Categories
Compliance Into the Weeds

Compliance into the Weeds: NRA Governance Reforms: A Compliance Case Study

The award-winning Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject more fully. Are you looking for some hard-hitting insights on compliance? Look no further than Compliance into the Weeds! In this episode, Tom Fox and Matt Kelly dive into the intricate and unusual story of the National Rifle Association (NRA) and its recent corporate governance overhaul.

Matt and Tom explore Judge Joel Cohen’s final ruling, which mandates extensive corporate governance reforms for the NRA. These reforms address significant issues, such as a structurally weak board, poor financial controls, and an overpowering CEO in Wayne LaPierre, who misused the organization’s resources. Necessary measures discussed include revamping the board’s audit committee and introducing annual compliance reports, along with significant protections for the role of the Chief Compliance Officer.

The episode highlights the universal principles of good governance, asserting that the NRA’s reforms can serve as a valuable lesson for other organizations. Regardless of the political or ethical stance on the NRA’s activities, the implemented governance structures underscore the necessity of transparency, an empowered compliance function, and robust oversight mechanisms to prevent misuse of organizational resources. These insights are illustrated through sample agreements and templates in the court ruling, which can guide other organizations in strengthening their governance and compliance programs.

Key highlights:

  • Corporate Governance Reforms Ordered by the Court
  • Specifics of the Court-Ordered Reforms
  • Audit Committee and Board Reforms
  • Compliance and Governance Templates
  • Universal Principles of Good Governance

Resources

Matt in Radical Compliance

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Blog

The NBA, Data Driven Compliance and Jontay Porter

One of the best examples I have recently seen of the power of data-driven compliance is playing out in real-time in the NBA. It is the Jontay Porter betting scandal. This event drove home why transparency and robust data analytics can help identify illegal acts in real time, moving compliance from detective to proactive.

Background

The background to the story is both sad and tragic. As reported by ESPN, betting sites grew suspicious when a large amount of money was made on prop bets for Porter. The bets were: “In the game on Jan. 26 against the LA Clippers, there was increased betting interest on the under for Porter props, which for the night were set at around 5.5 points, 4.5 rebounds, and 1.5 assists. There was also an over/under for Porter’s made 3-pointers, which was 0.5.”

Additionally, “At least one other U.S. sportsbook detected unusual betting interest on the game’s Porter props. A sportsbook industry source told ESPN that multiple betting accounts attempted to bet large amounts, upward of $10,000 and $20,000, on Porter under in the January game against the Clippers. Betting limits on NBA player props vary by sportsbook and customer but are typically around $1,000 to $2,000.

The second part of the suspicious transaction was that in that game itself, “Porter played just four minutes before leaving the game because of what the Raptors said was an aggravation of an eye injury he had suffered four days earlier against the Memphis Grizzlies. Porter did not score against the Clippers but had three rebounds and one assist, and he did not attempt a 3, meaning the under-hit on all of the props.” According to the Draft Kings, the under on Porter’s 3-pointers was the biggest money winner for bettors of any NBA player props from games that evening.

A second set of anomalous information came in on March 20. In a game on that night, “Porter played just three minutes before exiting because of what the Raptors said was an illness and did not return. He did not score after attempting one shot and had two rebounds.

Sportsbooks had his over/under set at around 7.5 points and 5.5 rebounds. The next day, DraftKings Sportsbook reported in a media release that Porter’s prop bets were the No. 1 moneymaker from the night in the NBA.”

Anomalous Data

Another ESPN article reported that “the NBA’s investigation found that Porter revealed information about his health to a known sports bettor ahead of a March 20 game against the Sacramento Kings. According to the NBA, another bettor who was privy to the information placed a $80,000 same-game parlay bet featured under Porter’s statistics and would win $1.1 million. Porter played for three minutes before leaving the game with an illness. The bet, which was placed at DraftKings, was not paid.” This is in addition to multiple Sportsbooks that “reported a spike in betting interest on the under on several of Porter’s statistics ahead of a Jan. 26 game against the Los Angeles Clippers.”

Finally, and most damningly, Porter was also betting on NBA games. “The league investigation revealed Porter placed at least 13 bets on NBA games using an associate’s online betting account. According to the league, the bets ranged from $15 to $22,000, totaling $54,094. The NBA said the total payout from those bets was $76,059, with net winnings of $21,965. None of the bets involved any in which Porter played. Three bets were parlays, including one that included a bet on the Raptors to lose. All three bets lost, according to the NBA.”

 Lessons for Compliance

  1. Transparency

There are several key lessons for compliance in this sordid tale. The first is around transparency. It is not about the legalization of gambling; gambling on NBA games has always occurred. It is about the oversight that legalization has brought about. In other words, gambling has moved out of the shadows and into the light of day. There is increased regulatory oversight and reporting. The NBA itself noted that “it was alerted to the suspicious activity by licensed sportsbooks and an organization that monitors legal betting markets. Las Vegas firm U.S. Integrity, which works with sportsbooks, leagues, and state gaming regulators, monitored Porter’s abnormalities and said it is “proud to continue to support the NBA in initiatives relating to regulated sports betting.”

The legalization of gambling has increased the amount of money involved. However, having that much money means more oversight and better processes for determining anomalous patterns. Why? Because it is a business for these Sportsbooks and sites like Draft Kings. Not only is it a business, but its customers must have faith that the games are not crooked, which is exactly what the NBA demands.

  1. Data Analytics

The second, equally important lesson is about data analytics. Data analytics did not determine that Porter had illegally revealed information about his health. Data analytics determined an unusual pattern of betting on small bets on a minor player, all in a very big way. In other words, the data identified anomalies that could be further investigated. Every data analytics program should crunch massive GTE spending, marketing spending, charitable donations, third-party spending, and any other place funds could be generated to determine if a pot of money is needed to fund a bribe.

Moreover, once your data program is set up, you can monitor these areas in real-time. This will allow you to spot any unwarranted trends and patterns. Based on the investigation, you can suspend the activities. If further action is necessary, you can then take it. But it all begins with data analytics.

  1. Consequence Management

We now move to the tragic part of this story. As a direct consequence of his actions, Jontay Porter has been banned from playing in the NBA for life. For the compliance professional, the lesson is that the Department of Justice demands swift action, including termination and clawbacks for executives who are part of a bribery or corruption scheme.

Categories
Principled Podcast

Season 10 Episode 3 – Transparency and Disclosure: Unpacking the “E” of ESG Reporting

What you’ll learn on this podcast episode

Environmental, social, and governance, or ESG, has been in the news a lot lately—particularly the “E” when it comes to new and evolving regulations. There’s been a greater push in the United States for transparency and disclosure of data regarding businesses’ environmental impact, driven largely by the Securities and Exchange Commission and the National Advertising Division of the Better Business Bureau. In fact, California is expected to soon be the first US state to require company reporting related to environmental impact. So, what does this all mean for companies that are working to become more sustainable? How do you even begin to report on emissions and environmental impact? In this episode of LRN’s Principled Podcast host Eric Morehead explores how transparency plays a crucial role in corporate sustainability with Andrea Peters, the senior counsel of Interface. 

Guest: Andrea Peters

Andrea Peters – Grayscale

Andrea Peters is senior counsel for Interface, Inc., a global commercial flooring company (NASDAQ: TILE).  In her role, she provides legal support for the company’s global operations, including Research & Development, Sales, Marketing, Procurement, Tax and Human Resources, and she also manages Interface’s global compliance program. Andrea has over 26 years of legal experience, over two-thirds of which comes from working in-house at companies such as Interface, CAN Capital, The Weather Channel, the General Electric Company and GAMBRO Healthcare.   

Andrea earned her J.D. from the Vanderbilt University School of Law and her Bachelor of Arts degree in Advertising from the Pennsylvania State University, where she was the student marshall (valedictorian) for the College of Communications. 

Andrea resides in Atlanta with her 10-year-old daughter.  She has gone sky diving twice, bungee jumping once, and ziplining once. She enjoys cooking, wine and travel. When she retires, Andrea plans to go back to college to audit all of the hard but interesting classes without worrying about writing papers or taking exams. 

Host: Eric Morehead

Headshot_Principled Podcast_Eric Morehead

Eric Morehead is a member of LRN’s Advisory Services team and has over 20 years of experience working with organizations seeking to address compliance issues and build effective compliance and ethics programs. Eric conducts program assessments and examines specific compliance risks, he drafts compliance policies and codes of conduct, works with organizations to build and improve their compliance processes and tools, and provides live training for Boards of Directors, executives, managers, and employees.

Eric ran his own consultancy for six years where he advised clients on compliance program enhancements and assisted in creating effective compliance solutions.

Eric was formally the Head of Advisory Services for NYSE Governance Services, a leading compliance training organization, where he was responsible for all aspects of NYSE Governance Services’ compliance consulting arm.

Prior to joining NYSE, Eric was an Assistant General Counsel of the United States Sentencing Commission in Washington, DC. Eric served as the chair of the policy team that amended the Organizational Sentencing Guidelines in 2010.

Eric also spent nearly a decade as a litigation attorney in Houston, Texas where he focused on white-collar and regulatory cases and represented clients at trial and before various agencies including SEC, OSHA and CFTC.

Categories
Daily Compliance News

March 29, 2023 – The SBF/FCPA Charges Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition of Daily Compliance News:

  • SBF charged with FCPA violations. (WSJ)
  • Fox Producer seeks to recant testimony. (Reuters)
  • The US makes a transparency commitment. (AP)
  • France raids big banks over tax fraud. (NYT)
Categories
Blog

Coming Conflict with China-Business Challenges and Responses: From Potential Conflict to Real Danger

In the short span of the 21st Century, the world’s two top powers, the United States and China, have moved inexplicably toward a showdown. This evolved from a commercial competition into something more akin to permanent non-kinetic warfare. What does this mean for US business doing business in and with China? For this special 5-part blog post series, I visited with Brandon Daniels, CEO and President of Exiger, to explore issues diverse as a real danger, supply chain, exports, cyber-attacks, and IP theft from the business perspective and give the compliance and business executive their viewpoints on what you can do to not only prepare your company but protect it as well. In Part I, from potential conflict to real danger.

It is time to ask some tough questions and come up with robust responses to the challenges. With China’s increasing attempts to subvert the US economy, decrease transparency of its business practices, and the use of its blocking statutes that protect its companies from US laws, the situation is becoming increasingly challenging. What steps can you take to safeguard yourself and your business? Join us to explore these questions and more in this special series.

Here are the steps you should follow to begin to think your organization’s business and operational security.:

  1. Identifying potential threats and risks in the global business and commerce ecosystem.
  2. Developing a strategy to diversify the global supply chain to mitigate risks and increase security.
  3. Finding alternate sources of supply and production in different countries to create redundancy and increase diversity.

1.Identifying potential threats and risks

Identifying potential threats and risks in the global business and commerce ecosystem requires an understanding of how geopolitical tensions and economic coercion can impact businesses and markets. When looking at the arrests of Mintz’s Group employees in Beijing and the potential for China to subvert our global free market, it is important to consider how Chinese investments in critical technologies, like battery plants, and their control of resources, like cobalt and copper, could be used to manipulate the market. It is also important to be aware of China’s attempts to restrict access to economic policies, like tariffs, that make it cheaper to manufacture in China than in Vietnam or Malaysia. It is important to consider the impact of China’s annexing of other countries, their blocking statutes, and their potential to use Uighur forced labor in their garment industry, all of which could lead to human rights issues. By understanding the potential threats and risks, businesses can be better prepared to put appropriate measures in place to protect their data, their people, and their customers.

  1. Developing a strategy to diversify your global supply chain 

Developing a strategy to diversify the global supply chain to mitigate risks and increase security is a crucial step in mitigating potential risks associated with China’s increasing adversarial activity. To ensure the safety and security of a company’s supply chain, it is important to diversify its sources of supply, especially for critical infrastructure such as logic bearing circuitry and pharmaceutical ingredients. Your organization should think twice before accepting a cheap bid from a Chinese company and instead diversifying to sources from countries such as Japan, South Korea, the United Kingdom, and the United States. By diversifying supply chain sources, companies can ensure that they are not over-dependent on any one country, and can also take advantage of premium pricing that comes with diversity, security and redundancy in their commerce.

  1. Finding alternate sources of supply and production

Finding alternate sources of supply and production in different countries to create redundancy and increase diversity is an important step in mitigating risk in a highly unpredictable geopolitical environment. To do this, you should start by looking into local manufacturing capabilities and taking the opportunity to support companies from other countries, such as Japan, Korea, the UK, the US, Mexico, and Canada. These countries may be more reliable in their political stability and may offer a premium for the security that comes with diversity. Additionally, it is important to investigate the state of the industries in these countries and what investments they are making. For example, Japan is investing heavily in their electronics sector, Korea in semiconductors, and the US and Canada in AI. To ensure your business is protected, you should also consider investing in a backup plan in case of disruption from your current source. This could involve researching other suppliers, negotiating contracts with them, and training staff and operations to use them. By investing in these alternate sources and plans, you will be able to create redundancy and increase diversity in your supply chain, ultimately making your business more secure.

The importance of identifying potential threats and risks in the global business and commerce ecosystem and developing a strategy to diversify the global supply chain to mitigate risks and increase security cannot be overstated. You should be working to find alternate sources of supply in different countries to create redundancy and increase diversity. By taking the necessary steps to understand the potential risks of doing business with China, businesses can be better prepared to protect their data, their people, and their customers. Opaqueness is the foe of transparency.  With the right knowledge and strategy, you too can ensure the safety and security of your business.

For a deeper dive into these issues, check out the 5-part podcast series with Tom Fox and Brandon Daniels, here.

Categories
Blog

Compliance and Corporate Principles in Today’s World

For corporations, navigating the political landscape has become an increasingly difficult task. While being admonished to ‘stay in their lane’ by some; businesses are just like their stakeholders, impacted by the ever-changing political miasma. When this new reality is coupled with the new levels of transparency in companies, which are only amplified by social media, a company can find itself embroiled in very public controversies with one or more stakeholder groups. As these situations occur, Chief Compliance Officers (CCOs) and compliance professionals will be called upon to help companies navigate this fraught process.

I was therefore intrigued by a recent Harvard Business Review (HBR) article, entitled Strategy in a Hyperpolitical World, where authors Roger L. Martin and Martin Reeves opined on how companies can make smart choices when values clash. Some recent examples the authors pointed to included “when Delta stopped offering discounts to NRA members following a 2018 school massacre in Florida, it was threatened with the withdrawal of fuel subsidies in Georgia. When Disney spoke up on LGBTQ+ rights in Florida, it lost its special governance status and rights in the state. When H&M voiced concerns about cotton sourcing and human rights in China, its revenues in that country plummeted. When the Ukraine crisis broke, McDonald’s was forced to exit the business it had painstakingly built in Russia over a 30-year period.”

This change for corporations has been percolating for some time. As with many changes over the past few years, this politicizing of corporations accelerated during Covid-19 and the Russian invasion of Ukraine. In addition to the increased amplification through social media noted above, the authors believe, “the workplace has become the main vehicle for socialization and self-expression. As employees seek to express their identities and beliefs at work, they increasingly expect that their companies will support the issues they care about.” Companies have for years wanted this type of commitment and engagement with its employees but with all these changes, new risks are presented. Moreover, “many CEOs who have taken a stance on social issues say the impetus was that their employees expected and lobbied for it.” In other words, as the authors believe, the corporate playing field has expanded beyond simply justifying strategic decisions in purely business terms.

How can compliance help a company navigate through all of this? The authors state, “To make and implement the best strategic choices in this environment, leaders will have to (1) develop robust principles to guide strategic choices, (2) address ethical issues early, (3) consistently communicate and implement their choices, (4) engage beyond the industry to shape the context, and (5) learn from mistakes to make better choices in the future.” This is a process that can be facilitated by the corporate compliance function, and I have adapted the authors process for compliance.

Develop Robust Principles

The authors believe the “first step is understanding the salient social and political issues for your company. The second step is envisioning where and how those issues might intersect with your business and the choices that they imply. The third step is hearing and understanding the opinions of your employees on those issues—because, as we’ve noted, they are often the reason that companies take a position on political issues.” They caution the principles must be broad enough “to apply across the major sources of political tension to which a company is likely to be exposed” and they should be clear. Finally, they should be easily audited.

Address Ethical Issues Early

Admittedly, “anticipating and shaping ethical challenges requires a delicate balancing act” but companies are now required to be more nimble and more agile. The authors note, “Individual companies may be able to move earlier and with greater control, but eventually complex issues may necessitate collective action, often initiated by a market leader.” An organization should assess where and how it should operate as well as its “need to anticipate, preempt, and shape nascent ethical challenges. That may require a high degree of creative problem-solving, but it often garners outsize public goodwill and strategic advantages for early movers. Once an issue has become front-page news, political camps will be entrenched, and the company’s room for maneuver will be limited.” This was seen most strikingly in the wake of the Russian invasion of Ukraine where companies were presented with a stark choice from their employees and other stakeholders; support Democracy or suffer the impacts of being pro-Putin. Companies who quickly responded were also in a much better position when the inevitable economic and trade sanctions began to be levied.

Consistently Communicate and Implement Choices

It is critical that principles should “be communicated to and understood by all employees. Because they will influence the expectations of stakeholders outside the company, they should also be publicly transparent.” As the Fair Process Doctrine implies, “Principles are credible only if they are consistently applied.” The authors interpret this to mean “they must be part of the everyday making of business decisions, not simply called up in response to pressure after a situation has exploded.” But just as senior leaders must not simply “Talk the Talk but Walk the Walk”, principles which only “inform communications but not action will not be credible over time or effective in navigating risk.” A CCO should use its company’s principles to “engage with and solve issues preemptively and collaboratively whenever possible. A company standing against corruption will have a greater impact if it works with other stakeholders to address that issue and improve the context—even if, at the end of the day, a decision about whether to stay in the business in question or exit it is required.”

Engage Beyond the Industry

If there has been one change around principles, it has been that some issues are larger than any one company can impact. Some issues are beyond even an entire industry and businesses “need to work with civil society and government on the hardest and most deeply entrenched issues to effect change.” Failing to do so can lead to “accepting the unpredictability of an endless series of ad hoc responses or having regulation forced on the industry owing to insufficient impact from their own efforts. And there are important new issues around which to build consensus.”  Perhaps the clearest example of this is human trafficking and human slavery in the business context and the passage of the Uyghur Forced Labor Prevention Act (UFLPA). This legislation sailed through the US Congress, almost unanimously, as many corporations had taken stands on the abuse of such persons who were potentially embedded somewhere in their supply chain. This type of public/private collaboration is now seen in many other areas such as trade and economic sanctions in the wake of the Russian invasion of Ukraine and the fight against money laundering.

Continuous Improvement

Your business will not always get everything right. Indeed, a compliance program is designed to prevent, detect and remediate. This means fix problems as they are detected. I was therefore gratified when the authors cited to Siemens AG for such an example, in the wake of their massive corruption scandal involving Foreign Corrupt Practices Act (FCPA) violations. The authors noted, “Siemens began by cleaning house: It hired the company’s first-ever external CEO, Peter Löscher, who, within months of taking over, had replaced about 80% of the top level of executives, 70% of the next level down, and 40% of the level below that. Next, it made earnest and long-term commitments to atone for its past actions: It has supported government investigations and set up the global Siemens Integrity Initiative to fund collective action to reduce corruption, which has allowed the company to continue to bid for government contracts.”

If you work through these steps, you should be able to prepare your organization for the next major shock.

Categories
The Compliance Life

Ryan Rabalais – Transparency and the Compliance Black Box Problem


The Compliance Life details the journey to and in the role of a Chief Compliance Officer. How does one come to sit in the CCO chair? What are some of the skills a CCO needs to success navigate the compliance waters in any company? What are some of the top challenges CCOs have faced and how did they meet them? These questions and many others will be explored in this new podcast series. Over four episodes each month on The Compliance Life, I visit with one current or former CCO to explore their journey to the CCO chair. This month, my guest is Ryan Rabalais, currently an Ethics and Compliance Officer at Bechtel Oil, Gas & Chemicals. Rabalais has been Vice President and CCO at both Rowan Companies and  Paragon Offshore.
Ryan Rabalais has over two decades of legal and compliance experience in the oil and gas sector, including being a Vice President & Chief Compliance Officer for two different companies with global operations. Ryan has a history of providing practical solutions to the business and managing overall corporate and regulatory compliance programs. His compliance experience includes a particular focus on anti-corruption, sanctions, trade controls and US anti-boycott, with reporting responsibilities to senior management and the Board of Directors of large, publicly traded companies.
In this Episode 2, we discuss the evolution of the compliance role from that of a legal solution written by lawyers for lawyers to the CCO being seen as a part of the business solution. It began with employees seeing the compliance function as The Land of No, populated by Dr. No to something very different today. We also consider the Black Box problem of compliance.