Welcome to Day 3 of 30 Days to a Better Compliance Program. Today I want to consider the Chief Compliance Officer (CCO) in your organization, through three prisms: access, resources and opportunities.

 Access

What access does your CCO have to the top decision makers in your organization? While it really does not matter whether the CCO reports to the CEO, Board or GC; it does matter that the CCO have direct access to corporate decision maker.

Resources

This means both head count of personnel to operate your compliance function and the money available to implement the appropriate technology to sustain an effective compliance program. If your compliance team is run on a shoestring, you will likely be downgraded for your overall commitment to doing business in compliance with the FCPA. Put another way, if you spend more on paper clips than on your compliance program, your compliance program may well be under-funded.

 CCO Pay, Opportunity and Expertise 

In the Pilot Program, the DOJ laid out another important element for every compliance program, which is expertise of your CCO and compliance function. I think the clear implication is that the DOJ will even look at salaries. Once again if a company tries to get by on the cheap, it may certainly come back to bite them in the end. Finally the DOJ has made clear that compliance is part of the corporate family by even requiring that the CCO have opportunities for advancement with the corporation at the senior management level and that the compliance function shall be afforded similar opportunities. 

Three Key Takeaways

1. The CCO must have access to the highest levels of your organization.
2. The CCO must have adequate money and personnel resources to perform the function.
3. The CCO must be qualified, appropriately compensated and have opportunity for advancement within the organization.

 For more information, check out my book Doing Compliance: Design, Create and Implement an Effective Anti-Corruption Compliance Program, which is available by clicking here.

Show Notes for Episode 4, Year End Review, Part I

 We turn to the 2016 year in review, in this Part I of a two-part series.  

 Jonathan Armstrong leads a discussion on a very interesting UK Bribery Act enforcement action out of Scotland involving the Braid Group Ltd. It has some very significant implications for Bribery Act enforcement actions going forward. He also discusses the continued evolution of the UK DPA process and who it all works into the burgeoning global anti-corruption enforcement we saw in 2016.

For Cordery’s piece on the Braid case, click here.

For Cordery’s piece on the continued evolution of the UK DPA practice, click here.

 Jay Rosen takes us through a Paul Krugman NYT post on some of the invidiousness of corruption, focusing on the corrupting nature of compliance around undue influence. Rosen explains incentives more than anything else and how such incentives skew the marketplace. He asks a couple of provocative questions. First are there too many FCPA, ethics and compliance conferences? Second, even with the robust FCPA enforcement and maturation of compliance programs, why does corruption still exist? For a link Krugman post, click here.

 Rants will return in a couple of weeks. 

The members of the Everything Compliance panel include:

• Jay Rosen (Mr. Translations) – Jay is Vice President of Legal & Corporate Language Solutions at United Language Group. Rosen can be reached at rosen@ulgroup.com.
• Mike Volkov – One of the top FCPA commentators and practitioners around and is the Chief Executive Officer (CEO) and owner of The Volkov Law Group, LLC. Volkov can be reached at mvolkov@volkovlawgroup.com.
• Matt Kelly – Founder and CEO of Radical Compliance, is the former Editor of the noted Compliance Week Kelly can be reached at mkelly@radicalcompliance.com
• Jonathan Armstrong – Rounding out is our UK colleague, who is an experienced lawyer with Cordery in London. Armstrong can be reached at armstrong@corderycompliance.com.

Welcome to Day 2 of 30 Days to a Better Compliance Program. Today I consider written protocols, which are the foundation upon which an effective compliance program is built. Written protocols consist of a Code of Conduct, policies and procedures and internal controls.”

 Code of Conduct 

The substance of your Code of Conduct should be tailored to your company’s culture, and to its industry and corporate identity. It should provide a mechanism by which employees who are trying to do the right thing in the compliance and business ethics arena can do so. The Code of Conduct can be used as a basis for employee review and evaluation. It should certainly be invoked if there is a violation. The Code needs to be written in plain English and translated into other languages as necessary so that all applicable persons can understand it.

 Policies, Procedures and Controls 

The written policies and procedures required for a best practices compliance program are well known and long established. You should include the nature and extent of transactions with foreign governments, including payments to foreign officials; use of third parties; gifts, travel, and entertainment expenses; charitable and political donations; and facilitating and expediting payments.” Policies help form the basis of expectation and conduct in your company and Procedures are the documents that implement these standards of conduct.

 Internal Controls

They are an interrelated set of compliance control mechanisms, designed to ensure that company assets are used properly, with proper approval and that transactions are properly recorded in the books and records. While it is theoretically possible to have good controls but bad books and records, the two generally go hand in hand – where there are record-keeping violations, an internal controls failure is almost presumed because the records would have been accurate had the controls been adequate.” 

Three Key Takeaways

1. The United Airlines domestic corruption enforcement action makes a Code of Conduct an internal control.
2. Translate your Code of Conduct and key policies into local languages.
3. Document, Document, Document

For more information check out my book Doing Compliance: Design, Create and Implement an Effective Anti-Corruption Compliance Program, by clicking here.

In this episode Mike Volkov and I take a look at the most significant enforcement actions from 2016, the most significant compliance related issues from 2016 and the issues and cases that may be the most significant going forward into 2017. 

Welcome to Day 1 of 30 days to a better compliance program. Together with a podcast each day, I will be giving you tip to help you create a best practices compliance program in 2017. At the end of January, you will not only have a good summary of the basics of a best practices compliance program but information that you can incorporate into your compliance regime. Today I consider the various Tones in an organization. Any compliance program starts at the top and flows down throughout the company, which set the proper character for each level of your organization.

 At The Top 

Tone at the Top has become a phrase inculcated in the compliance world. The reason it is so important to any compliance program is because it does actually matter. So how can a company overcome these employee attitudes and set, or re-set, its “Tone at the Top”? I once had a Chief Executive Officer (CEO) of a client who described his role at the company as “the ambassador for compliance.” I can think of no better description of the role of a CEO for a best practices compliance program.

 In the Middle 

A company must have more than simply a good ‘Tone-at-the-Top’; it must move it down through the organization from senior management to middle management and into its lower ranks. This means that one of the tasks of any company, including its compliance organization, is to get middle management to respect the stated ethics and values of a company, because if they do so, this will be communicated down through the organization.

At the Bottom 

Even with a great ‘Tone-at-the-Top’ and in the middle, you cannot stop. One of the greatest challenges for a compliance practitioner is how to affect the ‘tone at the bottom’. To do so, you must work to engage those at the front lines, including training, communication and the tools to accomplish these tasks. A key question is how to tap into this belief system? The answer is to engage employees in a manner which allows you to not only find out what the employees think about the company compliance program but use their collective experience to help design a better and more effective compliance program. 

Three Key Takeaways

1. What is your tone at the top?
2. What is your tone in the middle?
3. What is your tone at the bottom?

For more information, check out my book Anti-Bribery Leadership, which is available through Amazon.com by clicking here.