Tag: self disclosure

Categories
Blog

Using Data Analytics to Create an Effective Compliance Program-Part 1

I recently had the opportunity to visit with Vince Walden for the inaugural episode of the newest podcast on the Compliance Podcast Network, Data Driven Compliance. Walden is a compliance professional with 15 years of experience, who left his day job and founded Kona AI, a cutting-edge innovation for compliance professionals. Kona AI is an on-premise platform to build advanced analytics and compliance monitoring that aligns with the DOJ’s expectations.

Over this multi-part blog post series, I will be discussing how to create an effective compliance program through  the use of data analytics by considering the requirement laid out by the Department of Justice (DOJ) in their recent pronouncements on a best practices, as well as the key trends and lessons learned from enforcement actions. Finally, we will consider the speech by Kenneth Polite on the changes to the Corporate Enforcement Policy and how to meet those requirements using data analytics.

It is important for compliance professionals to make informed decisions that are driven by data to ensure that the compliance program is effective and efficient. Data-driven decisions enable compliance professionals to make decisions that are backed by evidence, allowing them to make informed decisions that are based on facts and figures rather than assumptions or guesswork. Without data, compliance professionals would be unable to accurately measure the effectiveness of their compliance program or identify potential risks or areas of non-compliance.

Data-driven decisions also allow compliance professionals to identify areas of strength and opportunities for improvement. By utilizing data, they can identify trends, patterns, and correlations that can help them understand the underlying causes of compliance issues and formulate strategies to address them. Furthermore, data-driven decisions are more likely to be accepted and supported by stakeholders, as they are based on facts and have been thoroughly researched and analyzed. Ultimately, data-driven decisions ensure that compliance professionals are making informed decisions that are in the best interests of their organization. Walden articulate 10 steps you need to follow:

  1. Assess a company’s conduct;
  2. Self-disclose;
  3. Know quickly if there is a problem or not;
  4. Have access to relevant sources of data;
  5. Conduct monitoring at the beginning and throughout the lifespan of the relationship
  6. Have an on-premise application;
  7. Look up vendors and transactions quickly;
  8. Run data through a library of corruption and fraud tests;
  9. Look at a predictive model and see if it meets the profile of an improper payment; and
  10. Have visibility into data almost at your fingertips.

Under Step 1, the assessing of your company’s conduct begins with understanding the DOJ’s  expectations for an effective compliance program. Companies should have policies and procedures in place that enable them to access relevant sources of data, conduct ongoing monitoring of third-party relationships, and hold compliance officers accountable for the effectiveness of the compliance program. Additionally, companies should ensure they have the necessary technology in place to be able to quickly conduct an analysis of their data to determine if a self-disclosure is necessary. By taking these steps, companies can ensure they are meeting the DOJ’s expectations and are in a better position to successfully self-disclose if necessary.

Finally, assessing a company’s conduct should also involve an analysis of the company’s external communications. Companies should have a process in place for responding to inquiries from the public, media, and other stakeholders, and they should ensure that all communications are accurate and timely. Additionally, companies should ensure they are regularly engaging with their stakeholders to keep them informed of any changes in their compliance policies or procedures. By taking these steps, companies can ensure they are engaging in effective external communications that foster trust and confidence in their compliance program.

Self-disclosure is a key step in achieving an effective compliance program. Walden lists this as Step 2. It is important for companies to to demonstrate their commitment to compliance and avoid possible enforcement actions. Recently Kenneth Polite reiterated the importance of self-disclosure and discussed the changes to the corporate enforcement policy. Self-disclosure is viewed as a sign of good faith and can have a major impact on the DOJ’s decision to pursue or not to pursue a case.

However, to meet this requirement under the DOJ Corporate Enforcement Policy, companies need to have access to their data quickly in order to determine if self-disclosure is necessary. This means having an on-premises platform that can quickly search through transactions, identify potential corrupt payments, and compare them to a predictive model. This will demonstrate that they have an effective compliance program for the DOJ to consider them for leniency. But it requires having access to relevant sources of data and conducting monitoring throughout the relationship with third parties. Having an analytics platform can help companies detect anomalies in their data and identify patterns in the data that can help create an effective compliance program.

In addition to self-disclosure, companies must also take steps to ensure that their compliance program is effective and meets the standards of the DOJ. Companies should have access to a streamlined technology platform that helps them manage their compliance efforts. This platform should have tools to monitor third-party relationships, identify suspicious activity, and monitor compliance efforts. An effective compliance program also requires ensuring that employees receive proper training and understanding of the company’s policies and procedures. Companies should also have an audit system in place to regularly check that their compliance program is meeting the standards of the DOJ. This audit system should include periodic assessments of the compliance program and regular reviews of third-party relationships.

Of course, if you do not know you have a problem, you organization cannot self-disclose and cannot meet the mandates to demonstrate an effective compliance program. Hence under Step 3, an organization must understand if there is a problem or not which warrants self-disclosure.  With the right technology in place, companies can monitor their compliance efforts and ensure that they are meeting the expectations of the DOJ. Additionally, companies should ensure that employees are properly trained on the company’s policies and procedures. Taking these steps can help create an effective compliance program that meets the expectations of the DOJ.

Join us tomorrow where continue our exploration of using data analytics to create an effective compliance program.

Listen to Vince Walden on Data Driven Compliance.

Categories
FCPA Compliance Report

Laura Perkins on the Monaco Memo

In this special 5 part podcast series, I am deeply diving into the Monaco Memo and analyzing it from various angles. In this episode of the FCPA Compliance Report, I am joined by Hughes Hubbard partner Laura Perkins to take a deep dive into the Monaco Memo. Some of the highlights include:

  1. Determination of Monitor Need.
  2. Roadmap to proa-active compliance.
  3. Timely self-disclosure as criteria for monitorship?
  4. Monitor selection criteria.
  5. Monitor review and oversight.

 Resources

Laura Perkins on HughesHubbard.com

Tom 5-Part blog post series in the FCPA Compliance and Ethics Blog

  1. A Jolt for Compliance
  2. Timely Self-Disclosure
  3. Corporate Compliance Programs
  4. Monitors
  5. Polite Speech

Monaco Memo

Categories
FCPA Compliance Report

Matt Kelly on the Monaco Memo

In this special 5 part podcast series, I am deeply diving into the Monaco Memo and analyzing it from various angles. In this episode of the FCPA Compliance Report, I am joined by my Compliance into the Weeds co-host Matt Kelly for a deep dive into the weeds of the Monaco Memo. Some of the highlights include:

  1. Corporate accountability.
  2. Timeliness in turning over evidence of wrongdoing.
  3. Baby Carrots in evaluating the corporate history of misconduct.
  4. Additions to Evaluation of Corporate Compliance Programs.
  5. Tweaks to the Yates Memo formulation.
  6. Monitors and Monitorships.

 Resources

Matt in Radical Compliance

Tom in the FCPA Compliance and Ethics Blog

  1. Introduction
  2. Self-Disclosure
  3. Corporate Compliance Programs
  4. Monitors
  5. What it all means

Monaco Memo

Categories
FCPA Compliance Report

Vin DiCianni on the Monaco Memo

In this special 5 part podcast series, I am deeply diving into the Monaco Memo and analyzing it from various angles. In this episode of the FCPA Compliance Report, I am joined by my Affiliated Monitors founder Vin DiCianni to take a deep dive into the monitors and monitorship portions of the Monaco Memo. Some of the highlights include:

  1. Determination of Monitor Need.
  2. Roadmap to proa-active compliance.
  3. Timely self-disclosure as criteria for monitorship?
  4. Monitor selection criteria.
  5. Monitor review and oversight.

 Resources

Vin DiCianni on Affiliated Monitors

Tom 5-Part blog post series in the FCPA Compliance and Ethics Blog

  1. A Jolt for Compliance
  2. Timely Self-Disclosure
  3. Corporate Compliance Programs
  4. Monitors
  5. Polite Speech

Monaco Memo

Categories
Blog

Monaco Memo: A Jolt for Compliance: Part 2 – Swiftly and Without Delay

Today, we continue our exploration of the Monaco Memo by considering the section entitled “Timely Disclosures and Prioritization of Individual Investigations”. This portion of the Monaco Memo re-emphasized the reinstitution of the Yates Memo, first announced by Deputy Attorney General (DAG) Lisa Monaco in October 2021. Clearly the Department of Justice (DOJ) wants to increase the accountability of individuals who have engaged in criminal activities such as bribery and corruption under the Foreign Corrupt Practices Act (FCPA).

It is well-settled under the FCPA Corporate Enforcement Policy that for a company to be considered for a Declination or cooperation credit, the company must self-disclose its illegal conduct. However, self-disclosure is not enough; it now must be timely. The DOJ wants speed as well because, “If disclosures come too long after the misconduct in question, they reduce the likelihood that the government may be able to adequately investigate the matter in time to seek appropriate criminal charges against individuals. The expiration of statutes of limitations, the dissipation of corroborating evidence, and other factors can inhibit individual accountability when the disclosure of facts about individual misconduct is delayed.”

The Monaco Memo stated, “it is imperative that Department prosecutors gain access to all relevant, non­privileged facts about individual misconduct swiftly and without delay.” [emphasis supplied] This means, “ to receive full cooperation credit, corporations must produce on a timely basis all relevant, non-privileged facts and evidence about individual misconduct such that prosecutors have the opportunity to effectively investigate and seek criminal charges against culpable individuals.” If a company fails to meet this burden, it will “place in jeopardy their eligibility for cooperation credit.” The DOJ goes the next step by placing the burden on companies to demonstrate timeliness, stating they “bear the burden of ensuring that documents are produced in a timely manner to prosecutors.”

Moreover, it is not simply data or information. A company must seek out and disclose on this ‘timely’ basis, the evidence “that is most relevant for assessing individual culpability.” This type of evidence could include “information and communications associated with relevant individuals during the period of misconduct.” While the DOJ may well ask companies to prioritize evidence they are seeking in investigation, even with no such instruction or request from the DOJ, “cooperating corporations should understand that information pertaining to individual misconduct will be most significant.”

All of this was driven home by adding this timeliness requirement to the analysis of factors surrounding a company’s cooperation with the DOJ, as laid out in the FCPA Corporate Enforcement Policy. The Monaco Memo stated, “in connection with every corporate resolution, Department prosecutors must specifically assess whether the corporation provided cooperation in a timely fashion.” Some of the factors in this new analysis could include “whether a company promptly notified prosecutors of particularly relevant information once it was discovered, or if the company instead delayed disclosure in a manner that inhibited the government’s investigation.” And then the stick is lowered when “prosecutors identify undue or intentional delay in the production of information or documents – particularly with respect to documents that impact the government’s ability to assess individual culpability ­ cooperation credit will be reduced or eliminated.” There are no percentages as to how much this might entail but conceivably it could reduce a cooperation credit by between 25% to 50%. Of course, if this analysis is factored into the fine and penalty calculation under the US Sentencing Guidelines, the cost could even be higher to a company.

This new requirement presents several challenges for any company and compliance professionals involved in the corporate investigatory process. The DOJ emphasis is now on ‘timeliness’ which equates to speed. When a whistleblower or other report comes in, there should now be even more urgency to assess and triage and then elevate the report to the appropriate level. Remember, this is not about a corporate decision to self-disclose or not; although there are clear implications in that decision, this is about turning over evidence of culpable individuals. If the DOJ deems your turning over evidence as not timely, it could seriously impact your ability to get the full 25% credit under the FCPA Corporate Enforcement Policy for cooperation and remediation.

In terms of your investigation protocol, under the prior Policy interpretations, you complete the investigation and then bring it to DOJ. But now the DOJ may have an argument that you were untimely because you took three months, six months, nine months; however long it takes you to perform an investigation. James Koukios also provided some other examples, “you learn that there is going to be a newspaper article which is coming out shortly and it will allege your company of corruption. Ordinarily, you would go to DOJ first, even if do not have an investigative plan in place yet because you need to get ahead of that article.”

A similar situation could involve a whistleblower or if the government comes knocking. In these situations, your organization may not have been aware of the allegations or facts. “This means you will have to investigate and at that point, it is hard to say that you will deliver timely information at any point, because you do not know things up front.” This begs the question “is it timely that I bring it to you?” This can be even more problematic “if a prosecutor thinks, you should have brought this to me two months earlier, or you should have brought this to me three months earlier.” This may be even more true as the burden is on the company to demonstrate timeliness.

As I said there are many questions on this topic going forward.

I hope you will join me tomorrow where I look at guidance on corporate accountability.

Categories
FCPA Compliance Report

Matt Galvin and Dan Kahn-Part 1, Disclosing to and Working with the DOJ

This episode of the FCPA Compliance Report begins a special two-part series with two well-known compliance professionals. Matt Galvin, most recently the CCO at AB-InBev and Dan Kahn, former acting Deputy Assistant Attorney General of the Criminal Division, Chief of the Fraud Section, and Chief of the FCPA Unit. Dan is now in private practice at DavisPolk. In this Part 1 we take up the key issues around dealing with the DOJ including the factors which go into the decision to self-disclose, incentives and disincentives in compliance programs, internal investigations including who is involved and scoping an investigation, presenting information to the DOJ during the pendency of an investigation and negotiating the final settlement and post-resolution; including both ongoing reporting and continuing innovation in your compliance program.

Resources

Matt Galvin on LinkedIn

Dan Kahn at Davis Polk

Categories
FCPA Compliance Report

Mike DeBernardis on Compliance Developments from Q4 2021


In this episode of the FCPA Compliance Report, I am joined by fan favorite Mike DeBernardis, partner at Hughes Hubbard. In this episode we look at compliance and temporal timeline developments from Q4 2021. Highlights of this podcast include:

  1. A deep dive into the Lisa Monaco speech, how it impacted the compliance temporal timeline whether it was a change or recalibration.
  2. Anti-Trust developments.
  3. The Biden Administration Strategy on Countering Corruption?
  4. Compliance in 2022 and moving forward.

Resources
Mike DeBernardis on HughesHubbard website.