Info

FCPA Compliance Report

Tom Fox has practiced law in Houston for 30 years and now brings you the FCPA Compliance and Ethics Report. Learn the latest in anti-corruption and anti-bribery compliance and international transaction issues, as well as business solutions to compliance problems.
RSS Feed Subscribe in Apple Podcasts
FCPA Compliance Report
2019
May


2018
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
March
February


2015
December


Categories

All Episodes
Archives
Categories
Now displaying: June, 2018
Jun 29, 2018

As get ready for a holiday week, Jay Rosen and myself are back in the saddle again to take a look at some of the top compliance stories from the past week.

  1. What happens when you lose your ethical way and its splashed across the front page of the NYT? See article in the New York Timesby By Walt Bogdanich and Michael Forsythe on McKinsey and its ill in South Africa.  
  2. Walt Pavlow asks if business schools should stop teaching ethics and substitute the US Sentencing Guidelines. Check it out in Forbes.com.
  3. What is the real world role of a CCO? Kelly Swanson explores in Just Anti-Corruption(sub req’d)
  4. Why using independent monitors is forward thinking in the compliance realm. Bart Schwartz explore in the FCPA Blog.
  5. The SFO charges Unaoil for bribery and corruption. Dick Cassin reports in the FCPA Blog. Sam Rubenfeld reports in the WSJ Risk & Compliance Journal.
  6. Did the leopard change its spots or did something real change? Delaware supports an overhaul of benficial ownwership requirements. See article by Henry Cutter in the WSJ Risk & Compliance Journal.
  7. An AML sentencing bookend a FCPA sentencing. Tom explains why this is important in the FCPA Compliance and Ethics Blog.
  8. After the announcement of the new FCPA Corporate Enforcement Policy in November 2017, what should we call the new type of declination? Maddie McMahon explores in the Global Anti-Corruption Blog.
  9. SEC votes to limit whistleblower awards. Will it impact the SEC whistleblower program? Francine McKenna explores in MarketWatch.com.
  10. Tom’s new book The Complete Compliance Handbookremains a hot seller. It is available oncom. Purchase an autographed copy here. It is reviewed in the FCPA Blog, Radical Complianceand Corruption, Crime and Compliance.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Jun 28, 2018

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly and I take a deep dive back into the impact of the Trump Administration’s attack on friend and foe alike with tariffs, trade wars, embargoes and sanctions.  This is also our first live podcast from Matt’s stomping grounds in Cambridge, MA.

What does all this mean for the compliance practitioner? Obviously, your job just became a lot harder. The scrutiny both public and private will be much greater. You will need much greater visibility into what business your organization is into going forward.

For more reading: see Matt’s piece on “Corporate Ethics & Politics: It’s Gonna Get Worse” and “Trade War! Trade War! Man the Barricades!”,both on Radical Compliance. See Tom’s piece, “Condos, Corruption and Compliance” in Compliance Week. 

Jun 27, 2018

How does a company transfer data from the European Union (EU) to the US under the General Data Protection Regulation (GDPR) which went live on May 25, 2018? I recently had the opportunity to visit Jonathan Armstrong, partner at Cordery Compliance in London and an internationally renowned data privacy/data protection expert on this topic. Armstrong noted there have been some changes which may significantly impact this issue going forward. There are basically four ways to affect such a transfer. 

However, there is a method that many people may not realize is a data transfer as it involves reviewing data which sits on a server in the EU. This means that even if the data does not move out of the EU but you can access it from the US that counts as a data transfer as well. A fairly typical corporate example might be where your organization has a system for your employees that does that payroll and that payroll information is on a server in Belgium. Your Human Resources (HR) Department from the US can get into that server and extract data from it. This is a data transfer under GDPR. 

  1. Consent.The first method to safely and legally transfer data is through consent. While this may work more easily in a B2B context, it is much more challenging in the employment context. Under GDPR an employer cannot require consent as a condition of employment. Moreover, this is carried over after the creation of the employment relationship in that an employee cannot give a valid consent. The reason is the EU holds the employer has undue influence over the employee and therefore no consent can be freely given. 
  1. Standard Contractual Clauses or Model Clauses.Armstrong noted he expects to see new form clauses at some point from EU data regulators. However, he tempered this with caution that there is currently a court challenge at the European Court of Justice (ECJ), referred from the Irish Data Protection Commissioner. Once again, these standard contractual clauses in their current form are likely to face a number of legal challenges going forward, so they may well be less safe post-GDPR go live than there were before. 
  1. Privacy Shield.Readers will recall that Privacy Shield was the regime put in place after the legal actions, led by Max Schrems, invalidated Safe Harbor. Armstrong believes that while “Privacy Shield is not dead yet, it's certainly unwell.” One reason is that there are many Europeans who do not believe that the current US administration is respecting privacy as well as it might. Even this past week, US Secretary of Commerce Wilbur Ross, criticized GDPR in an op-ed piece in the Financial Timesarguing the law was unclear, no guidance has been provided by regulators, it favored privacy rights over security and would likely cause job losses in the US. 

Not that the Trump Administration is any friend of the EU (or data privacy for that matter) but if the European Commission is minded to retaliate, one easy way to do so would be to withdraw the Privacy Shield scheme. From the European legal perspective, Privacy Shield currently faces two faces challenges before the ECJ. These are likely to be heard in 12 to 18 months. Finally, the European Parliament and the several European data protection regulators are not fans of Privacy Shield and this has hampered progress since it was brought into force. Armstrong concluded by stating, “my gut feel would, would be the privacy shield will die. It is a question of when and not on privacy shield. Certainly, in a worse position now than it was on May 25th.” 

  1. Binding Corporate Rules.Armstrong believes this is the one area for data transfer which has benefited from GDPR go-live. Under this scenario, an organization can go to any one of the EU data regulators ask it to be a group of companies lead regulator. From this point, the companies would put in place that system that is somewhat akin to Privacy Shield; including a series of commitments from all the other the entities which make up this the corporate network. These commitments are to each other. From there the lead regulator then reviews and assess then approve the entire network’s data privacy/data protection commitments. Finally, the lead regulator goes to such other regulators in the EU, supporting these Binding Corporate Rules. It is more streamlined approach for dealing with the plethora of regulators in the EU. 

Armstrong emphasized this is not a rubber stamp process but one which takes time and concerted effort. He estimated that it is an 18 month or so process. However, under GDPR there was the creation of a European Data Protection Board (EDPB) and one of its function is to help the process of getting Binding Corporate Rules approved more quickly. 

Armstrong concluded by cautioning there is still much fluidity in the mechanisms for data transfer. There still may be many changes from both the regulatory perspective and the legal perspectives through court challenges. He concluded by stating “vigilance is the watch word here.”

Jun 25, 2018

In this episode, I visit with John Warren, Vice President and General Counsel at Association of Certified Fraud Examiners and Andi McNeal, Director of Research at ACFE. In this podcast we discuss:

  • What is the Report to the Nations?
  • How long has ACFE been releasing it?
  • Have the trends been consistent over the past 10 years?
  • Owners/execs account for small percentage of losses but have a median loss of $850K;
  • Corruption was the most common scheme in every global region;
  • Median losses are far greater when fraudsters collude;
  • Data monitoring/analysis and surprise audits were correlated with the largest reduction in fraud loss, what does that mean for detection and prevention?
  • Considerations from the Corruption Section in the Report;
  • What were the top red flags in corruption cases? Do these differ from other types of fraud?
  • What are the industries or business sectors with highest proportion of corruption cases?
  • One of the most significant set of findings seems to be the behavioral aspects of fraud. Do those same aspects appear in corruption cases? If so, can more traditional behavioral risk detection or prevention techniques be brought to the structural solutions used to fight corruption?

The ACFE report to the Nations is an excellent reference tool for all compliance practitioner to show where fraudsters explode weak points.  It also has important data around corruption and from this information you can make your compliance program more robust around these areas which can be exploited.

To download a copy of the Report to the Nations, click here.

Jun 23, 2018

Before we head to Boston for an event at AMI on Monday, Jay Rosen and myself are back in the saddle again to take a look at some of the top compliance stories from the past week.

  1. Inside the Fall of Mossack Fonseca, reviewed by Dick Cassin in the FCPA Blog.
  2. Where will your next crisis come from? Today’s news or 10 years ago? Sam Rubenfeld reports on the reputational hit companies which helped separate children from their parents at the border in the Wall Street Journal Risk & Compliance Journal. Ben DiPietro considers the trial in France of the fallout from a 10 year old corporate restructuring, also in the Risk & Compliance Journal.
  3. The OECD is looking at anti-corruption enforcement and finds it lacking in Germany and in trouble in Norway. Henry Cutter reports on Germanyand Sam Rubenfeld on Norway, both in the WSJ Risk and Compliance Journal.
  4. Brazil is a model for international enforcement, investigations and cooperation, believes Kees Thompson, writing in the Global Anti-Corruption Blog.
  5. How do you classify your third parties? Mike Volkov explains it in the Navex blog, Ethics and Compliance Matters. On his blog Corruption, Crime and ComplianceMike discusses how to build a business case for a third party risk management system.
  6. Auditors behaving badly. Tammy Whitehouse reports on a negative report from U.K. Financial Reporting Council in Compliance Week. (sub req’d)Francine McKenna, writing in MarketWatch reports on the continuing KPMG
  7. SEC Chief Jay Clayton talks corporate culture. Matt Kelly, writing in Radical Compliance, finds it lacking.
  8. How does Sherlock Holmes inform your compliance program? Tom explored in a 5-day series. Part I-Communication; Part II-Institutional Justice; Part III-Criminality; Part IV-Mentoring; and Part V-Imagination.
  9. Support your local book sellers! River Oaks Bookstore, 3270 Westheimer, in Houston is now stockingThe Complete Compliance Handbook. Tom will be on hand for a book signing on Thursday, June 28 from 5:30 to 7.
  10. Tom’s new book The Complete Compliance Handbookremains a hot seller. It is available oncom. Purchase an autographed copy here. It is reviewed in the FCPA Blog, Radical Complianceand Corruption, Crime and Compliance.
  11. Serving up some Breakfast and Compliance. Join Tom in Boston on June 25 at the offices of Affiliated Monitors to learn here about show the story of compliance is the story of innovation. For more information and registration, click here.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Before we head to Boston for bagels, coffee and compliance at the offices of AMI, Jay Rosen and I review the week's top ethics and compliance stories on This Week in FCPA.

Jun 21, 2018

You will note the new title for this episode, Life With GDPR. When Jonathan Armstrong and I began this series in early 2018, we had intended to give listeners a grounding in the new law in the lead up to its go-live date of May 25. However, the response was so overwhelming and Jonathan and I had so much fun putting on the podcasts that we decided to make Countdown to GDPRa permanent part of the Compliance Podcast Network, albeit with a more appropriate name. So welcome to the re-monikered Life With GDPR, which I hope you will enjoy as much as you enjoyed its predecessor. Today Jonathan and I take up the issue of non-monetary penalties.

While most practitioners focused on the heavy fines and penalties available under the General Data Protection Regulation (GDPR) of up to 4% of total global revenues or other very large fines, there are other remedies that each EU and UK data regulator can levy or put into place that may require considerable corporate cost and effort. Moreover, these lessor penalties and sanctions can be the precursor to larger monetary fines and penalties. Armstrong emphasized that each EU country has its own regulator and they will have varying degrees of aggressiveness.

Armstrong pointed to three areas the regulators can order companies to engage in activities. First, it can order a GDPR audit to determine if it has previously assessed its data protection/data privacy issues correctly. Here he pointed to an example of a healthcare organization that was ordered to perform a Data Protection Impact Assessment (DPIA) and report back to the regulators within one month.

Next, Armstrong pointed to the joint areas of date controllers and data processors. Regulators can require a company Data Protection Officer (DPO) to comply with data requests, even Subject Access Requests (SARs). He referenced to a recent example from the UK involving Cambridge Analytica, which was ordered to comply with a US academic’s SAR. Further, a regulator can order a company to bring its data protection program in line with GDPR. Additionally, regulators can maintain investigations in the form of data protection audits and have the right to obtain access to any premises of the controller and the processor, including any data processing equipment by obtaining a warrant. This may prove to be a significant tool in the data protection regulators’ toolkit.

Regulators can also order companies to stop certain activities. Here Armstrong provided the example of a US based company with operations in Europe who is not GDPR compliant around its internal reporting structures. An EU regulator could order the company to suspend its hotline in Europe until there is compliance. Under such a scenario, the US Company would be out of compliance with US securities law and it may be at risk under best practices compliance programs under the Foreign Corrupt Practices Act (FCPA), Anti-Money Laundering (AML) regulations, export control regulations or even US anti-trust law.

Armstrong emphasized that it is not simply the regulators who have powers under GDPR, individuals do as well. SARs of course are well-known but there are other individual rights Armstrong emphasized. If an individual files some type of GDPR complaint with a statutory regulator, who does not take up the complaint within 30, days that individual can appeal against both the regulator to get the complaint moving forward. This means that individuals can file SAR actions against companies that do not respond in a timely manner to SARs. Moreover, such individuals can then band together in a class action lawsuit over such failures. There is also a mechanism for equitable reallocation of damages between parties. If a data processor has to pay damages properly attributable to a data controller, GDPR Article 82 provides a procedure for claiming these damages back. Finally, recall that any person who has suffered “material or non-material damage” due to an infringement of the new rules has a right to compensation from the data controller or processor concerned for the damage suffered and you begin to realize the powers that individuals hold under GDPR.

Interestingly, Armstrong believes that the number of regulatory and individual remedies will mandate that if companies have an incident, they should investigate and remediate quickly. From there, the entity should prepare their investigative results, remedies and internal sanctions they may have put in place on those employees involved. These steps will all go towards mitigating any proposed financial penalty the regulators may be considering. Basically, businesses need to have their ducks in a row, as it can lead to not only reduced costs for corporations, but also could well lead to greater compliance if tied to a root cause analysis.

Jun 20, 2018

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly and I take a deep dive back into the issue of the ZTE monitorship announced recently as a part of the settlement with the Department of Commerce on the death penalty sanctions levied on the company in April.  

That sanction was an export denial which barred American companies from selling components to ZTE and its subsidiary. American companies, such as the San Diego-based chipmaker Qualcomm supplied critical parts for ZTE’s its networking gear and smartphones. This sanction came on the heels of a $891 million fine and penalty the company agreed to in March 2017 for its first round of export control violations. The second sanction was for failing to live up to the terms of the DPA the company agreed to in 2017.

In the 2017, the company agreed to a monitor, who was appointed by the District Court which accepted the company’s guilty plea. Under the May 2018 supplemental sanction, ZTE agreed to pay an additional $1 billion in penalties, put $400 million in escrow, and accept a U.S.-appointed compliance department. According to the Department of Commerce Press Release, the new agreement requires ZTE "to retain a team of special compliance coordinators selected by and answerable to" the Commerce Department for ten years. This new compliance function will essentially serve as the Department of Commerce’s monitor at ZTE as the Press Release noted, "Their function will be to monitor on a real-time basis ZTE’s compliance with U.S. export control laws.”

Matt and I take a deep dive into the DOC resolution, the monitorship and how it might work and the use of a sanctions regime by the administration as a tool to brow beat other countries. We discuss in detail on this bizarro arrangement of U.S. regulators appointing an in-house compliance executive to act as a monitor to the Chinese telecom firm. The concept is intriguing, and the job could be the professional challenge of a lifetime — except for all those pesky details, including the ones this settlement still leaves unaddressed.

For more reading: see Matt’s piece on “FAQs on ZTE’s Compliance Settlement” and “Trade War! Trade War! Man the Barricades!”,both on Radical Compliance. See Tom’s piece, “The ZTE Department of Commerce Monitor: unchartered waters” in Compliance Week.  

Jun 18, 2018

In this episode, I visit with Kristy Grant-Hart, founder of Spark Compliance Consulting and author of now three books in the compliance arena. We discuss her most recent book “How to Have a Wildly Successful Career in Compliance", which will be released on Amazon.com on June 19. For those of you who have seen Kristy speak you know she is high energy and very passionate about compliance and the compliance profession. She channels that energy and passion into her latest book. In this podcast we discuss:

  • Why she wrote this book?
  • Why the winding career of a compliance professional so important?
  • Why it more important for women to “Ask for it?” around salary/comp/promotions?
  • Why moving up the corporate ladder more like climbing a jungle gym?
  • Why understanding the numbers and business plan so important to a compliance professional?
  • How does one raise their profile in the compliance profession?
  • Why is collaboration so important for a compliance professional and a corporate compliance function?

Kristy is the author of two prior books on compliance, How to Be a Wildly Effective Compliance Officerand Wildly Strategic Compliance Officer Workbook. Both are must reads for compliance professionals. Her latest entry gives solid tips and point-by-point steps on how to have a successful career in the compliance field. But it is more than simply Kristy’s thoughts as she interviewed compliance professionals from literally across the globe on how they have become wildly successful.

Yet there is one thing about the book that I think makes it most useful for every compliance practitioner out there. It is that the book works on multiple levels and for multiple stakeholders. Obviously, it is targeted and works for the compliance practitioner but it also works for a CCO who is thinking about working with senior management and a Board of Directors. Further it works on a compliance program level, with many of Kristy’s tips translating into compliance program best practices.

Finally Kristy tackles head on the issue of women succeeding in the compliance profession. She writes this chapter with clear-eyed focus; not ranting or raving but giving women the tools, they need to succeed in the compliance profession and in the greater corporate world. I found this chapter so powerful I bought a copy for my 21-year-old daughter to help prepare her for your professional career after she graduates from college.

To purchase a copy of How to Have a Wildly Successful Career in Complianceon Amazon.com, click here.

For more information on Kristy’s books, check out her site, Compliance Kristy by clicking here.

Finally for more information on Kristy’s consulting company, Spark Compliance Consulting, click here.

Jun 15, 2018

With both VW and ZTE having very bad weeks, Jay Rosen and myself are back in the saddle  again to take a look at some of the top compliance stories from the past week.

  1. Having a bad week-Part 1, Volkswagen. First the head of its Audi unit is announced to be under investigation (here). Then Germany fines the company €1 bn for the emissions-testing fraud (here). Finally German prosecutors rejct the myth of “rogue engineers” in the scandal, saying the company is responsible as a whole (here). All reported in the New York Times.
  2. Having a bad week-Part 2, ZTE. After having reached a settlement between ZTE and the Department of Commerce, Congress moves to block the settlement. Michael C. Bender,  Siobhan Hughes and  Kate O’Keeffe report on the political perspective in the Wall Street Journal. From the compliance angle, many questions abound. Gerry Zack, writing in the FCPA Blog, says don't call the persons reporting to the DOC mandated compliance officers as they are monitors. Matt Kelly offers up informative FAQs on the monitorship in Radical Compliance. Tom considers the uncharted waters of the settlement in Compliance Week(sub req’d)
  3. The court evisserates the DOJ’s argument against the AT&T purchase of Time Warner. Henry Cutter uses the merger go-ahead from Judge Leon to explore the compliance challenges in mega-mergers (and small ones too). In the WSJ Risk & Compliance Journal.
  4. Bill Steinmann says (yet again) that FCPA enforcement is not dead. It’s not that he’s tired of saying it, he just wishes the nay-sayers would unplug their ears and start to listen. On the FCPA Blog.
  5. Goldman Sachs made $600 peddling 1MDB bonds. The new Malaysian government wants some of that money back. Alexandra Stephenson and Hannah Beech report in the New York Times.
  6. CCO’s behaving badly. The Standard Chartered CCO has left the bank for inappropriate behavior. Sam Rubenfeld reports in the WSJ Risk & Compliance Journal.
  7. Looking to do business with Trump’s newest buddy North Korea? Dick Cassin says be careful, be very careful in the FCPA Blog.
  8. Anti-piling on is a two-way street, as it requires responsible actions by companies as well. Michael Griffiths reports in GIRon remarks by Justice Department FCPA Unit Chief Dan Kahn.
  9. Need some CLE or Compliance know-how? Join Tom’s Compliance Master Class, which next week Houston on June 21 & 22. Just a couple of seats left. Information and registration is available here. Learn about compliance from the guy who wrote the book on compliance.
  10. Support your local book sellers! River Oaks Bookstore, 3270 Westheimer, in Houston is now stockingThe Complete Compliance Handbook. Tom will be on hand for a book signing on Thursday, June 28 from 5:30 to 7.
  11. Tom’s new book The Complete Compliance Handbookremains a hot seller. It is available oncom. Purchase an autographed copy here. It is reviewed in the FCPA Blog, Radical Complianceand Corruption, Crime and Compliance.
  12. Serving up some Breakfast and Compliance. Join Tom in Boston on June 25 at the offices of Affiliated Monitors to learn here about show the story of compliance is the story of innovation. For more information and registration, click here.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Jun 14, 2018

Everything Compliance is the only roundtable podcast in compliance, with four of the top compliance practitioners around. This week the gang returns to its four focused topics on its Four of a Kind edition. After the commentary we follow with rants.

  1. Matt Kelly considers the new management strategy of reducing middle management in corporations. Where does compliance fit into this new structure? Matt rants on DOJ advisory opinions for Foreign Agent Registration Act (FARA) issues. 
  1. Mike Volkov explores the upcoming compliance reckoning. What is it and how should compliance professionals prepare? Mike rants on the cynical and ridiculous pardons granted by President Trump. 
  1. Jonathan Armstrong reviews the new UK Data Privacy-Data Protection Law. Jonathan rants on lack of engagement by the British public in the electoral process and governance debate.
  1. Jay Rosen considers the importance of corporate culture. How does one survey, understand and then improve corporate culture? How can you demonstrate any of these steps to a regulator or the DOJ? Jay has a heavy heart around the losses this week of Anthony Bourdain and Kate Spade, both by their own hand.

The members of the Everything Compliance panel are:

  • Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
  • Mike Volkov– One of the top FCPA commentators and practitioners around and the Chief Executive Officer of The Volkov Law Group, LLC. Volkov can be reached at mvolkov@volkovlawgroup.com.
  • Matt Kelly– Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com
  • Jonathan Armstrong– Rounding out the panel is our UK colleague, who is an experienced lawyer with Cordery in London. Armstrong can be reached at armstrong@corderycompliance.com

The host and producer of Everything Compliance is Tom Fox theCompliance Evangelist. His most recent book, The Complete Compliance Handbook is available on amazon.com.

Jun 13, 2018

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly and I take a deep dive back into the issue of the decline in Initial Public Offerings (IPOs). We consider legislation in the House of Representatives to gut the compliance requirements of Dodd-Frank and SOX, all in the name of increasing the number of IPOs. 

We review the testimony of Columbia Law School Professor John Coffee before a Congressional committee about these latest initiatives. His testimony is reported by Kevin LaCroix in his most excellent blog, the D&O Diary. Professor Coffee’s testimony  reflects his skepticism that further deregulation alone will result in increased numbers of IPOs. He relates several reasons for the worldwide drop in IPOs, which have nothing to do with Dodd-Frank, SOX or any other US law as they are structural and baked into the global financial system. He also notes that small companies which do go IPO usually have much worse financial performance than companies which seek funding through private equity.    

Professor Coffee’s testimony clearly demolishes the myth that Dodd-Frank was a job killer bill or that SOX’s Sec. 404 and 302 requirements have lessened the number of IPOs. There are a wide variety of factors, none of which has been addressed in the House legislative initiatives.

Jun 11, 2018

In this episode, I visit with Rick Pearl, the Global Corporate Responsibility Officer and Vice President of Corporate Citizenship at State Street Corp. We discuss the 2017 State Street Corporation, Corporate Responsibility Report. Some of the highlights include:

  • Qs from section on Risk Culture and Compliance at State Street and its portfolio companies;
  • What are the three lines of compliance defense?
  • Should there be a risk committee at the Board level?
  • What is find once, fix many? How does SSGA implement this?
  • What is Ethical Decision-Making Framework and how does SSGA train on it?
  • How does SSGA use supplier assessment strategies?
  • What is SSGA’s Responsible sourcing programs?
  • What is SSGA’s internal governance program allowing for multilevel assessment of vendors and service providers globally?
  • What is SSGA’s Innovation for Value Creation?

Here are the links to State Street’s Corporate Responsibility Report and overview. 

Report- 

http://www.statestreet.com/values/corporate-responsibility.html

Overview- 

http://www.statestreet.com/content/dam/statestreet/documents/values/CR_Overview_Final.pdf

Jun 7, 2018

With a wild ride of FCPA cases over the past week, Jay Rosen and myself are back in the FCPA saddle  again to take a look at some of the top compliance stories from the past week.

  1. Société Générale S.A. becomes No. 5 in the Top 10 of FCPA settlements, paying $585MM for bribes paid to garner business in Libya. Dick Cassin reports in the FCPA Blog. Henry Cutter reports in the WSJ Risk and Compliance Journal. Jaclyn Jaeger gives full coverage to the FCPA and LIBOR violations in Compliance Week. (sub req’d)
  2. Legg Mason pays $71MM for being SocGen’s partner and fellow bribery schemer in Libya. Dick Cassin breaks the story (as usual) in the FCPA Blog. Tom blogs on Legg Mason hereand notes the inter-relatedness of the two matters in another blog here. The Legg Mason NPA is available here.
  3. Credit Suisse pays $47MM to settle a princeling FCPA enforcement action for its illegal hiring of sons and daughters of Chinese government officials. Dick Cassin reports in the FCPA Blog.
  4. In another princeling matter, Jonathan Browning and Donal Griffin report in Bloomberg that Deutsche Bank AG is under FCPA scrutiny for similar practices involving sons and daughters of Russian government officials.
  5. The new Director of the UK Serious Fraud Office is a Yank. See report by Dick Cassin in the FCPA Blog. Mara Lemos Stein asks if she will recharge the SFO in the WSJ Risk and Compliance Journal. The Bribery Act guys, Barry Vitou and Richard Kovalevsky QC give their take on com.
  6. Channelling his inner Churchill, Mike Volkov asks what happens when corporate leaders fail to listen. Find out in Corruption, Crime and Compliance.
  7. Netflix is more than a disruptor in movie watching and entertainment. It’s corporate governance model is also quite unique. Bill Snyder tells us how in Insights by Stanford Business.
  8. The devastating and company closing sanctions against ZTE will be lifted based upon a new deal with the Department of Commerce. Dick Cassin reports in the FCPA Blog. Anna Swanson reports in the NYT. Sam Rubenfeld reports in the WSJ Risk and Compliance Journal. Alex Lawson, writing in Law360 asks if sanction relief is now for sale?
  9. Tom announces a new Compliance Master Class, which will be held in Houston on June 21 & 22. Information and registration is available here. Learn about compliance from the guy who wrote the book on compliance.
  10. Support your local book sellers! River Oaks Bookstore, 3270 Westheimer, in Houston is now stockingThe Complete Compliance Handbook. Tom will be on hand for a book signing on Thursday, June 28 from 5:30 to 7.
  11. Tom’s new book The Complete Compliance Handbookremains a hot seller. It is available oncom. Purchase an autographed copy here. It is reviewed in the FCPA Blog, Radical Complianceand Corruption, Crime and Compliance.
  12. Tom has a great five-part series on Suspension and Debarment with AMI Managing Director Rod Grandon. Check out all five topics. Part 1-Introduction; Part 2-the differences between suspension and debarment; Part 3-Convergence of suspension and debarment and the FCPA; Part 4-what is present responsibility?; and Part 5-Remedies and Compliance. It is available on the FCPA Compliance Report, iTunes, Libsyn, YouTubeand JDSupra.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Jun 6, 2018

In this episode, Matt Kelly and I take a deep dive into the issue of two factor authentication of cloud-based solutions and the intersection with compliance. While it may not appear as obvious, when you consider such preventative controls as authentication at log-in as a risk management strategy, the compliance angle becomes more clear. Two factor authentication is a current response to the risk of data breach through hacking. It requires a policy, training on that policy, coupled with communications and the ongoing monitoring of strategy.

When you couple all the above you can see the role compliance will play going forward. As with any best practices compliance program, it all starts with a risk management strategy. Begin with forecasting on whether you will use any cloud-based apps (you do), then move to a risk assessment follow up with risk-based monitoring. It all starts with the nuts and bolts of compliance and continues throughout the process.

Matt Kelly’s piece Let’s All Freak Over Cloud Apps, Security

Jun 4, 2018

In this episode I visit with John Torres, the COO of Guidepost Solutions. We discuss the recent SEC enforcement action involving Yahoo and its failure to disclose data breaches in 2014, 2015 and 2016. As this was the first SEC enforcement action involving a public company for the failure to disclose to investors and shareholders information of a data breach which materially impacts an organization, Torres and I take a deep dive into the matter.

In this episode, we consider some of the following issues:

  • A discussion of the background facts in the Yahoo SEC enforcement action and why the matter is so important?
  • We consider what the SEC said was the obligation of a publicly listed company when it learns of a breach?
  • In Paragraph 9 of the SEC Order, there were a series of risk factors listed. We discuss their importance.
  • We consider when a publicly listed company must disclose a breach to outside auditors and/or outside counsel.
  • We consider the sufficiency of the penalty.

For a full copy of the SEC Order involving the Yahoo matter, click here.

Jun 4, 2018

I conclude my five-part series on Suspension and Debarment, with Rodney A. Grandon, Managing Director at Affiliated Monitors, Inc., (AMI) the sponsor of this series. During his 27-year career with the US military and government, Grandon served as the Air Force’s Suspending and Debarring Official as well as a wide variety of other functions which gives him subject matter expertise into issues surrounding this topic. Over this series, we have explored several topics, including:

Part 1-Introduction to Suspension and Debarment;

Part 2-What is the difference between Suspension and Debarment?

Part 3-What is the convergence between Suspension & Debarment and the FCPA?

Part 4-What is a present responsibility determination? and

Part 5-Remedies and Compliance.

Today, we conclude the series with a discussion of remedies and compliance in suspension and debarment.

Grandon began by observing that the defense community largely led the process of putting together an effective ethics and compliance programs. “There were defense industry initiatives where the contractors get together and talk about what it takes to promote ethics and compliance and the defense industry been doing this for years.” This led Grandon to find, that non-governmental commercial industries were not as far along as defense industries.

However, Grandon believes there has “been a tremendous growth and understanding that ethics and compliance is critical for any company, whether it’s in the defense sector, the commercial sector, as companies have become more willing to do what is necessary to build these compliance programs, to try to instill within their workforce, appropriate standards of conduct, articulate clear expectations for employee behaviors and then understanding that there are consequences that flow from this. They worked hard to create cultures that allow communications to go up from the bottom of the workforce and down from the top of the workforce.”

In his experience, it all starts with the appropriate “tone at the top”. This is because “Integrity is critical for the company. Not simply to avoid problems, but it’s important to be honest with your customers and your stakeholders. All of this is absolutely critical.” While it is Grandon’s sense that initially “the defense community led this; the commercial community has as swiftly moved to catch up with this.”

We then turned to remedies where Grandon noted, “federal agencies, particularly within the Department of Defense, look to coordinate fraud remedies.” He said where there is an “indication of misconduct within the government contract or with involving a government contractor fairly broadly defined, there’s a focus on identifying and coordinating remedies, whether they be criminal, civil, administrative, to include suspension department or contractual in almost every one of these cases is at some point going to be an analysis.”

The key analysis is “going to come down to the integrity of that contractor. What does it have in place to achieve compliance within its business operations?” There is going to be a focus on the question of whether the contractor can be “trusted to get it right?” In the final analysis, the question will be “is there evidence to support the cause for the action?”

Grandon then walked through the next steps which would turn on the present responsibility determination. He said, “the inquiry goes to whether or not the contractor is presently responsible. This will make the focus on ethics and compliance and those companies that embrace their principles are going to have an advantage and be much better position.” Grandon emphasized that it is critical that companies take these challenges “so that they have ethics and compliance programs, that they test and make sure that those programs and those efforts are achieving the type of results that are expected in terms of employee behavior, in terms of good communication throughout the organization.”

In the realm of suspension and debarment, government agencies are increasingly requiring independent corporate monitors as part of their settlement agreements with organizations facing suspension, debarment or criminal prosecution. Grandon believes that an imposed monitorship can actually be an opportunity for a company. He said, “Usually these agreements are in place for roughly three years, but they give the contractor an opportunity to more holistically look at its operations and assess what it needs to do to truly build a strong ethics and compliance program. In most cases, the government will require the contractor which has entered into the administrative agreements, to hire an outside independent monitor to assess whether or not it is achieving those objectives. This creates this opportunity for companies to demonstrate the ability to be responsible, to continue to participate in the federal marketplace, while that trust relationship involving the contractors, integrity is continuing to be established.” This process also allows  contractors to “gain themselves a tremendous advantage in any of these sanctions reviews, civil, criminal or suspension and debarment, by having in place a strong commitment to ethics and compliance, solid training programs they are willing to test programs and stay on top of their risk profile.”

Grandon related that while he was a Suspending and Debarring Officer, he often required monitors as a part of an agreement. He said, “The Monitor is not there to be an advocate. The Monitor there is to be an independent and objective set of eyes and ears for the regulator, for the government. There has to be an arm’s length relationship between that monitor and the contractor. That’s not to say it’s antagonistic and it never should be a gotcha proposition. You know, where the monitor is, is trying to, I know through trickery or otherwise, put the contractor into an awkward situation.”

Grandon concluded by noting, “independence, objectivity of good business sense, the Monitor must understand how businesses operate, what are the challenges associated with a very diverse workforce. A monitor has to be able to take in all of these different considerations and at the end of the day be reasonable.”

I hope you have enjoyed this five-part series on suspension and debarment.

Jun 4, 2018

I continue a five-part series on Suspension and Debarment, with Rodney A. Grandon, Managing Director at Affiliated Monitors, Inc.,  the sponsor of this series. During a 27-year career with the US military and government, Grandon served as the Air Force’s Suspending and Debarring Official as well as a wide variety of other functions which gives him subject matter expertise into issues surrounding this topic. During this series we are exploring several topics, including:

Part 1-Introduction to Suspension and Debarment;

Part 2-What is the difference between Suspension and Debarment?

Part 3-What is the convergence between Suspension & Debarment and the FCPA?

Part 4-What is a present responsibility determination?

Part 5-Remedies and Compliance in Suspension and Debarment.

Today, we discuss present responsibility and its determination.   

Grandon began by stating that present responsibility has become sort of a “buzzword. It’s the underlying basis for action involving excluding a party from the federal marketplace through suspension or department.” Unfortunately, the phrase itself is not defined anywhere in the regulatory structure. This means its determination comes “down to the discretion of the federal officials who have been empowered to exercise the suspension and debarment authority.”

Yet even with this lack of a statutory or regulator definition, Grandon noted “there are some common factors and guidelines out there that can help the compliance community understand some of the elements of suspension and debarment, as they relate to this issue.” He went on to explain this meant “when an action is initiated, it is generally based on facts that trigger one of the causes that are set forth in the regulations, notwithstanding the fact that the evidence establishes the cause and which in most cases there’s generally no dispute that the cause has been proven by the appropriate burden of evidence.”

As with most processes there is a shifting burden of proof. First, “the evidentiary burden falls to the government. Once that burden is satisfied by the appropriate level of evidence, then the burden shifts to the contractor to establish it as personally responsible.” At this point a contractor, facing suspension or debarment, could look to Federal Acquisition Regulation (FAR) 9.406-1for guidance.

What does that mean? the FAR notes the following:

(a)It is the debarring official’s responsibility to determine whether debarment is in the Government’s interest. The debarring official may, in the public interest, debar a contractor for any of the causes in 9.406-2, using the procedures in 9.406-3. The existence of a cause for debarment, however, does not necessarily require that the contractor be debarred; the seriousness of the contractor’s acts or omissions and any remedial measures or mitigating factors should be considered in making any debarment decision. Before arriving at any debarment decision, the debarring official should consider factors such as the following:

(1)Whether the contractor had effective standards of conduct and internal control systems in place at the time of the activity which constitutes cause for debarment or had adopted such procedures prior to any Government investigation of the activity cited as a cause for debarment.

(2)Whether the contractor brought the activity cited as a cause for debarment to the attention of the appropriate Government agency in a timely manner.

(3)Whether the contractor has fully investigated the circumstances surrounding the cause for debarment and, if so, made the result of the investigation available to the debarring official.

(4)Whether the contractor cooperated fully with Government agencies during the investigation and any court or administrative action.

(5)Whether the contractor has paid or has agreed to pay all criminal, civil, and administrative liability for the improper activity, including any investigative or administrative costs incurred by the Government, and has made or agreed to make full restitution.

(6)Whether the contractor has taken appropriate disciplinary action against the individuals responsible for the activity which constitutes cause for debarment.

(7)Whether the contractor has implemented or agreed to implement remedial measures, including any identified by the Government.

(8)Whether the contractor has instituted or agreed to institute new or revised review and control procedures and ethics training programs.

(9)Whether the contractor has had adequate time to eliminate the circumstances within the contractor’s organization that led to the cause for debarment.

(10)Whether the contractor’s management recognizes and understands the seriousness of the misconduct giving rise to the cause for debarment and has implemented programs to prevent recurrence.

From Grandon’s perspective, it all “starts at the top with effective standards of conduct and internal controls at the time that misconduct occurred. Second, did the contractor disclose in this conduct to the government? Third has a contractor investigated the matters and made those results available to the government?, has the contractor cooperated with the government in terms of trying to work through the various challenges and the various remedies associated within this conduct?, and, finally, has the contractor taken appropriate corrective action taken?” Such corrective actions include “disciplinary action, and assessment of internal controls, policies and procedures that were designed to either prevent or identify a misconduct and what can be done to strengthen that process is the contract or willingly embracing the problem and pursuing an appropriate resolution.”

Tomorrow we conclude with the topics of remedies and compliance.

Jun 4, 2018

I continue a five-part series on Suspension and Debarment, with Rodney A. Grandon, Managing Director at Affiliated Monitors, Inc., (AMI) the sponsor of this series. During a 27-year career with the US military and government, Grandon served as the Air Force’s Suspending and Debarring Official as well as a wide variety of other functions which gives him subject matter expertise into issues surrounding this topic. During the series I will be exploring several topics with Grandon including:

Part 1-Introduction to Suspension and Debarment;

Part 2-What is the difference between Suspension and Debarment?

Part 3-What is the convergence between Suspension & Debarment and the FCPA?

Part 4-What is a present responsibility determination?

Part 5-Remedies and Compliance in Suspension and Debarment.

Today, we discuss some of the convergence between the Foreign Corrupt Practices Act (FCPA) and suspension and debarment. The bottom line is that conduct which violates the FCPA can become the basis for a suspension or debarment, even if the conduct is outside a contract with the Federal government.

Debarment may be based on actions so serious or compelling that it affects the present responsibility of the contractor or subcontractor. Grandon noted, “there is some fairly broad language as to what the basis for a suspension and debarment can be.” This means that in the context of anti-corruption laws, it can be the basis of a suspension or debarment, further meaning that under the FCPA, the conduct to incur a violation does not require actual bribery or corruption. It can be “bad record keeping associated with that and the context of engagements with foreign officials, the activity that would generally fall outside the realm of a public contract or subcontract. From the suspension and debarment perspective, it is critical to recognize here that the standard definition for contractor issues from the rule does not require that the entity actually has a contract in place.”

In the context of suspension and debarment, Grandon noted, “It’s just simply that they may have a contract or may compete at some point for a contract that they may become a contractor, so essentially any business activity that provides goods or services that the federal government may be interested in acquiring potentially could fall within the definition of contract. When one considers the FCPA, practically any business would fall within that definition of contractor. These sanctions are not limited to contractors that have existing contracts and they are not limited to misconduct that occurs in the context of a federal contract. In my experience, I have dealt with several matters involving violations of the FCPA activity that was clearly outside the scope of a federal contract or subcontract, but where the conduct was committed by a very large federal contractors.”

Another angle to the convergence of FCPA and suspension and debarment was raised by two authors, then South Texas College of Law student Nicholas J. Wagoner and Professor Drury D. Stevenson in a piece entitled “FCPA Sanctions: Too Big to Debar?”, where they posited the question: “Are certain private contractors too big to debar?” Their conclusion is “It appears so” and the authors stated, “The federal government is too dependent on a particular set of large, private-sector corporations for equipment and services. In addition to the virtual immunity from debarment enjoyed by these firms when they violate the FCPA, the fines imposed for engaging in foreign corrupt practices comprise a tiny fraction of the potential revenue generated by lucrative contracts with the U.S. and foreign states. When discounted by the low probability of detection, these sanctions are far too low to deter unlawful activity.” One solution raised by the authors for the issues regarding fines and penalties for companies which violate the FCPA, is debarment and suspension. They urge that debarment would be a significant deterrent for US government contractors and would “increase compliance with the FCPA.” The authors also suggest that the threat of debarment as a penalty would increase self-disclosure without any increased enforcement efforts if companies received the “meaningful reward” of a lesser penalty through self-disclosure.

Grandon reiterated that a wide variety of conduct can form the basis of a suspension or debarment. It can by “any fraud or criminal offense in the context of obtaining, attempting to attain, forming a public contract or subcontract that is within the scope of antitrust statutes, violations, whether federal or state embezzlement, theft forgery, ossification or destruction of records, false statements, tax evasion, violating basically any federal law.”

He concluded with the concept of “present responsibility, which is not defined anywhere on the regulatory structure. It is left to the discretion of the agency suspending or debarring and, in most cases, that official is going to look back at it.” The basic question asked will be “is there a reason to be concerned about the integrity of that contractor? And that gets us into a fairly deep dive of the ethics and compliance program.”

Tomorrow we take up the issue of present responsibility.

Jun 4, 2018

I continue  a five-part series on Suspension and Debarment, with Rodney A. Grandon, Managing Director at Affiliated Monitors, Inc., (AMI) the sponsor of this series. During a 27-year career with the US military and government, Grandon served as the Air Force’s Suspending and Debarring Official as well as a wide variety of other functions which gives him subject matter expertise into issues surrounding this topic. During the series I will be exploring several topics with Grandon including:

Part 1-Introduction to Suspension and Debarment;

Part 2-What is the difference between Suspension and Debarment?

Part 3-What is the convergence between Suspension & Debarment and the FCPA?

Part 4-What is a present responsibility determination?

Part 5-Remedies and Compliance in Suspension and Debarment.

In this episode, we discuss some of the key differences between a suspension and a debarment.

Recalling that on the GSA website, it states, “The Suspension and Debarment process protects the federal government from fraud, waste and abuse by using a number of tools to avoid doing business with non-responsible contractors. Suspensions, Proposals for Debarment, and Debarments are the most widely known tools as these actions are visible to the public”; A suspension is used when there is an immediate need. It is a temporary measure; there is a twelve-month limit, which can be extended for another six months. A debarment is for a specific term but is generally not longer than three years.  

Grandon noted a “suspension is to essentially take steps to protect the government’s interest from a contractor that is believed to be unsuitable as a business partner, until more of the facts can be assembled. Generally, the investigation is underway and there is a need to take protective steps before all the information has been fully gathered.” Grandon emphasized the temporary nature of a suspension while debarment is seen as more permanent, even with the limit of the term.  

Procedurally, a suspension requires notes at the time that a party is entered into the exclusive parties list on the System of Acquisition Management (SAM). A notice letter is issued to the contractor advising that the government has initiated the suspension, the factual basis for the suspension and the rights and procedures available to the respondent as it relates to the suspension. The notice usually indicates the exclusion is effective immediately.

A suspension is effective throughout the Executive Branch of the Federal government and applies to procurement and non-procurement programs. A suspended party cannot present offers or be awarded new contracts or contract renewals. Further, offers will not be solicited from, contracts will not be awarded to and existing contracts will not be renewed or otherwise extended, further subcontracts requiring Government approval will not be approved for a suspended company by any agency in the Executive Branch of the Federal government, unless the head of the agency taking the contracting action or a designee states, in writing, the compelling reason for continued business dealings between you and the agency.

A suspension prevents a company from conducting business with the federal government as an agent or representative of other contractors or of participants in Federal assistance programs, nor can they act as an individual surety to other Government contractors. It also prevents any such companies from being subcontractors to approved or at least non-suspended contractors. Finally, all affiliations of a suspended entity with a company doing business will be examined.

A debarment begins with notice of a proposed debarment and again the party is put into SAM on the exclusion list. A notice is sent out at the same time advising the party that they have been excluded from federal contracting under the procurement role. Once again, a debarment is temporary, is usually three years in length and is based upon a preponderance of the evidence, usually a conviction.

Another commentator has noted that suspension and debarment “essentially eliminate a company’s access to future government revenue, the consequences can be devastating. A company is not only excluded from future government contracts and subcontracts, it is also rendered ineligible for, among other things, federal grants, loans, and subsidies. In addition, the collateral consequences that stem from S&D can be equally, if not more, destructive. A suspended or debarred company may be precluded from contracting with state and local governments, foreign governments, or international organizations (such as the World Bank). A company may also lose its government security clearances and licenses. The reputational damage caused by the suspension or debarment may harm a company’s commercial interests as well.” Indeed, Grandon noted, “It can be very devastating in many cases and it has been referred to as a potential death sentence for companies that are dependent on federal dollars for their revenues.”

Some of the reasons for a suspension or debarment can include commission of fraud, embezzlement, theft, forgery, bribery, falsification or destruction of records, making false statements, tax evasion, violating Federal criminal laws, receiving stolen property or an unfair trade practice. A basis can also be if a company fails to perform the contract and, most interestingly, if a contractor knowingly fails “to disclose violation of criminal law”. The bottom line is suspension and debarment can strike fear into the heart of any federal government contractor.

Tomorrow we take up the convergent between the Foreign Corrupt Practices Act (FCPA) and suspension and debarment.

Jun 4, 2018

Today, I begin a five-part series on Suspension and Debarment, with Rodney A. Grandon, Managing Director at Affiliated Monitors, Inc., (AMI) the sponsor of this series. During a 27-year career with the US military and government, Grandon served as the Air Force’s Suspending and Debarring Official as well as a wide variety of other functions which gives him subject matter expertise into issues surrounding this topic. Over the next five podcasts I will be exploring several topics with Grandon including:

Part 1-Introduction to Suspension and Debarment;

Part 2-What is the difference between Suspension and Debarment?

Part 3-What is the convergence between Suspension & Debarment and the FCPA?

Part 4-What is a present responsibility determination?

Part 5-Remedies and Compliance in Suspension and Debarment.

The series begins with introduction to suspension and debarment.

On the GSA website, it states, “The suspension and debarment process protects the federal government from fraud, waste and abuse by using a number of tools to avoid doing business with non-responsible contractors. Suspensions, Proposals for Debarment, and Debarments are the most widely known tools as these actions are visible to the public”.

More generally, suspension and debarment are not civil or criminal matters resulting in a penalty being imposed on a particular party. Suspension and Debarment is an administrative matter. In a civil or criminal matter, the Department of Justice (DOJ) takes the lead in those actions which are contested litigated matters, with civil and criminal rules around evidence and procedure.  While suspension and debarment have evidentiary and procedural considerations, they are much more informal. Grandon noted the rules basically say they should be as informal as it as is practicable under the circumstances.

Grandon also reiterated another key difference is the lack of a penalty. Suspension and debarment do not result in a penalty. In fact, the regulations make it very clear. They are used “only as a proactive protective measure, basically to protect the government’s interests from contractors that either don’t have the capability to perform or to provide the goods and services to be a suitable a business partner with the federal government.”

A final major distinction between a civil or criminal matter and suspension and debarment is they  are within the hands of the given agency, as opposed to the DOJ or a US Attorney’s offices who have the lead in civil criminal actions. Conversely,  when it comes to suspension and debarment, those actions are distributed across the various federal agencies. Each agency has its own Suspending and Debarring officials. Grandon noted they “have a lot of discretion that they can exercise in this process.”

I next inquired about the remedy of suspension and debarment itself: what is the process the government would go through to reach the point where they might invoke one of the remedies? Grandon noted the key in suspension and debarment is to protect the government’s interest. This means “when information is identified within the agency that a given contractor lacks the integrity or we suspect lacks integrity to be a good business partner for the government, or if a contractor fails to perform; the action an agency will begin to develop is a record of the issues involved.” There are a variety of tools an agency will use to develop a record including coordinating resources from the acquisition community, the investigators within the agency and the suspension and debarment community, which in most cases also has a responsibility for the agencies, fraud coordination or fraud remedies program.

The basic flow begins with the information to establish whether or not there is evidence that triggers a cause for the action and if there is evidence, then the decision can be made by the Suspending and Debarring official to initiate that action. Grandon noted, “information flow leads to whether or not to initiate the action. In the case of a suspension, the focus is usually on a matter that is still being investigated, as suspension is a temporary solution.” Debarment is more permanent.

Grandon concluded by noting that suspension and debarment, while being technically different, effectively impose the same conditions on the contractor that is the subject for the action. It is that the contractor is excluded from competing for or receiving award of federal contracts, federal grants and other federal financial assistance. The remedy of suspension and debarment can be very devastating. Grandon specifically said it has been “referred to as a potential death sentence for companies that are dependent on federal dollars for their revenues.” Yet that is not the basis for a decision which is “whether or not there’s a need to protect the government’s interest.”

Tomorrow we take up the differences between suspension and debarment.

Jun 1, 2018

With The Complete Compliance Handbook still sitting at the top of the rankings in its first week of sales, Jay Rosen and myself take a look at some of the top compliance stories over the past week, in the we're still no.1 Edition.

  1. GDPR is live. What does it mean for hotlines and whistleblowers? Ben DiPietro considers in the WSJ Risk and Compliance Journal. Cheryl O’Neill asks if contracts are a hidden risk under GDPR in Corporate Compliance Insights.
  2. Modernizing compliance: a viewpoint from the front lines, a report by Jaclyn Jaeger in Compliance Week. (sub req’d)
  3. What are the parameters of third party due diligence? Jonanthan Marks explains in his blog, Board Advisor.
  4. What does Roseanne and her termination by ABC mean for compliance professionals? Matt Kelly explores in Radical Compliance. Tom and Matt take a deep dive into the matter in Episode 83 of Compliance into the Weeds.
  5. How texting can expose your company to legal liability. Mike Pagini writes about it in Corporate Compliance Insights.
  6. Legg Mason reserves $67 Million for a FCPA settlement. Dick Cassin reports in the FCPA Blog.
  7. Mike Volkov says compliance officers need to up their game, prepare for the reckoning and do more in educating Boards and senior management on their roles in compliance. All found in his blog, Compliance and the Reckoning.
  8. What are the limitations of big data in compliance program? Henry Cutter explores the WSJ Risk and Compliance Journal.
  9. The Rockets and Celtics both gag on the big one: both losing in the conference finals at home, in Game 7. Fortunately the Red Sox and Astros are the two best teams in baseball and are playing this weekend.
  10. Tom announces a new Compliance Master Class, which will be held in Houston on June 21 & 22. Information and registration is available here. Learn about compliance from the guy who wrote the book on compliance.
  11. Support your local book sellers! River Oaks Bookstore, 3270 Westheimer, in Houston is now stockingThe Complete Compliance Handbook. Tom will be on hand for a book signing on Thursday, June 28 from 5:30 to 7.
  12. Tom’s new book The Complete Compliance Handbookremains No. 1 in Amazon’s New Releases in Business Ethics. It is available oncom. Purchase an autographed copy here. It is reviewed in the FCPA Blog, Radical Complianceand Corruption, Crime and Compliance.
  13. Join me next week on a five-part exploration on Suspension and Debarment with AMI Managing Director Rod Grandon. It is available on the FCPA Compliance Report, iTunes, Libsyn, YouTubeand JDSupra.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

1