Categories
Compliance Week Conference Podcast

The Brothers Gallo on Engagement and Compliance ROI

In this episode of the Compliance Week 2022 Preview Podcasts series, Nick and Gio will discuss some of their presentations at Compliance Week 2022. Some of the issues they will discuss in this podcast and their presentations are:

  • How you can demonstrate internal ROI for your compliance program;
  • How to drive stakeholder engagement through a speak up culture;
  • Where compliance is headed in 2025 and beyond.

In this first full compliance conference in over 2 years, I hope you can join me at Compliance Week 2022. This year’s event will be May 16-18 at the JW Marriott in Washington DC. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

Gain insights and make connections at the industry’s premier cross-industry national compliance event offering knowledge-packed, accredited sessions and take-home advice from the most influential leaders in the compliance community. Back for its 17th year, compliance, ethics, legal, and audit professionals will gather safely face-to-face to benchmark best practices and gain the latest tactics and strategies to enhance their compliance programs. and many others to:

  • Network with your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Hear from 75+ respected cross-industry practitioners who are CEOs, CCOs, regulators, federal officials, and practitioners to help inform and shape the strategic direction of your enterprise risk management program.
  • Hear directly from the two SEC Commissioners and gain insights into the agency’s areas of enforcement and walk away with guidance on how to remain compliant within emerging areas such as ESG disclosure, third-party risk management, cybersecurity, cryptocurrency and more.
  • Bring actionable takeaways back to your program from various session types including ESG, Human Trafficking, Board obligations and many others for you to listen, learn and share.
  • The goal of Compliance Week is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to listeners of this podcast, Compliance Week is offering a $200 discount off the registration price. Enter discount code discount code TFLAW $200 OFF.

Categories
Blog

Mining the Gold in the Compliance Hills: Part 3 – Compliance and ESG Investments

Welcome to a special five-part blog post series on how to unlock the gold in your program. I visit with Gio Gallo and Nick Gallo, Co-CEO’s of ComplianceLine, LLC, the sponsor of this series.
One of the ongoing issues in compliance is to demonstrate the Return on Investment (ROI) in your compliance program. One way to do so is by demonstrating the extended value of compliance literally across your entire company. When overlaid with an ESG component, you can begin to see the gold in your compliance hills. In addition to showing how you can unlock the gold in your own compliance hills, Gio and Nick discussed demonstrating ROI for your internal budgeting process which can provide to you the financial resource to strengthen and improve your compliance program. Today, in Part 3, we look at the role of the Chief Compliance Officer (CCO) and corporate compliance function in ESG investments.
We began with the basic question of why a Chief Financial Officer (CFO), or corporate finance function look at ESG investment and how it will be different than a CCO or compliance function would do so. Gio noted that finance will most probably be “considering the outcome and it is something else for me to figure out.” Yet they may well also see it as a new opportunity and a “new conversation that we can be a part of. We may be able to get to that head of the pack because through some early investments which might be in programs or just how we talk about it.” The impact is that finance types might see more opportunities in this than the E&C professional, which you should be conscious of as you enter this conversation. Gio stated, “if we can make something out of this zeitgeist it might be seen as a unique opportunity.”
Conversely, he also noted “there’s no F in the ESG, right? This means the finance lens for this opportunity might be to get better financing for the company.” This might present a funding opportunity, either through a loan, additional capital or other funding mechanisms. It might also work to lower the cost of capital because investors might see your company is really an attractive company. That is what ESG might end up meaning from the finance perspective. The beauty of this is that the approach is equally valid to a compliance-focused approach and demonstrates there are multiple reasons for implementing an ESG program.
Nick emphasized the opportunity that ESG presents. Not simply for each commercial organization but for the compliance function as well. He stated, “irrespective of whether or not your organization is serious about it, you need to take advantage of the opportunity and the window of opportunity that we have right now, because compliance speaks to every single one of those pillars in the ESG acronym.”
From the compliance perspective, there are several reasons for this. It is top of mind for investors and in mind of the marketplace. He said, “Use what you have in place already to show your organization is committed to ESG. Moreover, you probably already have 80% of this stuff done. We already have a speak-up line. We already have a training for our business ethics and corporate culture.” The bottom line is “there are probably a bunch of ESG type things that you are doing.” You can build on all of them. It is a massive opportunity. Do some research on what is publicly available on ESG reports, “grab a handful of those and start looking at what some of your competitors or what other folks in the marketplace are putting into their report. I guarantee there’s a massive overlap with some of the data points that already exist in your organization.” As a compliance professional “it’s about shifting your mindset and using this opportunistically, to take advantage of the amorphousness that is ESG right now.” Nick even compared ESG in 2021 to where compliance was in the mid-1990s after the release of the US Federal Sentencing Guidelines and the creation of the modern compliance professional. It took some 15 to 20 years for corporations to understand that compliance was a business differentiator and business positive and not simply a legal response to a long-standing law, such as the Foreign Corrupt Practices Act (FCPA). In the age of social media, the speed of the change in ESG will be much quicker. Simply witness the change from the Trump Administration which actively fought corporate ESG initiatives to that under the Biden Administration which has fully embraced ESG from a regulatory perspective.
We concluded by considering many of the tasks that a CCO and compliance professional are already doing. Nick provided the following examples, “You can pull that out of your case management system and look at some of the following issues: How many discrimination and harassment claims did you have last year? How many did you have this year? What were the turnaround time on those? How many days did it take you to close those? What can you take credit for? That’s really what ESG is kind of about.” The same is true for your basic risk management strategies involving your third parties and other business ventures.
It is a function of getting an understanding of who your audience is. From the compliance perspective do not simply focus on an audience of one, the government. Look at in the way the Business Roundtable did with their Statement on the Purpose of an Organization. There are multiple stakeholders that you can engage with and work with to satisfy their ESG concerns.
Check out the full podcast series this blog post series is based upon.
Episode 1
Episode 2
Episode 3
 

Categories
Innovation in Compliance

Mining the Gold in the Compliance Hills: Part 2 – Extending Compliance Value Across an Organization

Welcome to a special five-part blog post series on how to unlock the gold in your program. I visit with Gio Gallo and Nick Gallo, Co-CEO’s of ComplianceLine, LLC, the sponsor of this series.
One of the ongoing issues in compliance is to demonstrate the Return on Investment (ROI) in your compliance program. One way to do so is by demonstrating the extended value of compliance literally across your entire company. When overlaid with an ESG component, you can begin to see the gold in your compliance hills. In addition to showing how you can unlock the gold in your own compliance hills, Gio and Nick discussed demonstrating ROI for your internal budgeting process which can provide to you the financial resource to strengthen and improve your compliance program. Today, in Part 2, we consider how a corporate compliance function not only extends its value across an organization but demonstrates the value add of a robust compliance function in improving overall business ROI. It is a way of thinking about your compliance that many compliance professionals fail to grasp.
We began with an exploration of how a finance professional will view things differently from the compliance professional. This is important because there really is a different mindset or at least a different lens that a corporate finance function brings, separate and apart from the compliance function lens. As Nick explained, “in the finance game, people make massive bets, investing hundreds of millions or billions of dollars on acquisitions with no real certainty around how something’s will play out. You do not know if a market will disappear; if the historical growth is going to repeat in the future; if your margin improvements are going to justify a massive purchase price.” Moreover, an “investment committee is really about pushing on those assumptions and saying do we really feel good about how we assume things are going to play out?” He emphasized that it is about “getting comfortable with that level of uncertainty about predicting the future and making bets that are foundationally built on assumptions.”
Gio emphasized that many compliance professionals either believe or are perceived to believe that a company’s bottom line can improve being less risky. However, from the finance perspective that can come across as “Fewer expenses, fewer risk of fines and things like that, or things can get better by growth and improvement. This means not simply getting more revenue but becoming more efficient and even attracting better talent.” Of course, less risk can mean less upside and many finance professionals are “used to jumping to both sides of that kind of gain and loss. This means revenue slash growth versus expense costs.” However, if, as a compliance professional, you can realize that financial professionals are trained to kind of look at the downside, “it can allow you to reframe your perspective and your approach.”
Nick emphasized, “it’s really about being opportunistic. You are opportunistically looking at this risk landscape for things that other people have not seen before.” It was this insight that I found so critical for the compliance professional. Starting with the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs released in June 2020, it has become paramount for a Chief Compliance Officer (CCO) to have access to all company data. This necessitates working across corporate silos from the compliance perspective. It allows a corporate compliance function to have insights other functions do not have and allows compliance to “connect the dots”. Nick went on to state, “Once those light bulbs start to turn on, you can have some really powerful outcomes that you never thought would happen.”
We concluded with a discussion of the compounding effect of a corporate compliance program. Even legally trained compliance professionals have some understanding of compound interest. The compounding effect of a corporate compliance program is similar. Consider training an employee to become a compliance advocate and that employee later becomes manager. Gio related, “These are all these follow-on effects. That’s compounding.” Another way to consider this compounding effect is in handling an issue that comes into your hotline, so that person has confidence, and they tell some other people about it. Now there are five people who have confidence in your program and then two of them report. Then they tell five more people. You have this opportunity for compounding of your compliance scope. Gio added in this scenario, “I think we’re going to get 10 more reports this year. A CCO is also selling their program short if you are not drawing that line through the whole story to say this is going to well beat our 15% or three X ROI target. It’s going to blow it out of the water because there are so many ways that what we do in compliance touches the whole organization and those things compound naturally.”
The bottom line is that if you make these little changes, these 1% changes per year, that translate into 40 times impact over a 12-month period. You continue to make these small, incremental changes over time. Then the cultural difference in your organization relative to your competitors very quickly is going to separate in a nonlinear way. It’s in a separate, in a logarithmic way. And that’s where two, three or four years down the road, the real impact of the changes will become apparent the impact that we can have can really be compelling.
Check out the full podcast here.

Categories
Blog

Mining the Gold in the Compliance Hills: Part 1 – ROI on Compliance Purchase Decisions

Welcome to a special five-part blog post series on how to unlock the gold in your program. I visit with Gio Gallo and Nick Gallo, Co-CEO’s of ComplianceLine, LLC, the sponsor of this series. There is also a podcast on this topic and the link is listed below.
One of the ongoing issues in compliance is to demonstrate the Return on Investment (ROI) in your compliance program. One way to do so is by demonstrating the extended value of compliance literally across your entire company. When overlaid with an ESG component, you can begin to see the gold in your compliance hills. In addition to showing how you can unlock the gold in your own compliance hills, Gio and Nick discussed demonstrating ROI for your internal budgeting process which can provide to you the financial resource to strengthen and improve your compliance program. We begin Part 1 by considering how compliance can be seen as a corporate ROI multiplier by looking at the impact of compliance across your entire organization.
One of the most ubiquitous issues in compliance is making a case for ROI. Every compliance professional must be able to be able to justify not only their spending but their budgeting requests. However, as Gio believes, compliance professionals are “literally leaving some money on the table because there’s a lot more to this game than meets the eye.” It is important to understand not simply the numbers but also who you are talking to about ROI or budgetary requests. Also is the zero-mindset which is usually brought to the budgetary process. Many corporate officers feel that if their department does not receive funding those dollars go to another department, and vice-versa.
Gio emphasized that budgeting “is not a zero-sum game. If you can understand that being aligned with other departments, having some positive externalities that help someone else get their job done, or take some work from someone else’s plate, these are all things that you can align with this full company view.” Moreover, this allows you to portray you are not simply competing for dollars but putting in a richer attempt to serve the overall company mission. He emphasized it really takes a “broadening of your mindset not simply thinking about risk in the full company, but also thinking about the compliance budget as part of the whole.”
Nick added that many Chief Compliance Officers (CCOs) who come from a legally trained professional backgrounds handle budgets “like they are running a nonprofit, by minimizing spending, as opposed to like an abundance or growth mentality.” A CCO really does need to use a different set of frameworks when it comes to thinking through compliance ROI and budgeting, “fundamentally different than the binary sort of risk aversion frameworks that you’ll apply to managing an ethics and compliance department or building an FCPA policy or the like.” He concluded that it is all about taking a calculated risk.
Nick acknowledged that this might require making some assumptions, but it is also about doing some of the same things a compliance professional must do each and every day. We talked through the example of hotlines. Here you begin with a mandatory requirement for US public company for a hotline in Sarbanes-Oxley (SOX) all the way through a best practices compliance program, formulated by the Department of Justice (DOJ) in its most recent Update to the Evaluation of Corporate Compliance Programs. From the installation of the hotlines, all the way through the benefits of a speak up culture, a CCO should begin to show and build a picture that can be taken to senior management or the Board to represent the benefits internally and the types of ROI.
Nick noted this is “the exact arithmetic that we want to utilize. If you have a strong culture that people are engaged with their purpose is resonant with the organizational purpose. This means people expend more discretionary effort which falls directly to the bottom line. Moreover, if you love your work and you feel like your voice matters, and you’ve worked other places where your voice doesn’t matter, then you’re going to feel a particular allegiance to that organization. You’re going to appreciate that. Turnover is going to drop a little bit. All of those benefits will go directly to directly to the bottom line.”
But the conversation does not end there. Gio said, “part of this is a persuasion path, pointing to those outcomes, based on these inputs, which are a hotline or an improved case management system. Those are in my mind, extremely credible, especially when you can start to bring the finance people who are controlling purse strings into that calculation. And that’s what the basis of a lot of our ROI coaching has been not only getting those assumptions dialed in, but also building the persuasion path around the delivery of that message so that it lands in a way that is resonant with the you want to loosen those purse strings up.”
The bottom line is that as compliance leaders, we are “great at communicating the clarity that we have standing in and CCOs are also very good at dealing with the gray areas in the domain of risk management.” If, as the compliance professional, you can demonstrate the compliance function will “move the needle, from a risk management standpoint to not simply rectify the causes of those faster” but make the company run more efficiently, you can make a good case for increased budgeting and greater resources for your compliance program.
Check out the full podcast here.

Categories
Fraud Eats Strategy

Fraud Eats Strategy Episode 4: Is it Possible to Monetize Effective Compliance?


In this episode, we talk about one of the more challenging aspects of regulatory compliance – measuring return on investment. Important elements of an effective compliance program include confidential reporting and investigations. Today we speak to two subject matter experts on confidential reporting, Carrie Penman, Chief Compliance Officer of NAVEX Global, a widely noted compliance luminary and Kyle Welch, Assistant Professor, George Washington University’s School of Business. Carrie and Kyle have collaborated on several studies on how to measure the return on investment of compliance hotlines. Join us to hear about what you can do to help your measurements.

Join us each week as we take a deep dive into the various forms of fraud across the world and discuss crime families, penny stock boiler rooms, international money launderers, narco-traffickers, oligarchs, dictators, war lords, kleptocrats and more.
Scott Moritz is a leading authority on white-collar crime, anti-corruption, and in the evaluation, design, remediation, implementation, and administration of corporate compliance programs, codes of conduct. He is also considered an authority in the establishment, training, and oversight of the investigative protocols carried out by financial intelligence, corporate security, and internal audit units.
 

Categories
31 Days to More Effective Compliance Programs

Third-party risk management ROI


One area that has bedeviled CCOs and compliance practitioners is how to determine the ROI for your compliance program regarding third-parties. While it is still clear that third-parties are the greatest risk in FCPA enforcement actions, senior management often wants to know what is the monetary benefit to the company for this type of risk management.
When you couple the request for ROI with the 2020 Update, it may seem like a doubly daunting task. However, the requirement for operationalization of your compliance program actually lends itself to formulating ROI around the risk management of third-parties. This is because if you move third-party compliance into the organization as a business process, with a technological solution, the ROI becomes not only clearer but easier to calculate going forward.
Three key takeaways:

  1. Why is it important to demonstrate ROI on your third-party risk management program?
  2. Determining ROI helps to demonstrate operationalizing your compliance program.
  3. Determining third-party management program ROI can help to tear down compliance siloes.