Info

FCPA Compliance Report

Tom Fox has practiced law in Houston for 30 years and now brings you the FCPA Compliance and Ethics Report. Learn the latest in anti-corruption and anti-bribery compliance and international transaction issues, as well as business solutions to compliance problems.
RSS Feed Subscribe in Apple Podcasts
FCPA Compliance Report
2019
May


2018
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
March
February


2015
December


Categories

All Episodes
Archives
Categories
Now displaying: Category: compliance know-how
Oct 8, 2018

“Each case turns on its own facts.” How many times have you heard a representative of the Department of Justice (DOJ) or Securities and Exchange Commission (SEC) make that statement at a conference or other public event? The reality is that this is true and, in the context of Foreign Corrupt Practices Act (FCPA), both regulators look at the facts and circumstances around each case in making a wide range of assessments. While this is frustrating to business types, as a lawyer I find it to be not only an appropriate analysis but also an accurate way in which to look at things. 

Late in 2013 the DOJ issued its only Opinion Release, that being Opinion Release 13-01. One of the things that this Opinion Release stands for is that each fact scenario presented under the FCPA must be evaluated on its own facts. While this maxim is certainly true, I believe that the Opinion Release goes further and provides significant information to the compliance practitioner for charitable donations going forward.

Oct 8, 2018

In Opinion Release 12-02, certain Requestors, which were 19 non-profit adoption agencies located in the US, asked the DOJ about bringing certain foreign governmental officials involved in the foreign country’s adoption process to the US. All the foreign governmental officials are involved in the process of allowing children from their country go through the adoption process with the US non-profits involved. The trips to the US were for two days of meetings. Can the Requestors do so, without running afoul of the FCPA?

Oct 1, 2018

In this special five-part podcast series, I have visited with Thomas Sehested, founder and CEO of, Valerie Charles, Chief Strategy Officer and Peter Chang, Head of Customer Success of GAN Integrity. In this series, we will consider how the effective use of technology can drive not only a more effective, operationalized compliance program but make your business run more efficiently. In this Part V, I visit with Charles some of her birdseye view of compliance.

Charles has worked in private practice as a white-collar defense lawyer and as a Chief Compliance Officer (CCO). While in-house, Charles tended to view technology as a tactical solution to an issue. She did not see it as a strategic solution and frankly did not understand the power of tech in compliance. However, after her move to GAN she began to see how technology could bring a much larger strategic focus to compliance, for example in such areas a tech solution for compliance integrated into the company’s overall risk management strategy, leading to integrated reporting and an entire infrastructure of the tech solutions tied to the corporate structures.

We explored how Charles perceives that technology has changed the way(s) she considers compliance. She began by noting how much more advanced and mature the financial sector has been in developing and embracing tech than compliance. This extended to corporate financial disciplines so that now there are integrated standard-bearer platforms. Good technology can import and export data easily that allows greater movement of information with more transparency between business units. She noted that Human Resources (HR) has also benefited greatly from tech solutions.

She contrasted those examples with the corporate compliance function, which she believes has been hamstrung by the lack of an integrated tech solution in compliance. Tech for compliance has been fragmented. Typically, it has been the norm for a compliance professional to go one vendor to purchase technology to roll out policies & procedures, another vendor for e-learning and surveys and still another to register conflicts of interest, gift giving and receiving. Of course vetting your third parties is another set of vendors as is hotline and case management software.

She stated,  “if you can't tie together the critical components of the program into one integrated system that talks to each other and can easily be checked out or have data flowing to and from the other business units, you're kind of still an odd guy out.” If there was such a tech solution, it would elevate the compliance profession.  

Charles believes the most effective and forward thinking compliance professionals are those who consider how not only will compliance impact an organization but also how a compliance program should integrate into the company’s overall business strategy. She explained that this means considering “everybody from, you know, ops people to sales folks to the marketing team.” You should really try to understand how the business flows and sort of how do you put these gates, how do you put these processes, procedures, and controls in places that will meet your goal of keeping everybody safe and the company, but doing it in a way that will slow down the company as little as possible.”

A CCO can begin to accomplish this by having conversations with the corporate functions and business operations to understand how any changes from the compliance function will impact the day-to-day processes of the organization. If you do this spadework and take the concerns of those you talk to into account, Charles believes it will be much easier for you, as CCO, to get senior management buy-in for changes, upgrades and/or enhancements of your compliance program.

This research is effective is for a couple of reasons. First by garnering buy-in from other corporate disciplines, it makes those disciplines feel like they were a part of a team effort or at the very minimum their concerns were listened to. Which leads directly into a key (if not thekey) skill of any senior business leader, including a CCO, which is listening. Yet listening is even more important for a CCO or compliance practitioner because of the collaborative nature of the compliance function. But information is a two-way street so you must not only listen but also educate your corporate partners in finance, internal audit, HR and internal controls.

From such discussions, Charles believes you can determine the types of controls that would be effective for compliance. Such controls could be incorporated into policies and procedures or internal controls. She noted, “there’s an art to looking at the flow of a business and placing controls in those specific spots. If you are able to listen and process other people’s goals alongside your own and then marry those concepts together, it creates something that works for everybody and everybody can push for it. You listen to a bunch of ideas and then crunch them out in a way that people can understand and see the results.”

Another interesting observation by Charles was that she views the compliance profession as the “true partners of the business.” She contrasted this with a corporate legal department, which exists to protect the company. Compliance is there to prevent, detect and remediate, which means to enhance a business process through the lens of compliance. Charles stated, “compliance has the creativity and flexibility that the legal team doesn’t always have. We can utilize that to align ourselves with business goals in a way that the business team can understand.” This means that if a CCO or compliance function sees something that is not working, it can make a change. The more a compliance team focuses on dynamic and changing risks, the more it will appear as a way to respond to business needs. Equally important, such an approach not only anticipates but also supports the continuous improvement model of compliance. As you garner feedback and data from your compliance program you can use that information to improve your overall compliance process.

Charles concluded by noting that execution is a key element and this is where the rubber meets the road. After you have listened, designed or enhanced and received senior management buy-in, did you, as the CCO or compliance function, execute on your long-term strategy? At the end of the day, you will be judged on how you executed your strategy.

For more information on GAN Integrity, visit our sponsor’s website, www.ganintegrity.com.

Oct 1, 2018

 In this special five-part podcast series, I visit with Thomas Sehested, founder and CEO of, Valerie Charles, Chief Strategy Officer and Peter Chang, Head of Customer Success of Gan Integrity. In this series, we will consider how the effective use of technology can drive not only a more effective, operationalized compliance program but make your business run more efficiently. In this Part I, I visit with Thomas Sehested on his journey from professional athlete to tech entrepreneur to compliance solution provider.

Some of the most interesting innovations in compliance come from folks who do not have a background in either compliance or legal training. I have found it is because their perspective is so different that they spot things that we legally trained compliance professionals often do not spot. That insight was reinforced when I recently interviewed Thomas Sehested, co-founder and Chief Executive Officer (CEO) of GAN Integrity Inc., (GAN) for an upcoming podcast series, sponsored by GAN. Sehested has been a world champion Windsurfer, became a tech entrepreneur in the antipiracy world and now works in the compliance space.

While in business he had felt (like many business folks) that compliance was the Land of No and Chief Compliance Officers (CCOs) largely inhabited it as Dr. No. Yet when he looked more closely into the compliance space he saw a profession that had been lawyer driven yet seemed to be more focused on business process, something that lawyers are certainly not trained for nor have the tools to accomplish. Moreover, the breadth and scope of requirements for a corporate compliance function are almost endless as it literally touches every other corporate discipline.

I found Sehested’s insight very interesting, that compliance professionals are faced with a pretty rigorous set of things that they need to live up to, “it’s really kind of a minefield in terms of what they need to focus on as a team”. However, he felt they lacked the tools to do this efficiently. He also saw “very small teams, two or three people, managing compliance for thousands of employees and thousands of third-party vendors.” To actively manage this number of persons and entities without a technological solution is well-nigh impossible. Sehested saw an opportunity to create technological solutions to remedy this anomaly. This is what he set out to do when he created GAN. Sehested not only wants to put more technological solutions in the hands of the compliance professional to manage the tasks they have at hand but also give them methods to present that information to senior management and the Board of Directors.

I asked Sehested what a compliance professional might consider to focusing on initially from a tech standpoint. Interestingly, he noted that even with the wide range of company sizes and industry foci, “you want to look at what you do on a day to day basis and automate that so that you, as a compliance professional, can focus on what you’re good at and that’s making the strategic decisions about how your company should handle compliance. It should not be about chasing people down and making sure that they filled out their questionnaires and trainings.

This means you should consider automating the typical administrative tasks which fill so much of our day-to-day work. Sehested believes “All of that should be automated. If you have a lot of third-party vendors, you should make sure there’s a solid system in place to deal with the vast majority which do business in compliance. In that way, you can use your bandwidth to deal with the few rotten eggs that are likely to kind of float to the top.” The same is with employees from the compliance perspective, you should be “focused and dedicate your attention to where it’s needed. You need something to present you with the daily view of your organization from a compliance perspective to make sure you can dedicate your time to that.” The bottom line is that a compliance professional should consider the work they are doing today and see what can be automated.

I found Sehested’s perspective quite thought-provoking. As a compliance professional you should assess what is in your portfolio that can be automated for greater efficiency. By starting here, you can put together a business case about how a tech solution will save your organization money right out of the gate. From there you can move to higher level functions and duties in your department. This approach also has the benefit of incremental process improvements. You are not reinventing the compliance wheel in your organization but rather improving the business process. That is something that not only senior management and the Board looks for but the regulators as well.

For more information on GAN Integrity, visit our sponsor’s website, www.ganintegrity.com.

Oct 1, 2018

In this special five-part podcast series, I visit with Thomas Sehested, founder and Chief Executive Officer (CEO), Valerie Charles, Chief Strategy Officer, and Peter Chang, Head of Customer Success, from GAN Integrity, Inc. (GAN). Throughout this series, we consider how the effective use of technology can drive not only a more effective, operationalized compliance program but make your business run more efficiently. In Part II, I visit with Charles on her journey from legal to compliance to tech.

Charles practiced law as a white-collar defense lawyer before moving in-house as a global compliance lead. Now she is the Chief Strategy Officer at GAN. It is somewhat unusual for a lawyer/compliance professional to move into a tech company which specializes in the compliance space. I was interested in what caused her to make this move. She related that she has always been curious about the use of technology in the practice of law and in the compliance profession. She said that her in-house compliance role demonstrated the inefficient use of her time. She was performing many administrative tasks which she felt could be handled more quickly with a tech solution. Charles stated, “for that reason when I bumped into the GAN folks and realized what they were doing a, it made a lot of sort of natural sense to me.”  She then had a “now or never” moment and decided to jump into the tech side of compliance with both feet.

She related that many in-house compliance professionals are spending time chasing people to do things that people could be chased to do by technology. I asked Charles about some of the tasks she observed that lent themselves to a tech solution. She said it could be “rolling out a new policy, circulating the internal approvals to get that policy or that procedure approved. It could be wedding a third party or more often reinventing a third party at a predetermined frequency. It may be keeping up with a lot of administrative deadlines and then exercising the activity you are supposed to at that time.”

But the reality is that most compliance professionals would much prefer to spend their time strategizing about what they’re doing at a more macro level. Many of the tasks she articulated not only take up too much administrative time but keep folks from working on more significant tasks such as longer-term strategic issues. Charles said that one of the things that intrigued her after her move from compliance to tech was her shift in focus of how to use technology in a best practices compliance program.

While in-house, Charles tended to view technology as a tactical solution to a compliance issue. She did not see it as a strategic solution and frankly did not understand the power of tech in compliance. However, after her move to GAN she began to see how technology can bring a much larger strategic focus to compliance, in such areas as a compliance tech solution integrated into the company’s overall risk management strategy, getting integrated reporting with the entire infrastructure of the tech solution tied to corporate structures.

We explored how Charles perceives that technology has changed the way(s) she considers compliance. She began by noting how much more advanced and mature the financial sector has been in developing and embracing tech than compliance. This extended to corporate financial disciplines so that now there are integrated standard bearer platforms. Good technology can import and export data easily that allows greater movement of information with more transparency between business units. She noted that Human Resources (HR) has also benefited greatly from tech solutions.

She contrasted those examples with the corporate compliance function, which she believes has been hamstrung by the lack of integrated tech solutions. Tech for compliance has been fragmented. Typically, it has been the norm for a compliance professional to go to one vendor to purchase technology to roll out policies and procedures, another vendor for e-learning and surveys and yet another to register conflicts of interest, gift giving and receiving. Of course, vetting your third parties is another set of vendors, as is hotline and case management software. She stated, “if you can’t tie together the critical components of the program into one integrated system that talks to each other and can easily be checked out or have data flowing to and from the other business units, you’re kind of still an odd guy out.” If there was such a tech solution, it would elevate the compliance profession.  

As tech has moved to cloud-based solutions, there is the ability to integrate many of these functions. When this can be accomplished, it will allow a Chief Compliance Officer (CCO) or compliance professional to review consolidated data and reporting. Charles concluded when that occurs, “the evolution of compliance technology will match the evolution of the importance of the field itself.”

Visit our podcast sponsor, GAN Integrity by clicking here

Oct 1, 2018

During this five-part podcast series, I have visited with Thomas Sehested, founder and Chief Executive Officer (CEO), Valerie Charles, Chief Strategy Officer, and Peter Chang, Head of Customer Success, of GAN Integrity, Inc. (GAN). Over this series, we consider how the effective use of technology can drive not only a more effective, operationalized compliance program but make your business run more efficiently. In Part III, I visit with Sehested on how tech solutions can make not only compliance more efficient, but companies run more efficiently and at the end of the day more profitably.

One of the things I evangelize the longest and loudest about is that properly practiced, an effective, fully operationalized best practices compliance program makes a company operate more efficiently and, therefore, more profitably. Organizations such as Ethisphere have consistently demonstrated, with nearly 15 years of data from its World’s Most Ethical awards, that companies who win the award outperform the Standard & Poor’s average. I was therefore very interested to visit with Sehested on this topic.

In a prior episode we discussed the tactical approach for tech in compliance; where a compliance professional can bring a tech solution to the plethora of administrative tasks which inundate every corporate compliance department. However, Sehested said that even this approach could well have immediate benefits beyond the compliance function’s greater efficiency as it begins the journey to use data. Here you might even consider Edward Deming’s well-known adage, “In God We Trust, all others bring data.” By using a tech solution to move a compliance function away from mundane administrative tasks, you begin to create a culture around data. This weans a corporate compliance function from the legalistic approach, which is primarily taught in law schools, to an evolving business process approach.

From this perch it is easy to see that all the data flowing through (or at least should flow through) a compliance function. It can range from employee gift, travel and entertainment (GTE) spend, charitable donations, commissions paid to third-party sales agents, corporate social responsibility (CSR) information, marketing spend and overall sales figures. If this amount of data can be accessed and then analyzed, you would have a well-spring of information to make your company run more efficiently.

It all begins with multiple sources of data which flow through the compliance function but moves on from there. If someone actually looked at the data, you could see where the inefficiencies in your own sales process were and actually increase efficiencies in your sales process. With such data, the compliance function could partner with other corporate functions to help determine greater business efficiencies, all while maintaining and even enhancing a corporate culture around doing business ethically and in compliance. A corporate compliance function should be closely aligning with multiple other departments, sales, procurement, finance and internal audit to name a few. Yet even the work with outside stakeholders, such as third-part sales agents or distributors, can be a part of this regime by sending out questionnaires and communications around compliance. Sehested sees this as “deploying different strategies of nudging to make sure that they influence their vendors to think the same way as their employees, when it comes to being ethical.”

How does a Chief Compliance Officer (CCO) make this pitch to a CEO or senior management? This is where Deming and Sehested come in as it is all about the data, not just the raw data but how it is presented. As a CCO, you need to come up with reports, backed up by the data to support these assertions. Sehested can attest that CEO’s have a wide variety of demands on their time so the more concise and direct you can be, the better it will be for your case. Use data, case studies and graphics to demonstrate not only the cost savings but the increase in efficiencies.

The opportunities for the compliance function to improve overall business efficiencies are only beginning to be appreciated. Moving from the legalistic approach to a more data driven business process is what the Department of Justice (DOJ) intoned in its 2017 Evaluation of Corporate Compliance Programs (Evaluation). As compliance programs and the compliance function continue to evolve into the 2020’s; those who are truly innovative will use the data to help drive business ethics. Having insights from someone outside the compliance space, such as Sehested, can help drive that innovation.

Check out GAN Integrity by clicking here.

Oct 1, 2018

Over this five-part podcast series, I have visited with Thomas Sehested, founder and Chief Executive Officer (CEO), Valerie Charles, Chief Strategy Officer, and Peter Chang, Head of Customer Success, from GAN Integrity, Inc. (GAN). In this series we consider how the effective use of technology can drive not only a more effective, operationalized compliance program but make your business run more efficiently. In Part IV, I visit with Chang on the GAN approach to client success and how it acts towards continuous improvement of a compliance program.

Execution is where the rubber meets the road in compliance. For any Chief Compliance Officer (CCO) or compliance practitioner, having not only an effective tech strategy for compliance but one that is executed is critical. This is where Chang and his team at GAN can step to make a very big difference. He began by emphasizing that typically a CCO has come from the General Counsel’s (GCs) office or has some type of legal or other non-tech professional. While resources and head count are always an issue for a CCO, work on administrative matters can also put a strain on the compliance program. Chang said that one of the first conversations he has with a CCO is do they have an automated program to handle the administrative tasks and then couples it with measurable data which allows a CCO to move from a detect mode to preventative and even prescriptive. With this consistency, you can deliver a more robust risk management strategy to senior management and the Board of Directors.

Another challenge for many CCOs is how to interpret the data they receive from a tech solution. In short, what does it all mean? Chang said that when his team begins a project, they actually work backwards to figure out not only what type of metrics will be generated but what a CCO might need going forward. You want to be “very clear on what you are capturing in terms of reporting and what is needed to execute the compliance program.” Chang advocates starting your analytics at the transaction level and “rolling them up in to a state where you can see the big picture”. While it is obviously important for a tech solution implementation to be successful, if you work towards it from the beginning it can help to make things “clear and concise” at the end.

Next, we considered system deployment. This means both adoption of a tech solution and its continued and even expanding use. Chang and his team begin by putting the compliance program into the tech solution and then moves to train on the solution going forward. This training works not only for the compliance professionals present at deployment but those who might come into the corporate compliance function after deployment. Chang called this continuous adoption, which is working with each customer so they can grow and expand the use of the tech solution to not only cover the original issue(s) but expand the tech solution to meet new challenges.

This approach has some very significant and positive implication for the compliance professional. This is another way to talk about continuous improvement in a compliance program. Chang noted that is to make sure there is a 100% attention rate in order to stay relevant within the organization. Ensuring there is continued coverage to support not only from the home office level but also the county level, essentially partnering with corporate compliance to ensure that as it grows the tech solution is right sized for them. Chang said there are cases where GAN has started with “medium sized companies who later want to grow into bigger due diligence solutions for their compliance program. In those cases, we may help them right size the program and make sure that if there’s high risk vendors who they may need, there are additional reports and the tech solution is configured properly so that they can get additional reports that they need. And this is all part of continuously working with the customers and with them to ensure that their programs are right sized.”

Think about that for a moment as this is taking the concept of continuous improvement and adding an ongoing tech solution. This is one of the areas both the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) discussed in their jointly issued 2012 FCPA Guidance, as Hallmark 9 in the Ten Hallmarks of an Effective Compliance Program. This is not simply taking data from your compliance program and feeding it back in to create continuous improvement, but it is using a tech solution to not only make your compliance program run more efficiently but using that same tech solution to help continuously improve your compliance program.

Such an approach uses the subject matter expertise (SME) of the tech solution provider to help the compliance professional come up with a more effective compliance program. For the compliance professional it is expanding out their reach and scope through the use of not only this tech SME but with the information from their own compliance program to create greater efficiencies and effectiveness.

Check out our sponsor, GAN Integrity by clicking here.

Sep 30, 2018

In the episode, I visit with Doug Allen, Managing Director at Ethisphere. We discuss the application process for Ethisphere’s 2019 World’s Most Ethical company designation. We consider the process for application, why a company should go through the process and the benefits even if your organization does not receive the designation. More highlights include:

  1. What is the Ethics Quotient? How is it developed and used?
  2. How are companies scored? Is there a difference between industries or geographies?
  3. If a company is under FCPA or other investigation, can they still apply?
  4. How does Ethisphere verify company responses?
  5. Does Ethisphere provide feedback?
  6. Do past winners receive a preference?
  7. How does the WME process align with Ethisphere values/missions and other services?
  8. When and where will WME 2019 companies be honored? 

For more information on Ethisphere’s 2019 World’s Most Ethical companies application process check out the following:

Link to request an application for the 2019 World’s Most Ethical Companies designation: https://www.worldsmostethicalcompanies.com/apply/

Link to the 2019 World’s Most Ethical Companies Application Guide: https://www.worldsmostethicalcompanies.com/wp-content/uploads/2019-application-guide.pdf

If you have any questions, you can contact Doug Allen at douglas.allen@ethisphere.com. For additional questions, you can contact Ethisphere’s Applicant support account at wmeapplications@ethisphere.com

Sep 28, 2018

This month I am celebrating 1000 podcasts by discussing with my colleagues and friends from professional community on past, present and future of compliance. Today we have Timur Khasanov-Batirov, my co-host in Compliance Man Goes Globalpodcast series ( http://fcpacompliancereport.com/series/compliance-man/), author of Integrity Corp. 50 Tips for your Compliance Program in the Post-Soviet States (  http://complianceinpostussr.com/and Compliance Man of Integrity Corp.illustrated series ( http://complianceinpostussr.com/compliance-man-of-integrity-corp-episode-1-first-things-first/).  Timur is a practitioner who focuses on embedding compliance programs at high-risk markets. We discuss:

  • What changes Tim has seen over the past 5 years in compliance in emerging markets;
  • The increase in skills in the compliance profession;
  • How Internal Audit becomes more active in compliance related areas; and 
  • How new international anti-corruption legislation has internationalized anti-bribery enforcement. 
Sep 22, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Philip Winterburn, Chief Product Officer at Convercent. We discuss the issue of KPIs around benchmarking your ethics and compliance program. Some of the issues we tackle in this podcast are:

  • Where do you sit? In benchmarking, context is everything.
  • How do you normalize between the anomalies in survey responses?
  • What is the value of benchmarking?
  • How do you apply benchmarking data?

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. (I perform consulting work for Convercent.) This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 22, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Philip Winterburn, Chief Product Officer at Convercent. We discuss the issue of KPIs around ethics and compliance related surveys. Some of the issues we tackle in this podcast are: 

  • What are the power of surveys v. the challenges of surveys?
  • How are you using KPIs to improve the surveys around your ethics and compliance program?
  • How do you even measure the extremes found in some surveys?
  • What is the difference between anonymous and truly anonymous in surveys? 

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. (I perform consulting work for Convercent.) This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP. 

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 17, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Jacki Cheslow, the Director Business Ethics & Compliance, Avis Budget. We discuss breaking down silos to facilitate compliance training and communications. Some of the issues we tackle in this podcast are:

  • The challenges in compliance training with multiple audiences.
  • How can both a technological solution and content solution facilitate more effective compliance training?
  • Why you should focus on a more holistic approach to compliance and ethics training?

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 17, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Jacki David Deitchman, Deputy General Counsel, Employment, Ethics & Compliance at HP. We discuss some of his tactics and techniques for dealing the Board of Directors. Some of the issues we tackle in this podcast are:

  • What are the multiple roles of a Board of Directors in a compliance program?
  • What are the areas you need to cover for the Board for its compliance training?
  • Every Board is different, you should go in with your ideas but ask for their input as well.

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 17, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Amy Much, Ethics and Compliance Officer at Under Armor. We discuss some her presentation at Converge18 “Learn From My Mistakes, Fits and Starts When Building a New C&E Program”. Some of the issues we tackle in this podcast are:

  • How some of your most valuable lessons come from your mistakes.
  • No one person can know all the cultural elements in your company.
  • No ethics and compliance program should operate in a vacuum.

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 17, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Susan du Becker, Global Compliance Enablement at Cisco Systems. We discuss some of her strategies for breaking down silos to facilitate compliance training. Some of the issues we tackle in this podcast are:

  • How compliance and ethics has moved to a must have corporate discipline.
  • What are the most important ‘care-abouts’ for your company’s workforce?
  • Every different elements do you have to work with in each country you do business for your compliance training?

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 17, 2018

Over the next five podcasts I will visit with Paul Johns, Chief Marketing Officer, and Rebecca Turco, Vice President of Learning, both from SAI Global, the sponsor of this podcast series. In this series we will discuss the changes in ethics and compliance (E&C) learning and how a more technology-based learning solution can help move your company to a more effective and more operationalized best practices compliance program. In Part I, I visit with Paul Johns on the evolving nature of the E&C marketplace and what that means for compliance programs. 

We began with a discussion of the evolving role of the Board of Directors. Johns sees Boards of Directors in a lofty position, away from the limelight, to a more values based, customer-centric approach. This is playing out in a couple of key ways for the E&C market place. The first is that the Board sets the organization’s appetite for risk. To do this the Board must articulate what is the acceptable level of risk the company is prepared to work towards as it considers operating a particular enterprise. Next is the direct line of sight  between that appetite for risk at the Board level and the performance and the behavior of everybody across the company.

To accomplish this continuum, the Board or Audit Committee would garner a sense of the markets they are in and the products that serve the market together with the associated risks. From there, the company would put together a strategy to move forward and push that strategy out to operationalize it across the company or applicable business unit. But the Board could never be assured that each employee, business unit  or geographic region understands the articulated risk appetite. This is in contrast to corporate culture. 

In the values-based economy of today, what is it that you expect from your employees? If the behavior of one employee is antithetical to your values, what is the damage to  your corporate reputation? Consider the Starbucks store manager who called police for two patrons who were waiting for a third colleague. The two patrons were African-American and the store manager was white. The store manager had them arrested. Starbucks took a pounding the court of public opinion even though the store manager’s actions were against the stated culture and values of the organization. 

All of this means that you must “make sure that everybody is living and breathing the values and the behavior that you’ve laid out”. If  you do not do so, the reputational cost could be quite high; far beyond the cost of non-compliance with a law or regulation. The reality of today’s marketplace is that “millennials and centennials vote with their wallet.” This is true for where they purchase an espresso, where they buy running shoes or where they might order their pizzas from on a Friday night. 

This values-based approach has changed the dynamic at the Board level and indeed all the way down through an organization. A company can have a Code of Conduct, policies and procedures and internal controls in place but today those regulatory requirements or those suggested by such government publications as the 2012 FCPA Guidance are not enough, even if they meet the baseline requirements under a law or regulation. Johns believes a much more holistic approach is called for and from the educational perspective, it is a continual learning practice. Johns stated, “it is more than simply a company saying some aspirational ideas in your Code of Conduct. Do they really live those values as an organization?” 

Johns said he would ask a senior executive such questions as “Are there key performance indicators (KPIs) in place to measure such a proactive approach to risk management and your company’s brand reputation?” It might be something along the lines of “what are you doing around how you identify the types of employees that you let into the business, the types of business partners or third parties that you do business with? What is the scrutiny? What is the high bar that you set to make sure that you have actually got the right people working with you and working for you?”   

Another key step is E&C learning. E&C training should start with your organization’s brand, the integrity it stands for today; the importance of that reputation and what you can do to help preserve it. This allows you to have an ongoing dialogue not only internally but with your customers, your business partners and other stakeholders. 

It all starts at the top with the Board of Directors and senior management basically “sitting down as a leadership team and saying, what is it that we care about as it relates to the quality of our brand? That we don’t just talk about it but we really live it and breathe it. Next, how do we cascade that down into a set of tools and to a set of measures across the whole enterprise to hold ourselves to that very high standard?” 

The evolving role of risk, compliance and ethics will only continue. As the marketplace changes with new workers entering the workforce, becoming the new consumers and burgeoning social media led movements such as #MeToo, the risks will only become more dynamic. Are you ready?

Sep 17, 2018

Over this podcast series I visit with Peter Johns, Chief Marketing Officer, and Rebecca Turco, Vice President of Learning, both at SAI Global, the sponsor of this podcast series. In the series we discuss the changes in ethics and compliance (E&C) learning and how a more technology-based learning solution can help move your company to a more effective and more operationalized best practices compliance program. In Part II, I visit with Rebecca Turco on the shifting compliance mindset.

One of the most interesting things about the E&C marketplace is that all parties involved contribute to this evolution. From the regulators or prosecutors to companies and their compliance personnel and programs, to product and service providers in the marketplace. Everyone has contributed to this evolution and will continue to do so going forward. Turco noted that it has evolved far beyond “providing compliance content and checking the box”. It is significant that compliance is now part of the culture of a company. “The trends that we’re seeing really around how our company’s embedd compliance and culture in their organization.”

Turco said that compliance training now is around changing employee behavior. This has led to consideration of the effectiveness of training and analytics around it. Turco has seen a “shift from 30 to 40 minutes of training to targeted training and targeted pieces of content. Companies want to be able to make sure their employees are valued in terms of the time they are spending on compliance training.” They not only want to measure compliance training effectiveness to show that the program is working but also to show risk areas that could present an issue(s) for companies going forward and warrant greater attention.  

The targeted nature of training means tying training to the overall business process. So how does your compliance training help an employee do business more efficiently and, at the end of the day, more profitably? Are both goals appended onto and embedded into compliance training? This is one of the goals the Department of Justice (DOJ) included in its requirements for effective compliance training. It is getting away from death by a PowerPoint slide deck or Xerox copy to have compliance training which is much more engaging. Indeed, companies want more focused and targeted training for the risk that people are engaging in and the risks people have out in the real world.

It is interesting to observe the spectrum of the players in the compliance space and how each player has a specific role in driving compliance forward. The DOJ began the dialogue about effectiveness of compliance training in the General Cable Technologies Corporation Foreign Corrupt Practices Act (FCPA) enforcement action. The DOJ then added the mandate for targeted training in its Evaluation of Corporate Compliance Programs (Evaluation) in 2017. That was really the first time they had said in a policy statement that they wanted to see not only that you have effective training but targeted training as well.

I asked Turco how, as a learning professional, a company can begin to measure compliance training effectiveness? Turco said, “the key to any learning objective is being able to understand its concepts and understand how it applies to you and then it’s daily, weekly or monthly repetition. It’s not a one and done.” This means that when thinking about compliance training effectiveness you should “begin with a high-level offering that talks about kind of risks in the business. The next step is to have the learner understand what it means to them.” Effectiveness most probably will not occur the first time they take the course. Turco was emphatic that it is not “a one and done.”

Real world working environments are complex. This leads to training which impacts learners in a way that allows them “to understand what the risk is, they need to understand what to do if presented with that risk, where to go, how to report if necessary, and then they also, over time, need to understand how that risk presents itself in their job.” This means you must consider effectiveness and you have to follow up with some type of reminder about that training. Such continued training could occur through infusion in conversations with middle managers, messages from your company’s Chief Executive Officer (CEO). Such continued messaging helps to create a culture of compliance within your organization and re-emphasize that “compliance is not a one stop event.”

Turco then tied the targeted concept to this effectiveness component. She said that in providing scenarios of business risk and how employees react or respond, you begin to build a database of analytics and information. With this data you can start “to measure where people are, where people really feel what they think, what they understand.” This data can give you a roadmap to begin to drive your compliance program year after year. You can take the data so you will better understand where your learners are and then help them along that journey.” Obviously, this means that not everyone gets the same training. “It means that we are going to make sure that we’re helping you teach that employee what they need to know, understand how those risks present themselves. And then continue to train and remind them of how that may come up and in their daily job in life. So it’s a measurement over time with effective questioning and targeted content.”

The role of compliance training continues to evolve. The regulators, in the form of the DOJ, have articulated a requirement for both effective and targeted training. Companies have responded by seeking ways to help their employees more effectively identify and then manage risks. But it is not a one-time event or one-way street. Effective compliance training is a continuing dialogue which allows organizations build their reputational brands.

Sep 17, 2018

Over this series I am visiting with Peter Johns, Chief Marketing Officer, and Rebecca Turco, Vice President of Learning, both at SAI Global, the sponsor of this podcast series. In the series we are discussing the changes in ethics and compliance (E&C) learning and how a more technology-based learning solution can help move your company to a more effective and more operationalized best practices compliance program. In Part III, I speak with Rebecca Turco on the new SAI Global training solution at EthicsAnywhere.

EthicsAnywhere is SAI Global’s new training E&C solution. The solution began with an internal conversation at SAI Global and then moved to an extended conversation with their customer base. The idea that somewhere a new hire is spending their first day sitting through two hours of mandatory compliance training and one of their colleagues needs to complete a time sensitive course but they are traveling to meetings all week, and their manager is trying to figure out who has or has not finished their training yet, and a Chief Compliance Officer (CEO) is in the midst of planning their next launch of content without fully understanding how effective their previous efforts have been. How can you provide a training solution to meet these needs but meets the Department of Justice (DOJ) requirements that it be both effective and targeted?

For the new employee going through the compliance training, there is no context around it. You have managers who say, I need you to do the training and I need you to complete it because I am measured on that for my compensation. Yet in such a situation you might not be starting the training off on the right foot. One of the ideas behind EthicsAnywhere is that we live in a world where content is consumed and people make decisions if they agree with a piece of content or disagree within seven seconds of starting. If they are not engaged by that time, they will usually not pay attention anymore. EthicsAnywhere is designed to be engaging, literally grabbing the attention of the employee right out of the box.

Turco emphasized that we all know that millennials and centennials spend a lot of time on their phones, but the reality is that according to the Pew Research Center, every demographic of people in your company today spend more time online on their phones than their computers. So, when regulators ask if your training is in the ‘form appropriate for the intended audience’, we’d argue that a computer is no longer the appropriate form for the intended audience, and not offering training on mobile devices in the appropriate languages could actually pose a problem from an employee and regulatory perspective.”

This insight into the use of technology by millennials and centennials informed how the EthicsAnywhere compliance training solution should not only work but how its delivered. That delivery is as easy as opening up an application on their cell phone. This technological innovation removes barriers to compliance training and more fully engages the audience. Compliance programs have shifted to use better technology to make it easier for people to access content information which improves not only the effectiveness of the training but also the experience.

But there is a second innovative part to the EthicsAnywhere and that is the content. It is designed to “make sure that we have content that we can serve up to learners anywhere, literally anytime, whether they’re out on the road, in a sales meeting where they are accessing from it from their phone, if whether they are sitting in their workspace on their computer.”

The idea for EthicsAnywhere is to “provide meaningful solutions to our clients and our partners. This means relevant, meaningful content using all the delivery mechanisms of technology that exists today. The next step is to make this ethics and compliance learning program tailored and relevant for not only each company but also for each learner. For the learner, this means making sure that we are meeting them where they are and giving them what they need. It is being able to review your ethics and compliance training wherever you are and make it as simple as possible for you to get into an access information.” Turco explained that millennials and centennials  want to receive their training on their cell phones and they want it to look like any other piece of content that are looking at today. In short there should not be any entry barriers to receive the training.

One final thing about millennials which is extraordinarily positive, is that they seem to be very values driven and they are very focused on culture to drive the value base. They are very focused on a what companies do and what the reputation is in the workplace and in the marketplace. If a company has a misstep or makes a mistake, they expect a remedy. All of this tied into Turco’ final point about EthicsAnywhere, which is that it “is a modern approach to learning. It is responsive on any device, customizable for any organization, targeted to any user, available in any location, and translated in any language, so your employees can consume content at any time and prepare for any risk, and you can collect data to measure any goal your ethics and compliance program may have.”

.

Sep 17, 2018

Over this series I have been visiting with Peter Johns, Chief Marketing Officer, and Rebecca Turco, Vice President of Learning, both at SAI Global, the sponsor of this podcast series. We are discussing the changes in ethics and compliance learning (E&C) and how a more technology-based learning solution can help move your company to a more effective and more operationalized best practices compliance program. In Part IV, I visit with Rebecca Turco on the current trends she is seeing in culture, ethics and compliance (E&C) and where it all may be headed.

We began the discussion with adaptive learning, which is more of a personalization way to learn. It is key for the compliance ethics discipline because adaptive learning “really looks at how do we differentiate the content for the learners? How do we start to serve up content that’s relevant based on role or region? How do we help learners?” Adaptive learning is designed to focus on “making sure the learners are getting the content and relevant information that they need within any piece of content. It begins with asking questions about where they work and whether they interact with government officials. From there, it moves to serve up content to the employee which is meaningful, that helps them start to see what risks are in their area. It also allows content designers to be able to give them a personalization to the training experience that is more meaningful than just kind of a one size fits all.”

Another key usefulness of this approach is that it does not reinvent training for employees who do not need it. This comes from “giving people credit for understanding risks, giving them the ability to kind of test out, by asking them a series of questions and if they know the answers, they may know what their risks are and they can move to a level at which they do not know the answers. You do not need to train employees in areas where they have demonstrated competency. This gives companies the opportunities to really think about their program and differentiate the ethics and compliance training of their compliance program.” Turco concluded, “in the world today, people are looking for compliance training that is as short and sweet as possible, getting to the relevant pieces of information.”

Another innovation in E&C learning has been around the concept of branching. Turco explained this is building out different scenarios. She provided an example of training about “a security breach. Things happen on a video and the learner is watching them unfold. By using adaptive technology you can require the learner to pick out the hotspot where they would see a risk or something being violated. From there the video would branch off into different scenarios based on what you decide because that’s real life. It is not the first decision that causes an ethical breach or a security breach. It’s for decisions down the road. That’s the hard part in training to get right because it is not always just as black and white as is the conflict of interest might lie.”

We next turned to the area of the effectiveness of compliance training, which, Turco said, “is the key story for compliance”. Interestingly, Turco said the first question asked is about the content of the training, not the data around this issue. She explained, “you can collect as much data as you want for any, any reason but if the content you are writing and designing for the training is not meaningful, then the data you’re getting isn’t meaningful.” (as fine a definition of GIGO as I have ever heard.) She said that a company must really think about data and how to use it to make your program smarter and to make you understand where the risks are in your organization.

Effectiveness then starts with building content with thought provoking questions in the presentation. This leads to scenarios which ask the learner, “what do you think?” From there you can begin collecting the data from their responses and start to analyze it on the back end. This can give you trends about whether there is a disconnect in your written Code of Conduct, policies and procedures and how business is operationalized in the field.  With this data, an organization can start to target campaigns to that team around that risk area identified. Turco pointed to one example where a company was able to demonstrate through this approach a training competency and effectiveness increase from 20% to 80% in one year.

Your goal should be that the needle is moving and your organization is providing employees the tools in order to make sure they have the knowledge and the competency to not only pass that assessment but also understand those risks in the business. This is far beyond the “check the box” method of training. With the speed of current day corporate decision making in the field and the pressure your sales teams are under to meet goals, timelines and deadlines; you need to provide training to meet these business realities. Once you understand that, then you can start to understand how to provide your employees effective training.

Turco concluded by noting that your training should aid in the decision-making process when the teams are under pressure; whether that be sales pressure, pressure due to a high-risk region or other. Turco said, “How do you make sure that when they’re under that pressure, they will know exactly what to do?” The data collected from the training process can help identify risks, provide the opportunity to help employees understand more and drive training or campaigning around risks.

Sep 17, 2018

Over this podcast series I have been visiting with Paul Johns, Chief Marketing Officer, and Rebecca Turco, Vice President of Learning, both at SAI Global, the sponsor of this podcast series. We have been discussing the changes in ethics and compliance (E&C) learning and how a more technology-based learning solution can help move your company to a more effective and  more operationalized best practices compliance program. In this final episode, I visit with Paul Johns on the need for an integrated approach to risk management.

One of the primary reasons why an integrated approach to risk management is mandatory in today’s business environment is the increasing amount and complexity of risk which every company and, indeed, every Chief Compliance Officer (CCO) face. Moreover, social media has amplified every action and reaction both in terms of signal strength and speed of dissemination and communication. New risks include the parties you are working with down the line to 3rd, 4thand 5thlevel suppliers and sales representatives. Obviously cyber risks are greatly increased as well. From consumers or customers, however, the calculation is strikingly simple - did your company do the right thing?

It is only through an integrated risk management strategy that you can being to prepare your company to do business in the modern world. Such a strategy includes (1) forecasting, (2) risk assessment, (3) risk-based monitoring and (4) feedback of information gleaned from your monitoring into your risk strategy going forward. Yet it is more than the risk management process; it is using each part of your compliance program to develop information which can make your overall risk management strategy more robust.

While this five-part series has focused largely on compliance and ethics training, consider how an integrated approach to risk management works even with training. As Turco noted regarding adaptive learning, it is designed to focus on “making sure the learners are getting the content and relevant information that they need within any piece of content. It begins with asking questions about where they work and whether they interact with government officials. From there, it moves to serve up content to the employee which is meaningful, that helps them start to see what risks are in their area.” By asking questions to deliver an appropriate training solution, you begin to develop information about the state of your compliance program. If you are weak in some areas, you may wish to engage in remediation. If you strong in other areas, you can use those employees as Compliance Ambassadors within your organization to be a redource to other employees.

Johns tied this concept to your overall risk management strategy by noting it is only as strong as the weakest link. In the area of compliance training, this means if you have a high employee turnover, as is common in retail companies, your annual Code of Conduct training may not be sufficient to catch all employees every year. Moreover, if such training is run out of Human Resources (HR), the compliance function and hence senior management and the Board of Directors may not even be aware of this gap. But you may not even be aware of this gap unless you ask questions or consider what the data is telling you.

Some other questions Johns posed in the context of an integrated risk management strategy are if your company moves to a new geographic region or opens a new sales line, have all of your policies and procedures been updated to reflect this change in your risk profile? Has anyone considered such a move from the risk perspective? Are you even assessing such risks before product implementation or change in sales strategy? From the Board and Chief Executive Officer (CEO) perspective, have they been presented with an integrated risk report from which they can even begin to assess the risk in front of them? Your sales model will directly impact your risk under anti-corruption laws such as the Foreign Corrupt Practices Act (FCPA). Third-party risks are still the highest risks under the FCPA. However, an employee-based sales strategy also presents risks, albeit a different set of risks. (Consider GSK in China.)

Another interesting reflection from Johns was that with the more flexible nature of a workforce, including those on flex time, working from home, working during a commute and those who are essentially on 24-hour call; these innovations in working conditions demand an innovation in ways that training and ongoing communications are delivered. This means a company should have a mobile platform for learning and communication that can deliver its messages to employees when and how they want (and need) to consume it. This also ties into questions about not only content but the technology you use to deliver that content. When was the last time you considered the technology you are using in terms of the best manner to deliver the appropriate content?

Johns concluded with quite an interesting observation on the role of compliance and risk management. It is to become the new Praetorian Guards, which is to say put a ring around the senior executives to protect them. (Note - I am a fan of the Alamo analogy articulated by Chuck Duross but then again, all the defenders at the Alamo died.) He also alluded to the offensive nature of the Praetorian Guard. This also ties more closely into how a more fully operationalized compliance program makes a business run more efficiently and at the end of the day, more profitably.

Sep 13, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Keturah Pestel, Program Manager, Business Ethic and Legal Support Office at Thrivent. We discuss her company’s innovative use of internal reporting. Some of the issues we tackle in this podcast are: 

  • Why internal reporting is more than simply whistleblowing?
  • What types of data can you interpret from internal reporting?
  • By using data from internal reporting to upgrade your compliance program you engage in continuous improvement. 

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. (I perform consulting work for Convercent.) This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around. 

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP. 

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 11, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Sheryl Zaworski, VP, Director of Global Ethics Escalation, Investigation and Analytics at U.S. Bank. We discuss the the data project at US Bank. Some of the issues we tackle in this podcast are: 

  • What kind of KPIs demonstrate engagement?
  • How to use KPIs to break down departmental silos?
  • Why KPIs are key to demonstrating ROI in compliance?

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around. 

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP. 

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 10, 2018

Over this series, I have visited with Eric Feldman, Senior Vice President, Don Stern, Managing Director of Corporate Monitoring & Consulting Services, and Rod Grandon, Managing Director of Government Services, from Affiliated Monitors, Inc., (AMI) who is the sponsor of this series. In it, we explore how to go about assessing ethics and compliance in the mergers and acquisition (M&A) context. In this fifth and concluding episode I visit with Stern to tie together how an independent integrity monitor can benefit the entire M&A process. 

In this episode we discuss:

  1. At what point in the M&A process would it be helpful for a company to arrange for an independent, third-party assessment of a company’s compliance and ethics program and ethical culture?
  2. What specific elements of the M&A would such an independent assessment review, and how?
  3. Can you provide some specific examples where an independent assessment may have helped mitigate ethical problems deriving from an M&A further down the road?
Sep 10, 2018

I have been visiting with Eric Feldman, Senior Vice President, Don Stern, Managing Director of Corporate Monitoring & Consulting Services, and Rod Grandon, Managing Director of Government Services, from Affiliated Monitors, Inc., (AMI) who is the sponsor of this series. In it, we explore how to go about assessing ethics and compliance in the mergers and acquisition (M&A) context. In this fourth episode I visit with Grandon about the types of things a monitor would review to determine if a company adequately considered ethics and compliance during the M&A process. 

In this episode we discuss:

  1. What kinds of things would a monitor review to determine if a company adequately considered ethics and compliance during the M&A process?
  2. What steps can a company take to ensure that the merger/acquisition goes smoothly and there are minimal conflicts?
  3. What are some of the warning signs of residual conflicts from an M&A that require attention?
Sep 10, 2018

Over this special five-part podcast series, I will visit with Eric Feldman, Senior Vice President, Don Stern,  Corporate and Rod Grandon, Managing Director Government Services; all from Affiliated Monitors, Inc., who is the sponsor of this series. In it, we explore how to go about assessing ethics and compliance in the mergers and acquisition context. In this third episode I visit with Feldman planning out your post-acquisition merger strategy. 

In this episode we discuss:

  1. What steps does a company need to take during an M&A to satisfy DOJ or any other governmental requirements relating to integration?
  2. What areas should be addressed in an integration plan?
  3. What kinds of problems would an integration plan hopefully help mitigate or avoid?
  4. Can you provide some examples where an integration plan would have helped avoid future ethical failures?
1 « Previous 1 2 3 4 5 6 7 Next » 19