Info

FCPA Compliance Report

Tom Fox has practiced law in Houston for 30 years and now brings you the FCPA Compliance and Ethics Report. Learn the latest in anti-corruption and anti-bribery compliance and international transaction issues, as well as business solutions to compliance problems.
RSS Feed Subscribe in Apple Podcasts
FCPA Compliance Report
2018
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
March
February


2015
December


Categories

All Episodes
Archives
Categories
Now displaying: July, 2018
Jul 30, 2018

How do you measure the impact of  your ethics and compliance program? In the new the second of its four-part series of the Global Business Ethics Survey for calendar year 2018, the Ethics and Compliance Initiative (ECI) have released the report, “Measuring the Impact of E&C Programs” which shows you how to do just that. In this podcast, I visit with Dr. Pat Harned, Chief Executive Officer of ECI about the report as it provides a wealth of information on the return on investment for the compliance professional and builds on the High Quality Program structure initiative by ECI in 2016. The Report identifies 15 operational element you can use for your program as well as 17 cultural validation points to help assess your compliance program. Some of the highlights in this podcast are:

  1. What is the ECI Global Business Ethics Survey and how does the report of “Measuring the Impact of E&C Programs” fit into the overall structure?
  2. What are the key findings from the Report?
  3. What is a High Quality Program and what are the 5 principles?
  4. Why are mindset and accountability so critical for an effective compliance program?
  5. Why do High Quality Programs have a bigger impact?
  6. What were the Report’s Conclusions and Recommendations.

To receive a copy of the ECI report, Measuring the Impact of E&C Programs, click here.

Jul 27, 2018

With the MLB July 31 trade deadline almost upon us, the Yankees, Indians and Dodgers have significantly upgraded their programs, will the Red Sox and Astros do so? Jay and Tom consider this and take a look at some of the top compliance stories from the past week.

  1. Lots about AI, data analytics and compliance this week. Tom has a three part series on the intersection (Part I; Part II; & Part III). Scott Shaffer goes the other direction, noting how important the human element is in due diligence on theFCPA Blog. Tom relents on the Astros and now admits it was the use of data analytics and not his incessant razzing which lead to last year’s WS win. He reviews Ben Reiter’s book and critiques the Astros on the FCPA Compliance Blog.
  2. Mike Volkov considers corporate culture, values and the ostrich in his exploration of the Beam FCPA enforcement action on Crime, Corruption and Complinace.
  3. A CCO looks at corporate activism. Katie Smith pens a piece in Complaince Week. (sub req’d)
  4. What is your FCPA liability in the M&A context? DAAG Matthew Miner talks about it in a speechat the ACI Anti-Corruption Compliance in High Risk Markets conference (they need a better name) Matt Kelly opines in Radical Compliance. Dick Cassin weighs in on the FCPA Blog.
  5. Tesla leans on suppliers to rebate two-year old payments. Does that change the nature of your business relationship. Tom explores in The Man From FCPA(sub req’d)
  6. How should a company respond to an individual request for information under GDPR? Jeremy Feigelson, Jane Shvets, and Christopher Garrett explore in the NYU Compliance and Enforcement Blog.
  7. What are the downsides to using your founder/CEO/Board Chair as spokesperson? Ben DiPietro explores on the WSJ Risk and Compliance Journal.
  8. Need some insights into assessing your compliance training? Kaplan and Walker are there for you in the Compliance Program Assessment Blog.
  9. Will KPMG survive its ethical scandals? Madison Marriage, Caroline Binham and Martin Arnold explore in the Financial Times.
  10. Who is the only podcaster in compliance to accept queries via carrier pidgeon? Eric Morehead (of course). Check out his most excellent podcast, Compliance Beat.
  11. Tom has 5 part podcast series which explores how Shakespeare informs a best practices compliance program. Henry IV, Part 2; Henry V; Much Ado About Nothing; Othelloand King Lear.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Jul 26, 2018

In this episode of Across the Board, I visit with Amii Barnard-Bahn.  She is a strategic advisor to Boards of Director and executive coach many C-Suite members. She specializes in accelerating the success of C-Suite executives and partner with leaders and teams to help scale their business. She has shaped company culture and strategic initiatives as an executive at Fortune 20 companies, smaller businesses and nonprofits, leading multiple functions, including Human Resources, Legal, IT, Communications, and Compliance.

We discuss the recent turmoil at Papa John’s pizza around first racial comments by its founder John Schnatter. Schnatter had previously lost his role as CEO for negative comments he made about NFL players and their National Anthem protest last year. In the latest flap, Schnatter used the N-word during racial sensitivity training. He was pressured to resign from his position as the Chairman of the Board. He then changed his mind and wants to fight his voluntary resignation. Some of the topics we discuss are:

  • How should the Board respond?
  • What do Schnatter's actions say about Papa John's corporate culture and values?
  • What has changed for Boards in the #MeToo era of high stakes reputational damage?
  • Do you think a Board committee should handle this issue or the full Board?
  • Who should report to the Board on this issue?

This timely and topical podcast will help you as a Board member understand how your role has changed as the risks to your organization has evolved.

Jul 25, 2018

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly and I take a deep dive into the imbroglio Salesforce found itself in when it came out the company did work for ICE.

We use this dialogue as a starting point to discuss some of the following:

  1. What is the Trump Risk and how can companies being to manage it?
  2. If a company makes one miss-step does it make another when it tries to engage in ethical offsetting?
  3. Is your organization prepared to stand up for its own culture for ethics in the face of racism shown by the Administration?
  4. How do different stakeholders view you company’s ethical responsibility?

We unpack of all these points and consider the risk management strategies going forward.

For more reading: see Matt’s piece Salesforce Runs Into Trump Risk

Jul 23, 2018

I conclude my week-long podcast series on compliance lessons from Shakespeare and by using my favorite character in all his work. He is The Fool from King Lear. Of Shakespeare’s many theatrical innovations, his transformation of The Fool from the Renaissance Court Jester of songs, music, storytelling, medieval satire and physical comedy to commentator is right up there for me. The Fool became closer to the Greek Chorus. Shakespeare brought the Chorus commentary function back. As noted in Wikipedia, “Where the jester often regaled his audience with various skills aimed to amuse, Shakespeare's fool, consistent with Shakespeare's revolutionary ideas about theater, became a complex character who could highlight more important issues. Like Shakespeare's other characters, the fool began to speak outside of the narrow confines of exemplary morality. Shakespeare's fools address themes of love, psychic turmoil, personal identity, and many other innumerable themes that arise in Shakespeare”.

While Lear’s Fool was actually a font of wisdom and commentary, the same cannot always be said for the corporate fools who put evidence of bribery and corruption in emails, excel spreadsheets and PowerPoint slide deck presentations. In Foreign Corrupt Practices Act (FCPA) training I always remind attendees that if you put your bribery scheme in emails, it will be uncovered. Further, if you put together an excel spreadsheet tying your nefarious acts, such as hiring the family member of a foreign official or state owned enterprise employee to the award of a contract, it will be uncovered. Finally, if you put your fraudulent scheme in a PowerPoint slide deck for presentation to senior management, you will be uncovered.

The issue previously arose at GlaxoSmithKline PLC (GSK) who put together such a presentation in 2013 for targeted bribery campaign code named “Vasily”. More recently was Volkswagen (VW) and its now infamous emissions-testing scandal. In an article in the New York Times (NYT), entitled “VW Presentation in ’06 Showed How to Foil Emissions Tests”, Jack Ewing reported that a top technology executive at VW prepared a PowerPoint presentation for management in 2006, laying out in detail how the automaker could cheat on emissions tests in the United States. From my experience, if you have an illegal scheme enshrined in a PowerPoint slide deck presentation, even if you never implemented that scheme, it probably means that the propensity for such is pervasive throughout the system.

You might think only idiots would put into emails, spreadsheets and PowerPoint presentations not only intent to violate laws but also their plans and how the company would benefit from such illegal conduct. As bad as all of this is, it points to an even greater insight relevant to FCPA enforcement, that being the Myth of the Rogue Employee. The GSK and VW PowerPoint presentations both added yet another spike in its coffin. If your corporate culture is such that you not only communicate internally about illegal conduct but also record those communications in the form of PowerPoint presentations, it speaks to a culture that supports and embraces skirting the rules. Commentators who claim that companies should not be punished by the actions of a small group of employees miss this greater truth; these employees would not engage in illegal conduct if their company, either through compensation, succession or other remuneration, did not reward them for engaging in such conduct.

That is the greater truth that Lear’s Fool would impart to corporate management. 

Jul 23, 2018

This week I am celebrating the intersection of Shakespeare and compliance with a week-long podcast series on the Bard & Compliance. Which play in Shakespeare’s cannon presents the biggest clash of cultures, which leads to the most catastrophic result? I would have to opine Othello, one of the great tragedies in all of Shakespeare. Othello, a Moor and General in the service of the Venetian republic, wins great honors on the fields of battle with the Turks. He also wins the hand of the lovely Desdemona. However, off the battlefields, Othello falls prey to the whiles of Iago, who convinces Othello of the infidelity of his bride. Othello murders his wife and then, realizing his mistake, takes his own life.

There are many culture clashes going on in the play. The military ethos vs. the deceit of civilian life, African tribal culture vs. the isolation of life in Venice, and even the warm bloodedness of a Moor vs. the chilly civilization of 16thcentury Venice. Yet it all leads to one thing - destruction.

One of the more difficult things to predict in a merger and acquisition context is how the cultures of the two entities will merge. Further, while many mergers claim to be a  ‘merger of equals’ the reality is far different as there is always one corporate winner that continues to exist and one corporate loser that simply ceases to exist. This is true across industries and countries; witness the debacle of DaimlerChrysler and the slow downhill slide of United after its merger with Continental.   

In the Foreign Corrupt Practices Act (FCPA) space this clash of cultures is often seen. One company may have a robust compliance program, with a commitment from top management to have a best practices compliance program. The other company may put profits before compliance. Whichever company comes out the winner in the merger, it can certainly mean not only conflict but if the winning entity is not seen as valuing compliance, it may mean FCPA investigations and possibly even FCPA violations going forward.

Jul 23, 2018

This week I am celebrating the intersection of Shakespeare and compliance with a week-long podcast series on the Bard & Compliance. How does Shakespeare portend social media in the 21stcentury? I would submit that one only need look at Much Ado About Nothingto see how it should all play out. As with all Shakespeare’s plays there is quite a bit going on but the play centers around the action and dialogue of Benedick and Beatrice who go after each other in a manner which shames modern NBA trash-talkers. Apparently, everyone else in the play understands the two are meant for each other so they engage in a very social media style of communication to put the two together. Of course, as this is a comedy, everyone ends up married so Beatrice and Benedick, prompted by their friends' interference, finally, and publicly, confess their love for each other.

One of the first companies to embrace social media as a key tool in their compliance strategy was Dun & Bradstreet (D&B) who actively uses social media to make more effective the company’s compliance regime. The D&B experience provides three key insights for the Chief Compliance Officer (CCO) and compliance practitioner. The first is how compliance, like society, is evolving, in many ways ever faster. As more millennials move into the workforce, the more your employee base will have used social media all their lives. Once upon a time, email was a revelatory innovation. Now if you are not communicating, you are falling behind the 8-ball. Employees expect their employers to act like and treat them as if this is the present day, not 1994 or even 2004.

The second is that these tools can go a long way towards enhancing your compliance program going forward. Recall the declination to prosecute that Morgan Stanley received from the Department of Justice (DOJ), back in 2012, when one of its Managing Directors had engaged in FCPA violations? One of the reasons cited by the DOJ was 35 email compliance reminders sent over 7 years, which served to bolster the annual FCPA training the recalcitrant Managing Director received. You can use your archived social media communications as evidence that you have continually communicated your company’s expectations around compliance. It is equally important that these expectations are documented (Read – Document, Document, and Document).

Finally, never forget the social part of social media. Social media is a two-way communication. Not only are you setting out expectations but also these tools allow you receive back communications from your employees. The D&B experience around the name change for its Code of Conduct is but one example. You can also see that if you have several concerns expressed it could alert you earlier to begin some detection and move towards prevention in your compliance program.

Jul 23, 2018

This week I am celebrating the intersection of Shakespeare and compliance with a week-long podcast series on the Bard & Compliance. Most people remember the St. Crispin’s Day speech in Henry V as one of the greatest speeches in all of Shakespeare. However many people do not focus on what led to that speech which was that Henry went out among his troops, disguised as a commoner to ask they what they thought and to hear what they had to say about the upcoming battle with the French. One of the most important things that Henry learns is that his men, while willing to do their duty, believe they will all die the next day in battle, most particularly because of the overwhelming size differential in the two armies. Henry takes this information and incorporates those fears, together with English patriotism, into the rousing speech he gave before he led his men to victory. It was an early use of social media. 

How can you get your head around the structure of a social media program for your company? In an article in the MIT Sloan Management Review, entitled “Finding the Right Role for Social Media in Innovation”, Deborah Roberts and Frank Pillar laid potential remedies as a useful tool to help CCOs design an internal company wide social media campaign.

The most important thing to remember is that communication in social media is two-way; both inbound and outbound. It can help to bring your employee base together in an efficient manner to create an environment conducive to compliance for your organization. It also has the benefit of continued engagement. It is more than putting on training or even a week set of initiatives, you can continue the conversation and enthusiasm about compliance going forward.

The authors broke this down further into three parts that emphasize (1) the need to listen to and learn from user-generated content; (2) the need to engage and facilitate dialogue with employee innovators; and (3) to find an audience of early adopters to create excitement and collect feedback. No doubt inspired by some fond childhood memories, the authors monikered these three concepts as (a) Explore, (b) Create and (c) Communicate.

  • Explore
  • Co-create
  • Communicate

CCOs and compliance practitioners need to develop a dedicated compliance strategy around social media, in the context of your corporate objectives. Just as Henry V gave one of the most rousing speeches in all of Shakespeare, basing it on the input he received from his men, you can take the input from your employee base and create a compliance experience that your employees will embrace.

Jul 23, 2018

What is the most famous line in Shakespeare about lawyers? That is an easy one because lawyer-haters across the world (and lawyer-lovers as well) know it - First thing we do is kill all the lawyers. It comes from Henry IV, Part II. Most lawyers understand that by killing all the lawyers, it will create an atmosphere that would allow for tyranny and anarchy. Unfortunately this clear import is not as widely seen by civilians (i.e. non-lawyers).

While I think the debate about whether the compliance function should be located in a company’s legal department or in a separate compliance function has largely concluded that it should be independent because of the difference in the two discipline’s mandates; many in a corporate compliance function came from the General Counsel’s office or have legal training. The lack of law schools providing training in leadership skills has led to a paucity of such proficiencies in my brethren.

Byron Hanson, in an article in MIT Sloan Management Review, entitled “Leading by the Numbers”; discussed the sometimes difficult transition financial professionals have to make when moving to broader leadership roles. I found some of his insights to be useful to the lawyer moving from a corporate legal department or large law firm into a leadership role in a compliance department.  He listed five changes needed which I have adapted for lawyers. 

  • Transition 1 - From Expert to Leveraging Expertise
  • Transition 2 - From Apprenticeship to Coaching
  • Transition 3 - From Reporter to Translator
  • Transition 4 - From the Right Answer to Multiple Possibilities
  • Transition 5 - From Value Protector to Value Creator

The ability to critically think is still the gift that most US law schools bestow on their graduates. That ability can serve you well as an in-house lawyer and as a CCO. However, the mandates of the legal department and the compliance department are so different and in many ways divergent that the transition from one to the other is not always guaranteed to be smooth. Hanson’s article gives some fine pointers that every lawyer should consider when they make the move to the CCO chair.

Jul 23, 2018

 

In the new the most recent issue of Fraud Magazine, three authors, Scott Fleming, Jonathan T. Marks, and Richard Riley, presented the article “Meta Model of Fraud”. In this piece, the authors acknowledge that the Fraud Triangle is tried and true, but feel the need for more tools to more to understand fraud cases. The authors go on to describe a “meta-model of fraud” that combines the “why-based” Fraud Triangle with the “what-based” Triangle of Fraud Action to better explain fraud cases. While it may be difficult to know exactly why fraudsters commit crimes, investigators can always gather facts and evidence to help prevent and deter fraud.

In this podcast, I chat with one of the authors, Jonathan Marks, a partner at Marcum LLP, on the limitations of the Fraud Triangle and why a new model can be helpful in the modern fraud detection and prevention context. The authors developed the triangle of Fraud Action to overlay with the Fraud Triangle to help fraud examiners understand where weak points might be exploited by fraudsters. Equally importantly, it helps compliance professionals understand how internal control systems can be exploited and how to help prevent such exploitation.

The article Meta Model of Fraud also appears on Marks’ blog Board and Fraud and can be viewed by clicking here.

Jul 20, 2018

With Papa John founder, former CEO and (now) former Chairman of the Board channeling his inner Donald Trump in saying he really didn’t mean to resign, it is time to take a look at some of the top compliance stories from the past week.

  1. John Schnatter, founder, former PapaJohn Chairman and former CEO now says he really didn’t mean to resign from Board after using racial slur in con call with vendor. He goes on to claim the vendor involved attempted to extort the company, for his use of racial slur and finally he won’t ‘go quietly’ into the night and leave the company. See reports Jordan Valinsky in CNN Money, Julie Jargon in the WSJand Tiffany Hsu in the NYT. Nick Kirsch explores the toxic culture at Papa John in an article in com.
  2. Former Energy XXI founder and CEO hit up vendors for personal loans and sold a Board seat for another loan. Company said he had ‘broken no laws’ but SEC disagrees, fines him and bans him from public companies for five years. Tom reports in the FCPA Compliance and Ethics Blog. See the full SEC Compliant.
  3. Another former PdVSA official pleads guilty to money laundering? Sam Rubenfeld reports in the WSJ Risk and Compliance Journal.Dick Cassin reports in the FCPA Blog.
  4. How much, if any, does the Justice Department have to disclose about monitorship through a FOIA request. See article in Havard Law School Forum on Corporate Goverance.
  5. Hui Chen, says we need more data pioneers in complaince. Kelly Swanson reports in GIR. (sub req’d)
  6. Does a contract procured through corruption invalidate the parties rights under it? Petrobras claims so in Houston case but loses. Dick Cassin reports in the FCPA Blog. Brazilian prosecutors then indicts CEO of US company, after DOJ issues declination. What does it all mean? Adam Dobrik explores in GIR. (sub req’d)
  7. The largest vendor in the compliance space, Navex is sold to BC Partners, a London based Private Equity company. Matt Kelly scooped the story on Radical Compliance.
  8. Should the DOJ encourage whistleblowing in bid-rigging cases? Bob Connolly opines yes in Law360op-ed piece. (sub req’d)
  9. Bill Waite pens a two-part blog providing his refections on compliance during for the 10 year anniversary of the FCPA Blog. In Part Ihe considers how corruption changed the world. In Part IIhe says there is still work to be done.
  10. EU regulators slam Google with $5bn fine for anti-competitive acts. It is not if but when will US retaliate? Ben DiPietro reports in WSJ Risk and Compliance Journal.
  11. Tom has 5 part podcast series with Caterina Bullgarella on her SAI Global White Paper, Predicting Risk: A Strategic Culture Framework for the C-Suite. In Part 1-Introduction, Part 2- The Board, C-Suite and Ethical Risk, Part 3-Espoused Ethics and Actual Values, Part 4- An analysis of Wells Fargo under the Frameworkand Part 5-the Ins and Outs of Ethical Reasoning.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Jul 19, 2018

This week the gang returns to its four focused topics. After the commentary we follow with rants.

  1. Matt Kelly is now convinced that the Trump Risk is a real thing. How can compliance professionals help companies in the age where reputational issues can arise literally with one tweet by the President or one administration policy which goes south? 
  1. Tom Fox explores the key themes in the SocGen/Legg Mason FCPA enforcement actions. 
  1. Jonathan Marks joins us a special guest and takes a look at how the US Supreme Court decision in Digital Realty Trust v. Somers severely damaged internal whistleblower/hotline systems as it removed retaliation protection from employees who go internally first and not to the SEC. How can companies win back employee’s trust on this issue?
  1. Jay Rosen considers that both the head of the SEC and No. 2 at DOJ have recently given speeches talking about corporate culture. With this new emphasis by regulators, what should compliance be doing in response?

The members of the Everything Compliance panelist are:

  • Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
  • Mike Volkov– One of the top FCPA commentators and practitioners around and the Chief Executive Officer of The Volkov Law Group, LLC. Volkov can be reached at mvolkov@volkovlawgroup.com.
  • Matt Kelly– Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com
  • Jonathan Armstrong– Rounding out the panel is our UK colleague, who is an experienced lawyer with Cordery in London. Armstrong can be reached at armstrong@corderycompliance.com

On this episode, we are joined as a special guest panelist, Jonathan Mark, a partner at Marcum LLP.

The host and producer (and sometime panelist) of Everything Compliance is Tom Fox the Compliance Evangelist.

Jul 18, 2018

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly and I take a deep dive into a debate started when Michigan State University Interim President John Engler said that the role of compliance is to spot red flags which arise from the violations of policies and procedures. He was excoriated for this by Detroit Free Press columnist Rochelle Riley who said there were plenty of red flags about Larry Nassar but there was no commitment from senior management to stop the conduct. All of this begs the question: what is ethics and compliance?

We use this dialogue as a starting point to discuss some of the following:

  1. What is ethics and compliance?
  2. Are empathy and escalation equally important to compliance as policies and procedures?
  3. When you have a top dog claiming those who report abuse are doing it only to receive compensation, can you ever have a trusting relationship with those below you?
  4. How can any organization respond to reputational damage in the current atmosphere?

We unpack of all these points and consider the implications for corporate compliance programs.

For more reading: see Matt’s piece Another Compliance Lesson From Michigan State

Jul 18, 2018

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly and I take a deep dive into a debate started when Michigan State University Interim President John Engler said that the role of compliance is to spot red flags which arise from the violations of policies and procedures. He was excoriated for this by Detroit Free Press columnist Rochelle Riley who said there were plenty of red flags about Larry Nassar but there was no commitment from senior management to stop the conduct. All of this begs the question: what is ethics and compliance?

We use this dialogue as a starting point to discuss some of the following:

  1. What is ethics and compliance?
  2. Are empathy and escalation equally important to compliance as policies and procedures?
  3. When you have a top dog claiming those who report abuse are doing it only to receive compensation, can you ever have a trusting relationship with those below you?
  4. How can any organization respond to reputational damage in the current atmosphere?

We unpack of all these points and consider the implications for corporate compliance programs.

For more reading: see Matt’s piece Another Compliance Lesson From Michigan State

Jul 18, 2018

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly and I take a deep dive into a debate started when Michigan State University Interim President John Engler said that the role of compliance is to spot red flags which arise from the violations of policies and procedures. He was excoriated for this by Detroit Free Press columnist Rochelle Riley who said there were plenty of red flags about Larry Nassar but there was no commitment from senior management to stop the conduct. All of this begs the question: what is ethics and compliance?

We use this dialogue as a starting point to discuss some of the following:

  1. What is ethics and compliance?
  2. Are empathy and escalation equally important to compliance as policies and procedures?
  3. When you have a top dog claiming those who report abuse are doing it only to receive compensation, can you ever have a trusting relationship with those below you?
  4. How can any organization respond to reputational damage in the current atmosphere?

We unpack of all these points and consider the implications for corporate compliance programs.

For more reading: see Matt’s piece Another Compliance Lesson From Michigan State

Jul 16, 2018

Over this five-part series I, visit with Caterina Bulgarella on the recently released white paper by SAI Global, entitled “Predicting Risk: A Strategic Culture Framework for the C-Suite” (the “White Paper”). Bulgarella is a cultural architect and ethics collaborator with SAI and the author of the white paper. In this white paper, she introduces a strategic culture framework which compliance professionals and companies can use to not only help them assess their ethical culture but provides a framework to map ethics to their business process in a manner which improves ethics and compliance and improves overall business processes leading to more robust efficiencies and greater profitability. In this Part II, we discuss what the Board of Directors and C-Suite needs to know about ethical risks.

Bulgarella began by noting that the strategic culture framework is really a model for maximum impact for organizations to manage risk and ethical performance practically. It is based on two dimensions of culture. The first is whether your organization is delegating dilemmas, so when the cultural dilemmas after left unaddressed, employees are more likely to face difficult tradeoffs and make poor decisions. This translates that delegation of ethical dilemmas creates unwanted risk. The second dimension is whether an organization is creating an ethical capacity, which are the resources, practices and built-in resilience that helps employees to deal with ethical challenges successfully.

Companies can use the strategic culture framework to create a realistic risk profile. It lays out six determinants, three each within the dimensions listed above. The framework forces organizations to look at the ethical tradeoffs people are dealing with day in and day out and the implications of those trade-offs. The framework evaluates the capacity that your organization has internally; as that will help you predict how people respond to ethical challenges. I asked Bulgarella if she could provide an example.

She responded with the following example. Assume we both work for Acme and one of our values is safety. Acme trains its employees on safety procedures and that tells us that safety matters now but Acme also puts a great deal of emphasis on cost effectiveness. This means Acme prides itself on running things lean and fast. Safety and cost effectiveness do not have to butt heads all the time, but if there is too much emphasis on cost effectiveness; safety will eventually suffer if Acme has never looked at the relationship between safety and cost effectiveness. If the company does not understand the norms and expectations around safety and cost effectiveness, it may well face a tangible risk, that people may downplay safety to save the company money. This is where the framework comes into play as it can be the lens through which Acme can garner all the insights it needs to fully understand these dynamics and to recalibrate them to mitigate risk and increase the organization’s ethical performance.

We then turned to the three determinants of each dimension. For the dimensions of delegation of ethical dilemmas the determinants are: (1) What are your organization’s Principals of conduct? Under this determinant you need to know if your Principals of Conduct are clearly set out, is there a conflict between these standards and your organization’s values and are potential conflicts being addressed? (2) What is your organization’s leadership behavior and how does management exercise power? Here you need to know what the criteria is for promotion to or hiring of senior management; are senior management both talking the talk and walking the walk and, finally, do senior leadership view their roles as one of responsibility or entitlement? (3) What are both the incentives and discipline within your company? Under this determinant, you need to assess what are both the rewards and sanctions used by your organization, how are top performers treated when they act unethically and are employees rewarded for doing business ethically and in compliance?

For the dimension of ethical capacity the determinants are: (1) What is the ethical ownership? Under this determinant, you assess if your ethics and compliance responsibility is shared with the business units or siloed in compliance, is your company leadership being held accountable through ethical goals and are ethics framed as a chore or opportunity within the company? (2) What is the ethical reasoning? Here you need to consider whether you provide effective, targeted training with follow up communications, what company factors or experiences may hamper ethical reasoning in your organization and whether managers promote an open dialogue around ethical issues. (3) What is the ethical voice? This determinant deals with the channels through which information on ethical lapses are raised in the company; do they exist, is there a cost to sharing bad news or being an internal whistleblower and how has the company used such employee feedback?

Tomorrow we consider the gap between an organization’s espoused ethics and its actual values.

For a fully copy of “Predicting Risk: A Strategic Culture Framework for the C-Suite” click here. For more information on SAI Global, click here.

Jul 16, 2018

Over this five part series I am visiting with Caterina Bulgarella on the recently released white paper by SAI Global, entitled “Predicting Risk: A Strategic Culture Framework for the C-Suite”(the “White Paper”). Bulgarella is a cultural architect and ethics collaborator with SAI Global and the author of the white paper. In the white paper, she introduces a strategic cultural framework which compliance professionals and companies can use to not only help them assess their ethical culture but, equally important, a framework to map ethics to their business process in a manner which improves ethics and compliance and improves overall business processes leading to more robust efficiencies and greater profitability. In Part III, we discuss the gap between an organization’s espoused ethics and its actual values, how this can lead to tension and the risks that arise from conflicting priorities and goals.

We began with a review of culture and how it can be viewed through the lens of the framework. Bulgarella emphasized that the architecture of culture is complex. It is not just about behaviors, not just about Codes of Conduct and/or policies and procedures. It is about key beliefs and the manner in which systems and processes are designed. Moreover, it also consists of the norms and expectations. In looking at each culture determinant, the framework addresses the specific systems addresses norms and mindsets that should be managed. The framework tells us that if we want to manage delegation of ethical dilemmas, we should look at principles of conduct. If we want to look into principles of conduct that we should not just stop at corporate values but also consider the implicit norms when it comes to leadership and power in an organization.

So in addition to making ethical factors a consideration in the hiring of and promotion to senior management, you need to consider senior leadership’s behavior and what they believe their power is based upon. When it comes to values, do companies put their money where the mouth is and financially reward employees who do business ethically and in compliance and not simply those who make their numbers every quarter? The framework allows you to consider not only whether employees receive training but also is it targeted training and is the training effective? The bottom line is that the framework helps an organization understand the contradictions that define culture. It highlights the different directions in which people are pulled, the gap between what is said and what is done. Finally, it addresses the way in which people are likely to respond to these inconsistencies.

The two cultural dimensions in the framework, ethical capacity and delegation of ethical dilemmas, are helpful in considering both the different types and different levels of risk. The more dilemmas present in an organization, the more pressure will be forced upon employees and the greater likelihood they will make poor ethical decisions. The key is to have both dilemmas working in concert so that when culture is mature in your organization, the company works hard to address and contain dilemmas, while creating ethical capacity. Conversely, if your organization has an immature culture, your dilemmas are widespread and the ethical capacity is a law between the two. In addition to being overly focused on profit, these organizations do not help people address the ethical tradeoffs they are likely to encounter.

In addition to the immature and ambivalent organizations, Bulgarella identified two other types of organizations, the righteous organizations and mature organizations. Righteous organizations avoid delegated dilemmas but lack ethical capacity, thereby experiencing lower risk than immature organizations. However, their risk is higher than mature organizations since people don’t have much ethical capacity. These organizations create high risk when they impose their ethical principles on people in a cult-like manner, disabling the muscle of independent reasoning.

Ambivalent organizations experience less risk than immature organizations due to their higher ethical capacity, but Bulgarella believes they can pose greater risk than mature organizations due to their tendency to delegate dilemmas. By forcing its employees to make difficult ethical choices, an ambivalent organization’s exposure to systemic risk is still high. Employees may blow the whistle or resist the internal pressure, but ethical dilemmas are so widespread that employees do not have the trust to feel their company will stand behind them when they make a difficult, yet ethically correct decision. This means that an ambivalent organization remains exposed to considerable risk and should be monitored closely.

Bulgarella concluded with some thoughts on how risk changes across these four types of organizations. In mature organizations, ethical dilemmas are addressed at the top and the ethical capacity is consistently matured. This makes its business model low risk and growth is ethical. In righteous companies, there are clear ethical standards but little is done to build ethical capacity. This creates moderate business risk and such inflexible principles may inhibit ethical capacity. In ambivalent organizations ethical trade-offs are pushed on employees, even as the company takes steps to build ethical capacity. This creates high business risk, as there is intense pressure, which, in turn, creates widespread misalignment between stated and actual goals. Finally, there is the immature organization where there is a high delegation of dilemmas combined with low ethical capacity. This makes for very high risk and the business’ growth is generally not sustainable.

Tomorrow we apply the culture framework to a real-life case study, Wells Fargo.

For a fully copy of “Predicting Risk: A Strategic Culture Framework for the C-Suite” click here. For more information on SAI Global, click here.

Jul 16, 2018

I am joined in this five-part series by Caterina Bulgarella. We are discussing the recently released white paper by SAI Global, entitled “Predicting Risk: A Strategic Culture Framework for the C-Suite” (the “White Paper”). Bulgarella is a cultural architect and ethics collaborator with SAI Global and the author of the white paper. In this white paper, she introduces a strategic cultural framework which compliance professionals and companies can use to not only help them assess their ethical culture but, equally important, a framework to map ethics to their business process in a manner which improves ethics and compliance and improves overall business processes leading to more robust efficiencies and greater profitability. In Part IV, we consider the Wells Fargo fraudulent accounts scandal within the structure of the framework.

Bulgarella began by noting that the culture determinants that created systemic risk were largely in the red zone, presaging Wells Fargo’s cultural and ethical failures. However, while the culture determinants that shape ‘Delegation of Ethical Dilemmas’ were solidly red, Wells Fargo did possess some degree of ethical capacity, as demonstrated by the fact that several employees tried to blow the whistle. In terms of culture maturity, Wells Fargo oscillated between the conditions of immature and ambivalent; the two culture types that expose an organization to high levels of risk.

When there is a discussion around tone at the top and middle, we are referring to the extent to which leaders and managers acknowledge ethical principles and behave in a way that is consistent with those principles. This leads to the manner in which leadership and power are exercised in an organization, which is a huge component of the culture of an organization and these two huge components of a determination of whether the organization is delegating ethical dilemmas or not as well as the nature of those dilemmas. The type of pressure that may arise from senior and middle are all very relevant.

The next step is to see how senior leaders and middle managers shape any ethical dilemmas. Bulgarella related that if a leader holds an ethical belief but provides a different set of signals in their leadership style, it may well create a set of competing priorities. This can lead to the types of pressure we discussed in prior posts that may lead to ethical lapses.

Saying something like “just get it done” may well blind a leader or manager to tradeoffs. Bulgarella characterized this as a “form of motivated blindness” which has an interesting way of manifesting and resolving itself. Finally, any form of abusive conduct when it comes to leaders and managers is likely to weaken ethical principles.

So how did a company whose corporate values included integrity, respect and principled performance fall into such disrepute? According to the white paper, it actually began in the 1990s when the then Chief Executive Officer (CEO), Dick Kovacevich, “told Fortune magazine that banks had to figure out how to sell money. He believed that financial instruments were consumer products, the same way “… Wal-Mart sells socks or Home Depot sells screwdrivers. Much like those businesses, financial services is huge ($1.9 trillion in assets) and fragmented.”” Unfortunately this innovation for the bank was not matched with its ethical capacity as regional and business unit autonomy led to not only increased sales pressure but almost slavish devotion to the internal sales theme “8 is great” which required salespersons to sell eight Wells Fargo financial products to every Wells Fargo customer; whether they needed or even wanted them. Finally, stakeholders began to engage in retaliatory behavior to those employees who raised ethical concerns that fraudulent accounts were being created. 

Utilizing the framework, the culture coordinate of delegation of ethical dilemmas has the following observations.  The determinant of Principals of Conduct noted, “Wells Fargo’s internal and external values were strongly at odds. On the one hand, the company proclaimed its commitment to the customer and fostering trust. On the other, it pushed employees to sell ‘customers as many products as possible.’” Under the determinant Leadership & Power, regional, local and business unit leaders used their influence to force overly ambitious sales goals on employees. Finally, under the determinant of Reward & Sanctions, “Incentives were tied to cross-selling: Salespeople received between 15% to 20% of bonus compensation if they met their sales goals. Though roughly 5,000 salespeople were let go between 2011 and 2016, these layoffs touched only 1% of the workforce.”

In the culture coordinate of Ethical Capacity the white paper noted the following observations. Under the determinant of Ethical Ownership, it stated, “The company’s official position was that the businesses owned ethics, yet senior leadership framed the scandal as a ‘compliance and operations’ problem.” Under the determinant of Ethical Reasoning, it stated, “The ethics program trained employees to spot conflicts of interest and provided them with a Code of Conduct—valuable but inadequate resources to help employees cope with the sales pressure they experienced daily.” Finally, under the determinant of Ethical Voice was the following, “Wells Fargo fostered a culture of threat, intimidation, and retaliation to discourage employees from speaking up. Five percent of the workforce eventually joined forces to file a petition that asked the company to discontinue its cutthroat culture.” Bulgarella concluded by relating, “What’s interesting, however, is that the Wells Fargo story is a cautionary tale for leaders in general because it demonstrates how they can be in a way victimized by their own ambitions, innovation and vision. This is something worth keeping in mind. The science tells us that it’s not always the case that unethical outcomes derive from malicious intent. You may give into an excessively ambitious yet very enticing vision.”

Tomorrow we conclude with a look at the ins and outs of ethical reasoning and then take a veiled look into the future.

For a fully copy of “Predicting Risk: A Strategic Culture Framework for the C-Suite” click here. For more information on SAI Global, click here.

Jul 16, 2018

Over this five part series I have been visiting with Caterina Bulgarella on the recently released white paper by SAI Global, entitled “Predicting Risk: A Strategic Culture Framework for the C-Suite” (the “white Paper”). Bulgarella is a cultural architect and ethics collaborator with SAI Global and the author of the white paper. In the paper, she introduced a strategic culture framework which compliance professionals and companies can use to not only help them assess their ethical culture but, equally important, a framework to map ethics to their business process in a manner which improves ethics and compliance and improves overall business processes leading to more robust efficiencies and greater profitability. In Part V, we conclude with a review of the ins and outs of ethical reasoning and take a veiled look into the future.

We began with a discussion of common biases that might influence employees to make the right ethical decision and how entities might able to manage this problem. Bulgarella noted the most common bias is that employees think they are much more ethical than their co-workers. This can work to give employees license to engage in unethical behavior, rationalizing that everyone else is doing it or even through some type of internal balance sheet analysis figuring the company may owe them something. This can also work to create a type of righteousness that, once again, allows employees to rationalize bad conduct.

Bulgarella says it starts with a re-architecture to get employees to do the right thing. It begins with the insights derived from seeking and providing feedback. This also speaks to the complexity of managing corporate values in a way that activates our moral identity without making us righteous and a complacent. Sometimes even feeling loyalty to the group can impinge ethical decision-making or ethical behavior so care must be taken around this bias as well.

Bulgarella believes that organizations developing loud and clear speak up cultures “experience high ethical efficacy”. They are a fundamental part of an ethical culture and both speaking up and silence communicate information to an organization. Bulgarella believes they are two sides of the same coin and that that speaking up and silence are properly viewed as a part of a process and not discrete acts. Employees will not simply begin to speak up unexpectedly. There must be training and, more importantly, trust by employees that their voices will be heard, and there will be no retaliation. This means senior leadership and middle managers must seek feedback on an ongoing basis to engender that trust and relationship. Bulgarella says if that trust is not present, there will be what she termed as “futility of voice” which she identified as one of the most disempowering factors employees face in determining whether to speak up or look the other way.

I asked Bulgarella on why silence is so powerful and what can be its significance. She said, “silence can speak a thousand words.” If a survey is conducted and nobody participates, that says quite a bit about your corporate culture. If employees are asked to provide feedback and everybody has only positive things to say about the topic or issue, that simply is a disconnect with “human nature, silence a disguised as voice.” This means that instead of being satisfied that 95% of respondents report that the things are great, you are compelled to go deeper and find out what is going on.

We then turned to the future and where the framework, could be going and how corporations can utilize the framework to improve not only their culture and values but their business performance as well. Bulgarella emphasized the framework is a tool help navigate complexity. She has seen organizations use the framework in variety of ways to manage risk and ethical performance. Moreover, the framework is a strategic tool that can be used to assess and measure culture, to recalibrate the key cultural determinance, to hold stakeholders accountable and to help executive teams and Boards take a comprehensive look at the risk profile of their organizations. The framework can deliver a very concise and powerful map of both risk and ethical performance because it cuts across different layers of culture as it provides actionable guidance for the reason that it highlights a key priority.

The framework is a tool to use to gauge the effectiveness and impact of ethics and compliance practices. It is well-known that effective compliance and ethics programs can reduce dilemmas and increase ethical capacity. If they cannot move the needle in those two directions, they are likely missing the mark when it comes to impact. To make progress on the practices we have considered though the framework clearly demonstrates a commitment to creating the internal pathways to a strong, vibrant and healthy listener culture.

Yet, as the white paper notes, in “its simplest implementation, the framework can be used to inform internal discussions on culture and risk. It can also be leveraged to orient the work of independent monitoring committees and create a scorecard of culture and risk for the board to review regularly.”

For a fully copy of “Predicting Risk: A Strategic Culture Framework for the C-Suite” click here. For more information on SAI Global, click here.

Jul 16, 2018

Over a five-part series I will visit with Caterina Bulgarella on the recently released white paper by SAI Global, entitled “Predicting Risk: A Strategic Culture Framework for the C-Suite” (the “White Paper”). Bulgarella is a cultural architect and ethics collaborator with SAI and the author of the white paper. In this white paper, she introduces a strategic cultural framework which compliance professionals and companies can use to not only help them assess their ethical culture but provides a framework to map ethics to their business process in a manner which improves ethics and compliance and improves overall business processes leading to more robust efficiencies and greater profitability. Today we introduce the strategic cultural framework.

Bulgarella believes we are in a time of profound change and the speed at which things are changing. The fourth industrial revolution is happening now and bringing sweeping change. Over the next five years, 50 billion machines will be connected across the globe, on pace to revolutionize the way companies and people operate. This makes everything uncertain and ambiguous and that the changes are rewriting our value system faster than we can even realize. She provided a couple of examples. More generally, we know technology is changing how we act, operate, deliver and do many other things. More specifically, simply consider Artificial Intelligence (AI) and how this tool is going to cause a loss in privacy and confidentiality. Some of the questions it raises is whether these changes are ethical or not? Is the pace of change and the change itself a reasonable price to pay to or should we be more cautious?

When you overlay all this with the complexities of not only the modern world but also the current business environment, you can see the need for a more coherent framework for discussion and analysis of ethics and compliance. What may have been acceptable business practices can change literally overnight; here you can witness the number of companies that are scrambling to explain their contracts with ICE and that they were not involved with the child separation policies instituted by the Trump Administration. With so much at stake and with so many variables, companies need a more robust framework to help them make not only the right decision but ethical decisions as well.

The strategic cultural framework was created to help improve many of these corporate practices in tangible ways. It integrates a wealth of insights from behavioral science, as what we know about human behavior today is vastly more precise than what we knew even five years ago. Many of these insights have not been incorporated in organizational practices and that is where the strategic cultural framework comes in, to connects the dots. The strategic cultural framework explains how culture affects people’s ability to do the right thing and what risks an organization faces.

The framework is a model for maximum impact because it identifies the two culture dimensions that organizations should actively manage to reduce risk and increase ethical performance. The first dimension is delegation of ethical dilemmas. This is the extent to which the culture of an organization creates dilemmas and leaves these dilemmas un-addressed. The second dimension is distance to which the culture builds ethical capacity. This means that the culture must build resources, practices, and resilience that help people to deal with ethical challenges successfully.

Bulgarella noted that while there is really a broad and deep discourse around corporate values and around the idea of building business ethics around corporate values, she does not believe there is sufficient dialogue as to what organizations actually value. It is what the organization actually values that ultimately shapes how things are done and what is given priority within that organization. Company values shape the decision-making and execution and it is critical to understand them, together with the consequences they can create and risks they entail.

Bulgarella concluded with some thoughts on corporate culture, which she characterized as “the DNA of an organization which goes to the heart of an organization’s identity and purpose.” This is really what an organization believes and it is the “source of the substratum to all that is human, all the human endeavors in an organization.” However, she also cautioned that culture is a complex architecture. It is important to keep in mind the complexity of every corporate culture, when trying to implement any for best practices ethics and compliance program.

Bulgarella listed several different complexities of corporate culture and how corporate culture shows up in the way an organization’s systems and processes are designed; it shows up in the way people behave in their types of expectations and it can even show up in their mindset. This can make it difficult to simply find one formula or one definition for culture. I would encourage people to focus on what the organization beliefs and values and recognized the corporate values of an organization’s belief system. That distinction can be critical.

Tomorrow, what does senior management and a Boards of Directors and C-Suite need to know about ethical risk?

For a fully copy of “Predicting Risk: A Strategic Culture Framework for the C-Suite” click here. For more information on SAI Global, click here.

Jul 16, 2018

In the new FCPA Corporate Enforcement Policy, it stated that as one of the items required for a company to receive full credit for timely and appropriate remediation, “Appropriate retention of business records, and prohibiting the improper destruction or deletion of business records, including prohibiting employees from using software that generates but does not appropriately retain business records or communications”.

In this episode, I visit with  Brian Burke, partner at Shearman & Sterling and head of the firm’s Asia Litigation practice about the continued fallout since the release of the Justice Department’s new FCPA Corporate Enforcement Policy and its requirement instant messaging. We discuss the new Policy’s requirement and how companies can protect themselves. Brian can also speak to how companies can ensure the use of applications like WeChat and WhatsApp in business settings does not inadvertently threaten an employer’s subsequent ability to seek a declination or reduction in fines – and the practical measures companies can take in an effort to comply with the date retentions requirement under the Policy.

Some of the highlights include:

  • Document control and retention have been a requirement for some time, why did the DOJ feel the need to specifically address this issue?
  • Are there any enforcement actions we can look to for guidance?
  • Can you suggest any practical steps a company can take? Ban What’s App communications? Ban Instagram or any other messenger app?
  • In the era of BYOD, how does a company police this with its workforce, particularly oversees?
  • What must a company show to the DOJ to demonstrate compliance with this requirement?
  • What advice are you giving clients on this issue?
Jul 12, 2018

While dodging black cats, open ladders and broken mirrors, Jay Rosen and myself are back on this Friday the 13thto take a look at some of the top compliance stories from the past week.

  1. Want to take a deep dive into the Credit Suisse FCPA enforcement action? Check out Tom’s 3-blog post series (Part I, Part IIand Part III) and Mike Volkov’s two-part series (underlying factsand lessons learned).
  2. What’s the best way to use data to detect corruption? Enestor Dos Santos, principal economist at BBVA Research writes in Global Anti-Corruption Blog. For the full BBVA Research report clickhere.
  3. Did FCPA enforcement pick up in Q2? William Garrett explores this question in WSJ Risk and Compliance Journal.
  4. Romania's president removes chief anti-corruption prosecutor. Radu-Sorin Marinas reports in Reuters.
  5. Tony Hayward (yes, that Tony “I want my life back” Hayward) will lead Glencore’s corruption investigation. What could go wrong? Harry Cassin explores in the FCPA Blog. Is Glencore pushing the corruption risk envelope too far? David Pilling opines in the Financial Times. (sub req’d)
  6. Does AI create or simply expose ethical dilimmmas? (Hint-it’s all about the data). Vera Cherepanova explores this question in the FCPA Blog.
  7. The second half thebriberyact.com guys; Richard Kovalevsky QC leaves Chambers to move to Stewart’s. Waithera Junghae reports in GIR. (sub req’d)
  8. Is the administration’s moves against ZTE part of a larger all out trade war strategy against China and/or the rest of the world? Louise Lucas explores this question in the Financial Times. (sub req’d) New management says compliance is the top priority. See report in com.
  9. Tone at the top really does matter. PapaJohn Chairman (and former CEO) resigns from Board after using racial slur in con call with vendor. Vendor fires PapaJohn’s as client. See report in Wall Street Journal.
  10. Uber finally gets a CCO but loses its head of HR. Greg Bensinger and Sadie Gurman report in the WSJon the hire. Bensinger reports on the resignation of the head of HR in WSJas well.
  11. The Red Sox have the best record in baseball at the All-Star break. Can they avoid yet another collapse? Jay and Tom debate.

What do black cats and Friday the 13th have to do with compliance? Find out on This Week in FCPA.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Jul 9, 2018

Over this five-part podcast series, I have been taking a deep dive into healthcare monitoring and how the pro-active use of a healthcare monitor can positively impact all stakeholders in the healthcare industry: the regulators, the healthcare industry and the consumers of healthcare services, the public. I have been joined in this exploration by two individuals at Affiliated Monitors, Inc. (AMI), the sponsor of this series. They were Jesse Caplan, Managing Director of Corporate Oversight, and Catherine Keyes, Vice President of Operations. Today, I conclude the series with Caplan on using independent integrity assessment and monitoring to limit adverse consequences.

Many compliance practitioners in the healthcare space (and those in commercial space) often ask if an independent integrity review and monitoring be helpful where an organization may have reason to believe it has an actual or potential compliance problem but has not yet been subject to an enforcement action or a Corporate Integrity Agreement (CIA)  imposed by the government. There are several reasons this is particularly true in the healthcare space. He noted that the government expects, in fact demands, that healthcare organizations self-report certain types of compliance violations. He provided some examples such as overpayments healthcare providers may have received from the government, or false or fraudulent claims that they have billed the government and certain types of privacy breaches.

Caplan believes that using an independent compliance expert can be useful in dealing with the government enforcement agency and convincing that agency to look more favorably where severe sanctions might otherwise be imposed. An independent integrity monitor can be helpful to a healthcare organization where they may have compliance violations. It can even be true with current healthcare issues such as the opioid crisis and excessive opioid prescribing.

Moreover, this is where an independent integrity monitor can be very useful when the organization thinks they have a problem. A monitor can be brought in to assess the compliance program, make recommendations for improvements and then be available to monitor the remedial recommendations as they are implemented. If an organization makes a self-disclosure or if the government comes and investigates the company, they can use the fact that they have used an independent integrity monitor to assess the compliance program and, equally importantly, themselves and they will continue to use the monitor to ensure continued compliance.

By using an independent integrity assessment, an organization can demonstrate to the government entity that the problems with the company’s compliance regime are not endemic or structural but more of an isolated incident. This can help to provide confidence to the public that they can continue to operate safely and in compliance and provide assurance to the government and regulators that it can continue to participate in the government programs with little fear of having those violations reoccur. This can have a very large impact on what types of action the government or regulator will take.

The bottom line in healthcare regulation is that government enforcement and regulatory agencies would prefer not to exclude important healthcare providers who have compliance issues. Their goal to ensure access to sufficient quality providers is a constant challenge for healthcare policymakers. Regulators generally agree that the best solution is to have providers with compliance issues remediate their problems and implement a sustainable and effective ethical compliance program. By engaging an independent compliance expert and monitor can provide the government with confidence that organization has remediated and will be an effective, compliant participant.

We conclude this episode with a few of Caplan’s thoughts on how an independent integrity monitor could have impacted two matters widely in the public eye. They are the matter of Theranos, Inc. and the opioid crisis. With regards to Theranos, a wide variety of stakeholders could have requested a truly independent come in and assess compliance at the company. It could have been the Board of Directors, the Securities and Exchange Commission (SEC), state or federal healthcare regulators or even third parties who were looking to do joint ventures with the company. Such an assessment might have saved many jobs, investments, careers and reputations.

In the opioid crisis, an independent monitor could have done the assessment around large numbers of drugs being prescribed by one doctor or prescribed to be delivered through one pharmacy. But the analysis could have gone much deeper by focusing on the corporate compliance programs, their implementation and training. It could have also looked at those who spoke up by using the hotline or other internal reporting mechanisms.

All of this means that an independent integrity monitor in the healthcare space can be used in a variety of ways and through a variety of mechanisms.

For more information on how an independent monitor can help improve your healthcare entity's ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Jul 9, 2018

In this five-part podcast series, I am taking a deep dive into healthcare monitoring and how the pro-active use of a healthcare monitor can positively impact all stakeholders in the healthcare industry: the regulators, the healthcare industry and the consumers of health care services, the public. I am joined in this exploration with two individuals at Affiliated Monitors, Inc. (AMI), the sponsor of this series, Catherine A. Keyes, Vice President of Operations, and Jesse Caplan, Managing Director of Corporate Oversight. In this episode, I visit with Keyes to discuss how an independent integrity monitor can be used in non-disciplinary administrative proceedings.

The first scenario is around hospital conversions. Many states have laws in place to protect the public’s interest when a not-for-profit hospital is sold to a for-profit entity. The state’s Attorney General or Department of Health may impose conditions on the new entity, in some cases to prevent it from simply “flipping” the hospital and extracting the dollar value of the goodwill that was invested by the state when it was not-for-profit.

Hospitals started by charitable or religious organizations may have been acquired or approached by for-profit entities who might be interested in acquiring them. States are concerned that they simply want these healthcare institutions snapped up, so the states want to make sure that the interest of the public are really protected. There are multiple interests that the public has when a not-for-profit entity is bought by a for-profit entity; including things like making sure that the for-profit entity will exist as a healthcare provider for a reasonable period of time, they are good neighbors, that they pay taxes and if there were charities that were in place, those charities continue.

When such a conversion occurs, the purchaser may agree to a wide variety of conditions, such maintaining certain services, making capital improvements, expanding in certain areas, meeting certain public health standards (for immunizations, treatment standards, coordination of care) and addressing certain public health priorities, such as opioid overdose risks or area-specific issues like Lyme disease. An independent integrity monitor may engage in some or all of the following: review of money to be sure it is spent according to conditions; review of policies, procedures, contracts, training materials; review of assignment of assets,  e.g. donations that were earmarked for a purpose that is no longer possible; visits to the hospital to see if certain programs are functioning, to see if services are being offered as agreed-upon; interviews with staff to see how medical requirements are being met; and review of charts to see whether processes are being followed. In short there are wide variety of conditions which be in place or which the state or regulators want visibility into and a monitor can provide that visibility.

A monitor can also consider other factors, which may seem to less healthcare related but could impact a conversion. There might be an agreement for capital improvements, for example, there might be total dollar amounts to be invested, dollar amounts per year or there might be dollar amounts over a span of time. It could all depend on what the long-term plans are for the acquirer. As an acquirer typically does not make a lot of capital improvements in the first year, a regulator would need a monitor in place for some period of time to make sure the investments are made and  the money spent is actually going on capital improvements. There could be ancillary agreements such as participation in and sponsoring of community activities or education, all of which need to be monitored.

A monitor can drill down into whether the healthcare provider put out advertisements about those kinds of things and see if the public and the person or persons involved actually attended them. Another area often seen is around charitable assets, where a donor may have made a bequeath to a hospital for a specific purpose. If the specific purpose is no longer available; for instance, if it was for a hospital wing that is getting closed down and not being used for the kind of care that it was set up for, those assets might be reassigned.

A second area could be granting of licenses or Certificate of Need and the conditions that a state may impose. This could be for a new hospital, a renewal or some other healthcare facility where the state really wants to have some continued oversight. Keyes explained that while it is not substantively different than the acquisition realm, it is more quantitatively different. There may be a smaller set of conditions, that have been agreed upon. An example might be a Certificate of Need associated with the purchase of a large piece of equipment which might change the dynamics around a facility.

An independent integrity monitor extends the capability of the state agencies and regulators, it allows them to confirm that the entities are meeting the conditions. A monitor can review the paper trail indicating that the agreed-upon processes are in place and can help to keep a healthcare provider’s compliance program on a schedule, so that it does not slip too far down the list of company priorities.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Jul 9, 2018

In this five-part podcast series, I am taking a deep dive into healthcare monitoring and how the pro-active use of a healthcare monitor can positively impact all stakeholders in the healthcare industry: the regulators, the healthcare industry and the consumers of healthcare services, the public. I am joined in this exploration with two individuals at Affiliated Monitors, Inc. (AMI), the sponsor of this series, Catherine A. Keyes, Vice President of Operations, and Jesse Caplan, Managing Director of Corporate Oversight. In this third episode, I visit with Keyes to discuss how an independent integrity monitor can be used in healthcare licensing and disciplinary proceedings.

I started off by asking Keyes about the situation where a state Medicaid Fraud Control Unit finds a provider billing for an unusually high number of patients or procedures per day. Through an investigation, the state unit finds poor documentation that looks like fraud. How can an independent integrity monitor serve as an overall part of a resolution? Keyes noted that initially such a settlement will allow the provider or clinic to continue to practice, which is important for Medicaid providers. Keeping a Medicaid practice open is often very important in some areas, where there are very few Medicaid providers, so having a Medicaid provider remain open is important, not just for the person whose business it is, but also in the community. Keeping or bringing up such a healthcare provider to professional standards is also important. Finally, it is critical all the way around to keeping pressure on the provider to make the promised changes to fix the system and it protects the public by bringing the provider in line with professional standards.

We next discussed the scenario where someone makes a complaint to a licensing board, the complaint is investigated, and the licensing board finds, among other things, that the practitioner’s patient records lack basic elements: for example, adequate notes about treatments. Keyes noted that oftentimes a complaint is made to a state regulatory agency, a licensing board, for example. It might be a dental board, it might be a medical board, it might be a chiropractic board. Most of these licensing boards have regulations that say what minimally should be included in patient records. And this is the standard you would hope that any kind of a medical provider is recording in writing. This is critical  for a patient’s medical care going forward.

Here Keyes believes that an independent integrity monitor can be an excellent option as it allows the healthcare provider to continue to practice while providing prompt feedback to the agency about whether the healthcare provider is making promised changes. This is because a straight suspension may hit the pocketbook without helping the provider make meaningful change.

Yet there is an equal if not greater benefit to the healthcare provider as the independent integrity monitor can provide tailored advice about how to bring the practice up to professional standards. Keyes provided a simple yet straight-forward example, “I once saw the difference between having a chiropractor’s friend act as a monitor and write an overly simplistic report – “the charts look fine” – and the in-depth feedback given by professional monitors: “the history of present illness needs to be more complete, including info about the effectiveness of other treatments received”.”

I asked Keyes about using an approach of an independent integrity monitor in a current situation such as the opioid crisis. She said that such use could allow an independent integrity monitor to track prescriptions and prescribers of opioids and other drugs. She said that as part of a multi-pronged approach to the opioid abuse issue, many states are looking to see who their high prescribers are and whether these are legitimate practices or just pill mills. A monitor can help a provider to put policies and procedures in place to (a) assess the underlying need for pain medication; (b) determine whether someone is actually taking the medications; (c) refer to other specialists for supplemental care: physical therapy, acupuncture, pain clinics; and (d) appropriately terminate care of patients who appear to be getting prescriptions primarily to re-sell the pills.

Yet the benefits do not end there as monitoring, as part of settlement agreement, could require the provider to reduce the number of pain patients and the quantity of pills prescribed over a certain period. An independent integrity monitor can keep the regulators informed as most state agencies do not have the staff available to track compliance with the details of such an agreement. Independent monitoring is paid for by the licensee. Such use of a monitor also works to protect the public by bringing the professional in line with national standards for assessment, treatment and follow-up of pain patients. Finally, using a monitor can allow the provider to remain open and demonstrate their commitment to improved practice. Healthcare providers are quick learners and, in some cases, putting a structured program in place is a relief.

Next up, using monitors in administrative proceedings not related to discipline and licensing issues.

For more information on how an independent monitor can help improve your healthcare entity's ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

1 2 Next »