sign in sheets for lavish meals with physicians and did not use adequate methods to verify the number or identity of attendees or to confirm whether the meals were for a legitimate business purpose.”

This led to  some Biotronik employees falsifying “receipts and participant lists, making it possible to exceed the company’s compliance spending limit per attendee.” These meals and outings often included little or no legitimate business discussion. There was also the amount of the entertainment expense, which included “winery tours, annual office holiday parties, and lavish meals with certain Subject Physicians and their guests at high-end restaurants.” Yet another example of spending far too much on entertainment was “one Subject Physician’s international business class airfare and honoraria in the thousands of dollars for a short, 30-minute talk at an international conference.”

II. Biotronik Remediation

No doubt one of the reasons Biotronik did receive the settlement amount was that, at some point, it recognized the issues and instituted remediation. With the training programs “beginning in 2017, Biotronik added new compliance measures and oversight of the Training Program, limited the number of Training Program events, and reduced payments made in connection with such Training Program events.” In April 2021, Biotronik hired a new Vice President of Compliance and was able to get the lavish entertainment under control by adding “new compliance measures related to the provision of meals and travel to healthcare providers which provided additional employee training, imposed new restrictions, and improved oversight to identify and prevent meal and travel policy violations.”

III. Lessons Learned

There are multiple lessons here for the compliance professional outside the laws under which Biotronik ran afoul. Perhaps the clearest and foremost is that compliance not only needs visibility into areas of risk about also some modicum of control. In the area of Physician Training, the Settlement Agreement specifically noted that the Biotronik compliance function “warned that Biotronik’s salespeople had too much influence in the selection of Training Physicians, that the Training program and resulting payments were being over-utilized, and that the goal of educating Biotronik employees could be achieved without paying Training Physicians.” Here a control should have been put in place which required compliance approval before payments and reimbursements were made for the training. This is similar to a compliance oversight and control of expenses paid or reimbursed to foreign government officials in a Foreign Corrupt Practices Act (FCPA) compliance program.

Interestingly, the Department of Justice (DOJ) also discussed a more nuanced approach to determining if the Physician’s Training is both initially warranted and then continues to be warranted. This is ongoing monitoring. Obviously for Biotronik, one of their risks was when the company paid for training provided by doctors who could also prescribe the company’s products and services. The risk to the company is similar to the risk of an internationally focused company doing business with foreign governments or state-owned enterprises, under the FCPA. If you are paying out monies for training and that puts you in a high-risk category, you need to make sure those receiving the training are required to receive it or even need it.

Under the lavish spending on entertainment and travel, the same type of analysis can apply. The key is both “reasonable spending and business purpose.” The amount spent must be reasonable for the time, locale and participants. There should also be an articulated business purpose for the dinner or other event.

Under the FCPA, there is no threshold that a Company can establish a value for business entertainment. However, I believe there are clear guidelines which should be incorporated into your business expenditure policy, which should include the following:

  • A reasonable balance must exist for bona fide business entertainment during an official business trip.
  • All business entertainment expenses must be reasonable.
  • The business entertainment expense must be commensurate with local custom and practice.
  • The business entertainment expense must avoid the appearance of impropriety.
  • The business entertainment expense must be supported by appropriate documentation and properly recorded on the company’s book and records.

The incorporation of these concepts into a compliance policy is a good first step towards preventing potential violations from arising, but it must be emphasized that they are only a first step. There must be procedures to implement these policies. At a minimum, you must require a business justification from the business representative requesting to provide the gift or business entertainment. Next it should be reviewed and approved by a front-line compliance professional. Then, depending on the amount and nature of the request, it may need Chief Compliance Officer (CCO) approval. Finally, if there is a Compliance Committee it should go to that Committee for a final check to make sure everything is in order.

These guidelines must be coupled with active training of all personnel, not only on a company’s compliance policy, but also on the corporate and individual consequences for violation of the policy. Lastly, it is imperative that all such business entertainment be properly recorded, as required by the books and records component of the FCPA.

And, as always, do not forget the gut check test.