Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 7 – Policies and Procedures

There are numerous reasons to put some serious work into your compliance policies and procedures. They are certainly a first line of defense when the government comes knocking. The 2020 Update made clear that “Any well-designed compliance program entails policies and procedures that give both content and effect to ethical norms and that address and aim to reduce risks identified by the company as part of its risk assessment process.

This statement made clear that the regulators will take a strong view against a company that does not have well-thought-out and articulated policies and procedures against bribery and corruption, which are systematically reviewed and updated. Moreover, having policies written out and signed by employees provides what some consider the most vital communication layer and acts as an internal control. Together with a signed acknowledgment, these documents can serve as evidentiary support if a future issue arises. In other words, the “Document, Document, and Document” mantra applies just as strongly to policies and procedures in anti-corruption compliance.

The specific written policies and procedures required for a best practices compliance program are well-known and long-established. According to the 2020 FCPA Resources Guide 2nd edition, some of the risks companies should keep in mind include the nature and extent of transactions with foreign governments (including payments to foreign officials), use of third parties; gifts, travel, and entertainment expenses; charitable and political donations; and facilitating and expediting payments. Policies help form the basis of expectations for standards of conduct in your company. Procedures are the documents that implement these standards of conduct.

Three key takeaways:

1. Written compliance policies and procedures, together with the Code of Conduct, form the backbone of your compliance program.

2. The DOJ and SEC expected well-thought-out and articulated compliance policies and procedures to be adequately communicated throughout your organization.

3. Institutional fairness for the application of policies and procedures demands the consistent application of your policies and procedures across the globe.

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 3 – The Code of Conduct

What is the value of having a Code of Conduct? In its early days, a Code of Conduct tended to be lawyer-written and lawyer-driven to wave in the regulator’s face during an enforcement action as proof of overall ethical behavior. Is such a legalistic code effective? Is a Code of Conduct more than simply your company’s internal law? What should be the goal in creating your company’s Code of Conduct?

Indeed violation of your Code of Conduct can form the basis of a domestic FCPA enforcement action. In an enforcement action involving United Airlines, Inc., a breach of the Code of Conduct by the Company CEO was determined to be an FCPA internal controls violation. It involved a clear quid pro quo benefit paid out by United to David Samson, the former Chairman of the Board of Directors of the Port Authority of New York and New Jersey. This public government entity has authority over, among other things, United’s operations at the company’s huge east coast hub in Newark, NJ.
Your Code of Conduct should be tailored to your company’s culture, industry, and corporate identity. It should provide a mechanism by which employees trying to do the right thing in the compliance and business ethics arena can do so. The Code of Conduct can be used for employee review and evaluation. It should certainly be invoked if there is a violation. Your company’s disciplinary procedures must be stated in the Code. These would include all forms of disciplines, up to and including dismissal, for serious violations of the Code. Further, your company’s Code should emphasize it will comply with all applicable laws and regulations wherever it does business. The code must be written in plain English and translated into other languages so all applicable persons can understand it.

Three key takeaways:

1  A Code of Conduct is a foundational document in any compliance regime.
2  The substance of your Code of Conduct should be tailored to the company’s culture, industry, and corporate identity.
3  “Document, Document, and Document” your training and communication efforts regarding your Code of Conduct.

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 2 – Clearly Articulated Written Standards

The written standard requirements have long been memorialized in the U.S. Sentencing Guidelines, which contain seven basic compliance elements that can be tailored to fit the needs and financial realities of any given organization. From these seven compliance elements, the DOJ has crafted its minimum best practices compliance program, which is now attached to every DPA and NPA issued. These requirements were incorporated into the 2012 FCPA Guidance and brought forward in the 2023 ECCP and FCPA Corporate Enforcement Policy. The U.S. Sentencing Guidelines assumes that every effective compliance and ethics program begins with a written standard of conduct; i.e., a Code of Conduct.

Following your Code of Conduct is written policies and procedures required for a best practices compliance program are well- known and long established. The role of compliance policies is to provide guidance and to protect companies, despite an occasional hick-up. Policies provide a basic set of guidelines for employees to follow. They can include general do’s and don’ts, work process flows, specific issue guidelines. By establishing what is and is not acceptable compliance behavior, a company can mitigate the compliance risks posed by employees who might make foolish decisions or otherwise engage in unethical behavior.

There are numerous reasons to put some serious work into your Code of Conduct, policies and procedures. They are certainly a first line of defense when the government comes knocking. This means the regulators will take a strong view against a company that does not have well thought out and articulated policies, procedures or Code of Conduct; all of which are systematically reviewed and updated. Written policies, signed by employees provide a vital layer of communication. Together with a signed acknowledgement, these documents can serve as evidentiary support if a future issue arises. In other words, the “Document, Document, Document” mantra applies just as strongly to this area of anti-corruption compliance.

Three key takeaways:

  1. A Code of Conduct, together with policies and procedures, have long been recognized as cornerstones of a best practices compliance policy.
  2. Each level of written standards builds upon one another, so consider this integration step.
  3. The Fair Process Doctrine applies to your written standards.

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Written Standards: Day 1 – Introduction to Written Standards

The cornerstone of any best practices compliance program is written protocols. This includes a Code of Conduct, policies and procedures. These elements have long been memorialized in the US Sentencing Guidelines; the Department Of Justice’s (DOJs) Opinion Releases regarding compliance programs, the 2012 FCPA Guidance, both DOJ and Securities and Exchange Commission (SEC) enforcement actions, the 2019 Guidance and FCPA Corporate Enforcement Policy.
There are three levels of standards and controls, Code of Conduct standards and policies and procedures. Every company should have a Code of Conduct that expresses its ethical principles. But a Code of Conduct is not enough. The Code of Conduct is implemented through your compliance policies. It is further operationalized through your compliance procedures. The DOJ spoke to their importance in the 2019 Guidance when it stated, “As a threshold matter, prosecutors should examine whether the company has a code of conduct that sets forth, among other things, the company’s commitment to full compliance with relevant Federal laws that is accessible and applicable to all company employees.” As a corollary, prosecutors should also assess whether the company has established policies and procedures that incorporate the culture of compliance into its day-to-day operations.

At the end of the 31 Days you will have a very detailed grounding on better written standards for your compliance program. You will be able to utilize the information presented to implement a more effective compliance program for your organization. 

Three key takeaways: 

  1. The cornerstone of any best practices compliance program is its written protocols.
  2. Written standards work to prevent, detect and remediate.
  3. What are the specific written protocols you should have in your compliance program?

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
The Compliance Handbook

GWIC on Best Practices in Policies and Procedures

In this episode of The Compliance Handbook, I asked the Great Women in Compliance (#GWIC) co-hosts Mary Shirley and Lisa Fine to talk about some of their best practices around written standards for a compliance program.
The definition of a successful compliance program is not foreign for many compliance specialists. However, the challenge is to understand what it truly means for a compliance program to be effective.

Most organizations claim that the central meaning of compliance is to define and enforce guidelines and standards that can minimize the possibility of a violation of compliance. Though, the truth remains that if misconduct exists, your attempt to highlight that your compliance policy conforms with regulatory requirements will increment your culpability score and contribute to a noticeable difference in fines and jail time.
To help you paddle through your compliance programs, I recently met two influential women in compliance, Lisa Fines and Mary Shirley. These phenomenal women will add transparency to these ethics and compliance concerns. We will dive into written compliance and touch base on #GWIC (Great Women In Compliance) and how it has become a powerful platform that supports compliance practitioners.
Key takeaways discussed in the episode:

  • Know what is written compliance inside out. Understand that everybody needs to know what the rules are. But, it should not be lawyer-written, 20 pages long. Use the simplest terms possible, break things down to the absolute essential thinking.
  • Call to mind that the code is our ethos, and the policies are the regulations to explain them. If possible, get your message across in the shortest possible time using the least words possible.
  • Hark back to the truth that there is no one size fits all compliance program. Thus, make learning come to life and apply it to people’s job roles. As much as possible, tell people what the expectations are and help facilitate their decision-making.
  • Factor into that it’s natural to maintain your relationships with former colleagues, but It’s not okay and could be risky if you talk shop with them.
  • Support Women Empowerment and appreciate their contributions, especially in compliance. Learn how #GWIC grew into a community of great women who share valuable resources and support compliance practitioners.

The Compliance Handbook, 2nd Edition incorporates the most current government pronouncements governing best practices compliance programs, including the 2019 Evaluation of Corporate Compliance Programs released by the Fraud Section of the Department of Justice, and its 2020 Update; the updated FCPA Resource Guide 2nd edition; the Framework for OFAC Compliance Commitments; and the 2019 DOJ Antitrust Division’s Evaluation of Corporate Compliance Programs in Criminal Antitrust.
eBooks, CDs, downloadable content, and software purchases are non-cancellable, non-refundable, and non-returnable. Click here for more information about LexisNexis eBooks. The eBook versions of this title may feature links to Lexis + for further legal research options. A valid subscription to Lexis + is required to access this content.
Order your copy OR copies of The Compliance Handbook: A Guide to Operationalizing Your Compliance Program. Save 25% off.  http://www.lexisnexis.com/fox25