Info

FCPA Compliance Report

Tom Fox has practiced law in Houston for 30 years and now brings you the FCPA Compliance and Ethics Report. Learn the latest in anti-corruption and anti-bribery compliance and international transaction issues, as well as business solutions to compliance problems.
RSS Feed Subscribe in Apple Podcasts
FCPA Compliance Report
2019
May


2018
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
March
February


2015
December


Categories

All Episodes
Archives
Categories
Now displaying: Category: Compliance Know-How
May 8, 2019

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly (the coolest guy in compliance) and I take a deep dive into the proposed changes by the SEC into SOX 404(b) reporting and what it may well portend for the compliance practitioner. Some of the highlights include: 

Some of the highlights include: 

  • Is there an economic basis for the relaxation of SOX 404(b)?
  • Will this increase IPOs or negatively impact small investors?
  • What is the significance of losing independent outside auditors?
  • How does impact the SOX 404(a) certification requirement?
  • How can investors have assurance of internal controls going forward?
  • What is the impact for CCOs under the FCPA or SEC enforcement thereon?
Nov 26, 2018

In this podcast series, I am reporting on compliance through the prism of the city of Venice. One of the things that has fascinated me about Venice is how so little of the 21st century has impacted it. Take construction for example. All materials have to be brought to the city via boat, off-loaded and then lifted by hand or by a handmade machine to the upper stories of a building where the residences are located as no one lives on the ground floor. If the building is on the water, the ground floor is now underwater. If the building is not on the water, the ground floor is used for a commercial establishment. But unlike other large metropolitan areas, there is no room for cranes or other large mechanical lifting devices. I thought about this today when I saw workmen lifting up materials through a block and tackle pulley system which has been in use since antiquity. Not only were these guys doing it the old fashioned way, they were getting the job done.

I often write about the nuts and bolts of an effective compliance program but one of the most basic things that an effective compliance program must have is a compliance department present to ask the basic questions of compliance to and receive an answer from. First, and foremost, there must be the requisite number of resources dedicated to the compliance function. This means that a compliance department must be staffed with an appropriate number of compliance professionals to do the day-to-day basic work of compliance. Head count is always important in any corporation but there must be some minimum number of people in the compliance department to answer the phone or respond to email.

In other words, if someone calls, not only does a compliance person have to be there, someone has to pick up the phone. How many times has a compliance department been called on a Friday afternoon to find that no one is there to answer the phone? But if someone is there, they have to actually pick up the phone and provide an answer. Mike Volkov often inveigles against the compliance function being “The Land of No” starring CCO’s as Dr. No; but the situation I am discussing is where a compliance department does not or will not provide the basic answers to a person working out in the field.

Sometimes the most basic and the most obvious is overlooked. Using an old block and tackle pulley to haul up building materials by hand may seem quaint and old fashioned, and perhaps it is, but it still gets the job done. The same concepts are a part of a best practices compliance program; someone must be around the answer the phone when it rings on Friday afternoon and that person who is around must pick up the phone and provide some answers to the question(s) posed.

Nov 26, 2018

I continue with my Venice themed podcast series by focusing on the Arsenale. This is not a precursor to that famous north London football club, the Arsenal Gunners, but the district in Venice where one of the main commercial enterprises of the city took place, that being ship building and ship repair. At one point, the Arsenale employed almost 10% of the city’s workforce or 12,000 people. This was in the mid 1200s to the 1400s when Venice was at or near the height of its trading and financial power. The Arsenale developed the first production line for the building of ships, when, of course, it was all done by hand. The equipment developed to drag ships up on shore and repair was simply amazing. Appropriately, the Arsenale is now an Italian and NATO naval facility. 

But I also picked up some interesting compliance insights in learning more about the Arsenale. On the incentive side there were several mechanisms the City of Venice used to help make the Arsenale work force more loyal and desirous to stay in their jobs, all for the betterment of themselves and their city. The first was job security. The Arsenalewas so busy for so many years that lay-offs were unheard of. Even if someone lost their job, through injury, mishap or worse; they received enough of compensation that they could live in the city. Finally, when a worker died, the company provided not only funeral expenses but would assist in taking care of the family through stipends or finding other work for family members.

The 2012 FCPA Guidance is clear that there should be incentives for not only following your own company’s internal Code of Conduct but also doing business the right way, i.e. not engaging in bribery and corruption. The incentives can be burned into the DNA of a company through the hiring and promotion processes. There should be a compliance component to all senior management hires and promotions up to those august ranks within a company. Your Human Resources function can be a great aid to your cause in driving the right type of behavior through the design and implementation of such structures. 

Just as the fathers of Venice viewed the workers of the Arsenale as critical to the well-being of their city, senior managers need to understand the same about their work force. The City of Venice long ago showed how such incentives could help it maintain a commercial advantage. Fortunately the DOJ and SEC still understand those valuable lessons and continue to talk about them as well.

Nov 26, 2018

Today our compliance insight comes not from the old Venice but from the new and ever-changing Venice, its street vendors. It is about using their ‘invisible hand’ to inform your risk assessments. 

One of the first things I noticed in Venice was the large number of selfie-sticks and their use by (obviously) tourists. But the thing that struck me was the street vendors who previously sold all manner of knock-off and counterfeit purses, wallets and otherwise fake leather goods had now moved exclusively to market these selfie-sticks. Clearly these street vendors were responding to a market need and have moved quickly to fill this niche. 

While the economics, inventory, bureaucracy, market-responsiveness of such businesses may be a bit more nimble than the more traditional US entity doing business overseas it does bring up a very good lesson for the compliance practitioner. A risk assessment is a tool for a variety of purposes. Certainly moving into a new geographic area is an important reason to perform a risk assessment. However, it can also be used for a new product offering, such as a selfie-stick. 

What about continued quality control of your new product? If you are in the food product industry this will mean continued inspections of your products to assure they meet government standards. Make sure that you have a hiring process in place to weed out the wives, sons or daughters of any food service inspectors. Of course, do not hire such inspectors for jobs directly either, especially if they do not have to show up or perform any duties to get paid by your company. 

If you are not going to manufacture your selfie-stick equivalent in the country where these new products will be sold, how will you import them? Who will be interfacing with the foreign government on tax issues for importing of products? Will they be there permanently or on a temporary basis? All questions that have gotten US companies into FCPA trouble when they paid bribes to answer, assuage or grease some or all of the answers. 

It turns out the compliance practitioner can learn quite a bit from the selfie-stick; not all of it is simple self-indulgence. Your compliance program must respond to your business initiatives. To do so, you also need to have a seat that the big boy table where such initiatives are discussed. But that is another lesson from Venice for a different day. Until then, ciao.

Nov 26, 2018

If there is one thing that is ubiquitous throughout this city it is the Gondolier, the Venetian Gondola boatman. You are never far from hearing their cry of “Gondola, Gondola” to attract tourists for a fabled and romantic gondola ride. One thing I notice about the Gondolierthat in addition to having a stout pairs of lungs, they are almost all in very good physical condition. They have to be piloting this very old craft by hand in and around the crowded waters of Venice.

I thought about this as a metaphor for improving your compliance program. As a CCO or compliance practitioner, the more you can get out of the office, into the field and meet the troops the more fit your compliance program will be. Any best practices compliance program should have input from the geographies, cultures, business units and corporate functions within the company. It is well understood that a compliance procedure that works well in the US may not work in Indonesia.

Compliance is about people and that means it is about relationships. But perhaps more importantly, is the development of personal relationships. If you meet with your international sales team, my corporate experience is that they will appreciate that you took the effort to travel to train them or meet with them. They are also more likely to tell you things in persons than they would via email or over the phone. One of the criticisms of anonymous hotlines and other internal reporting mechanisms is this lack of the personal experience that can lead to mis-trust if not distrust. Getting out into the field and meeting folks can go a long way to overcome this frailty of human nature.

Finally, by getting out of the office and working directly with other company personnel, you can set expectations appropriately. This is true for the compliance practitioner whether you are dealing with third party vendors in the Supply Chain, agents and other foreign business representatives, your employee base, senior management or the Board of Directors. You must set the expectation that if something occurs that materially impacts these expectations. By properly managing the expectations of the company’s compliance group with the relationships that you have established in the company, you will make the doing of compliance less stressful for all involved.

My observation that Gondolierstend to be physically fit ties directly to the job they have to do, propelling a gondola. Yet as a CCO or compliance practitioner you can get out of the office and make your compliance program more robust and get it in better shape.  

Nov 26, 2018

This episode concludes my podcast series on how the city of Venice informs your compliance program. Today we consider the internal reporting system the Republic of Venice employed and how it continues to inform your best practices compliance program.  

The symbol of Venice is the Lion of St. Mark. The use of this symbol led to the maxim ‘straight from the lion’s mouth’. This adage came about because the Republic of Venice had its own internal reporting system where citizens could report misconduct. A citizen could write down his concern on paper and literally put the message into the mouth of statues of lion heads placed around the City. This system was originally set up to be anonymous but later changed to require that a citizen had to write his name down when submitting a message.

So, once again, using Venice as inspiration for a compliance topic, I would like to review some best practices regarding a best practices internal reporting system.

Get the word out.Allocate a portion of your time and budget to promoting the corporate hotline through multiple channels. Deliver in-person presentations where possible. Do not think of the promotional initiative as a one-time effort. It is important to remind employees regularly, through in-person communications, via e-mail, or through intranets, newsletters, and so on, that this resource is available to them.

Train all your employees. Getting employees to use the system is one half of the challenge; ensuring they use it properly is the other half. This is where training becomes essential. Make sure people understand what types of activities or observations are appropriate for reporting and which are not. Company leaders also need to understand the role the hotline plays in the organizational culture, and the importance of their visible support for this compliance initiative.

Take a look at the data. Use the data derived from or through the hotline to identify unexpected trends or issues. Isolate the data by location and department to identify micro-trends that could indicate problems within a subset of your corporate culture. Analyzing the data can help you stay a step ahead of emerging issues.

Response is critical to fairness in the system. Seeing a hotline system in action in this way can go a long way toward dispelling employee fears of being ostracized or experiencing retaliation because if they see that their concerns are heard clearly and addressed fairly, they will learn to view the hotline as a valuable conduit. If your compliance group responds promptly and appropriately to hotline complaints, you can ensure robust participation and ongoing success.

As podcast series on compliance lessons from Venice draws to an end, I am reminded how much the western world has to thank the Republic of Venice. From the forms of republican democracy that the US Founding Fathers drew from to helping to establish a world-wide trade and banking system which still reverberates today. But, if you look closer, ancient Venice had many good government techniques which also still inform the modern world. Straight from the lion’s mouth to your company’s internal reporting system is just one of them.

Nov 26, 2018

The FCPA Compliance Report is the longest running podcast in compliance. In this episode I have back noted data protection expert Brad Davis. Our topic is data protection and Davis’ advocacy of social engineering as the first line of defense for every corporation from hackers, phisher and all manner of nefarious actors who will endeavor to hack into you corporate site.  

In this podcast we discuss: 

  1. What is social engineering the context of data protection?
  2. How the front line of all defenses for a corporation to prevent a data breach is its employees.
  3. What are they types of data protection training, communications and reminders you should be providing to your employees.
  4. What are some of the key lessons learned from recent corporate data breaches?
  5. In this era of digital communications do not forget the human element to ask questions.
  6. A minimum of controls can go a long way toward a strong front line of data protection. 

Check out Brad Davis and the EverSolve website by clicking here.  

Nov 19, 2018

In today’s edition of Daily Compliance News:

  • Very strange deaths surround allegations of bribery and Odebrecht in Colombia. (Wall Street Journal)
  • Why do employees cut corners and what does it mean for compliance.(Fast Times)
  • The reputational damage to Facebook from the NYT exposé continues. (New York Times)
  • Can you do business when a culture is corrupt? GE is about to find out when selling turbines into Iraq. (Wall Street Journal)
Nov 12, 2018

In this podcast series, I visit with Vin DiCianni, founder and President of Affiliated Monitors, Inc. (AMI) and Eric Feldman, Senior Vice President of AMI. We consider the global view of ethics, compliance and corporate culture of non-US companies, outside the US; in both their home countries and in other countries where they do business. AMI does independent integrity monitoring in multiple countries outside the US and for many non-US organizations. This work has given them a unique vantage point to observe developments. In this Part I, I visit with Vin DiCianni on the trends he sees in the global arena around ethics, compliance and monitoring.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Nov 12, 2018

In this podcast series, I visit with Vin DiCianni, founder and President of Affiliated Monitors, Inc. (AMI) and Eric Feldman, Senior Vice President of AMI. We consider the global view of ethics, compliance and corporate culture of non-US companies, outside the US; in both their home countries and in other countries. AMI does independent integrity monitoring in multiple countries outside the US and for many non-US organizations. This work has given them a unique vantage point to observe developments. In this Part II, I discuss international enforcement trends with Feldman. 

In the next episode we consider the changes going on in the country of Spain.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Nov 12, 2018

In this podcast series, I visit with Vin DiCianni, founder and President of Affiliated Monitors, Inc. (AMI) and Eric Feldman, Senior Vice President of AMI. We consider the global view of ethics, compliance and corporate culture of non-US companies, outside the US; in both their home countries and in other countries where. AMI does independent integrity monitoring in multiple countries outside the US and for many non-US organizations. This work has given them a unique vantage point to observe developments. In this Part IV, I discuss the changing face of monitors in the international arena with DiCianni.

I conclude in the final episode with thoughts on proactive and reactive monitorships in the international context. 

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Nov 12, 2018

In this podcast series, I visit with Vin DiCianni, founder and President of Affiliated Monitors, Inc. (AMI) and Eric Feldman, Senior Vice President of AMI. We consider the global view of ethics, compliance and corporate culture of non-US companies, outside the US; in both their home countries and in other countries. AMI does independent integrity monitoring in multiple countries outside the US and for many non-US organizations.

AMI's work has given them a unique vantage point to observe developments. AMI has a long history of working with internationally based companies. It is therefore well positioned to observe some of the challenges for monitors working internationally. In this concluding Part V, I discuss some of the challenges for monitors in the international arena with Feldman.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Oct 29, 2018

In this podcast, I consider Sherlock Holmes as a teacher and the role he sets out for every Chief Compliance Officer. In a blog post by Maria Konnikova, entitled “What Sherlock Holmes Can Teach Us About Decision Making”, she explored some of the ways that Holmes “insights into the human mind do more to teach us about how we do think and how we should think than many a more conventional source.” Her insights included that Holmes “teaches us to be constantly mindful of our surroundings”; he goes beyond seeing to actually observing; and teaches us to use our senses to increase our mindfulness.

I thought about Konnikova’s insights into Holmes while reading an article in the Corner Office Section of the New York Times (NYT), entitled “In Sports or Business, Always Be Prepared for the Next Play”, where Adam Bryant reported on an interview he did with LinkedIn Chief Executive Officer (CEO) Jeff Weiner. The article had many nuggets of wisdom from Weiner who talked about his journey to becoming the CEO of LinkedIn and some of the things he has learned along the way.

Be Prepared

The first thing is to be prepared; which Weiner expressed in the phrase “next play”. He came up with this from Duke University basketball coach Mike Krzyzewski who says it each time his Blue Devil team goes up and down the court “he doesn’t want the team lingering too long on what just took place. He doesn’t want them celebrating that incredible alley-oop dunk, and he doesn’t want them lamenting the fact that the opposing team just stole the ball and had a fast break that led to an easy layup. You can take a moment to reflect on what just happened, and you probably should, but you shouldn’t linger too long on it, and then move on to the next play.”

In another context, I have previously written about compliance maven Stephen Martin, who urges compliance counsel to put together a 1, 3 and 5 year strategic plan which should be utilized as a road map for a compliance program in these time frames. Martin believes that such a strategic plan could well lead to the development of credibility for your company and your compliance program in the event of one of the aforementioned eventualities. In other words, “next play”.

Culture and Values

Weiner spoke about LinkedIn’s culture and values. He defined culture as “who we are” while defining values as “the principles upon which we make day-to-day decisions.” He stated that the company’s culture has five dimensions: transformation, integrity, collaboration, humor and results. The company has six values which are “members first; relationships matter; be open, honest and constructive; demand excellence; take intelligent risks; and act like an owner. And by far the most important one is members first. We as a company are only as valuable as the value we create for our members.” Weiner recognizes that values are a subset of culture so that they are “inextricably linked”. He believes that the company’s culture and values help in several ways including recruiting, motivating, inspiring and productivity.

Going Forward

Bryant ended his interview with Weiner by asking him “What career advice do you give to business school students?” While recognizing that Weiner’s answer was for a different target market than compliance professionals, nevertheless I found his advice highly practical for the compliance practitioner. First, you must have two things, passion and skill. In other words, to do compliance well you not only need the technical capacity but you should also be passionate about doing it. Second, you should endeavor “to surround yourself with amazing people.” Weiner believes that “in this more networked, interconnected world we live in, it’s just all about the people you work with.” This is not about having a mentor but it’s “about the people you work with and the people who report to you. It’s about everyone you’re associated with, day in and day out. Surround yourself with only the best you can find.” Lastly, Weiner said that you should always be learning. You should never lose your intellectual curiosity.

I hope you have enjoyed this week’s podcast series on Adventures in Compliance, on the intersection of Sherlock Holmes and compliance.

If you are looking for the top compliance training class around, the Compliance Master Class. If you would like information please email at tfox@tfoxlaw.comand I can forward you the agenda. If you would to register, you can do so here.

Oct 29, 2018

In this episode, I consider Conan Doyle’s third Sherlock Homes novel, The Hound of the Baskervilles. The novel, originally serialized in The Strandfrom 1901 to 1902, is generally recognized by Sherlockians as the premier Doyle work regarding his fictional detective. I use this novel to illustrate how you can plan out and schedule 90 days to innovation for your compliance function. 

Doyle’s idea for the story derived from the legend of Richard Cabell, which was a tale of a hellish hound and a cursed country squire. Squire Cabell was a hunting man and who was described as a “monstrously evil man”. He had a reputation “for, amongst other things, immorality and having sold his soul to the Devil. He was also alleged to have murdered his wife. As the story goes, Cabell was laid to rest in ‘the sepulchre’, but night of his interment saw a phantom pack of hounds come baying across the moor to howl at his tomb. From that night onwards, he could be found leading the phantom pack across the moor, usually on the anniversary of his death. If the pack were not out hunting, they could be found ranging around his grave howling and shrieking. In an attempt to lay the soul to rest, the villagers built a large building around the tomb, and to be doubly sure a huge slab was placed. To add good measure, the folklore of the county where the tale occurs, Devon, includes tales of a fearsome supernatural dog known as the Yeth hound.”

The Hound of the Baskervilleswas a tale that appeared to have supernatural implications. Yet, upon closer examination, a more temporal solution was determined. I thought of this novel when reading the article entitled “Build an Innovation Engine in 90 Days” by Scott D. Anthony, David S. Duncan and Pontus M. A. Siren in Harvard Business Review.  

The authors recognize that innovative ideas get brought to the marketplace often through “individual heroism and a heavy dose of serendipity” but companies need a mechanism to “make the process more reliable and repeatable without making major organizational changes.” To do so, they suggested a solution they call the “minimum viable innovation system” which can bring an innovation to fruition within 90 days. I have adapted their system for the compliance function.

Day 1 To 30 - Define Your Innovation Buckets

Innovations can either be inward or outward facing. This is also true in the compliance function as your compliance program relates to your own internal clients, customers and your third parties. It all begins with two steps (1) Determine between compliance goals and current operations; and (2) determine broad categories of compliance solutions which could fill that gap. If your gap is large, you might sub-divide your compliance efforts so that “you can map them to different directions for future [compliance] growth. You should not take on more than three as an initial effort.

Day 20 To 50 - Zero in on a Few Strategic Opportunity Areas

You need to meet with your customer base to “probe unmet needs”. You can use town meetings, compliance focus groups or meetings with individual employees. Also look outside your company by engaging in benchmarking through investigation on new developments in your industry and in the compliance space. This is also a time when you can best use big data through a data analytic approach to spots trends in your organization that might present opportunities for compliance innovation.

Day 20 To 70 - Form a Small Dedicated Team to Develop the Innovations

In three steps you should accomplish the following. First, dedicate a handful of the company to developing the compliance innovations. Second, work with the Chief Executive Officer and Chief Financial Officer to eliminate “zombie” compliance projects. Third is to develop a process checklist.

Day 45 To 90 - Create a Mechanism to Shepherd Projects

During this time frame, the authors suggest two major goals for oversight. First is that the CCO needs to select and train compliance leaders to oversee the innovation team and to establish oversight rules. The group of compliance leaders who will have the autonomy to make decisions about starting, stopping, or redirecting compliance innovation projects. You should take care not to simply replicate the current executive committee, because if you do, it will be too easy for group members to default to their corporate-planning mindset or to let day-to-day business creep into discussions about compliance innovations meant to fulfill long-term goals.

The authors’ formulation is an excellent way for a CCO or compliance practitioner to think through the process to design and create innovation in your compliance function. Just as Holmes methodically worked through the clues in front of him (and some behind him) in the The Hound of the Baskervillesyou can use this protocol to assist you moving forward. 

If you are looking for the top compliance training class around, the Compliance Master Class. If you would like information please email at tfox@tfoxlaw.comand I can forward you the agenda. If you would to register, you can do so here.

Oct 29, 2018

In this podcast, we consider Conan Doyle’s second Sherlock Homes novel, The Sign of Four.  The novel was published in 1890 but the story is set in 1888. The story entails a complex plot involving service in East India Company, India, the Indian Rebellion of 1857, a stolen treasure, and a secret pact among four convicts and two corrupt prison guards. It presents the detective's drug habit and humanizes him in a way that had not been done by Doyle to-date. It also has a rather happy ending as it introduces us to Dr. Watson's future wife, Mary Morstan to whom he proposes at the end of the novel. It also introduces today's topic of the innovation process. 

The Sign of Fourwas an intricate tale with many strands woven throughout. I thought of this novel when reading the article entitled “Leading Your Team into the Unknown” by Nathan Furr and Jeffrey H. Dyer in the Harvard Business Review. The article is a good starting point to help a CCO or compliance practitioner help move a compliance function down into the DNA of an organization to make compliance a more standard process for operationalizing compliance through “A Comprehensive Approach to Innovation” which I have adapted for the CCO or compliance practitioner to facilitate innovation in the compliance function. 

  1. Generate Insights. As a CCO or compliance practitioner, you can push compliance boundaries just as dramatically by demonstrating a willingness to reimagine some of your organization’s most fundamental assumptions about products, customers, and business models. But it means getting out there and seeking input from those outside your direct compliance function.
  1. Identify an Important Problem. Give your team an opportunity to synthesize the issues. You will need to dedicate both resources and time for the process to run its course. I recognize that all corporate employees have a day job so you will need to set aside specific time for such issue identification. In addition to providing resources and time, you will need to provide your innovation team support by removing the inevitable organizational barriers, which will be thrown up in their path.
  1. Develop the Solution. Begin byconstructing a set of simple prototypes of many different compliance tools. Start with a visual representation, which could be just a drawing; next move to testing a minimum viable prototype with internal consumers of the compliance solution through the simplest, quickest physical version of the offering you can devise. Finally, pilot test the full-blown compliance solution with a wider audience, including trusted and integral third parties to your organization.
  1. Devise the Business Model. Finally, once you have worked out the offering, apply the same experimental approach to developing and testing the components of the business model, including approaches to implementation.

Concluding, there are multiple values to such an approach. First, you will have generated “insight value-that is, the insight into the unknown that comes from reducing uncertainty.” Second is the “option value-the option upon resolving an unknown, to pursue, alter, or abandon a course of action.” Third is the “strategic value” which is both the value derived by your internal compliance consumers but also that of all the knowledge you will have gained throughout the course of the project; what worked and what did not work and, more importantly, why.

If there is one over-riding theme that the Department of Justice has communicated over the years it is that your compliance function needs to constantly evolve. It certainly must evolve as the corruption risks your company encounters develop but also it should also mature as your compliance program grows and becomes more ingrained in your organization. Moreover, as compliance moves into its next phase and becomes the best practiceof a well-run business, innovation will become more of a focus. 

If you are looking for the top compliance training class around, the Compliance Master Class. If you would like information please email at tfox@tfoxlaw.comand I can forward you the agenda. If you would to register, you can do so here.

Oct 29, 2018

In this podcast, we celebrate Doyle’s final novel, The Valley of Fear. This novel was written in 1914 and serialized in the Strand Magazinebetween 1914 and 1915. It was notable for two reasons. The first that it was at least inspired by events in America involving the Molly Maguires, the Pinkerton Agency and its undercover agent James McParland. It informs the topic of virtual teams. 

In this story, Holmes decodes a cipher from Professor Moriarty's organization for a person named Douglas in Birlstone. It is discovered that there is a corpse who was an assassin sent to kill Mr. Douglas. Douglas literally blew the head off of his American assassin and dressed the body as himself. Holmes intoned that a dumb-bell weighed down the killer's clothes in a moat. The assassin left a calling card, monikerred VV341, which was a code for the Vermissa Valley Lodge 341. This was a reference to undercover work that Douglas did years before for the Pinkerton Agency when he went undercover, first with Freemen in Chicago, then west to a desolate mountain coal mine area, to take down corrupt murderers who ran the Valley Freemen Lodge. Years later the US criminals enlisted Professor Moriarty to find Douglas. Holmes warns Douglas to flee England. But Moriarty prevails and the story ends with Mrs. Douglas wiring Holmes that her husband was lost overboard on his way to South Africa.

I thought about this final Holmes novel, with its multi-continent settings, in connection with an article in the Harvard Business Review, entitled “Managing Yourself Getting Virtual Teams Right”, by Keith Ferrazzi. It provided insight for any Chief Compliance Officer (CCO) or compliance practitioner to master this most valuable and necessary tool is a skill in the modern multi-national organization.

The Right Team

It all starts with the right people, the right size and the right roles. Your team, no larger than 10 should have “good communication skills, high emotional intelligence, an ability to work independently, and the resilience to recover from the snafus that inevitably arise. There are three groups.  The core consists of executives responsible for strategy. The operational group leads and makes decisions about day-to-day work but does not tackle the larger issues handled by the core. Finally the outer network consists of temporary or part-time members who are brought in for a particular stage of the project because of their specialized expertise. 

The Right Leadership

The group must have trust by getting to know each other as people, if only through the virtual format. Once trust is established the next step is foster open dialogue or. Finally, it is important to clarify goals and guidelines or “the importance of establishing a common purpose or vision, while also framing the work in terms of team members’ individual needs and ambitions. Explain to everyone why you are coming together and what benefits will result, and then keep reiterating the message.”

The Right Touchpoints

There are three key points at which the team should get together; kickoff, onboarding and milestones. Kickoff allows everyone to put a face with a name. Onboarding is when you bring a new person onto the virtual team. Finally, Ferrazzi says that even the most dedicated teams can lose momentum as team members begin to feel disconnected. To counter-act this, he suggests bringing the full team together at milestones.

The Right Technology

Some of the obvious is conference calling, direct calling and text messaging and virtual team rooms all which can make the virtual team experience work well. When data on employee resource use was made available, “a few interested parties self-organized into a virtual project team to create a system that documents individuals’ cost savings over time. As people began to compete for the biggest savings, the company benefited.”

The earliest virtual teams were formed to facilitate innovation among top experts around the world who didn’t have time to travel. However in today’s corporate environment, teams of physically dispersed employees are more often just a necessity of doing business. The compliance function will almost always be dispersed across a wide multi-national area. Some of the tips presented herein can help you run a more efficient organization while allowing greater flexibility going forward. 

If you are looking for the top compliance training class around, the Compliance Master Class. If you would like information please email at tfox@tfoxlaw.comand I can forward you the agenda. If you would to register, you can do so here.

Oct 29, 2018

In this episode, I consider the first novel, A Study in Scarlet. There are two items of note that I learnt in researching this work. The first is that it was written in 1886 and even Conan Doyle had trouble finding a publisher for what went on to become the most famous detective character of all-time. The second was the title. I had always thought it referred to the color of blood but it turns out that it comes from a speech given by Holmes to Dr. Watson on the nature of his work, in which he describes the story's murder investigation as his “study in scarlet”: “There's the scarlet thread of murder running through the colourless skein of life, and our duty is to unravel it, and isolate it, and expose every inch of it.” Furthermore, a ‘study’ is a preliminary drawing, sketch or painting done in preparation for a finished piece. The story informs today’s topic about using power. 

While many compliance departments may have begun more as a command and control function, set up by lawyers to comply with anti-bribery laws such as the FCPA; this type of leadership model is now becoming outmoded in today’s world. It is not that employees are interested in the ‘why’ they should do business ethically and in compliance with such laws but it is more that power is shifting inside corporations. In a HBR article, entitled “Understanding “New Power””, authors Jeremy Heimans and Henry Timms explore how leadership dynamics are changing and what companies might be able to do to harness them.

The authors have three prescriptions that I found could be useful for the CCO or compliance practitioner to incorporate into a mature and evolving compliance program moving forward. Compliance functions need to “engage in three essential tasks: (1) assess their place in a shifting power environment, (2) channel their harshest critic, and (3) develop a mobilization capacity.

Assess where you are

This prong is quite close to something compliance practitioners are comfortable with in their role, a risk assessment. However the authors suggest that the assessment be turned inward so you should assess the compliance function on this “new power compass—both where you are today and where you want to be in five years.”

Incorporate business unit interests

If you are going to ask the business unit to be a significant partner or better yet be your business partner, you will need to have a mechanism in place to engage your business unit so there can be an inflow of input before the compliance function has an output of requirements. As the authors write, “This level of introspection has to precede any investment in any new power mechanisms” to which I would add any successful compliance function.

Mobilize your capacity

Here I suggest you consider contracted third parties and other third parties such as joint venture (JV) partners as an avenue through which the compliance function can bring greater benefits to an organization.

As the compliance profession matures, it will become more a component of a company’s business function. This means less of a lawyer’s top down mentality of do it because I said to do it, to more collaboration. It also means, as with the premier of Sherlock Holmes in A Study in Scarletthat something new is on the horizon and it could be here for quite sometime to come. 

If you are looking for the top compliance training class around, the Compliance Master Class. If you would like information please email at tfox@tfoxlaw.comand I can forward you the agenda. If you would to register, you can do so here.

Oct 15, 2018

This week I return to one my favorite themes for every Chief Compliance Officer (CCO), compliance professional and compliance program: Sherlock Holmes. Over this new podcast series, I will be considering themes from the short stories to illustrate broader application to components of a best practices compliance program. In this Episode I, I consider the theme of communication. 

Shmoop found that in addition to the overall storytelling of Dr. Watson, “nearly every character in the Sherlock Holmes stories is a storyteller.” Storytelling is a crucial part of the entire detective fiction genre, and the Sherlock Holmes stories really explore this aspect. Each tale begins with a new case, which is always narrated by a participant, and ends with some sort of confession/explanation scene. While we are on this journey with Holmes and Watson, both they and we “encounter tons of different people and listen to their stories. In a way, the cases that Holmes and Watson solve are like giant umbrella stories composed of a dozens of smaller stories being told by a revolving door of characters.”

In the story The Adventure of the Red Circle, Holmes solves the immediate mystery in front of him, as told by the landlady of a boarding house. The first mystery is that a lodger has not been seen for over 10 days, always staying in his room and only communicating with oblique messages such as SOAP, MATCH, DAILY GAZZETTE printed on a torn piece of paper. But Holmes divines a greater mystery as it turns out the lodger is not a man but a woman whose life is under threat and her male traveling companion can only communicate with her through references to newspaper columns. Holmes stated to Watson, “Education never ends, Watson. It is a series of lessons with the greatest for the last. This is an instructive case. There is neither money nor credit in it, and yet one would wish to tidy it up. When dusk comes we should find ourselves one stage advanced in our investigation.”

This story illustrates a couple of key points for every CCO and compliance practitioner. The first is listening. This second compliance pointer The Red Circle Illustrates is communication, for just as education never ends for Holmes, it should never end for a compliance practitioner, your communications on compliance should never end either. Third, the audience. To communicate effectively you need to understand your audience. In any corporation, there are multiple audiences who are the key stakeholders in the 360-degree process.

Finally, you need to evaluate what you have done. You can monitor your communication activities by tracking attendance at events, website statistics, open rate of emails, downloads of materials, video hits; in other words, the same techniques that your marketing folks would use to determine their messaging’s effectiveness. The objective is to build trust for the 360-degree process by determining if the goal is achieved. You can utilize surveys or focus groups to assess the impact on your target audience. By focusing on your customer customers of compliance, i.e., your employees, it allows you to identify gaps and improve the communication process for your compliance program.

I have used three primary resources in putting together this series: Maria Konnikova’s Mastermind(Konnikova); the online site shmoop.comand its blog post, The Return of Sherlock Holmes(shmoop); and finally the most seminal print work on the entire Holmes canon, the three-volume The New Annotated Sherlock Holmes(Klinger) edited with notes by Leslie S. Klinger.

Oct 15, 2018

This week returns to one my favorite themes for every Chief Compliance Officer (CCO), compliance professional and compliance program: Sherlock Holmes. Over the next few days, I will be blogging on themes from the short stories to illustrate broader application to components of a best practices compliance program. In this episode, I consider the theme of institutional justice. 

In the story The Adventure of the Abbey Grange, Holmes feels something is just not right about the story told by Lady Mary Brackenstall regarding the death of her step-father Sir Eustace Brackenstall. Holmes’ largest concern turns on the contents of three wine glasses, one of which contains beeswing and the other two do not. It turns out that Sir Eustace was killed by a companion of Lady Mary, which Holmes uncovers. However, Holmes has an adaptability for justice when the situation demands it, stating, “Once or twice in my career I feel that I have done more harm by my discovery of the criminal than ever he had done by his crime.” Satisfied the actions of the criminal and his accomplice (Lady Mary) were both warranted and just; Holmes does not report his findings to the local police. Klinger dryly noted, “his sympathies may have overridden his judgement: Many scholars believe that Holmes lets himself be fooled by a villainess clever than he credited.”

This story illustrates a key point for every CCO and compliance practitioner; institutional justice. As a CCO or compliance practitioner how can you work towards achieving it? Institutional justice is a primary factor as to whether an employee will come forward with a concern. Management might try a quick-fix reaction to a messy investigation with more reporting mechanisms, posters or asking a Chief Executive Officer (CEO) to use compliance training to generally get the word out. Employees view it as a trust issue, and you must garner that trust through providing institutional justice.

One of the ways to insure institutional justice is through the Fair Process Doctrine which mandates that every hotline complaint should be treated with both dignity and respect; with an efficient and thorough vetting. From there if discipline is warranted, a company should follow a prescribed process. Follow that process and an employee would almost always uphold a company’s decisions. Fail to follow the process and the employee would be required to engage in remedial action.

Companies must have an absolute prohibition against retaliation. If not, any sense of institutional justice will be destroyed. A final problem of inconsistent outcomes is that companies must demonstrate that consistent and fair outcomes are routine, regardless of people, relationships or scenarios. If employees view outcomes as fair, they will be more compelled to report concerns. Employees know that inconsistency equals personal risk.

Both the Fair Process Doctrine and the more recent concept of institutional justice are central to the modern compliance profession. The compliance profession must remind companies that even if they can engage in an action, they should not always do so. Sometimes the reputational damage, even if an action is legal, is so great that the risk cannot be managed. The compliance discipline within every company is the one corporate function most well suited to bringing institutional justice into the fabric of a company.

I have used three primary resources in putting together this series: Maria Konnikova’s Mastermind (Konnikova); the online site shmoop.comand its blog post, The Return of Sherlock Holmes (shmoop); and finally the most seminal print work on the entire Holmes canon, the three-volume The New Annotated Sherlock Holmes (Klinger) edited with notes by Leslie S. Klinger.

Oct 15, 2018

This week I have returned to one my favorite themes for every Chief Compliance Officer (CCO), compliance professional and compliance program: Sherlock Holmes. I am using themes from the Holmes short stories to illustrate broader application to components of a best practices compliance program. In this episode, I consider the theme of criminality and compliance.

In the story The Adventure of the Priory School, Watson meets a character, Reuben Hayes, who  believes to be the most “self-evident villain” he has ever seen. The tale revolves around the disappearance of a Duke’s son who is kidnapped by the Duke’s illegitimate son, James Wilder, who has in turn hired that most evil person Hayes to kidnap the lad. In pulling off the crime, Hayes had killed the lad’s tutor, one Heidegger, who had gone off in search of the boy. Holmes resolves the matter, while Hayes swings for his crime, the illegitimate son, Wilder is packed off to Australia.

Rarely do employees in companies begin with an intent to commit criminal acts. Yet by the time they have engaged in criminal fraud, there has usually been significant damage to the organization. One might only consider the recent criminal indictment of Elizabeth Holmes, founder and former Chief Executive Officer (CEO) of Theranos, Inc. and the company’s former COO, Sunny Balwani. I greatly doubt they originally planned to defraud investors out of millions of dollars or intentionally wrongly reported on the health of all those who were tested with their products. Yet the indictment alleges, at the end of the day, that they did so defraud a wide variety of stakeholders, customers and others. Now the company is down to just a few remaining employees.

But this type of massive fraud, perpetrated at the highest level, is a rarity in Foreign Corrupt Practices Act (FCPA) cases (although not unheard of). Yet, as the Association of Certified Fraud Examiners (ACFE) noted in its most recent Report to the Nations(Report), corruption represents one of the most significant fraud risks for organizations. This means that companies should understand the specific factors involved in corruption schemes so they can work to effectively prevent, detect and remediate them.

Some of the key findings in the Report around corruption were that 70% of corruption cases were perpetrated by someone in an organization who was in a position of authority; either a manager or senior executive. The top red flags in corruption cases were (1) an employee living beyond their means; (2) employees with unusually close associations with vendors or customer; (3) employees who were in financial difficulties; and (4) employees who had a ‘wheeler-dealer’ attitude when it came to doing business. Interestingly, corruption continues to be a worldwide problem. However, the part of the Report that will bring some of the most important insights to the compliance practitioner is the similarities between the fraud perpetrator and the employee engaged in corruption. They share the same profile. The mechanisms for concealing fraud are concealing or altering documents, creating fraudulent transactions and entries in the accounting system, altering transactions or files and override of internal controls to allow fraudulent transactions.

These observations point to the need for robust internal controls in every best practices compliance program. Such compliance internal controls can help detect and prevent fraud and corruption from occurring in a much more objective manner. For the reality is if the red flags noted as the top indicators of fraud appear in your organization, it is an objective sign that a more thorough investigation should take place.

I have used three primary resources in putting together this series: Maria Konnikova’s Mastermind (Konnikova); the online site shmoop.comand its blog post, The Return of Sherlock Holmes (shmoop); and finally the most seminal print work on the entire Holmes canon, the three-volume The New Annotated Sherlock Holmes (Klinger) edited with notes by Leslie S. Klinger.

Oct 15, 2018

This podcast series returns to one my favorite themes for every Chief Compliance Officer (CCO), compliance professional and compliance program: Sherlock Holmes. In Adventures in Compliance, I consider themes from the short stories found in Holmes storiesto illustrate broader application to components of a best practices compliance program. Today, I consider the theme of imagination in your compliance program. 

The Adventure of the Empty House may well be one of the most famous in the entire Holmes oeuvre. It was the first story in over ten years, although Doyle set the tale only three years after the meeting of Holmes and Moriarty at Reichenbach Falls. Returned from touring the world, Watson and Holmes have an emotional reunion (at least for Watson) and then begin to tackle a locked room murder. This leads to Holmes being in jeopardy and putting a mannequin in his window to draw an attempted assassination attempt by Colonel Sebastian Moran, a henchman of Dr. Moriarty. Moran uses an air rifle which makes the murder and attempted murder all the more sinister.

In every recent Deferred Prosecution Agreement (DPA) and Non-Prosecution Agreement (NPA) issued by the Department of Justice (DOJ) they all include an element along the following strictures, “The Company will conduct periodic reviews and testing of its anti-corruption compliance code, policies, and procedures designed to evaluate and improve their effectiveness in preventing and detecting violations of anti-corruption laws and the Company’s anti-corruption code, policies, and procedures, taking into account relevant developments in the field and evolving international and industry standards.”[Emphasis supplied]. This means that the DOJ expects imagination in your compliance program to keep up with evolving international and industry standards. This requires your imagination in your compliance strategy.

All of this means you should begin with a strategy for your compliance program. The key to success is something that every CCO or compliance practitioner should take to heart; which is that a compliance practitioner must be able to lay out a strategy for compliance that details the efforts to support the overall business strategy. This means creating a compliance program that will create value for customers, i.e., employees, third parties and customers; show how the company will capture that compliance value going forward and finally which types of compliance imagination to pursue.

If you have a good strategy, it can promote alignment among diverse groups in a company, help to clarify objectives and priorities and guide your focus on those objectives. It can also be modified as necessary and with sufficient feedback. There are several questions you need to consider in connecting your strategy to the business. Initially, how will it create value for the customers of compliance; i.e., your employees and relevant third parties? Your imagination can make compliance faster, easier, quicker, nimbler and so on. Focus on that creation of value going forward. Next what types of imagination will allow the company to create and capture value, and what resources should each type receive, such as a change in technology and a change in a business process?

Obviously senior management has a key role around imagination in compliance, as it can be driven downward or backward if there is not sufficient management support. This means not only must there be sufficient resources allocated but management must also incentivize the business units to proceed with implementing the imaginations. Another area where senior management is critical is with making trade-offs. A supply-push approach comes when your imagination is focused on something that does not yet exist, for example if you are initially implementing a Foreign Corrupt Practices Act (FCPA) compliance regime. A demand-pull approach works more closely with your existing customer base to determine what they might need and works to implement imagination around those needs.

Finally, consider what every speaker from the DOJ or Securities and Exchange Commission (SEC) says when they talk about the basics of any best practices compliance program. It is that both compliance and strategies must evolve. You must recognize that your compliance program will have to be innovative. Start with a strategy, that has senior management buy-in and support, then move to implement. Finally use data in a feedback loop to fine tune your imaginations. Imagination in compliance is one of the key differences between those who advocate static compliance standards embodied in a written paper program and those who advocate an operationalized compliance program and it is the latter that creates an active, vibrant and effective compliance program. That is the bottom line for imagination in compliance.

I have used three primary resources in putting together this series: Maria Konnikova’s Mastermind (Konnikova); the online site shmoop.comand its blog post, The Return of Sherlock Holmes (shmoop); and finally the most seminal print work on the entire Holmes canon, the three-volume The New Annotated Sherlock Holmes (Klinger) edited with notes by Leslie S. Klinger.

Oct 15, 2018

This week is a return to one my favorite themes for every Chief Compliance Officer (CCO), compliance professional and compliance program: Sherlock Holmes. Over this week, I am considering themes from the Holmes short stories to illustrate broader application to components of a best practices compliance program. In this episode, I consider the theme of mentoring in compliance.

In the story The Adventure of the Six Napoleons, Inspector Lestrade says to Holmes, “Well,” said Lestrade, “I’ve seen you handle a good many cases, Mr. Holmes, but I don’t know that I ever knew a more workmanlike one than that. We’re not jealous of you at Scotland Yard. No sir, we are very proud of you, and if you come down to-morrow, there’s not a man [...] who wouldn’t be glad to shake your hand.” This comment provides insights into how Holmes is viewed by other law enforcement officers; Holmes is a sort of living legend and the other officers respect his skills.

The matter involved the theft of jewelry as Inspector Lestrade of Scotland Yard brings Holmes a seemingly trivial problem about a man who shatters plaster busts of Napoleon. One was shattered in Morse Hudson’s shop, and two others, sold by Hudson to a Dr. Barnicot, were smashed after the doctor’s house and branch office had been burgled. Nothing else was taken in any of the break-ins. It turns out that the thief had stolen several pieces of jewelry and then hid them in the Napoleonic busts. The thief, having been released from prison on an unrelated offense, was tracking down the busts in which he had placed the jewels for hiding, breaking them open and reclaiming his purloined property.

What are some of the ways that you might mentor a younger or less senior compliance professional? I think there are several ways suggested by Conan Doyle as epitomized by the statement by Lestrade and his relationship with Holmes and Watson. CCOs and seasoned compliance professionals tend to be passionate about compliance even if (like myself) they have a legal background and came to compliance from a corporate legal department. You should work to transmit that passion to others you are mentoring. In today’s hyper-transparent world of reputational risk, that passion can stand out as a differentiator. It is not simply the crossing of siloed boundaries but understanding the differences in business units, corporate functions and even geographic locations that can bring this broad sense of context.

As compliance professionals, transmit the ability to see not only the technical details but also the big picture of compliance. Introduce your mentees to others in your organization, so that they can be exposed to different leadership styles and see how such leadership styles work in various areas and with different constituencies. Encourage mentees to have a powerful sense of compliance community by encouraging cultivation in personal and professional networks. Any chance to participate in such an opportunity should be accepted.

Beyond passion, help them to develop purpose around careers in compliance. This can be aided through reflection, introspection and ability to change as a leader. Moreover, rather than influencing others through individual speeches or stories, the everyday connections between a compliance professional’s sense of purpose and the compliance vision can work to form an indelible impression about the importance of compliance to an organization. This is Louis Sapirman’s 360-degees of compliance in action.

If you are mentoring a compliance professional, you probably have a next generation mindset. But it is equally important that you communicate that to your mentee as it is certainly important that each generation of compliance leaders be fit for the future and be committed to continuous improvement going forward.

By using these steps, a successful enterprise leader, a CCO or compliance practitioner can bring greater corporate wide presence to the compliance function. Moreover, by using them as guideposts for mentoring, you will make compliance a part of the business process as it becomes second nature and a recognized part of any business transaction. As you communicate to those under you to develop better relationships and how to mobilize compliance for the greater good, it will have the direct benefit of allowing you as the mentor to deliver more value for the company. It does not get much better than that.

I have used three primary resources in putting together this series: Maria Konnikova’s Mastermind (Konnikova); the online site shmoop.comand its contribution, The Return of Sherlock Holmes (shmoop); and finally the most seminal print work on the entire Holmes canon, the two-volume The New Annotated Sherlock Holmes (Klinger) edited with notes by Leslie Klinger.

Oct 8, 2018

Opinion Release 12-01is significant as it demonstrated not only the evolving nature of best practices under the FCPA but also the DOJ’s thinking on the subject. I think that the DOJ has underlined again the fact intensive nature of the analysis required under the FCPA and how companies, if they used a reasoned approach for a specific FCPA issue or problem, can go a long way towards protecting themselves from potential FCPA liability or exposure. Find out in today's episode. 

Oct 8, 2018

In this episode of the Opinion Release Papers, we consider Opinion Release 14-02, where the question presented is if a US company purchases a  company not previously subject to the FCPA and the target had engaged in bribery and corruption, would the US company be liable for the targets prior acts under the FCPA? 

Oct 8, 2018

In this episode, we consider Opinion Release 14-01, where the Department of Justice opined that paying a foreign government official for monies he was owed in the sale of a business interest that he owned prior to becoming a foreign government official would not be prosecuted as a Foreign Corrupt Practices Act violation. As intuitive as this decision might sound, there is, nevertheless, significant information for the compliance practitioner to take away from 14-01.

1 2 3 4 5 6 7 Next » 19