In this episode, we consider Opinion Release 14-01, where the Department of Justice opined that paying a foreign government official for monies he was owed in the sale of a business interest that he owned prior to becoming a foreign government official would not be prosecuted as a Foreign Corrupt Practices Act violation. As intuitive as this decision might sound, there is, nevertheless, significant information for the compliance practitioner to take away from 14-01.

“Each case turns on its own facts.” How many times have you heard a representative of the Department of Justice (DOJ) or Securities and Exchange Commission (SEC) make that statement at a conference or other public event? The reality is that this is true and, in the context of Foreign Corrupt Practices Act (FCPA), both regulators look at the facts and circumstances around each case in making a wide range of assessments. While this is frustrating to business types, as a lawyer I find it to be not only an appropriate analysis but also an accurate way in which to look at things. 

Late in 2013 the DOJ issued its only Opinion Release, that being Opinion Release 13-01. One of the things that this Opinion Release stands for is that each fact scenario presented under the FCPA must be evaluated on its own facts. While this maxim is certainly true, I believe that the Opinion Release goes further and provides significant information to the compliance practitioner for charitable donations going forward.

In Opinion Release 12-02, certain Requestors, which were 19 non-profit adoption agencies located in the US, asked the DOJ about bringing certain foreign governmental officials involved in the foreign country’s adoption process to the US. All the foreign governmental officials are involved in the process of allowing children from their country go through the adoption process with the US non-profits involved. The trips to the US were for two days of meetings. Can the Requestors do so, without running afoul of the FCPA?

In the Episode, I visit with one of the top outside counsel in field of FCPA and compliance. It is Stephen Martin, a partner at Arnold & Porter. In this episode we deconstruct the Petrobras FCPA enforcement action. Some of the highlights include: 

1. Why is this the largest FCPA fine ever?
2. What happens if a company fails to disclose the violations?
3. How does a company begin to rebuild from a corrupt culture?
4. Why was there no monitor required?
5. What is the true cost of a FCPA enforcement action?
6. What did Petrobras do to garner a NPA?
7. How does this enforcement action incentivize self-disclosure going forward?
8. What are the lessons to be learned by the compliance professional?

The Petrobras FCPA enforcement action came in the form of a Non-Prosecution Agreement (NPA) with the Department of Justice (DOJ) and Cease and Desist Order (Order) with the Securities and Exchange Commission (SEC).

The baseball playoffs are here.  For the Sox, the hated Yankees. For the Astros, they begin their World Series defense against the Cleveland Indians. Tom and Jay discuss and take a look at some of the week’s top compliance and ethics stories.

1. Styker is now a two-time FCPA loser. Will there be a third? Sam Rubenfeld reports in the WSJ Risk and Compliance Journal. Dick Cassin reports in the FCPA Blog.
2. In a pique of sanity, Elon Musk settles his SEC lawsuit which might have barred him from serving on the Board of a public company. Tim Higgins and Dave Michaels consider the fallout in the WSJ. Both James Stewart, writing in the NYTand Tom Zanki, in Law360 say the Board needs better oversight.
3. Former Chile mining official settles FCPA charges. Dick Cassin reports in the FCPA Blog. Sam Rubenfeld reports in the WSJ Risk & Compliance Journal.
4. The commentary from the Petrobras FCPA enforcement action continues. Tom runs a 3-part series (Part 1, Part 2& Part 3). Mike Volkov weighs in on Corruption, Crime and Compliance. Andy Webb-Vidal explores the 10 ten takeaways from Operation Car Wash on Corporate Compliance Insights. Jonathan Marks looks at it from the ‘Realm of the Obvious’ in his Board and Fraud blog.
5. MLB reportedly under investigation for FCPA violations in Latin America. Cheryl Ring reports in Fangraph.
6. More on ruling on attorney-client privilege in UK. Sam Rubenfled in WSJ Risk & Compliance Journal reports SFO will not appeal ENRC ruling. Andrew Reeves provides five key takeaways in the FCPA Blog.
7. Panasonic Avionics finally get a monitor. Kelly Swanson reports in GIR.
8. Robbing a national bank, think big. Margot Patrick, Gabriele Steinhauser and Patricia Kowsmann report in the WSJ.
9. Women who have behaved badly. Rosmah Mansor, wife of former Malaysian PM Najib Razak charged with money-laundering, Harry Cassin in the FCPA Blog. SFO moves to sieze assets of Gulnara Karimova the eldest daughter of the late Uzbek President Islam Karimoa. Dick Cassin the FCPA Blog.
10. Want a 50% discount to one of the top compliance conferences around? Join Tom and AMI’s Eric Feldman at CONVERGE18 in Denver on October 9-11. I hope you can join me at the event. For information on the event, click here. As an extra benefit to fans of This Week in FCPA, CONVERGE18 is offering a 50% discount off the registrationEnter discount code TOMFOXVIP.
11. The baseball playoffs are here. Tom and gutless wonder Jay discuss. Tom explains why Jay is a gutless wonder.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Welcome to the only roundtable podcast in compliance. This week’s episode is entirely dedicated to the spectacle of the Ford-Kavanaugh hearings from the past week. Jonathan Armstrong is on assignment so Tom Fox sits in for Armstrong. After the commentary we follow with rants.

1. Jay Rosen-through the lens of the recent Jewish High Holidays, Jay considers redemption. What does the Torah say about redemption? How do Yom Kippur and Rosh Hashanah inform us on seeking redemption and living the redemptive life throughout the year? Jay bemoans the downturn in the Patriots but looks forward to seeing the Red Sox in the playoffs.

2. Mike Volkov-a former federal prosecutor, Congressional staffer and investigator in corporate investigations considers the demeanors of Dr. Ford and Judge Kavanaugh as witnesses? Armstrong rants on curse of the enthusiastic amateur. Mike rants about the denigration of the Supreme Court nomination process and how this could permanently demean the Court.

3. Matt Kelly-considers what allegations are sufficient to warrant an investigation and what are some of the differences in an investigation through the political process and an internal investigation at a company. Matt gives a shout out to PwC Chairman Tim Ryan for his actions in the wake of the shooting in Dallas of a unarmed PwC employee in his home by a Dallas police officer.

4. Tom Fox-considers judicial temperament. Did Kavanaugh demonstrate lack of sufficient judicial temperament in his partisan attack on the Democrats, the confirmation process and the US Senate? Would that type of temperament be allowed or tolerated in the corporate setting? Tom give a shout out to MLB schedulers who managed to schedule two consecutive single game elimination events for the last day of baseballs 162 game season.

The members of the Everything Compliance panelist are:

• Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
• Mike Volkov– One of the top FCPA commentators and practitioners around and the Chief Executive Officer of The Volkov Law Group, LLC. Volkov can be reached at mvolkov@volkovlawgroup.com.
• Matt Kelly– Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com
• Jonathan Armstrong– Rounding out the panel is our UK colleague, who is an experienced lawyer with Cordery in London. Armstrong can be reached at armstrong@corderycompliance.com

The host and producer (and sometime panelist) of Everything Compliance is Tom Fox the Compliance Evangelist.

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly and I take a very deep dive into the increased prevalence of non-GAAP financial reporting.    

Some of the highlights from this podcast are:

1. There has been a three-fold increase in instances of non-GAAP financial reporting in the past 20 years.
2. What are some of the reasons companies would choose to use non-GAAP financial reporting? Does it deceive or confuse investors? What does the SEC say about it?
3. Companies claim that certain non-GAAP financial reporting paints a more complete picture of a company’s true financial health. Is that true?

We unpack of all these points and consider strategies going forward.

For more reading: see Matt’s piece Non-GAAP Reporting, Popular as Ever

In this special five-part podcast series, I have visited with Thomas Sehested, founder and CEO of, Valerie Charles, Chief Strategy Officer and Peter Chang, Head of Customer Success of GAN Integrity. In this series, we will consider how the effective use of technology can drive not only a more effective, operationalized compliance program but make your business run more efficiently. In this Part V, I visit with Charles some of her birdseye view of compliance.

Charles has worked in private practice as a white-collar defense lawyer and as a Chief Compliance Officer (CCO). While in-house, Charles tended to view technology as a tactical solution to an issue. She did not see it as a strategic solution and frankly did not understand the power of tech in compliance. However, after her move to GAN she began to see how technology could bring a much larger strategic focus to compliance, for example in such areas a tech solution for compliance integrated into the company’s overall risk management strategy, leading to integrated reporting and an entire infrastructure of the tech solutions tied to the corporate structures.

We explored how Charles perceives that technology has changed the way(s) she considers compliance. She began by noting how much more advanced and mature the financial sector has been in developing and embracing tech than compliance. This extended to corporate financial disciplines so that now there are integrated standard-bearer platforms. Good technology can import and export data easily that allows greater movement of information with more transparency between business units. She noted that Human Resources (HR) has also benefited greatly from tech solutions.

She contrasted those examples with the corporate compliance function, which she believes has been hamstrung by the lack of an integrated tech solution in compliance. Tech for compliance has been fragmented. Typically, it has been the norm for a compliance professional to go one vendor to purchase technology to roll out policies & procedures, another vendor for e-learning and surveys and still another to register conflicts of interest, gift giving and receiving. Of course vetting your third parties is another set of vendors as is hotline and case management software.

She stated,  “if you can't tie together the critical components of the program into one integrated system that talks to each other and can easily be checked out or have data flowing to and from the other business units, you're kind of still an odd guy out.” If there was such a tech solution, it would elevate the compliance profession.  

Charles believes the most effective and forward thinking compliance professionals are those who consider how not only will compliance impact an organization but also how a compliance program should integrate into the company’s overall business strategy. She explained that this means considering “everybody from, you know, ops people to sales folks to the marketing team.” You should really try to understand how the business flows and sort of how do you put these gates, how do you put these processes, procedures, and controls in places that will meet your goal of keeping everybody safe and the company, but doing it in a way that will slow down the company as little as possible.”

A CCO can begin to accomplish this by having conversations with the corporate functions and business operations to understand how any changes from the compliance function will impact the day-to-day processes of the organization. If you do this spadework and take the concerns of those you talk to into account, Charles believes it will be much easier for you, as CCO, to get senior management buy-in for changes, upgrades and/or enhancements of your compliance program.

This research is effective is for a couple of reasons. First by garnering buy-in from other corporate disciplines, it makes those disciplines feel like they were a part of a team effort or at the very minimum their concerns were listened to. Which leads directly into a key (if not thekey) skill of any senior business leader, including a CCO, which is listening. Yet listening is even more important for a CCO or compliance practitioner because of the collaborative nature of the compliance function. But information is a two-way street so you must not only listen but also educate your corporate partners in finance, internal audit, HR and internal controls.

From such discussions, Charles believes you can determine the types of controls that would be effective for compliance. Such controls could be incorporated into policies and procedures or internal controls. She noted, “there’s an art to looking at the flow of a business and placing controls in those specific spots. If you are able to listen and process other people’s goals alongside your own and then marry those concepts together, it creates something that works for everybody and everybody can push for it. You listen to a bunch of ideas and then crunch them out in a way that people can understand and see the results.”

Another interesting observation by Charles was that she views the compliance profession as the “true partners of the business.” She contrasted this with a corporate legal department, which exists to protect the company. Compliance is there to prevent, detect and remediate, which means to enhance a business process through the lens of compliance. Charles stated, “compliance has the creativity and flexibility that the legal team doesn’t always have. We can utilize that to align ourselves with business goals in a way that the business team can understand.” This means that if a CCO or compliance function sees something that is not working, it can make a change. The more a compliance team focuses on dynamic and changing risks, the more it will appear as a way to respond to business needs. Equally important, such an approach not only anticipates but also supports the continuous improvement model of compliance. As you garner feedback and data from your compliance program you can use that information to improve your overall compliance process.

Charles concluded by noting that execution is a key element and this is where the rubber meets the road. After you have listened, designed or enhanced and received senior management buy-in, did you, as the CCO or compliance function, execute on your long-term strategy? At the end of the day, you will be judged on how you executed your strategy.

For more information on GAN Integrity, visit our sponsor’s website, www.ganintegrity.com.

 In this special five-part podcast series, I visit with Thomas Sehested, founder and CEO of, Valerie Charles, Chief Strategy Officer and Peter Chang, Head of Customer Success of Gan Integrity. In this series, we will consider how the effective use of technology can drive not only a more effective, operationalized compliance program but make your business run more efficiently. In this Part I, I visit with Thomas Sehested on his journey from professional athlete to tech entrepreneur to compliance solution provider.

Some of the most interesting innovations in compliance come from folks who do not have a background in either compliance or legal training. I have found it is because their perspective is so different that they spot things that we legally trained compliance professionals often do not spot. That insight was reinforced when I recently interviewed Thomas Sehested, co-founder and Chief Executive Officer (CEO) of GAN Integrity Inc., (GAN) for an upcoming podcast series, sponsored by GAN. Sehested has been a world champion Windsurfer, became a tech entrepreneur in the antipiracy world and now works in the compliance space.

While in business he had felt (like many business folks) that compliance was the Land of No and Chief Compliance Officers (CCOs) largely inhabited it as Dr. No. Yet when he looked more closely into the compliance space he saw a profession that had been lawyer driven yet seemed to be more focused on business process, something that lawyers are certainly not trained for nor have the tools to accomplish. Moreover, the breadth and scope of requirements for a corporate compliance function are almost endless as it literally touches every other corporate discipline.

I found Sehested’s insight very interesting, that compliance professionals are faced with a pretty rigorous set of things that they need to live up to, “it’s really kind of a minefield in terms of what they need to focus on as a team”. However, he felt they lacked the tools to do this efficiently. He also saw “very small teams, two or three people, managing compliance for thousands of employees and thousands of third-party vendors.” To actively manage this number of persons and entities without a technological solution is well-nigh impossible. Sehested saw an opportunity to create technological solutions to remedy this anomaly. This is what he set out to do when he created GAN. Sehested not only wants to put more technological solutions in the hands of the compliance professional to manage the tasks they have at hand but also give them methods to present that information to senior management and the Board of Directors.

I asked Sehested what a compliance professional might consider to focusing on initially from a tech standpoint. Interestingly, he noted that even with the wide range of company sizes and industry foci, “you want to look at what you do on a day to day basis and automate that so that you, as a compliance professional, can focus on what you’re good at and that’s making the strategic decisions about how your company should handle compliance. It should not be about chasing people down and making sure that they filled out their questionnaires and trainings.”

This means you should consider automating the typical administrative tasks which fill so much of our day-to-day work. Sehested believes “All of that should be automated. If you have a lot of third-party vendors, you should make sure there’s a solid system in place to deal with the vast majority which do business in compliance. In that way, you can use your bandwidth to deal with the few rotten eggs that are likely to kind of float to the top.” The same is with employees from the compliance perspective, you should be “focused and dedicate your attention to where it’s needed. You need something to present you with the daily view of your organization from a compliance perspective to make sure you can dedicate your time to that.” The bottom line is that a compliance professional should consider the work they are doing today and see what can be automated.

I found Sehested’s perspective quite thought-provoking. As a compliance professional you should assess what is in your portfolio that can be automated for greater efficiency. By starting here, you can put together a business case about how a tech solution will save your organization money right out of the gate. From there you can move to higher level functions and duties in your department. This approach also has the benefit of incremental process improvements. You are not reinventing the compliance wheel in your organization but rather improving the business process. That is something that not only senior management and the Board looks for but the regulators as well.

For more information on GAN Integrity, visit our sponsor’s website, www.ganintegrity.com.

In this special five-part podcast series, I visit with Thomas Sehested, founder and Chief Executive Officer (CEO), Valerie Charles, Chief Strategy Officer, and Peter Chang, Head of Customer Success, from GAN Integrity, Inc. (GAN). Throughout this series, we consider how the effective use of technology can drive not only a more effective, operationalized compliance program but make your business run more efficiently. In Part II, I visit with Charles on her journey from legal to compliance to tech.

Charles practiced law as a white-collar defense lawyer before moving in-house as a global compliance lead. Now she is the Chief Strategy Officer at GAN. It is somewhat unusual for a lawyer/compliance professional to move into a tech company which specializes in the compliance space. I was interested in what caused her to make this move. She related that she has always been curious about the use of technology in the practice of law and in the compliance profession. She said that her in-house compliance role demonstrated the inefficient use of her time. She was performing many administrative tasks which she felt could be handled more quickly with a tech solution. Charles stated, “for that reason when I bumped into the GAN folks and realized what they were doing a, it made a lot of sort of natural sense to me.”  She then had a “now or never” moment and decided to jump into the tech side of compliance with both feet.

She related that many in-house compliance professionals are spending time chasing people to do things that people could be chased to do by technology. I asked Charles about some of the tasks she observed that lent themselves to a tech solution. She said it could be “rolling out a new policy, circulating the internal approvals to get that policy or that procedure approved. It could be wedding a third party or more often reinventing a third party at a predetermined frequency. It may be keeping up with a lot of administrative deadlines and then exercising the activity you are supposed to at that time.”

But the reality is that most compliance professionals would much prefer to spend their time strategizing about what they’re doing at a more macro level. Many of the tasks she articulated not only take up too much administrative time but keep folks from working on more significant tasks such as longer-term strategic issues. Charles said that one of the things that intrigued her after her move from compliance to tech was her shift in focus of how to use technology in a best practices compliance program.

While in-house, Charles tended to view technology as a tactical solution to a compliance issue. She did not see it as a strategic solution and frankly did not understand the power of tech in compliance. However, after her move to GAN she began to see how technology can bring a much larger strategic focus to compliance, in such areas as a compliance tech solution integrated into the company’s overall risk management strategy, getting integrated reporting with the entire infrastructure of the tech solution tied to corporate structures.

We explored how Charles perceives that technology has changed the way(s) she considers compliance. She began by noting how much more advanced and mature the financial sector has been in developing and embracing tech than compliance. This extended to corporate financial disciplines so that now there are integrated standard bearer platforms. Good technology can import and export data easily that allows greater movement of information with more transparency between business units. She noted that Human Resources (HR) has also benefited greatly from tech solutions.

She contrasted those examples with the corporate compliance function, which she believes has been hamstrung by the lack of integrated tech solutions. Tech for compliance has been fragmented. Typically, it has been the norm for a compliance professional to go to one vendor to purchase technology to roll out policies and procedures, another vendor for e-learning and surveys and yet another to register conflicts of interest, gift giving and receiving. Of course, vetting your third parties is another set of vendors, as is hotline and case management software. She stated, “if you can’t tie together the critical components of the program into one integrated system that talks to each other and can easily be checked out or have data flowing to and from the other business units, you’re kind of still an odd guy out.” If there was such a tech solution, it would elevate the compliance profession.  

As tech has moved to cloud-based solutions, there is the ability to integrate many of these functions. When this can be accomplished, it will allow a Chief Compliance Officer (CCO) or compliance professional to review consolidated data and reporting. Charles concluded when that occurs, “the evolution of compliance technology will match the evolution of the importance of the field itself.”

Visit our podcast sponsor, GAN Integrity by clicking here. 

During this five-part podcast series, I have visited with Thomas Sehested, founder and Chief Executive Officer (CEO), Valerie Charles, Chief Strategy Officer, and Peter Chang, Head of Customer Success, of GAN Integrity, Inc. (GAN). Over this series, we consider how the effective use of technology can drive not only a more effective, operationalized compliance program but make your business run more efficiently. In Part III, I visit with Sehested on how tech solutions can make not only compliance more efficient, but companies run more efficiently and at the end of the day more profitably.

One of the things I evangelize the longest and loudest about is that properly practiced, an effective, fully operationalized best practices compliance program makes a company operate more efficiently and, therefore, more profitably. Organizations such as Ethisphere have consistently demonstrated, with nearly 15 years of data from its World’s Most Ethical awards, that companies who win the award outperform the Standard & Poor’s average. I was therefore very interested to visit with Sehested on this topic.

In a prior episode we discussed the tactical approach for tech in compliance; where a compliance professional can bring a tech solution to the plethora of administrative tasks which inundate every corporate compliance department. However, Sehested said that even this approach could well have immediate benefits beyond the compliance function’s greater efficiency as it begins the journey to use data. Here you might even consider Edward Deming’s well-known adage, “In God We Trust, all others bring data.” By using a tech solution to move a compliance function away from mundane administrative tasks, you begin to create a culture around data. This weans a corporate compliance function from the legalistic approach, which is primarily taught in law schools, to an evolving business process approach.

From this perch it is easy to see that all the data flowing through (or at least should flow through) a compliance function. It can range from employee gift, travel and entertainment (GTE) spend, charitable donations, commissions paid to third-party sales agents, corporate social responsibility (CSR) information, marketing spend and overall sales figures. If this amount of data can be accessed and then analyzed, you would have a well-spring of information to make your company run more efficiently.

It all begins with multiple sources of data which flow through the compliance function but moves on from there. If someone actually looked at the data, you could see where the inefficiencies in your own sales process were and actually increase efficiencies in your sales process. With such data, the compliance function could partner with other corporate functions to help determine greater business efficiencies, all while maintaining and even enhancing a corporate culture around doing business ethically and in compliance. A corporate compliance function should be closely aligning with multiple other departments, sales, procurement, finance and internal audit to name a few. Yet even the work with outside stakeholders, such as third-part sales agents or distributors, can be a part of this regime by sending out questionnaires and communications around compliance. Sehested sees this as “deploying different strategies of nudging to make sure that they influence their vendors to think the same way as their employees, when it comes to being ethical.”

How does a Chief Compliance Officer (CCO) make this pitch to a CEO or senior management? This is where Deming and Sehested come in as it is all about the data, not just the raw data but how it is presented. As a CCO, you need to come up with reports, backed up by the data to support these assertions. Sehested can attest that CEO’s have a wide variety of demands on their time so the more concise and direct you can be, the better it will be for your case. Use data, case studies and graphics to demonstrate not only the cost savings but the increase in efficiencies.

The opportunities for the compliance function to improve overall business efficiencies are only beginning to be appreciated. Moving from the legalistic approach to a more data driven business process is what the Department of Justice (DOJ) intoned in its 2017 Evaluation of Corporate Compliance Programs (Evaluation). As compliance programs and the compliance function continue to evolve into the 2020’s; those who are truly innovative will use the data to help drive business ethics. Having insights from someone outside the compliance space, such as Sehested, can help drive that innovation.

Check out GAN Integrity by clicking here.

Over this five-part podcast series, I have visited with Thomas Sehested, founder and Chief Executive Officer (CEO), Valerie Charles, Chief Strategy Officer, and Peter Chang, Head of Customer Success, from GAN Integrity, Inc. (GAN). In this series we consider how the effective use of technology can drive not only a more effective, operationalized compliance program but make your business run more efficiently. In Part IV, I visit with Chang on the GAN approach to client success and how it acts towards continuous improvement of a compliance program.

Execution is where the rubber meets the road in compliance. For any Chief Compliance Officer (CCO) or compliance practitioner, having not only an effective tech strategy for compliance but one that is executed is critical. This is where Chang and his team at GAN can step to make a very big difference. He began by emphasizing that typically a CCO has come from the General Counsel’s (GCs) office or has some type of legal or other non-tech professional. While resources and head count are always an issue for a CCO, work on administrative matters can also put a strain on the compliance program. Chang said that one of the first conversations he has with a CCO is do they have an automated program to handle the administrative tasks and then couples it with measurable data which allows a CCO to move from a detect mode to preventative and even prescriptive. With this consistency, you can deliver a more robust risk management strategy to senior management and the Board of Directors.

Another challenge for many CCOs is how to interpret the data they receive from a tech solution. In short, what does it all mean? Chang said that when his team begins a project, they actually work backwards to figure out not only what type of metrics will be generated but what a CCO might need going forward. You want to be “very clear on what you are capturing in terms of reporting and what is needed to execute the compliance program.” Chang advocates starting your analytics at the transaction level and “rolling them up in to a state where you can see the big picture”. While it is obviously important for a tech solution implementation to be successful, if you work towards it from the beginning it can help to make things “clear and concise” at the end.

Next, we considered system deployment. This means both adoption of a tech solution and its continued and even expanding use. Chang and his team begin by putting the compliance program into the tech solution and then moves to train on the solution going forward. This training works not only for the compliance professionals present at deployment but those who might come into the corporate compliance function after deployment. Chang called this continuous adoption, which is working with each customer so they can grow and expand the use of the tech solution to not only cover the original issue(s) but expand the tech solution to meet new challenges.

This approach has some very significant and positive implication for the compliance professional. This is another way to talk about continuous improvement in a compliance program. Chang noted that is to make sure there is a 100% attention rate in order to stay relevant within the organization. Ensuring there is continued coverage to support not only from the home office level but also the county level, essentially partnering with corporate compliance to ensure that as it grows the tech solution is right sized for them. Chang said there are cases where GAN has started with “medium sized companies who later want to grow into bigger due diligence solutions for their compliance program. In those cases, we may help them right size the program and make sure that if there’s high risk vendors who they may need, there are additional reports and the tech solution is configured properly so that they can get additional reports that they need. And this is all part of continuously working with the customers and with them to ensure that their programs are right sized.”

Think about that for a moment as this is taking the concept of continuous improvement and adding an ongoing tech solution. This is one of the areas both the Department of Justice (DOJ) and Securities and Exchange Commission (SEC) discussed in their jointly issued 2012 FCPA Guidance, as Hallmark 9 in the Ten Hallmarks of an Effective Compliance Program. This is not simply taking data from your compliance program and feeding it back in to create continuous improvement, but it is using a tech solution to not only make your compliance program run more efficiently but using that same tech solution to help continuously improve your compliance program.

Such an approach uses the subject matter expertise (SME) of the tech solution provider to help the compliance professional come up with a more effective compliance program. For the compliance professional it is expanding out their reach and scope through the use of not only this tech SME but with the information from their own compliance program to create greater efficiencies and effectiveness.

Check out our sponsor, GAN Integrity by clicking here.

In the episode, I visit with Doug Allen, Managing Director at Ethisphere. We discuss the application process for Ethisphere’s 2019 World’s Most Ethical company designation. We consider the process for application, why a company should go through the process and the benefits even if your organization does not receive the designation. More highlights include:

1. What is the Ethics Quotient? How is it developed and used?
2. How are companies scored? Is there a difference between industries or geographies?
3. If a company is under FCPA or other investigation, can they still apply?
4. How does Ethisphere verify company responses?
5. Does Ethisphere provide feedback?
6. Do past winners receive a preference?
7. How does the WME process align with Ethisphere values/missions and other services?
8. When and where will WME 2019 companies be honored? 

For more information on Ethisphere’s 2019 World’s Most Ethical companies application process check out the following:

Link to request an application for the 2019 World’s Most Ethical Companies designation: https://www.worldsmostethicalcompanies.com/apply/

Link to the 2019 World’s Most Ethical Companies Application Guide: https://www.worldsmostethicalcompanies.com/wp-content/uploads/2019-application-guide.pdf

If you have any questions, you can contact Doug Allen at douglas.allen@ethisphere.com. For additional questions, you can contact Ethisphere’s Applicant support account at wmeapplications@ethisphere.com

This month I am celebrating 1000 podcasts by discussing with my colleagues and friends from professional community on past, present and future of compliance. Today we have Timur Khasanov-Batirov, my co-host in Compliance Man Goes Globalpodcast series ( http://fcpacompliancereport.com/series/compliance-man/), author of Integrity Corp. 50 Tips for your Compliance Program in the Post-Soviet States (  http://complianceinpostussr.com/) and Compliance Man of Integrity Corp.illustrated series ( http://complianceinpostussr.com/compliance-man-of-integrity-corp-episode-1-first-things-first/).  Timur is a practitioner who focuses on embedding compliance programs at high-risk markets. We discuss:

• What changes Tim has seen over the past 5 years in compliance in emerging markets;
• The increase in skills in the compliance profession;
• How Internal Audit becomes more active in compliance related areas; and 
• How new international anti-corruption legislation has internationalized anti-bribery enforcement. 

As the administration goes bonkers on the Kavanaugh nomination and the Rosenstein he’s out/he’s in drama, Tom and Jay consider 100+ wins for the Sox and ‘Stros and take a look at some of the week’s top compliance and ethics stories.

1. Petrobras comes in at No. 3 on the international Top Ten anti-corruption enforcement list with a stunning $1.78bn settlement with the US and Brazil. Dick Cassin reports in the FCPA Blog. Aruna Viswanatha, Jeffrey T. Lewis and Samuel Rubenfeld weigh in on the Wall Street Journal. For more reading see, the Justice Department Non-Prosecution Agreementand the SEC Cease and Desist Order.
2. Assistant Deputy Attorney General Matthew Miner speaks about the 2017 FCPA Corporate Enforcement Policy, the 2018 addendums and FCPA enforcement in 2018. For text of speech, click here.
3. Former Chile mining official settles FCPA charges. Dick Cassin reports in the FCPA Blog. Sam Rubenfeld reports in the WSJ Risk & Compliance Journal.
4. What does Freud have to do with fraud? Jonathan Marks explains in his Board and Fraud blog.
5. FIFA wants restitution. A corrupt former official says they aren’t entitled to it? Who has the better case? Mike Curley reports in Law360.
6. Elon Musk sued by the SEC who says he shouldn’t be running a public company. Matthew Goldstein reports in the New York Times.
7. Are non-US citizens eligible for SEC whistleblower awards? The SEC answers with a resounding yes. Harry Cassin reports in the FCPA Blog.
8. What is a Remediation Management Office? Steve Hall and Sydney Rickelman explore in Corporate Compliance Insights.
9. A BSR survey finds 2018 compliance is more than due diligence and clearing red flags. Alison Taylor reports in the FCPA Blog.
10. Want a 50% discount to one of the top compliance conferences around? Join Tom and AMI’s Eric Feldman at CONVERGE18 in Denver on October 9-11. I hope you can join me at the event. For information on the event, click here. As an extra benefit to fans of This Week in FCPA, CONVERGE18 is offering a 50% discount off the registrationEnter discount code TOMFOXVIP.
11. The reigning World Series champions Houston Astros clinch the AL West again and will meet the Cleveland Indians in the ALDS. Red Sox clinch home field throughout the playoffs (that is as long as they are in the playoffs).

Both the Astros and Red Sox have over 100 wins. Who will come out on top this year? Tom and Jay are back to tackle the week's top ethics and compliance stories on This Week in FCPA.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

In this very special 400^thanniversary episode, I visit with Ben Reiter, the author of Astroball—The New Way to Win It All. In addition to discussing perhaps one of my favorite topics of all time-the Houston Astros winning the 2017 World Series (have I mentioned that before?), Reiter and I take a deep dive into his book. In it he discusses how the Astros mastered the use of data and data analytics and then married those skills into data science with the soft skills of traditional baseball scouting to create the winning team in 2017. The Astros experience, Reiter’s book and our discussion directly apply to the compliance professional and the use of data and data science in an operationalized, best practices compliance program. Some of the discussion highlights include: 

• What led to the book?
• How data and analytics can supplement human intuition but not replace it?
• What were his biggest surprises in researching the book?.
• How did Reiter and Sports Illustrated have the magic Gini to predict after the 3 worse seasons in the history of major league baseball, in just 3 more years the Astros would be WS champions?
• How can compliance officers use the Astros approach?

To purchase a copy of Reiter’s book, Astroball, click here. 

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Philip Winterburn, Chief Product Officer at Convercent. We discuss the issue of KPIs around benchmarking your ethics and compliance program. Some of the issues we tackle in this podcast are:

• Where do you sit? In benchmarking, context is everything.
• How do you normalize between the anomalies in survey responses?
• What is the value of benchmarking?
• How do you apply benchmarking data?

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. (I perform consulting work for Convercent.) This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

• Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
• Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
• Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
• The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Philip Winterburn, Chief Product Officer at Convercent. We discuss the issue of KPIs around ethics and compliance related surveys. Some of the issues we tackle in this podcast are: 

• What are the power of surveys v. the challenges of surveys?
• How are you using KPIs to improve the surveys around your ethics and compliance program?
• How do you even measure the extremes found in some surveys?
• What is the difference between anonymous and truly anonymous in surveys? 

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. (I perform consulting work for Convercent.) This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

• Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
• Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
• Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
• The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP. 

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

As Tom and Mrs. Compliance Evangelist trek to Ann Arbor MI to attend his law school reunion, Go Blue and watch the Wolverines trounce Nebraska and enjoy some cool autumn weather, he and Jay are back with a look at some of the week’s top compliance and ethics stories. 

1. Due diligence is not a nice to have, it's a mandatory. Scott Shaffer explains in the FCPA Blog.
2. Kavanaugh and compliance? Matt Kelly considers in Radical Complaince. Tom and Matt explore in this week’s Compliance into the Weeds.
3. Why does a law firm admit its internal investigation was designed to be a whitewash (in the internal investigation report)? More on the very strange Dansk Bank money laundering imbroglio. Patricia Kowsmann and Drew Hinshaw report in the Wall Street Journal. Tom dishes on the FCPA Compliance and Ethics Blog.
4. Mark Cuban makes $10MM donation. Is it enough to make up for 15 years of toxic corporate culture of sexual abuse and harassment? Kaelne Jones reports in Sports Illustrated.
5. Big oil on trial in the UK. What will be the fallout? Mara Lemos Stein reports in the WSJ Risk and Compliance Journal.
6. KPMG study finds slow adoption of tech in compliance. See full report here.
7. Matthew Stephenson continues his two-part consideration of the Hoskins decision. In the Global Anti-Corruption Blog.
8. SEC proposal to limit whistleblower awards draws withering criticism from commentary period. Sam Rubenfeld reports in the WSJ Risk & Compliance Journal.  
9. Want the top compliance training from the guy who wrote the book on compliance? Tom will put on a Compliance Master Class in Boston, September 25 & 26, hosted by Affiliated Monitors. Registration and information, click here.
10. Want a 50% discount to one of the top compliance conferences around? Join Tom and AMI’s Eric Feldman at CONVERGE18 in Denver on October 9-11. I hope you can join me at the event. For information on the event, click here. As an extra benefit to fans of This Week in FCPA, CONVERGE18 is offering a 50% discount off the registrationEnter discount code TOMFOXVIP.
11. In this week’s podcast series I internview Rebecca Turco and Paul Johns from SAI Global on their current innovations in compliance learning. Part 1-the changing marketplace; Part 2-adaptive learning; Part 3-EthicsAnywhere; Part 4-trends in compliance; and Part 5-integrated risk management.

Check out the week's top compliance and ethics stories (and more) on This Week in FCPA-the Go Blue edition. 

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly and I take a very deep dive into the process surrounding the allegations made against Supreme Court nominee Brett Kavanaugh by Christina Ford. We consider these allegations from the compliance perspective.  

Some of the highlights from this podcast are:

1. Why investigation protocols are mandatory before an event arises so you are not making things up on the fly.
2. What is the evidentiary standard you employ? Are you consistent in your approach? If a candidate lies, what does that tell you about their propensity to engage in illegal conduct going forward?
3. What is redemption? Should it be considered when allegations of long-ago misconduct arise? Should you be required to show contrition?

We unpack of all these points and consider strategies going forward.

For more reading: see Matt’s piece The Kavanaugh Compliance Lesson

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Jacki Cheslow, the Director Business Ethics & Compliance, Avis Budget. We discuss breaking down silos to facilitate compliance training and communications. Some of the issues we tackle in this podcast are:

• The challenges in compliance training with multiple audiences.
• How can both a technological solution and content solution facilitate more effective compliance training?
• Why you should focus on a more holistic approach to compliance and ethics training?

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

• Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
• Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
• Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
• The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Jacki David Deitchman, Deputy General Counsel, Employment, Ethics & Compliance at HP. We discuss some of his tactics and techniques for dealing the Board of Directors. Some of the issues we tackle in this podcast are:

• What are the multiple roles of a Board of Directors in a compliance program?
• What are the areas you need to cover for the Board for its compliance training?
• Every Board is different, you should go in with your ideas but ask for their input as well.

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

• Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
• Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
• Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
• The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Amy Much, Ethics and Compliance Officer at Under Armor. We discuss some her presentation at Converge18 “Learn From My Mistakes, Fits and Starts When Building a New C&E Program”. Some of the issues we tackle in this podcast are:

• How some of your most valuable lessons come from your mistakes.
• No one person can know all the cultural elements in your company.
• No ethics and compliance program should operate in a vacuum.

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

• Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
• Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
• Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
• The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

In this episode of the CONGERGE18 Preview Podcasts series, I visit with Susan du Becker, Global Compliance Enablement at Cisco Systems. We discuss some of her strategies for breaking down silos to facilitate compliance training. Some of the issues we tackle in this podcast are:

• How compliance and ethics has moved to a must have corporate discipline.
• What are the most important ‘care-abouts’ for your company’s workforce?
• Every different elements do you have to work with in each country you do business for your compliance training?

In what is fast becoming one of the top ethics and compliance conferences around, I hope you can join me at CONVERGE18, hosted by Convercent. This year’s event will be October 8-11 at the Omni in Bloomfield, Colorado. The line-up of this year’s event is simply first rate with some of the top ethics and compliance practitioners around.

With the acceleration of the speak up culture and organizational accountability that social media is enabling and amplifying, companies need to incorporate integrity into every level of the organization. CONVERGE18 will help you do just that by addressing this ethical transformation head-on. Get the insights, information and solutions you need to put ethics into action. Join compliance executives from Salesforce, Kimberly Clark, Avis, U.S. Bank, AARP, Wells Fargo, Cheesecake Factory and many others to:

• Network with 300 of your peers, including C-suite executives, legal professionals, HR leaders and ethics and compliance visionaries.
• Gain insights from 35 speakers including Ethics and Compliance advocate Hui Chen, ECI’s CEO Pat Harned, NBA’s Deputy Chief Compliance Officer Steph Vogel, President at OCEG Carole Switzer and more.
• Bring actionable takeaways back to your program from various session types including 2 keynotes, 5 general sessions, 12 discussion-based roundtables, 18 interactive breakout sessions for you to listen, learn and share.
• The goal of CONVERGE18 is to arm you with information, strategy and tactics to transform your organization and your career by connecting ethics to business performance through process augmentation and data visualization.

I hope you can join me at the event. For information on the event, click here. As an extra benefit to readers of this blog, CONVERGE18 is offering a 50% discount off the registration price. Enter discount code TOMFOXVIP.

CONVERGE18 is a production of Convercent, which is the sponsor of this podcast series.

Over the next five podcasts I will visit with Paul Johns, Chief Marketing Officer, and Rebecca Turco, Vice President of Learning, both from SAI Global, the sponsor of this podcast series. In this series we will discuss the changes in ethics and compliance (E&C) learning and how a more technology-based learning solution can help move your company to a more effective and more operationalized best practices compliance program. In Part I, I visit with Paul Johns on the evolving nature of the E&C marketplace and what that means for compliance programs. 

We began with a discussion of the evolving role of the Board of Directors. Johns sees Boards of Directors in a lofty position, away from the limelight, to a more values based, customer-centric approach. This is playing out in a couple of key ways for the E&C market place. The first is that the Board sets the organization’s appetite for risk. To do this the Board must articulate what is the acceptable level of risk the company is prepared to work towards as it considers operating a particular enterprise. Next is the direct line of sight  between that appetite for risk at the Board level and the performance and the behavior of everybody across the company.

To accomplish this continuum, the Board or Audit Committee would garner a sense of the markets they are in and the products that serve the market together with the associated risks. From there, the company would put together a strategy to move forward and push that strategy out to operationalize it across the company or applicable business unit. But the Board could never be assured that each employee, business unit  or geographic region understands the articulated risk appetite. This is in contrast to corporate culture. 

In the values-based economy of today, what is it that you expect from your employees? If the behavior of one employee is antithetical to your values, what is the damage to  your corporate reputation? Consider the Starbucks store manager who called police for two patrons who were waiting for a third colleague. The two patrons were African-American and the store manager was white. The store manager had them arrested. Starbucks took a pounding the court of public opinion even though the store manager’s actions were against the stated culture and values of the organization. 

All of this means that you must “make sure that everybody is living and breathing the values and the behavior that you’ve laid out”. If  you do not do so, the reputational cost could be quite high; far beyond the cost of non-compliance with a law or regulation. The reality of today’s marketplace is that “millennials and centennials vote with their wallet.” This is true for where they purchase an espresso, where they buy running shoes or where they might order their pizzas from on a Friday night. 

This values-based approach has changed the dynamic at the Board level and indeed all the way down through an organization. A company can have a Code of Conduct, policies and procedures and internal controls in place but today those regulatory requirements or those suggested by such government publications as the 2012 FCPA Guidance are not enough, even if they meet the baseline requirements under a law or regulation. Johns believes a much more holistic approach is called for and from the educational perspective, it is a continual learning practice. Johns stated, “it is more than simply a company saying some aspirational ideas in your Code of Conduct. Do they really live those values as an organization?” 

Johns said he would ask a senior executive such questions as “Are there key performance indicators (KPIs) in place to measure such a proactive approach to risk management and your company’s brand reputation?” It might be something along the lines of “what are you doing around how you identify the types of employees that you let into the business, the types of business partners or third parties that you do business with? What is the scrutiny? What is the high bar that you set to make sure that you have actually got the right people working with you and working for you?”   

Another key step is E&C learning. E&C training should start with your organization’s brand, the integrity it stands for today; the importance of that reputation and what you can do to help preserve it. This allows you to have an ongoing dialogue not only internally but with your customers, your business partners and other stakeholders. 

It all starts at the top with the Board of Directors and senior management basically “sitting down as a leadership team and saying, what is it that we care about as it relates to the quality of our brand? That we don’t just talk about it but we really live it and breathe it. Next, how do we cascade that down into a set of tools and to a set of measures across the whole enterprise to hold ourselves to that very high standard?” 

The evolving role of risk, compliance and ethics will only continue. As the marketplace changes with new workers entering the workforce, becoming the new consumers and burgeoning social media led movements such as #MeToo, the risks will only become more dynamic. Are you ready?