Compliance Perspectives

By Adam Turteltaub adam.turteltaub@corporatecompliance.org Jeff Williams works now as a compliance director, but before that, he had been working in accounting with experience in external audit. He was no stranger to the world of compliance, but, as he notes, there’s a huge difference once you move into the role. In this podcast he shares his experience and what an accountant or auditor considering a role in compliance should know. Listen in as he discusses the working understanding he had of compliance going in.  He rightly understood the job to be about creating internal controls, managing risk, teaching the workforce, building trust and serving as a go-to resource.  Once he got into the job, though, he was met by some surprises, including how dreaded an appearance from the compliance officer could be. He addresses how he learned the new role, and how it’s important to make sure others understand that compliance officers are human beings who are there to listen to and support the business team. From a skills perspective, he shares that an accounting background is a great asset since it provides experience in looking for consistency in controls and understanding what the controls to be. But, there are adjustments to be made such as working on a much smaller team. This podcast is a valuable asset for anyone from accounting looking to make the leap into compliance, and for compliance officers adding someone with an accounting or audit background to their team.

By Adam Turteltaub adam.turteltaub@corporatecompliance.org Looking at the corruption prosecutions in Brazil, it may easy to be discouraged about the chances of operating a business compliantly there. But, that would be a mistake. Pyter Stradioto, Latin America Legal, Compliance and Government Relations Director for Samsung sees this as an asset. According to Pyter, prosecutions in Brazil have demonstrated that the institutions are growing stronger, which is a positive development for the business community. There is now a wave, Pyter reports, demanding a better business environment, particularly in the corruption arena. As a result, companies are in the midst of a massive investment in compliance and ethics programs. Business is recognizing that it needs a better risk management approach, and that includes areas other than anti-corruption. Brazil, for example, is very aggressive in enforcement of labor, environmental, and consumer law (especially data protection and privacy). Listen in for a frontline view from an experienced compliance officer in Brazil.

By Adam Turteltaub adam.turteltaub@corporatecompliance.org There is a great deal of discussion in the compliance community about the impact that pressure has on decision making.  Studies show that under pressure people are likely to make poor decisions and often grow more superstitious and less rational.  That’s difficult for a compliance and ethics program to manage in a business setting. Imagine the added complexity for the military where decisions of life and death are made under extraordinary demands. Charly Shugg (cshugg@usinfosec.com) is currently a partner at the cyber security firm Sylint.  Notably, he is a retired Brigadier General in the US Air Force and a graduate of the Air Force Academy.   In this conversation, he shares how the military has made compliance and ethics a part of training and day-to-day life.  He also shares his perspectives on the importance of providing real-life examples, creating the right code of conduct and core values, and getting learning from ethics and compliance failures. Listen in to gain the benefit of his wisdom.

By Adam Turteltaub adam.turteltaub@corporatecompliance.org Your IT department needs some code written for the website, or maybe for handling an inventory management issue.  So, they go online to one of the sites for finding coding talent, and hire a firm.  Believe it or not, there’s a chance that the person writing the code could be North Korean, and that could put your organization at substantial risk, both in legal and reputational terms. Mark Allenbaugh is a trade consultant for companies doing business in China, and he warns that North Korean programmers living in China may be doing coding for your company.  Either your IT manager doesn’t realize that the person is North Korean, or a company your firm hires in, for example, Germany, subcontracts the work out to Chinese firm, which uses North Korean workers. It’s a scary prospect, but there is some good news:  North Korean programmers often leave a digital fingerprint. Listen in to learn more about this risk and what you should do to avoid it.

By Adam Turteltaub adam.turteltaub@corporatecompliance.org When we think of Walmart, we tend to think of big box stores with an elderly greeter at the door, but Walmart is also a huge player in the e-commerce world.  The company forecasted over $11 billion in online sales in 2017. With those sales comes a team based in Silicon Valley, including a compliance team.  Lance Lanciault, Senior Vice President, Chief Ethics and Compliance Officer for US eCommerce for Walmart, was good enough to talk with us about how their compliance program is structured, and some of the challenges he and the company faces. Listen in for a far-reaching discussion covering: * Creating common values across multiple cultures * Managing expectations for the compliance program during and after an acquisition * The importance of recognizing the distinction between cultures and values, and the importance of finding common values

By Adam Turteltaub adam.turteltaub@corporatecompliance.org It is generally reported that about half of all mergers and acquisitions fail on culture issues.  It’s also well known in the compliance community that the integration of two companies is often fraught with risk.  What is okay in one company may not be okay behavior in another.  Plus, in the chaos of change, there is great danger if the compliance controls get lost in the shuffle. In 2016 Dell Technologies completed its acquisition of EMC Corporation, which virtually doubled the company’s numbers of employees. In this podcast two members of the Global Ethics & Compliance Team – Dale Skivington, Vice President of Compliance, and Page Motes, Director of the Strategic Programs Office — share how Dell made the integration work.  They recount the experience Dell had from past integrations as well as some of the specifics that went into this very large undertaking.  Listen in and enjoy some key takeaways including: * The importance of making the compliance integration part of the broader integration program * The need to communicate frequently, regularly and in a structured way * The role that key strategic milestones played * How setting key actions items to the milestones helped * The value of a collaborative approach

By Adam Turteltaub adam.turteltaub@corporatecompliance.org One of the hardest things in the world is admitting you are wrong.  Kathryn Schulz has written a book and has an intriguing Ted Talk on the subject. In business it’s particularly difficult since being wrong is too often seen as an admission of failure.  That’s why a practice instituted by Terry Lawrence, the CEO of Bone Joint is especially unusual.  At management meetings he asks the managers to report on the mistakes they have recently made. The effects of this unusual approach have been very positive, both for management in general and the compliance program.  Listen to the podcasts as he explains: * The goal is to learn from mistakes so as to become better leaders * Expect initial hesitation: people were incredulous, thinking he was kidding. * As he embedded the practice into weekly and monthly meetings it quickly gained traction * Expect positive movement to come incrementally, with periodic leaps forward * The key message to deliver is that you are in a safe zone: what is said in the meeting stays in the meeting * The practice helped them change from a culture of mistrust to a culture of trust, respect, and high performance. * How he encouraged staff to step forward and raise compliance issues * How as a leader you have to model the behavior and be supportive. If you like to learn more about this practice, feel free to email Terry:  tlawrence@bonejoint.net

By Adam Turteltaub adam.turteltaub@corporatecompliance.org Compliance starts with the law, but simply thinking like a lawyer isn’t enough.  Ted Banks, partner at Scharf Banks Marmor learned that lesson firsthand. Today he is an experienced compliance professional who has worked in compliance at Kraft and served as a monitor for both the FTC and the Canadian Competition Bureau.  Compliance professionals engage him for his guidance. But, many years ago, he was a lawyer new to compliance, and, as he tells in this podcast, made quite a few mistakes. In this podcast he provides advice to legal counsel moving into a compliance role.  Some of the highlights include: * Remember that compliance work has legal content, but it’s different than the work that a lawyer does * Don’t treat employees like law school students * Learn from the manual for drivers from your local department of motor vehicles: It doesn’t cite specific statutes, but focuses on what to do and not to do * Concentrate your efforts on the key issues that have to be communicated, not every possible nuance. * Put yourself in the shoes of the employees: make the training in their interest, ideally showing how this information will help their career * Try to insert compliance messages in training that isn’t compliance-related, such as sales skills courses * Understand the psychological principles of how to communicate with employees

By Adam Turteltaub adam.turteltaub@corporatecompliance.org Typically, when compliance professionals interact with members of the US Government it is in an enforcement context. Not all parts of the government, though, serve that role.  When putting together the SCCE regional compliance meeting in Sarajevo in October, we contacted the local embassy for help, which they were more than happy to provide. Janet Kennedy is an Economics Officer in the embassy, and in this podcast, she explains the role and how she and her colleagues, who can be found at embassies and consulates worldwide, can help.  She explains: * Their main role is economic diplomacy: building the economic relationship between the US and the host country * They meet this goal by providing advocacy for US companies operating overseas * Advocacy can include providing information to US businesses about the country, working to improve market access, encouraging fair treatment for investors, protecting intellectual property, and combatting corruption * They can be particularly helpful when bidding on foreign government tenders * On the less formal side, they can help promote businesses and establish an initial presence * Don’t expect an economics officer to provide legal advice, but they may provide a list of local lawyers * Generally, don’t count on them to intervene in commercial disputes * If your company is solicited for bribes by a foreign government official, it’s good to notify the embassy and to contact fcpa.fraud@usdoj.gov

By Adam Turteltaub adam.turteltaub@corporatecompliance.org Cats riding Roomba’s make YouTube great, and people love to share the links.  And sometimes employees want to put videos of these felines and other snippets in their presentations, or maybe an apt clip from a TV show, not to mention that great cartoon from The New Yorker. Problem is that all of that content is probably copyrighted. In this podcast, Liz Bilodreau, Senior Client Engagement  Manager of the Copyright Clearance Center explains what compliance professionals need to know to prevent misuse.  Listen in as she explains: * The importance of getting a better understanding of what your employees are sharing * The need to understand that employees don’t always know what they can and can’t share, and the difference between what you can share in your personal and professional lives * The necessity of ensuring that training also includes information about the process for securing permission and a reminder that even internal use within the company can constitute a public showing * When determining how employees use content, don’t do it with the goal of stopping it, but with the goal of identifying how media is used and what licenses your organization may need * What your policies on content should contain

By Adam Turteltaub adam.turteltaub@corporatecompliance.org As I’ve written before for the blog, there’s a problem compliance people are facing:  many people are too willing to write that a so-called compliance officer has been arrested, fined or imprisoned.  Problem is, those compliance officers weren’t really regulatory and legal compliance professionals as we know them. There’s one more problem, your organization may be contributing to this situation;  You may have people in your organization with “compliance” in their title but don’t actually work on the compliance team. Jenny O’Brien, at United Healthcare had precisely that problem. When she assumed the role of Chief Compliance Officer she found out that there were a couple of hundred people not on the compliance team but with compliance titles. This posed significant risks.  People were “clearing things through compliance” without ever actually talking to compliance.  In addition, the fact that people didn’t know who truly was a compliance officer led to dangerous confusion, and the potential of the government stating that the compliance program didn’t meet the standards for effectiveness. Listen in as she relates how she remedied this situation via what turned out to be a year-long project.  In the podcast she shares: * How she enlisted the help of HR and the business units * The process for developing new titles for affected personnel * The importance of regularly auditing to see if new people that shouldn’t have received compliance titles, nonetheless * The surprising upside to the process and the attachment many have to compliance  

By Adam Turteltaub adam.turteltaub@corporatecompliance.org Ameenah Fuller, the Vice President of Compliance at Chartsmarts wanted to do more than stay on top of changing laws and regulations.  She wanted to broaden her knowledge of the law itself.  So, despite already having many years of work under her belt, she went back to school to pursue further education. In this podcast, she shares the value from continuing education, especially in the law.  She also shares the knowledge and support she gained through Toastmasters educational programs.

By Adam Turteltaub adam.turteltaub@corporatecompliance.org In Part 1 of this two-part podcast on human trafficking and modern slavery we explored the scope of the issue and the risks to organizations that they may inadvertently have victims within their supply chain, or even working in their facility. In this podcast, William Shephard, a partner in the Washington and West Palm Beach offices of Holland & Knight, explains that there are specific compliance requirements already on the books that organizations must include in their compliance plans.  He explains that: * There are already two types of laws on the books * The first set requires reporting efforts by the organization to examine its supply chain for human trafficking and modern slavery * California and the UK already have strong disclosure requirements, and the subsequent California regulations goes well beyond simple disclosure * The second set of compliance requirement prohibit purchases by US Federal government entities from organizations that do not certify that their supply chain is free of human trafficking and slavery * It is essential to look out for warning signs that the workforce may include victims of human trafficking and modern slavery * Warning signs include whether there is a written contract in the employee’s native language with the employer and if the employee must surrender his or her passport to the employer * Other red flags to look for include recruitment fees that employees must pay to get the job and substandard pay and housing * For those in healthcare, there are already requirements to post information

By Adam Turteltaub adam.turteltaub@corporatecompliance.org It seems shocking that estimates put more than 40 million people around the world today working in slavery.  It is a horrifying statistic, but it can seem like a distant problem, one that occurs in isolated parts of the world. The evidence shows that it is far closer than people think.  It can be found in supply chains of global companies and even in the US, where estimates are that over 14,000 people are trafficked into the country annually. Stephanie Molen is the Director of Partnerships at the Coalition to Abolish Slavery & Trafficking (Cast).  In this podcast, she explains the scope of the issue of human trafficking and modern slavery both within the US and internationally. She explains that labor trafficking is quite broad and can be found in a large variety of industries, not just low wage jobs. High-risk industries, she tells us, include manufacturing, agriculture, and hospitality, with domestic care increasingly becoming high risk. She also takes us through how recruiters defraud workers and create a form of indentured servitude. Finally, she explains what to do if you suspect a worker in your organization is a victim and how social services organizations can help. In Part II of the podcast, William Shepherd, a partner at the law firm of Holland & Knight, will explore the increasing number of compliance requirements for organizations to identify potential human trafficking and modern slavery in their supply chain.

By Adam Turteltaub adam.turteltaub@corporatecompliance.org We all admire whistleblowers who call out wrongdoing and help right a wrong, at least we do in the abstract.  But, as case after case has shown, whistleblowers are rarely so admired by their peers. Paul Fiorelli, Professor of Legal Studies and Co-Director, Cintas Institute for Business Ethics at Xavier University, has spent a great deal of time contemplating this dilemma.  As he explains, the roots of the problem go back to childhood where we are warned not to be a tattletale. In this discussion he shares: * If employees don’t feel that they can safely raise issues, you’ll likely be reading about them externally instead of hearing about it internally * The importance of trying to create an environment where people feel comfortable coming forward * The problem of not being able to always tell the reporter what the disposition of the investigation is, which may lead to the perception that nothing was done * The challenge of a trust vacuum * The two biggest fears of whistleblowers: retaliation and managerial inaction * The need to change the discussion so that the whistleblower isn’t seen as disloyal but as someone who is helping to prevent and correct problems * The importance of checking for retaliation over the long term, not just the short