Info

FCPA Compliance Report

Tom Fox has practiced law in Houston for 30 years and now brings you the FCPA Compliance and Ethics Report. Learn the latest in anti-corruption and anti-bribery compliance and international transaction issues, as well as business solutions to compliance problems.
RSS Feed Subscribe in Apple Podcasts
FCPA Compliance Report
2018
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
March
February


2015
December


Categories

All Episodes
Archives
Categories
Now displaying: Category: compliance know-how
Sep 30, 2018

In the episode, I visit with Doug Allen, Managing Director at Ethisphere. We discuss the application process for Ethisphere’s 2019 World’s Most Ethical company designation. We consider the process for application, why a company should go through the process and the benefits even if your organization does not receive the designation. More highlights include:

  1. What is the Ethics Quotient? How is it developed and used?
  2. How are companies scored? Is there a difference between industries or geographies?
  3. If a company is under FCPA or other investigation, can they still apply?
  4. How does Ethisphere verify company responses?
  5. Does Ethisphere provide feedback?
  6. Do past winners receive a preference?
  7. How does the WME process align with Ethisphere values/missions and other services?
  8. When and where will WME 2019 companies be honored? 

For more information on Ethisphere’s 2019 World’s Most Ethical companies application process check out the following:

Link to request an application for the 2019 World’s Most Ethical Companies designation: https://www.worldsmostethicalcompanies.com/apply/

Link to the 2019 World’s Most Ethical Companies Application Guide: https://www.worldsmostethicalcompanies.com/wp-content/uploads/2019-application-guide.pdf

If you have any questions, you can contact Doug Allen at douglas.allen@ethisphere.com. For additional questions, you can contact Ethisphere’s Applicant support account at wmeapplications@ethisphere.com

Sep 28, 2018

This month I am celebrating 1000 podcasts by discussing with my colleagues and friends from professional community on past, present and future of compliance. Today we have Timur Khasanov-Batirov, my co-host in Compliance Man Goes Globalpodcast series ( http://fcpacompliancereport.com/series/compliance-man/), author of Integrity Corp. 50 Tips for your Compliance Program in the Post-Soviet States (  http://complianceinpostussr.com/and Compliance Man of Integrity Corp.illustrated series ( http://complianceinpostussr.com/compliance-man-of-integrity-corp-episode-1-first-things-first/).  Timur is a practitioner who focuses on embedding compliance programs at high-risk markets. We discuss:

  • What changes Tim has seen over the past 5 years in compliance in emerging markets;
  • The increase in skills in the compliance profession;
  • How Internal Audit becomes more active in compliance related areas; and 
  • How new international anti-corruption legislation has internationalized anti-bribery enforcement. 
Sep 22, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Philip Winterburn, Chief Product Officer at Convercent. We discuss the issue of KPIs around benchmarking your ethics and compliance program. Some of the issues we tackle in this podcast are:

  • Where do you sit? In benchmarking, context is everything.
  • How do you normalize between the anomalies in survey responses?
  • What is the value of benchmarking?
  • How do you apply benchmarking data?

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. (I perform consulting work for Convercent.) This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 22, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Philip Winterburn, Chief Product Officer at Convercent. We discuss the issue of KPIs around ethics and compliance related surveys. Some of the issues we tackle in this podcast are: 

  • What are the power of surveys v. the challenges of surveys?
  • How are you using KPIs to improve the surveys around your ethics and compliance program?
  • How do you even measure the extremes found in some surveys?
  • What is the difference between anonymous and truly anonymous in surveys? 

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. (I perform consulting work for Convercent.) This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP. 

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 17, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Jacki Cheslow, the Director Business Ethics & Compliance, Avis Budget. We discuss breaking down silos to facilitate compliance training and communications. Some of the issues we tackle in this podcast are:

  • The challenges in compliance training with multiple audiences.
  • How can both a technological solution and content solution facilitate more effective compliance training?
  • Why you should focus on a more holistic approach to compliance and ethics training?

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 17, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Jacki David Deitchman, Deputy General Counsel, Employment, Ethics & Compliance at HP. We discuss some of his tactics and techniques for dealing the Board of Directors. Some of the issues we tackle in this podcast are:

  • What are the multiple roles of a Board of Directors in a compliance program?
  • What are the areas you need to cover for the Board for its compliance training?
  • Every Board is different, you should go in with your ideas but ask for their input as well.

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 17, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Amy Much, Ethics and Compliance Officer at Under Armor. We discuss some her presentation at Converge18 “Learn From My Mistakes, Fits and Starts When Building a New C&E Program”. Some of the issues we tackle in this podcast are:

  • How some of your most valuable lessons come from your mistakes.
  • No one person can know all the cultural elements in your company.
  • No ethics and compliance program should operate in a vacuum.

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 17, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Susan du Becker, Global Compliance Enablement at Cisco Systems. We discuss some of her strategies for breaking down silos to facilitate compliance training. Some of the issues we tackle in this podcast are:

  • How compliance and ethics has moved to a must have corporate discipline.
  • What are the most important ‘care-abouts’ for your company’s workforce?
  • Every different elements do you have to work with in each country you do business for your compliance training?

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 17, 2018

Over the next five podcasts I will visit with Paul Johns, Chief Marketing Officer, and Rebecca Turco, Vice President of Learning, both from SAI Global, the sponsor of this podcast series. In this series we will discuss the changes in ethics and compliance (E&C) learning and how a more technology-based learning solution can help move your company to a more effective and more operationalized best practices compliance program. In Part I, I visit with Paul Johns on the evolving nature of the E&C marketplace and what that means for compliance programs. 

We began with a discussion of the evolving role of the Board of Directors. Johns sees Boards of Directors in a lofty position, away from the limelight, to a more values based, customer-centric approach. This is playing out in a couple of key ways for the E&C market place. The first is that the Board sets the organization’s appetite for risk. To do this the Board must articulate what is the acceptable level of risk the company is prepared to work towards as it considers operating a particular enterprise. Next is the direct line of sight  between that appetite for risk at the Board level and the performance and the behavior of everybody across the company.

To accomplish this continuum, the Board or Audit Committee would garner a sense of the markets they are in and the products that serve the market together with the associated risks. From there, the company would put together a strategy to move forward and push that strategy out to operationalize it across the company or applicable business unit. But the Board could never be assured that each employee, business unit  or geographic region understands the articulated risk appetite. This is in contrast to corporate culture. 

In the values-based economy of today, what is it that you expect from your employees? If the behavior of one employee is antithetical to your values, what is the damage to  your corporate reputation? Consider the Starbucks store manager who called police for two patrons who were waiting for a third colleague. The two patrons were African-American and the store manager was white. The store manager had them arrested. Starbucks took a pounding the court of public opinion even though the store manager’s actions were against the stated culture and values of the organization. 

All of this means that you must “make sure that everybody is living and breathing the values and the behavior that you’ve laid out”. If  you do not do so, the reputational cost could be quite high; far beyond the cost of non-compliance with a law or regulation. The reality of today’s marketplace is that “millennials and centennials vote with their wallet.” This is true for where they purchase an espresso, where they buy running shoes or where they might order their pizzas from on a Friday night. 

This values-based approach has changed the dynamic at the Board level and indeed all the way down through an organization. A company can have a Code of Conduct, policies and procedures and internal controls in place but today those regulatory requirements or those suggested by such government publications as the 2012 FCPA Guidance are not enough, even if they meet the baseline requirements under a law or regulation. Johns believes a much more holistic approach is called for and from the educational perspective, it is a continual learning practice. Johns stated, “it is more than simply a company saying some aspirational ideas in your Code of Conduct. Do they really live those values as an organization?” 

Johns said he would ask a senior executive such questions as “Are there key performance indicators (KPIs) in place to measure such a proactive approach to risk management and your company’s brand reputation?” It might be something along the lines of “what are you doing around how you identify the types of employees that you let into the business, the types of business partners or third parties that you do business with? What is the scrutiny? What is the high bar that you set to make sure that you have actually got the right people working with you and working for you?”   

Another key step is E&C learning. E&C training should start with your organization’s brand, the integrity it stands for today; the importance of that reputation and what you can do to help preserve it. This allows you to have an ongoing dialogue not only internally but with your customers, your business partners and other stakeholders. 

It all starts at the top with the Board of Directors and senior management basically “sitting down as a leadership team and saying, what is it that we care about as it relates to the quality of our brand? That we don’t just talk about it but we really live it and breathe it. Next, how do we cascade that down into a set of tools and to a set of measures across the whole enterprise to hold ourselves to that very high standard?” 

The evolving role of risk, compliance and ethics will only continue. As the marketplace changes with new workers entering the workforce, becoming the new consumers and burgeoning social media led movements such as #MeToo, the risks will only become more dynamic. Are you ready?

Sep 17, 2018

Over this podcast series I visit with Peter Johns, Chief Marketing Officer, and Rebecca Turco, Vice President of Learning, both at SAI Global, the sponsor of this podcast series. In the series we discuss the changes in ethics and compliance (E&C) learning and how a more technology-based learning solution can help move your company to a more effective and more operationalized best practices compliance program. In Part II, I visit with Rebecca Turco on the shifting compliance mindset.

One of the most interesting things about the E&C marketplace is that all parties involved contribute to this evolution. From the regulators or prosecutors to companies and their compliance personnel and programs, to product and service providers in the marketplace. Everyone has contributed to this evolution and will continue to do so going forward. Turco noted that it has evolved far beyond “providing compliance content and checking the box”. It is significant that compliance is now part of the culture of a company. “The trends that we’re seeing really around how our company’s embedd compliance and culture in their organization.”

Turco said that compliance training now is around changing employee behavior. This has led to consideration of the effectiveness of training and analytics around it. Turco has seen a “shift from 30 to 40 minutes of training to targeted training and targeted pieces of content. Companies want to be able to make sure their employees are valued in terms of the time they are spending on compliance training.” They not only want to measure compliance training effectiveness to show that the program is working but also to show risk areas that could present an issue(s) for companies going forward and warrant greater attention.  

The targeted nature of training means tying training to the overall business process. So how does your compliance training help an employee do business more efficiently and, at the end of the day, more profitably? Are both goals appended onto and embedded into compliance training? This is one of the goals the Department of Justice (DOJ) included in its requirements for effective compliance training. It is getting away from death by a PowerPoint slide deck or Xerox copy to have compliance training which is much more engaging. Indeed, companies want more focused and targeted training for the risk that people are engaging in and the risks people have out in the real world.

It is interesting to observe the spectrum of the players in the compliance space and how each player has a specific role in driving compliance forward. The DOJ began the dialogue about effectiveness of compliance training in the General Cable Technologies Corporation Foreign Corrupt Practices Act (FCPA) enforcement action. The DOJ then added the mandate for targeted training in its Evaluation of Corporate Compliance Programs (Evaluation) in 2017. That was really the first time they had said in a policy statement that they wanted to see not only that you have effective training but targeted training as well.

I asked Turco how, as a learning professional, a company can begin to measure compliance training effectiveness? Turco said, “the key to any learning objective is being able to understand its concepts and understand how it applies to you and then it’s daily, weekly or monthly repetition. It’s not a one and done.” This means that when thinking about compliance training effectiveness you should “begin with a high-level offering that talks about kind of risks in the business. The next step is to have the learner understand what it means to them.” Effectiveness most probably will not occur the first time they take the course. Turco was emphatic that it is not “a one and done.”

Real world working environments are complex. This leads to training which impacts learners in a way that allows them “to understand what the risk is, they need to understand what to do if presented with that risk, where to go, how to report if necessary, and then they also, over time, need to understand how that risk presents itself in their job.” This means you must consider effectiveness and you have to follow up with some type of reminder about that training. Such continued training could occur through infusion in conversations with middle managers, messages from your company’s Chief Executive Officer (CEO). Such continued messaging helps to create a culture of compliance within your organization and re-emphasize that “compliance is not a one stop event.”

Turco then tied the targeted concept to this effectiveness component. She said that in providing scenarios of business risk and how employees react or respond, you begin to build a database of analytics and information. With this data you can start “to measure where people are, where people really feel what they think, what they understand.” This data can give you a roadmap to begin to drive your compliance program year after year. You can take the data so you will better understand where your learners are and then help them along that journey.” Obviously, this means that not everyone gets the same training. “It means that we are going to make sure that we’re helping you teach that employee what they need to know, understand how those risks present themselves. And then continue to train and remind them of how that may come up and in their daily job in life. So it’s a measurement over time with effective questioning and targeted content.”

The role of compliance training continues to evolve. The regulators, in the form of the DOJ, have articulated a requirement for both effective and targeted training. Companies have responded by seeking ways to help their employees more effectively identify and then manage risks. But it is not a one-time event or one-way street. Effective compliance training is a continuing dialogue which allows organizations build their reputational brands.

Sep 17, 2018

Over this series I am visiting with Peter Johns, Chief Marketing Officer, and Rebecca Turco, Vice President of Learning, both at SAI Global, the sponsor of this podcast series. In the series we are discussing the changes in ethics and compliance (E&C) learning and how a more technology-based learning solution can help move your company to a more effective and more operationalized best practices compliance program. In Part III, I speak with Rebecca Turco on the new SAI Global training solution at EthicsAnywhere.

EthicsAnywhere is SAI Global’s new training E&C solution. The solution began with an internal conversation at SAI Global and then moved to an extended conversation with their customer base. The idea that somewhere a new hire is spending their first day sitting through two hours of mandatory compliance training and one of their colleagues needs to complete a time sensitive course but they are traveling to meetings all week, and their manager is trying to figure out who has or has not finished their training yet, and a Chief Compliance Officer (CEO) is in the midst of planning their next launch of content without fully understanding how effective their previous efforts have been. How can you provide a training solution to meet these needs but meets the Department of Justice (DOJ) requirements that it be both effective and targeted?

For the new employee going through the compliance training, there is no context around it. You have managers who say, I need you to do the training and I need you to complete it because I am measured on that for my compensation. Yet in such a situation you might not be starting the training off on the right foot. One of the ideas behind EthicsAnywhere is that we live in a world where content is consumed and people make decisions if they agree with a piece of content or disagree within seven seconds of starting. If they are not engaged by that time, they will usually not pay attention anymore. EthicsAnywhere is designed to be engaging, literally grabbing the attention of the employee right out of the box.

Turco emphasized that we all know that millennials and centennials spend a lot of time on their phones, but the reality is that according to the Pew Research Center, every demographic of people in your company today spend more time online on their phones than their computers. So, when regulators ask if your training is in the ‘form appropriate for the intended audience’, we’d argue that a computer is no longer the appropriate form for the intended audience, and not offering training on mobile devices in the appropriate languages could actually pose a problem from an employee and regulatory perspective.”

This insight into the use of technology by millennials and centennials informed how the EthicsAnywhere compliance training solution should not only work but how its delivered. That delivery is as easy as opening up an application on their cell phone. This technological innovation removes barriers to compliance training and more fully engages the audience. Compliance programs have shifted to use better technology to make it easier for people to access content information which improves not only the effectiveness of the training but also the experience.

But there is a second innovative part to the EthicsAnywhere and that is the content. It is designed to “make sure that we have content that we can serve up to learners anywhere, literally anytime, whether they’re out on the road, in a sales meeting where they are accessing from it from their phone, if whether they are sitting in their workspace on their computer.”

The idea for EthicsAnywhere is to “provide meaningful solutions to our clients and our partners. This means relevant, meaningful content using all the delivery mechanisms of technology that exists today. The next step is to make this ethics and compliance learning program tailored and relevant for not only each company but also for each learner. For the learner, this means making sure that we are meeting them where they are and giving them what they need. It is being able to review your ethics and compliance training wherever you are and make it as simple as possible for you to get into an access information.” Turco explained that millennials and centennials  want to receive their training on their cell phones and they want it to look like any other piece of content that are looking at today. In short there should not be any entry barriers to receive the training.

One final thing about millennials which is extraordinarily positive, is that they seem to be very values driven and they are very focused on culture to drive the value base. They are very focused on a what companies do and what the reputation is in the workplace and in the marketplace. If a company has a misstep or makes a mistake, they expect a remedy. All of this tied into Turco’ final point about EthicsAnywhere, which is that it “is a modern approach to learning. It is responsive on any device, customizable for any organization, targeted to any user, available in any location, and translated in any language, so your employees can consume content at any time and prepare for any risk, and you can collect data to measure any goal your ethics and compliance program may have.”

.

Sep 17, 2018

Over this series I have been visiting with Peter Johns, Chief Marketing Officer, and Rebecca Turco, Vice President of Learning, both at SAI Global, the sponsor of this podcast series. We are discussing the changes in ethics and compliance learning (E&C) and how a more technology-based learning solution can help move your company to a more effective and more operationalized best practices compliance program. In Part IV, I visit with Rebecca Turco on the current trends she is seeing in culture, ethics and compliance (E&C) and where it all may be headed.

We began the discussion with adaptive learning, which is more of a personalization way to learn. It is key for the compliance ethics discipline because adaptive learning “really looks at how do we differentiate the content for the learners? How do we start to serve up content that’s relevant based on role or region? How do we help learners?” Adaptive learning is designed to focus on “making sure the learners are getting the content and relevant information that they need within any piece of content. It begins with asking questions about where they work and whether they interact with government officials. From there, it moves to serve up content to the employee which is meaningful, that helps them start to see what risks are in their area. It also allows content designers to be able to give them a personalization to the training experience that is more meaningful than just kind of a one size fits all.”

Another key usefulness of this approach is that it does not reinvent training for employees who do not need it. This comes from “giving people credit for understanding risks, giving them the ability to kind of test out, by asking them a series of questions and if they know the answers, they may know what their risks are and they can move to a level at which they do not know the answers. You do not need to train employees in areas where they have demonstrated competency. This gives companies the opportunities to really think about their program and differentiate the ethics and compliance training of their compliance program.” Turco concluded, “in the world today, people are looking for compliance training that is as short and sweet as possible, getting to the relevant pieces of information.”

Another innovation in E&C learning has been around the concept of branching. Turco explained this is building out different scenarios. She provided an example of training about “a security breach. Things happen on a video and the learner is watching them unfold. By using adaptive technology you can require the learner to pick out the hotspot where they would see a risk or something being violated. From there the video would branch off into different scenarios based on what you decide because that’s real life. It is not the first decision that causes an ethical breach or a security breach. It’s for decisions down the road. That’s the hard part in training to get right because it is not always just as black and white as is the conflict of interest might lie.”

We next turned to the area of the effectiveness of compliance training, which, Turco said, “is the key story for compliance”. Interestingly, Turco said the first question asked is about the content of the training, not the data around this issue. She explained, “you can collect as much data as you want for any, any reason but if the content you are writing and designing for the training is not meaningful, then the data you’re getting isn’t meaningful.” (as fine a definition of GIGO as I have ever heard.) She said that a company must really think about data and how to use it to make your program smarter and to make you understand where the risks are in your organization.

Effectiveness then starts with building content with thought provoking questions in the presentation. This leads to scenarios which ask the learner, “what do you think?” From there you can begin collecting the data from their responses and start to analyze it on the back end. This can give you trends about whether there is a disconnect in your written Code of Conduct, policies and procedures and how business is operationalized in the field.  With this data, an organization can start to target campaigns to that team around that risk area identified. Turco pointed to one example where a company was able to demonstrate through this approach a training competency and effectiveness increase from 20% to 80% in one year.

Your goal should be that the needle is moving and your organization is providing employees the tools in order to make sure they have the knowledge and the competency to not only pass that assessment but also understand those risks in the business. This is far beyond the “check the box” method of training. With the speed of current day corporate decision making in the field and the pressure your sales teams are under to meet goals, timelines and deadlines; you need to provide training to meet these business realities. Once you understand that, then you can start to understand how to provide your employees effective training.

Turco concluded by noting that your training should aid in the decision-making process when the teams are under pressure; whether that be sales pressure, pressure due to a high-risk region or other. Turco said, “How do you make sure that when they’re under that pressure, they will know exactly what to do?” The data collected from the training process can help identify risks, provide the opportunity to help employees understand more and drive training or campaigning around risks.

Sep 17, 2018

Over this podcast series I have been visiting with Paul Johns, Chief Marketing Officer, and Rebecca Turco, Vice President of Learning, both at SAI Global, the sponsor of this podcast series. We have been discussing the changes in ethics and compliance (E&C) learning and how a more technology-based learning solution can help move your company to a more effective and  more operationalized best practices compliance program. In this final episode, I visit with Paul Johns on the need for an integrated approach to risk management.

One of the primary reasons why an integrated approach to risk management is mandatory in today’s business environment is the increasing amount and complexity of risk which every company and, indeed, every Chief Compliance Officer (CCO) face. Moreover, social media has amplified every action and reaction both in terms of signal strength and speed of dissemination and communication. New risks include the parties you are working with down the line to 3rd, 4thand 5thlevel suppliers and sales representatives. Obviously cyber risks are greatly increased as well. From consumers or customers, however, the calculation is strikingly simple - did your company do the right thing?

It is only through an integrated risk management strategy that you can being to prepare your company to do business in the modern world. Such a strategy includes (1) forecasting, (2) risk assessment, (3) risk-based monitoring and (4) feedback of information gleaned from your monitoring into your risk strategy going forward. Yet it is more than the risk management process; it is using each part of your compliance program to develop information which can make your overall risk management strategy more robust.

While this five-part series has focused largely on compliance and ethics training, consider how an integrated approach to risk management works even with training. As Turco noted regarding adaptive learning, it is designed to focus on “making sure the learners are getting the content and relevant information that they need within any piece of content. It begins with asking questions about where they work and whether they interact with government officials. From there, it moves to serve up content to the employee which is meaningful, that helps them start to see what risks are in their area.” By asking questions to deliver an appropriate training solution, you begin to develop information about the state of your compliance program. If you are weak in some areas, you may wish to engage in remediation. If you strong in other areas, you can use those employees as Compliance Ambassadors within your organization to be a redource to other employees.

Johns tied this concept to your overall risk management strategy by noting it is only as strong as the weakest link. In the area of compliance training, this means if you have a high employee turnover, as is common in retail companies, your annual Code of Conduct training may not be sufficient to catch all employees every year. Moreover, if such training is run out of Human Resources (HR), the compliance function and hence senior management and the Board of Directors may not even be aware of this gap. But you may not even be aware of this gap unless you ask questions or consider what the data is telling you.

Some other questions Johns posed in the context of an integrated risk management strategy are if your company moves to a new geographic region or opens a new sales line, have all of your policies and procedures been updated to reflect this change in your risk profile? Has anyone considered such a move from the risk perspective? Are you even assessing such risks before product implementation or change in sales strategy? From the Board and Chief Executive Officer (CEO) perspective, have they been presented with an integrated risk report from which they can even begin to assess the risk in front of them? Your sales model will directly impact your risk under anti-corruption laws such as the Foreign Corrupt Practices Act (FCPA). Third-party risks are still the highest risks under the FCPA. However, an employee-based sales strategy also presents risks, albeit a different set of risks. (Consider GSK in China.)

Another interesting reflection from Johns was that with the more flexible nature of a workforce, including those on flex time, working from home, working during a commute and those who are essentially on 24-hour call; these innovations in working conditions demand an innovation in ways that training and ongoing communications are delivered. This means a company should have a mobile platform for learning and communication that can deliver its messages to employees when and how they want (and need) to consume it. This also ties into questions about not only content but the technology you use to deliver that content. When was the last time you considered the technology you are using in terms of the best manner to deliver the appropriate content?

Johns concluded with quite an interesting observation on the role of compliance and risk management. It is to become the new Praetorian Guards, which is to say put a ring around the senior executives to protect them. (Note - I am a fan of the Alamo analogy articulated by Chuck Duross but then again, all the defenders at the Alamo died.) He also alluded to the offensive nature of the Praetorian Guard. This also ties more closely into how a more fully operationalized compliance program makes a business run more efficiently and at the end of the day, more profitably.

Sep 13, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Keturah Pestel, Program Manager, Business Ethic and Legal Support Office at Thrivent. We discuss her company’s innovative use of internal reporting. Some of the issues we tackle in this podcast are: 

  • Why internal reporting is more than simply whistleblowing?
  • What types of data can you interpret from internal reporting?
  • By using data from internal reporting to upgrade your compliance program you engage in continuous improvement. 

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. (I perform consulting work for Convercent.) This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around. 

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP. 

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 11, 2018

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Sheryl Zaworski, VP, Director of Global Ethics Escalation, Investigation and Analytics at U.S. Bank. We discuss the the data project at US Bank. Some of the issues we tackle in this podcast are: 

  • What kind of KPIs demonstrate engagement?
  • How to use KPIs to break down departmental silos?
  • Why KPIs are key to demonstrating ROI in compliance?

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around. 

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP. 

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 10, 2018

Over this series, I have visited with Eric Feldman, Senior Vice President, Don Stern, Managing Director of Corporate Monitoring & Consulting Services, and Rod Grandon, Managing Director of Government Services, from Affiliated Monitors, Inc., (AMI) who is the sponsor of this series. In it, we explore how to go about assessing ethics and compliance in the mergers and acquisition (M&A) context. In this fifth and concluding episode I visit with Stern to tie together how an independent integrity monitor can benefit the entire M&A process. 

In this episode we discuss:

  1. At what point in the M&A process would it be helpful for a company to arrange for an independent, third-party assessment of a company’s compliance and ethics program and ethical culture?
  2. What specific elements of the M&A would such an independent assessment review, and how?
  3. Can you provide some specific examples where an independent assessment may have helped mitigate ethical problems deriving from an M&A further down the road?
Sep 10, 2018

I have been visiting with Eric Feldman, Senior Vice President, Don Stern, Managing Director of Corporate Monitoring & Consulting Services, and Rod Grandon, Managing Director of Government Services, from Affiliated Monitors, Inc., (AMI) who is the sponsor of this series. In it, we explore how to go about assessing ethics and compliance in the mergers and acquisition (M&A) context. In this fourth episode I visit with Grandon about the types of things a monitor would review to determine if a company adequately considered ethics and compliance during the M&A process. 

In this episode we discuss:

  1. What kinds of things would a monitor review to determine if a company adequately considered ethics and compliance during the M&A process?
  2. What steps can a company take to ensure that the merger/acquisition goes smoothly and there are minimal conflicts?
  3. What are some of the warning signs of residual conflicts from an M&A that require attention?
Sep 10, 2018

Over this special five-part podcast series, I will visit with Eric Feldman, Senior Vice President, Don Stern,  Corporate and Rod Grandon, Managing Director Government Services; all from Affiliated Monitors, Inc., who is the sponsor of this series. In it, we explore how to go about assessing ethics and compliance in the mergers and acquisition context. In this third episode I visit with Feldman planning out your post-acquisition merger strategy. 

In this episode we discuss:

  1. What steps does a company need to take during an M&A to satisfy DOJ or any other governmental requirements relating to integration?
  2. What areas should be addressed in an integration plan?
  3. What kinds of problems would an integration plan hopefully help mitigate or avoid?
  4. Can you provide some examples where an integration plan would have helped avoid future ethical failures?
Sep 10, 2018

Over this series, I am visiting with Eric Feldman, Senior Vice President, Don Stern, Managing Director of Corporate Monitoring & Consulting Services, and Rod Grandon, Managing Director of Government Services, from Affiliated Monitors, Inc., (AMI) who is the sponsor of this series. In it, we explore how to go about assessing ethics and compliance in the mergers and acquisition (M&A) context. In this second episode I visit with Stern on the impact that M&A has on both the acquired entity and the acquirer. 

Some of the highlights include:

  1. What are the inherent risks of a merger/acquisition on the ethical culture of both companies?
  2. How can some of these risks be mitigated?
  3. Can you provide some examples where an M&A has either positively or negatively impacted the acquired company or the parent?
Sep 10, 2018

Over this series, I am visiting with Eric Feldman, Senior Vice President, Don Stern, Managing Director of Corporate Monitoring & Consulting Services, and Rod Grandon, Managing Director of Government Services, from Affiliated Monitors, Inc., (AMI) who is the sponsor of this series. In it, we explore how to go about assessing ethics and compliance in the mergers and acquisition (M&A) context. In this first episode I visit with Feldman on the why’s, what’s and how’s of an independent assessment of a target.

In this episode some of the key discussion points are:

  1. What kinds of things should companies look for when doing M&A due diligence?
  2. What questions should be asked to determine if there is a challenge with the corporate ethical culture of a target company?
  3. With often limited access and information in a confidential transaction, how is a company supposed to get the data it needs to determine the status of a company’s ethics and compliance program?
  4. Can you provide some examples where better due diligence might have changed the outcome where ethical failures subsequently occurred?

 

Sep 4, 2018

In this episode of the CONVERGE18 Preview Podcasts series, I visit with David Bunker, Compliance Officer at Vulcan Inc. We discuss managing the risk of conflicts of interest when employing workers in the GIG economy. Some of the issues we tackle in this podcast are:

  • Assessing and then managing your entity’s risks;
  • Why conflicts of interest are different in the GIG economy;
  • What tools can you use to manage risk, which may lie outside a compliance function; and
  • How compliance can partner with other corporate functions for greater efficiencies.

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. (I perform consulting work for Convercent.) This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 4, 2018

In this episode of the CONVERGE18 Preview Podcasts series, I visit with Eric Feldman, Senior Vice President at Affiliated Monitors. We discuss the issue of perverse incentive and compliance. Some of the issues we tackle in this podcast are:

  • What are perverse incentives?
  • How can an organization determine if its incentives undermine its culture?
  • What is the role of management in setting incentives?
  • How can a company align its values with its incentives?

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. (I perform consulting work for Convercent.) This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Sep 4, 2018

In this episode of the CONVERGE18 Preview Podcasts series, I visit with Philip Winterburn, Chief Product Officer at Convercent. We discuss the issue of perverse incentive and compliance. Some of the issues we tackle in this podcast are:

  • What kind of KPIs demonstrate employee engagement?
  • How are you using KPIs in your compliance program?
  • Why KPIs are key to demonstrating ROI in compliance?
  • How does higher employee engagement demonstrate more institutional justice?

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. (I perform consulting work for Convercent.) This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

  • Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
  • Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
  • Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
  • The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Aug 27, 2018

We conclude our Arthurian themed week with the Holy Grail, which has fired the imagination of artists for millennia. What was the Holy Grail? According to Professor Dorsey Armstrong in her Teaching Company lecture series, entitled “King Arthur: History and Legend”, the Holy Grail has taken various forms over the years. For Chrétien de Troyes, it was a fancy serving dish; for Wolfram von Eschenbach, it is a magical stone; for Robert de Boron, it is the cup that Christ drank from at the Last Supper; for the comedy troupe Monty Python, it is a cartoon sketch that no one ever finds; and for the modern-day author Dan Brown, it is both a person, who is a descendant of Mary Magdalene, and a bloodline which leads to the Merovingian kings of France. In other words, it means many things to many people. The quixotic quest for the Holy Grail informs the same quest to append a compliance defense to the FCPA.

One of the articulated reasons for the creation of King Arthur’s Round Table was tied to the Holy Grail, since it was allegedly used at the Last Supper, it seems only natural that Arthur would seek it from his table as well. Indeed, in Robert de Boron’s account of Arthur, the wizard Merlin tells Arthur the Round Table was established to identify the one Knight, who was pure of heart, who could find the Holy Grail. Only after the great quest for and locating of the Holy Grail was achieved could Arthur’s other ambitions come to pass.

Another interesting twist on the Grail legend is that it was in Britain. Curiously it was first ‘discovered’ by some enterprising Monks in Glastonbury, England in the late 12thcentury. They just happened to come across a well that ‘bled’ water around the time of an annual pilgrimage. Going viral in the Middle Ages was tough but the Monks built upon their initial find by claiming that both King Arthur and his Queen Guinevere were also buried at their abbey. Do you believe any of the above? Are you on your own Grail Quest, however dreamy that quest might be?

I thought about the quest for the Holy Grail in the context of the renewed call for a compliance defense addition to the FCPA, which would give companies a pass if they had sustained a FCPA violation. I see this quest for a compliance defense for companies that violate the FCPA to be as quixotic as the quest for the Holy Grail. As there were two requirements for the Knight who was destined to find the Grail, we will begin pureness of heart. Recognizing that it might be difficult to find a corporation that is ‘pure of heart’, the appropriate analogy might be more than simply spending what may appear to be a large dollar amount on a compliance program.

How about the second part of the Grail quest that requires a ‘chaste’ Knight? Once again it is somewhat difficult to understand how a corporation could be chaste but I think the appropriate analogy is the doingof compliance. Put another way, it is not having a compliance program in place but having an effective compliance program. So not only does the amount of money a company spends become immaterial to our quest but also the same can be said to the claim that having a written program should entitle you some type of defense to any FCPA violations. Just as questing for the Holy Grail is seeking something that does not exist, affording companies a defense from their own FCPA violations by having a written program in place is not a temporal reality.

The 2017 FCPA Corporate Enforcement Policy, sounded the death-knell, once and for all time, of the call for a compliance defense. The protocol set up by the DOJ is certainly creative and perhaps even unique in federal criminal law enforcement. The enforcement aspects, coupled with the incentives provided to corporations and the detailing of a best practices are much more comprehensive to advance compliance than any argument for a compliance defense.

In considering the new Policy, most practitioners have started with the presumption that if a company meets the requirements under the new Policy, they will receive a declination. There are a variety of factors present in FCPA enforcement actions which would lead the DOJ to make this blanket offer. As stated in the new Policy “The investigation and prosecution of particular allegations of violations of the FCPA will raise complex enforcement problems abroad as well as difficult issues of jurisdiction and statutory construction.”

Finally, as with all quests, what will it bring you if you actually achieve it? As with the Holy Grail, it is a good story but that is about it. I find this view best articulated by Matthew Stephenson, in a blog post entitled “The Irrelevance of an FCPA Compliance Defense”, where he gave three reasons why a compliance defense is not warranted. First (and perhaps almost too obvious to state) is that if your company is invoking a compliance defense, there has been a FCPA violation. The second is “The U.S. Department of Justice (DOJ) already takes into account a corporation’s good-faith efforts to implement a meaningful compliance program when the DOJ decides whether to pursue an FCPA action against the corporation, and what penalties or other remedies to impose. Indeed, the adequacy of the corporation’s compliance program is a standard subject of negotiation between the DOJ and corporate defendants.” Third is that “An FCPA compliance defense would only alter the DOJ’s bargaining position if a corporation unhappy with the DOJ’s position could either (1) convince the DOJ lawyers that the DOJ’s position is unreasonable in light of the corporation’s compliance program, or (2) credibly threaten to go to court and defeat the DOJ’s enforcement action altogether by successfully invoking the compliance defense before a federal judge.”

Stephenson discounts subpart 1 because DOJ lawyers already take a company’s compliance program into account. But his second subpart is even more important because no company will go to trial against the government using a compliance defense to a demonstrable FCPA violation. Simply put, no company is going to risk losing at trial when they can control their own fate through settlement. The modern-day Knights seeking the Holy Grail of a compliance defense will never find it because of this last fact. Moreover, just as there were no real Knights who could meet the requirements to actually find the Holy Grail after their quest, there are no companies which can meet the same criteria; that being that a compliance defense could or even should trump a FCPA violation.

We leave our King Arthur with our quest intact, bringing a message I hope that you have ascertained about some of the things you need to do around the nuts and bolts of anti-corruption compliance. I also hope that you might be able to look at the tales surrounding the King Arthur myth for your own inspiration.

Aug 27, 2018

As I end this month of the Land of 1000 podcasts, I conclude with a week of King Arthur and his Roundtable themed-podcasts. It turns out there are many compliance lessons from the entire oeuvre of Arthurian legends. Many of the tales can inform your (modern day) compliance program. Today we consider one of the most interesting characters in the Arthur canon, The Green Knight and how this character presages the ever-growing protections for whistleblowers.

The Green Knight was so called because his skin and clothes are green. The meaning of his greenness has puzzled scholars since the discovery of the poem, that identifies him as the Green Man, a vegetation being in medieval art; a recollection of a figure from Celtic mythology; a Christian symbol or the Devil himself. According to Wikipedia, C. S. Lewis suggested the character was “as vivid and concrete as any image in literature” and J. R. R. Tolkien called him the “most difficult character” to interpret in the introduction to his edition of Sir Gawain and the Green Knight. His major role in Arthurian literature includes being a judge and tester of knights, and as such the other characters see him as friendly but terrifying and somewhat mysterious.

In his primary story with Sir Gawain, the Green Knight arrives at Camelot during a Christmas feast, holding a bough of holly in one hand and a battle-axe in the other. Despite disclaim of war, the knight issues a challenge: he will allow one man to strike him once with his axe, under the condition that he return the blow the following year. At first, Arthur takes up the challenge, but Gawain takes his place and decapitates the Green Knight, who retrieves his head and tells Gawain to meet him at the Green Chapel at the stipulated time. One year later, while Gawain is traveling to meet the Green Knight, he stays at the castle of Bercilak de Hautedesert. At Bercilak's castle, Gawain’s loyalty and chastity is tested, Bercilak sends his wife to seduce Gawain and arranges that they shall exchange their gains for the other’s. On New Year's Day, Gawain meets the Green Knight and prepares to meet his fate, where upon the Green Knight feints two blows and barely nicks him on the third. He then reveals that he is Bercilak, and that Morgan le Fay had given him the double identity to test Gawain and Arthur.

This story of the Green Knight’s testing informs the protection of whistleblowers by the SEC. It began with the Paradigm securities SEC enforcement action where an award was made to the whistleblower based upon the company’s retaliation against her. The settlement was for $2.2MM and $600,000 of that amount was paid to the whistleblower for the firm’s retaliation. This was the first award to a whistleblower for retaliation from the act of whistleblowing. The award is 30% of $2.2MM, which is the maximum amount a tipster can get under the program. The agency said the “unique hardships” he faced were a factor in the size of his award. SEC Enforcement Director, Andrew Ceresney, was quoted at the time ““We appreciate and recognize the sacrifice this whistleblower made and the important role the whistleblower played in the success of the SEC’s first anti-retaliation enforcement action.””

Next there was the KBR pre-taliationfine and Cease and Desist Order involving KBR.   In this matter, KBR was fined for having language in its internal employee Confidentiality Agreement that required employees to go to the company’s legal department before releasing certain confidential information to outside parties such as the SEC. The SEC held that such restrictions violated the “whistleblower protection Rule 21F-17 enacted under the Dodd-Frank Act. KBR required witnesses in certain internal investigations interviews to sign confidentiality statements with language warning that they could face discipline and even be fired if they discussed the matters with outside parties without the prior approval of KBR’s legal department. Since these investigations included allegations of possible securities law violations, the SEC found that these terms violated Rule 21F-17, which prohibits companies from taking any action to impede whistleblowers from reporting possible securities violations to the SEC.” This was in the face of zero findings that KBR had actually used such language or restrictions to prevent any employees from whistleblowing to the SEC.

Then we have the case of Tony Menendez, who was profiled by Jessie Eisinger in an article entitled “The Whistleblower’s Tale: How an Accountant Took on Halliburton”. The article told the story of a whistleblower, who took his concerns to government regulators and was then outed by the company as the SEC whistleblower and retaliated against. Interestingly, the SEC took no action on the whistleblower claims and the company argued on appeal that “since the SEC hadn’t brought any enforcement action, his complaint about the accounting was unfounded.” The company also claimed that simply because the whistleblower was identified by name, this alone was not the basis for a “material adverse action” against him. While Halliburton won at the administrative hearing level, it lost at the Fifth Circuit Court of Appeals.

So now there is a Court of Appeals opinion holding that if whistleblowing was a “contributing factor” only to the retaliation. Further, the employee is not required to prove motive. Well-known whistleblower expert Jordan Thomas also explained in the Eisinger article, “Whistleblowers can be victims of retaliation even if they are ultimately proved wrong as long as they have a “reasonable” belief that the company was doing something wrong.”

All of this is tempered by  the US Supreme Court decision in Digital Realty Trust v. Somers. In a unanimous 9-0 decision, the Court made clear that only a person who reports actions to the SEC will benefit from the anti-retaliation and discrimination protections afforded under Dodd-Frank. The case involved Paul Somers, who was a Vice President (VP) at Digital Realty Trust, Inc. (DLR). He alleged he was dismissed after reporting suspected security law violations to senior management of the company for which he was terminated. Somers brought suit in federal district court for wrongful termination and retaliation barred by Dodd-Frank.

The Court detailed the differences in whistleblower provisions between Dodd-Frank and SOX. Under SOX, an “employee qualifies for protection when he or she provides information or assistance either to a federal regulatory or law enforcement agency, Congress, or any “person with supervisory authority over the employee.” However, a discriminated-against or retaliated-against employee must seek redress by filing a complaint with 180 days with the Secretary of Labor. If the Secretary of Labor does not respond, the whistleblower can file suit in federal court and obtain the remedies of “reinstatement, back-pay with interest, and any “special damages sustained as a result of the discrimination,” among such damages, litigation costs.”

It appears that the SEC will be more like the Green Knight going forward. It will be a tester to determine if retaliation against whistleblowers occurs. From preventing companies from trying to stop whistleblowing via CA’s, to monetary awards for retaliation even where there is no SEC or government action taken, to the award to whistleblowers as a part of an SEC settlement for retaliation by their former employers; the SEC is making very clear that they will test how your company treats whistleblowers. If the SEC finds your company’s conduct lacking, you may well be facing something like the Green Knight going forward.

1 « Previous 1 2 3 4 5 6 7 Next » 18