Tag: whistleblowers

Categories
Compliance Tip of the Day

Compliance Tip of the Day: The Wolf Man and Supporting Whistleblowers

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

How does the Wolf Man’s story inform how you should treat whistleblowers?

 

Categories
Great Women in Compliance

Great Women in Compliance: Mary Inman and Jane Norberg on Current Developments in Whistleblower Laws and Practice

Welcome to the Great Women in Compliance podcast with Hemma Lomax and Lisa Fine, sponsored by Corporate Compliance Insights.  Over the past few months, the Department of Justice put forth the Whistleblower Pilot Program, and the update to the Evaluation of Corporate Compliance Programs.  It was the perfect time to focus on how these impact whistleblower laws. Jane Norberg, who is a partner at Arnold & Porter and the former Chief of the Office of the Whistleblower and Mary Inman, who is a founding partner of Whistleblower Partners. Mary is also an advocate for the power of whistleblowers and is known for representing Facebook Files whistleblower Frances Haugen and Theranos whistleblower Tyler Shultz.

They provide insight into what makes a credible and legitimate whistleblower, how the SEC reviews tips from whistleblowers and what we as compliance professionals can do to build effective programs. All focused on the review of all concerns that are raised, regardless of the source. They provide some thoughts about how to handle different situations before, during, and after an investigation, providing practical advice.

The group discusses the new DOJ Whistleblower Pilot program and where it follows the past programs like the SEC program and where it is filling new gaps. One part of the program includes the 120-day requirement for reporting an issue, and they focused on what that would mean for organizations. Mary and Jane share their views on the requirements and the best practices and reference how most compliance professionals are using the DOJ Evaluation of Corporate Compliance to develop their programs, which means that an issue is investigated. In practical terms, following the ECCP requirement to investigate, and the pilot program has a “race to report,” is a challenge, and this is discussed in depth.

Mary and Jane both provided “one thing you should know” to conclude the discussion. Both points are significant ones for anyone who is dealing with any point of the whistleblower or building a strong speak up/anti-retaliation culture.

Join the Great Women in Compliance community on LinkedIn here.

Categories
Blog

Navigating Compliance in Interesting Times

I once had a boss whose catchphrase was, ‘May you live in interesting times.’ That applied back in the first decade of this century and is even more appropriate now. In a world that often feels like it is constantly shifting beneath our feet, the role of the corporate compliance professional has never been more crucial or challenging. In recent New York City Bar Association Compliance Institute remarks, Principal Associate Deputy Attorney General Marshall Miller offered timely insights on the Department of Justice’s (DOJ) evolving approach to corporate criminal enforcement. His message was that compliance professionals are essential to organizational success, national security, and the broader rule of law.

  • Individual Accountability as the Cornerstone of Corporate Compliance

Miller emphasized that individual accountability remains a primary focus of the DOJ’s corporate criminal enforcement. According to Miller, they are prosecuting individuals at the top or throughout the corporate hierarchy, as it sends a strong message that misconduct is not tolerated and reinforces deterrence across the board.

For compliance officers, this focus on individual accountability reinforces the importance of training and awareness programs that help employees understand the personal stakes of unethical behavior. Compliance programs must communicate that misconduct has consequences for the organization and those directly involved.

This means compliance professionals should regularly update training modules to reinforce the personal consequences of non-compliance. Consider scenarios that show employees how individual misconduct can lead to legal repercussions, strengthening the deterrence message.

  • Transparency and Consistency in Enforcement Policies

One of the most significant updates shared by Miller is the DOJ’s emphasis on clarity, consistency, and predictability across its corporate enforcement policies. In past years, self-reporting or cooperating with investigations was often perceived as a gamble. Today, under new DOJ guidelines, a clear framework outlines expectations, rewards cooperation, and even encourages voluntary self-disclosure of misconduct.

This transparency is a game-changer for compliance professionals, who often need concrete examples and assurances to secure buy-in from executives and board members. Compliance leaders can now present a more straightforward business case for ethical behavior, outlining the risks of non-compliance and the potential benefits of self-disclosure.

Every corporate compliance function should leverage the DOJ’s published guidelines to develop a compliance strategy that aligns with the DOJ’s expectations. Create resources for your leadership team that show the tangible benefits of voluntary self-disclosure, including reduced penalties and favorable resolutions.

  • Empowering Whistleblowers and Enhancing Self-Disclosure Programs

Miller announced the launch of a new two-part DOJ whistleblower program that provides different rules and incentives based on whether the whistleblower was involved in criminal conduct. For those not involved, a DOJ awards program now provides a percentage of forfeited funds to the whistleblower. For those involved, whistleblower non-prosecution agreements are available.

This change holds significant implications for compliance programs. Whistleblower protection and incentive structures must be communicated and properly managed, ensuring employees know their rights and the benefits of reporting unethical behavior. With DOJ’s strong support, compliance leaders can strengthen whistleblower protections and encourage a culture of transparency.

Expanding whistleblower training and reporting channels to reflect the DOJ’s updated stance would be best. Emphasize protection and incentivization and ensure employees understand how these policies can benefit them if they report wrongdoing.

  • The Role of Incentives and Compensation Clawbacks in Compliance

The DOJ’s updated compliance approach emphasizes the role of compensation structures in promoting compliance or enabling unethical behavior. DOJ now evaluates incentive structures as part of every criminal resolution, rewarding companies that utilize clawbacks when executives are involved in misconduct.

For compliance professionals, this focus on compensation is an opportunity to align reward structures with ethical performance. Compliance officers can work with human resources to design and implement compensation plans that deter risky behavior by incorporating elements such as escrow accounts for bonuses and clawback provisions for executives involved in wrongdoing.

This means every corporate compliance function and personnel should collaborate with HR to develop compensation structures that support compliance goals, such as incorporating ethical behavior as a performance metric or establishing escrow accounts that hold bonuses contingent on compliance-related performance.

  • Strengthening Governance Structures for Accountability

Miller’s remarks also underscore the need for solid governance frameworks that prevent misconduct from slipping through the cracks. Accountability measures, from board oversight to compliance committee functions, ensure corporate misconduct is detected early and handled appropriately. He noted that companies with rigorous internal governance structures and compliance frameworks are more likely to avoid criminal charges.

For compliance leaders, this means assessing and strengthening their organization’s governance structures to support effective oversight. It also means advocating for periodic audits, third-party evaluations, and regular reviews of compliance policies to keep governance on track. Conduct a governance review to identify potential gaps in oversight and ensure that compliance officers have the authority to raise concerns without interference. Advocate for regular compliance audits and policy updates to keep pace with regulatory developments.

  • Preparing for Emerging Risks Related to National Security and Technology

Miller highlighted increasing corporate criminal investigations involving national security, particularly in the construction, agriculture, telecommunications, and technology sectors. Fueled by sanctions evasion and emerging technologies like artificial intelligence, national security risks are now a major focal point for the DOJ.

Compliance programs need to reflect this shift. Compliance professionals must prioritize emerging risks, especially cybersecurity, AI, and national security. Integrating these areas into the broader compliance program ensures that companies are prepared for the expanding scope of corporate crime.

You should update risk assessments to include national security risks and develop response plans for data security, sanctions compliance, and AI ethics. Equip your compliance team to monitor these evolving threats through specialized training and cross-functional collaboration.

  • A Call to Compliance Professionals: The Business Case for Compliance

Miller concluded with a direct call to compliance professionals, emphasizing the DOJ’s commitment to empowering compliance leaders to advance corporate ethics and compliance. He stressed the importance of making a compelling business case for compliance, using DOJ’s guidelines to advocate for investment in robust compliance programs.

In today’s regulatory environment, compliance is a strategic advantage, not a cost center. Compliance officers must seize this moment to champion the business case for ethics, highlighting the DOJ’s transparent policies and the tangible benefits of voluntary self-disclosure, cooperation, and strong compliance frameworks.

Position your compliance program as an essential part of your business strategy. Use DOJ’s new approach as a lever to secure greater resources and authority, demonstrating that investing in compliance can directly impact organizational resilience and profitability.

  • Final Thoughts

Principal Associate Deputy Attorney General Marshall Miller’s remarks signal a turning point for compliance professionals, who are no longer seen as gatekeepers but as strategic partners in risk management and national security. With the DOJ’s commitment to transparent enforcement policies, expanded whistleblower incentives, and a stronger emphasis on accountability, compliance officers have a clear mandate to champion ethical business practices.

These changes offer a roadmap for compliance leaders to build stronger programs that protect their organizations and reinforce their role as trusted advisors in corporate governance. By adopting the DOJ’s updated principles, compliance professionals can safeguard their organizations, enhance their credibility, and make a compelling case for a proactive approach to corporate ethics.

In our “interesting times,” compliance is no longer just about rules and regulations. It is about building an integrity culture that benefits the organization and the broader community.

Categories
Blog

Supporting Whistleblowers: Lessons from Lon Chaney’s The Wolfman

Ed. Note: This week, leading up to Halloween, I will examine lessons for compliance professionals through the lens of the great Universal Movie Monsters: Frankenstein, Wolfman, Dracula, and The Mummy. Today, we use Lon Chaney’s original film version of The Wolfman. 

===========================================================

Of all the great Universal movie monsters, my favorite is found in the 1941 film The Wolfman. Lon Chaney’s portrayal of Larry Talbot offers more than just a classic horror story about a man who becomes a werewolf. It’s a tale of isolation, fear, and a struggle for survival in the face of an overwhelming and terrifying transformation. In short, it is the most psychological of all the Universal movie monsters. Much like a corporate whistleblower, Talbot finds himself caught in a situation where the truth is a burden, and no one wants to listen. Instead of being understood and supported, he is feared, rejected, and left to fend for himself.

For compliance professionals, The Wolfman provides a vivid metaphor for the journey of whistleblowers. Whistleblowers often find themselves isolated, facing potential retaliation, and struggling to navigate the consequences of their decision to report wrongdoing. In this post, we’ll explore how to create a culture that encourages whistleblowers to come forward, keeps them informed throughout the process, and protects them from retaliation, all through the lens of The Wolfman. We will also assess the 2024 Evaluation of Corporate Compliance Programs (2024 ECCP) and Nicole Argentieri’s commentary on these issues.

Creating a Safe Space: Encouraging Whistleblowers to Come Forward

In The Wolfman, Larry Talbot is plagued by the knowledge of his transformation, but he finds no one willing to help or believe him. He is trapped in his new reality, just as whistleblowers can feel trapped by the knowledge of corporate misconduct. The first step in supporting whistleblowers is creating an environment where they feel safe and encouraged to speak up.

The 2024 ECCP underscores the importance of building a culture where employees feel empowered to raise concerns without fear. It emphasizes the need for companies to proactively encourage internal reporting mechanisms, making it clear that the company values integrity and transparency. Compliance professionals must ensure that reporting channels are available, actively promoted, and trusted.

In her commentary on the 2024 ECCP, Nicole Argentieri highlights that one key element in encouraging whistleblowers is leadership’s tone from the top. Executives and senior management must demonstrate a commitment to ethical behavior, ensuring that whistleblowing is accepted and valued. Whistleblowers need to know that their reports will be taken seriously and their concerns will be addressed.

Talbot’s cries for help go unheard in The Wolfman, leading to disastrous consequences. In the corporate world, businesses must avoid this fate by ensuring whistleblowers are not ignored or dismissed. The 2024 ECCP recommends that companies provide multiple, accessible channels for reporting, including anonymous options so that employees feel comfortable coming forward regardless of their circumstances.

Transparency Throughout the Process: Keeping Whistleblowers Informed

Just as Larry Talbot struggles with the unknown and is left in the dark about his fate, whistleblowers often find themselves cut off after making a report. They may need clarification about what’s happening with their complaint, whether it’s being investigated, and the next steps. This lack of communication can discourage future whistleblowers and lead to feelings of abandonment.

The 2024 ECCP stresses the importance of maintaining open lines of communication with whistleblowers throughout the investigation process. Once a report has been made, it is critical to keep whistleblowers informed about the status of their complaint. This does not mean sharing sensitive investigation details but providing regular updates so that the whistleblower knows their concerns are being taken seriously.

Argentieri has echoed this sentiment, noting that one of the most common frustrations whistleblowers face is a lack of transparency after they come forward. She argues that compliance teams must ensure whistleblowers are not wondering what will happen next. A well-managed whistleblower program includes clear communication protocols that keep whistleblowers engaged and reassured.

In The Wolfman, Talbot’s inability to find answers drives him to despair. Businesses must avoid this by ensuring whistleblowers feel supported and heard throughout the process. Compliance officers should regularly touch base with whistleblowers, letting them know that their concerns are being addressed, that their identity is being protected and that appropriate actions are being taken.

Protection from Retaliation: Safeguarding Whistleblowers

One of the central themes in The Wolfman is Larry Talbot’s fear of being hunted and rejected. Similarly, whistleblowers often fear retaliation, whether in the form of termination, demotion, or ostracization. Protecting whistleblowers from retaliation is a legal obligation and a moral imperative that helps foster a culture of compliance and trust.

The 2024 ECCP strongly emphasizes retaliation protections. It advises that companies must have robust policies to prevent retaliation and provide clear avenues for whistleblowers to report any retaliatory behavior. This means more than just having a policy on paper—compliance teams must actively enforce these protections and monitor for any signs of retaliation.

Nicole Argentieri has weighed in on this issue, noting that while many companies claim anti-retaliation policies, enforcement can be lacking. She emphasizes the need for companies to create a system of checks and balances to ensure that retaliation does not occur, particularly in the form of subtle, indirect actions that might otherwise go unnoticed. Retaliation doesn’t always come as a formal firing—it can be a change in duties, exclusion from meetings, or a negative shift in workplace relationships.

In The Wolfman, Talbot becomes a hunted figure, chased down by those who fear and misunderstand him. In the corporate world, whistleblowers must never feel like they are being hunted or targeted for their decision to report misconduct. The ECCP advises companies to protect whistleblowers and offer additional support services, such as counseling, if needed, to help them navigate the emotional strain of coming forward.

Building a Culture of Trust and Integrity

The most important lesson from The Wolfman is the need for trust. Larry Talbot finds himself abandoned and isolated because the people around him refuse to trust his warnings. A strong compliance program must avoid this trap by building a culture of trust and integrity. Employees need to believe that they will be treated fairly, protected, and supported if they come forward with a report.

The 2024 ECCP highlights that trust is the foundation of a successful compliance program. Companies must work to build an environment where whistleblowers are seen as vital contributors to the company’s ethical health. This includes recognizing the courage it takes to come forward and offering praise or acknowledgment for whistleblowers who help protect the company from greater risks.

Argentieri has noted that companies should integrate their whistleblower programs into the broader corporate culture, making whistleblowing a routine and accepted part of the business rather than an extraordinary act of bravery. This normalization of whistleblowing helps to remove the stigma and encourages more employees to speak up when they see something wrong.

Creating a Supportive Whistleblower Program

The Wolfman offers us a powerful analogy for the journey of whistleblowers within a company. Like Larry Talbot, whistleblowers often face fear, isolation, and a lack of support. However, the lessons from The Wolfman, coupled with the guidance from the 2024 ECCP and Nicole Argentieri’s commentary, provide a roadmap for how companies can create a more supportive environment for whistleblowers.

Encouraging whistleblowers starts with creating a culture where employees feel safe and empowered to report misconduct. Keeping them informed throughout the process is essential for maintaining their trust and confidence. Finally, protecting whistleblowers from retaliation ensures that they—and others—continue to feel comfortable raising concerns.

By building a robust and transparent whistleblower program, compliance professionals can help their organizations navigate the complexities of corporate risk, protect their employees, and safeguard the company’s reputation. In doing so, they avoid the tragic fate of The Wolfman and create an environment where the truth is not a burden but a pathway to a stronger, more ethical company.

Join us tomorrow for our final consideration of compliance through the classic Universal Movie Monsters lens as we consider corporate culture and Boris Karloff’s version of The Mummy.

Categories
2 Gurus Talk Compliance

2 Gurus Talk Compliance: Episode 39 – The TD Bank Edition

What happens when two top compliance commentators get together? They talk compliance of course. Join Tom Fox and Kristy Grant-Hart in 2 Gurus Talk Compliance as they discuss the latest compliance issues in this week’s episode!

In this episode, co-hosts Kristy Grant-Hart and Tom Fox tackle several high-profile compliance issues. They start with TD Bank’s $3 billion money laundering scandal, exploring how inadequate compliance measures and lack of investment enabled a decade-long operation involving $18.3 trillion in questionable transactions. The discussion critiques the penalties imposed on TD Bank and reflects on the broader industry implications. The hosts then shift focus to collateral damage from fentanyl, human trafficking, modern slavery, and terrorist financing, spotlighting the OCC’s novel restrictive actions and an SEC enforcement case involving Indian bribery schemes by Moog.

Transitioning to corporate compliance dynamics, the podcast covers the Texas incident involving Deloitte’s mishandling of a convicted felon’s loan application, raising significant questions about due diligence. Frances Haugen’s advocacy for stronger whistleblower protections, particularly in the AI sector, gets highlighted. The episode concludes by addressing the legal ramifications of anti-boycott provisions, the complexities of election season in the workplace, and recent developments in the Boeing case, encapsulating these serious discussions with a humorous note on a bizarre Florida man incident.

Stories Include:

  • TD Bank Money Laundering Scandal
  • Caremark Claims and Broader Implications
  • Indian Bribery Case and SEC Enforcement
  • Debating the ECCP Guidance
  • Texas’ $5 Billion Power Plant Scandal
  • Facebook Whistleblower Frances Haugen Speaks Out
  • Understanding Anti-Boycott Provisions
  • Managing Politics in the Workplace
  • Boeing’s Legal Troubles and DEI Concerns
  • Florida Man’s Unusual Drug Complaint

 Resources:

Kristy Grant-Hart on LinkedIn

Spark Consulting

Prove Your Worth

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Tip of the Day

Compliance Tip of the Day: DOJ Whistleblower Financial Incentive Program

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we consider the remarks by Principal Deputy Assistant Attorney General Nicole M. Argentieri on the DOJ Corporate Whistleblower Incentive Program and her review of its early results.

Categories
Compliance Tip of the Day

Compliance Tip of the Day: Fostering a Culture of Speak Up

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements.

Whether you’re a seasoned compliance professional or just starting your journey, our aim is to provide you with bite-sized, actionable tips to help you stay on top of your compliance game.

Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law.

Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we explore how the DOJ has placed significant emphasis on encouraging a culture where employees feel comfortable reporting misconduct.

Categories
Blog

Argentieri Speech and 2024 ECCP: Whistleblowers and Anti-Retaliation

Deputy Assistant Attorney General Nicole M. Argentieri’s speech highlighted a critical shift in the Department of Justice’s (DOJ) approach to evaluating corporate compliance programs. As outlined in the updated 2024 Evaluation of Corporate Compliance Programs (2024 ECCP), the emphasis on data access signals a new era where compliance professionals are expected to wield data with the same rigor and sophistication as their business counterparts.

In her remarks, Argentieri said, “Second, following the recent announcement of our whistleblower awards program, the ECCP now includes questions designed to evaluate whether companies encourage employees to speak up and report misconduct or employ practices that chill reporting. Our prosecutors will closely consider the company’s commitment to whistleblower protection and anti-retaliation by assessing policies and training, as well as the treatment of employees who report misconduct. We will evaluate whether companies ensure that individuals who suspect misconduct know how to report it and feel comfortable doing so by showing that there is no tolerance for retaliation.”

Her remarks were paired with new language in the 2024 ECCP, which stated:

Effectiveness of the Reporting Mechanism – Does the company have an anonymous reporting mechanism, and why not? How is the reporting mechanism publicized to the company’s employees and other third parties? Has it been used? Does the company test whether employees know the hotline and feel comfortable using it? Does the company encourage and incentivize reporting of potential misconduct or violation of company policy? Conversely, does the company use practices that tend to chill such reporting? How does the company assess employees’ willingness to report? How has the company assessed the seriousness of the allegations it received? Has the compliance function had full access to reporting and investigative information? 

Commitment to Whistleblower Protection and Anti-Retaliation. Does the company have an anti-retaliation policy? Does the company train employees on internal and external anti-retaliation policies and whistleblower protection laws? To the extent that the company disciplines employees involved in misconduct, are employees who reported internally treated differently than others involved in misconduct who did not? Does the company train employees on internal reporting systems, external whistleblower programs, and regulatory regimes?

The speech and the 2024 ECCP impose new and additional requirements on a corporate compliance program in internal reporting, whistleblower protection, and anti-retaliation. But how exactly should compliance teams navigate these heightened expectations? Here’s what you must do to ensure your compliance program meets these new standards.

The DOJ has made it abundantly clear that companies must have effective, accessible, and well-publicized reporting mechanisms coupled with ironclad whistleblower protections. For compliance professionals, this mandate represents a critical component of a company’s overall compliance program that cannot be overlooked or underestimated. Here is what you need to do to implement these DOJ requirements effectively.

Establish and Maintain an Anonymous Reporting Mechanism

First and foremost, your company must have an anonymous reporting mechanism—commonly known as a hotline. If your company lacks this, it’s time to address this gap immediately.

  • Set Up a Hotline. Implement a reliable, user-friendly, anonymous reporting mechanism. This could be a dedicated phone line, an online portal, or both. The key is to ensure that employees and third parties can report misconduct without fear of exposure.
  • Publicize the Mechanism Effectively. Once in place, make sure everyone knows about it. Publicize the hotline through multiple channels—email announcements, posters in common areas, mentions in training sessions, and inclusion in employee handbooks. The goal is to ensure that no one in the organization can claim ignorance of its existence.
  • Test Awareness and Comfort Levels. Regularly survey employees to gauge their awareness of the hotline and their comfort in using it. This can be done through anonymous questionnaires or during training sessions. The DOJ expects companies to have a hotline that employees know and trust.

Encourage and Incentivize Reporting

A reporting mechanism is only as effective as the culture that surrounds it. Compliance professionals must work to foster an environment where reporting is encouraged and valued.

  • Positive Reinforcement. Encourage reporting by framing it as a positive, company-supportive action. Highlight success stories where reports led to meaningful change or helped the company avoid greater risks. Consider incentivizing reporting through recognition programs or other rewards that align with your company’s culture.
  • Avoid Chilling Practices. Be mindful of practices or policies that might discourage reporting. For example, employees will quickly learn to stay silent if your company has a history of disregarding reports or retaliating against reporters. Review your policies to ensure they don’t inadvertently dissuade reporting and correct any past practices that might have had this effect.
  • Leadership Commitment. The tone from the top is critical. Senior leaders must openly support and advocate for whistleblower protections. This includes publicly acknowledging the importance of reporting misconduct and demonstrating zero tolerance for retaliation. Leaders should actively participate in training sessions and speak about the value of transparency and accountability.
  • Anonymous Reporting Channels. While encouraging open dialogue is important, some employees may feel more comfortable reporting anonymously. Ensure that your organization has robust, confidential reporting channels in place. These might include hotlines, online portals, or third-party reporting services. Make sure these channels are well-publicized and easy to use.

Assess and Act on Internal Reports Thoroughly

The DOJ wants to know that companies take reports seriously. This means evaluating the seriousness of allegations promptly and thoroughly.

  • Rigorous Investigation Process. Ensure that all reports are promptly reviewed and assessed for seriousness. Develop a standardized process for triaging reports based on their nature and potential impact. This should involve clear guidelines for escalating significant issues to senior management or the board.
  • Full Access for Compliance. Your compliance function must have unrestricted access to all reporting and investigative information. This ensures that investigations are conducted independently and without interference and that the compliance team can assess trends, identify systemic issues, and recommend corrective actions.
  • 120 Days. Remember, the new Corporate Whistleblower Awards Pilot Program has a 120-day deadline from when a reporter speaks up in any manner internally. Companies must fully investigate and disclose to the DOJ within that timeline to be eligible for a Declination under the Corporate Enforcement Policy.

Reinforce Whistleblower Policies and Training

The foundation of any effective whistleblower program is a clear, robust policy communicated effectively across the organization.

  • Review and Update Whistleblower Policies. Start by revisiting your existing whistleblower policies. Ensure they clearly outline the process for reporting misconduct, the protections afforded to whistleblowers, and the consequences for retaliatory actions. Update your policies to reflect the latest regulatory guidance and industry best practices.
  • Comprehensive Training Programs. Policies are only effective if employees understand them. Develop and deliver training programs that educate employees on the importance of whistleblowing, the protections they are entitled to, and how to report concerns. This training should be mandatory, regularly updated, and tailored to different levels of the organization, ensuring everyone—from frontline employees to senior executives—understands their role in maintaining a speak-up culture.
  • Regular Communication. Keep whistleblowing at the forefront of your mind by regularly communicating the importance of speaking up. This can be through internal newsletters, town hall meetings, or dedicated campaigns reinforcing the company’s commitment to ethical conduct and employee protection.

Demonstrate Zero Tolerance for Retaliation

An effective compliance program must go beyond just having a hotline—it must actively protect those who use it. A key element of the DOJ’s evaluation will be how companies treat employees who report misconduct. It is critical to ensure there is no tolerance for retaliation.

  • Develop a Strong Anti-Retaliation Policy. Ensure your company has a comprehensive anti-retaliation policy that is clear, enforceable, and well-publicized. This policy should unequivocally state that retaliation against anyone who reports misconduct in good faith will not be tolerated.
  • Swift Action Against Retaliation. Establish clear, enforceable consequences for retaliatory behavior. If an employee experiences retaliation, act quickly to investigate the claim and, if necessary, take disciplinary action against those responsible. Publicize these actions (while maintaining confidentiality) to reinforce the message that retaliation will not be tolerated.
  • Training on Anti-Retaliation Laws. Train employees on your internal anti-retaliation policies and relevant external whistleblower protection laws. This training should be frequent and tailored to different levels of the organization, from entry-level employees to executives.
  • Monitor and Measure. Implement systems to track whistleblower reports and any subsequent actions. Regularly review this data to identify patterns or areas of concern, such as departments with higher rates of reported retaliation. Use this information to refine your policies and training, ensuring continuous improvement in your approach to whistleblower protection.

Build Trust Through Transparency

Trust is the cornerstone of any effective whistleblower program. Employees must know their concerns will be taken seriously and handled with integrity.

  • Transparency in Investigations. When a report is made, ensure the investigation process is transparent, thorough, and impartial. Keep the whistleblower informed (within the bounds of confidentiality) about the investigation’s progress and any resulting outcomes.
  • Fair Treatment of Whistleblowers. Scrutinize how whistleblowers are treated within your organization, especially if they are involved in the misconduct they reported. The DOJ will examine whether whistleblowers are treated fairly and without bias compared to others involved in the same incidents.
  • Celebrate Whistleblowers. Consider recognizing and celebrating employees who come forward with important information. While this can be a sensitive area, public acknowledgment (where appropriate) can reinforce the organization’s value of ethical behavior and speak up.

Evaluate and Improve Continuously

Finally, the DOJ will look for evidence that companies are committed to whistleblower protection and continuously improving their programs.

  • Regular Program Assessments. Conduct periodic assessments of your whistleblower program to ensure it remains effective and aligned with the latest regulatory expectations. This could involve employee surveys, focus groups, or third-party audits.
  • Act on Feedback. Use the insights gained from these assessments to make meaningful changes. Continuous improvement should be a core component of your whistleblower program, whether improving reporting channels, enhancing training, or refining policies.
  • Regular Training on Reporting Mechanisms. Incorporate training on internal reporting systems and external whistleblower programs into your regular compliance training. Employees should know how to report internally and to external regulators if necessary.
  • Assess Training Effectiveness. Regularly assess the effectiveness of this training through quizzes, feedback surveys, or audits. Ensure that employees understand the reporting systems and feel empowered to use them.

Nicole Argentieri emphasized the DOJ’s heightened focus on whistleblower protections within corporate compliance programs. This comes on the heels of the DOJ’s new whistleblower awards program and underscores the critical role of speak-up cultures in identifying and mitigating misconduct. For compliance professionals, this shift means more than just updating policies; it requires a fundamental reassessment of how your organization encourages, protects, and values whistleblowers. Here’s how you can align your compliance program with the DOJ’s expectations.

Her remarks make it clear that the DOJ is placing a renewed emphasis on whistleblower protections as a critical component of corporate compliance programs. For compliance professionals, this is both a challenge and an opportunity. By reinforcing your policies, fostering a culture of speaking up, demonstrating zero tolerance for retaliation, building trust, and committing to continuous improvement, you can meet the DOJ’s expectations and create a more ethical, transparent, and resilient organization.

The 2024 ECCP made it abundantly clear that companies must have robust, accessible reporting mechanisms and unwavering whistleblower protections. For compliance professionals, this means creating a culture that supports and actively encourages reporting. By setting up effective hotlines, fostering a positive reporting culture, ensuring thorough investigations, and protecting whistleblowers from retaliation, your compliance program will meet DOJ standards and contribute to a healthier, more ethical workplace. In today’s regulatory environment, the effectiveness of your reporting mechanism and commitment to whistleblower protection are no longer just best practices—they are imperatives.

Categories
Blog

The Bre-X Mining Scandal: Part 6 – A Guide for the 2024 Compliance Professional (Part 2)

Today, we conclude a multipart blog post series exploring one of the biggest corporate scandals of the 1990s, the Bre-X mining scandal. Our most recent blog post explored the foundational lessons from the Bre-X scandal for today’s compliance professionals, focusing on due diligence, transparency, corporate governance, and more. In today’s concluding blog post,  we focus on additional critical areas where compliance officers can play a pivotal role in ensuring organizational integrity. From fostering a strong whistleblowing culture to leveraging modern technologies for continuous monitoring, these strategies will help prevent financial fraud, uphold ethical standards, and do business in compliance into 2024 and beyond.

The Role of Whistleblowing and Ethics Programs

A lack of transparency and accountability within Bre-X contributed to the persistence of fraud for years. If a robust whistleblowing mechanism had been in place, the red flags might have been raised earlier, potentially preventing the massive fallout.

  • Encouraging Whistleblowing. One of the most critical aspects of modern compliance is creating a culture where employees feel empowered to speak up without fear of retaliation. Compliance officers should focus on building and maintaining secure, confidential channels where employees can report unethical or suspicious activities. A strong whistleblowing framework protects the organization from reputational damage and demonstrates to employees that integrity is a top priority.
  • Ethics Training. In addition to promoting whistleblowing, regular ethics training can help build a culture of transparency and accountability. Employees must be educated on the importance of ethical decision-making and how their actions contribute to the company’s long-term success. Compliance teams can reinforce the core values of honesty and integrity across the organization through frequent workshops, case studies (including Bre-X), and clear guidance on ethical behavior.

Risk Management and Scenario Planning

The Bre-X scandal is a stark reminder of the importance of comprehensive risk management. The ability to foresee potential risks and prepare accordingly can be the difference between averting a disaster or getting caught in one.

  • Assessing and Mitigating Risk. Risk management is central to the work of a compliance officer. Rigid risk assessments are non-negotiable in industries like mining—where speculation, large financial stakes, and geographical challenges intersect. Compliance professionals must develop strategies that identify, assess, and mitigate potential risks early, whether they stem from operational, financial, or reputational sources. For instance, resource overestimation, as seen in Bre-X, could have been mitigated with proper checks on geological data and third-party verification.
  • Scenario Planning. Preparing for various fraud scenarios, including “what if” situations similar to Bre-X, is a valuable exercise. Scenario planning enables organizations to consider how they would respond in the event of fraud or a major compliance breach. Companies should develop detailed crisis management plans, identify key decision-makers, and outline steps for navigating potential crises. In the event of another large-scale scandal, having these contingency plans in place will reduce the organization’s response time and limit damage.

Continuous Controls Monitoring and Auditing

The importance of continuous monitoring cannot be overstated, particularly in industries prone to high levels of fraud, such as mining, finance, or healthcare. Compliance professionals must champion ongoing oversight to ensure early detection of potential issues.

  • Ongoing Oversight. Continuous auditing of processes and transactions is an effective way to catch problems before they escalate. In the Bre-X case, regular audits of geological sample reporting and financial disclosures could have flagged discrepancies early on. Compliance teams today should implement robust monitoring programs that examine critical areas like financial performance, regulatory adherence, and ethical behavior. Routine audits of key operational processes, especially in high-risk industries, can prevent fraudulent behavior from going undetected.
  • Use of Technology. The rise of data analytics and artificial intelligence (AI) has transformed the compliance landscape. In 2024, compliance professionals must embrace technology that enhances real-time monitoring capabilities. By leveraging AI and big data, companies can detect anomalies or suspicious activities before they evolve into significant problems. For example, automated systems can track financial reporting patterns or identify irregular resource estimates, helping compliance teams intervene before major fraud occurs.

Global Considerations and Jurisdictional Awareness

In today’s globalized business environment, companies often operate in multiple countries, each with its regulatory requirements. Compliance professionals must stay abreast of international standards and ensure the organization complies with all regions.

  • Navigating International Regulations. The Bre-X scandal highlighted the complexities of operating in different jurisdictions. While Bre-X was a Canadian company, much of its fraudulent activities occurred in Indonesia, and the regulatory landscape vastly differed between the two countries. In 2024, compliance officers must develop an in-depth understanding of the regulatory environments in each jurisdiction where their company operates. This includes legal compliance and cultural and business norms that could impact operations and risk management strategies.
  • Cross-Border Cooperation. In an interconnected world, no company is an island. Regulatory bodies across countries are increasingly cooperating on compliance and enforcement efforts, especially in mining, finance, and pharmaceuticals. Building relationships with regulatory agencies in different jurisdictions is vital for compliance professionals. These partnerships can help organizations navigate complex international regulations and stay on top of emerging global compliance trends.

The Bre-X scandal was a watershed moment for the mining industry and for compliance professionals across sectors. The lessons from this case are invaluable in shaping how compliance is approached in 2024. Compliance officers can safeguard their organizations from the devastating consequences of fraud by encouraging a culture of whistleblowing, implementing comprehensive risk management practices, leveraging technology for continuous monitoring, and understanding global regulatory landscapes.

Fraud prevention is a continuous journey that requires vigilance, transparency, and a proactive mindset. Today’s compliance professional’s responsibility is not just to respond to incidents but to anticipate them, fostering a corporate culture prioritizing ethics and accountability at every level. This concludes our series on the Bre-X scandal. By learning from the past, compliance professionals can build a more resilient, transparent future for their organizations.

Categories
Daily Compliance News

Daily Compliance News: August 8, 2024 – The Whistleblowing in The UK Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee and listen to the Daily Compliance News. All from the Compliance Podcast Network.

Each day, we consider four stories from the business world: compliance, ethics, risk management, leadership, or general interest for the compliance professional.

In today’s edition of Daily Compliance News:

  • The UK takes whistleblowers seriously. (FT)
  • Afghanistan cricketer are banned for corruption. (ESPN)
  • Trouble for Boeing in outer space. (NYT)
  • Chaos on the Boeing assembly line. (WaPo)

For more information on the Ethico ROI Calculator and a free White Paper on the ROI of Compliance, click here.