CONVERGE is in its 4th year of bringing together the world’s leading companies for 2 days of dynamic speakers, thought-provoking breakout sessions, and opportunities to connect with like-minded professionals. You will leave the conference with new resources and best practices allowing you to continue the hard work of driving ethics to the center of your business. In today’s episode I visit with Anna Aster, Principal at Heidrick & Struggles. We visit about her talk, The Future CECO: The Executive Recruiter’s Perspective.

As the field of ethics & compliance continues to evolve, what does it take to be a CECO in the future? Hear from the world’s top executive recruiting firm on the hiring trends in the compliance field, what recruiters are looking for, and tips on how to get your LinkedIn profile and resume noticed by headhunters. This is a session you cannot afford to miss.

For more information on Converge19, click here.

CONVERGE is in its 4th year of bringing together the world’s leading companies for two days of dynamic speakers, thought-provoking breakout sessions, and opportunities to connect with like-minded professionals. At this conference Convercent presents the newest resources and best practices allowing you to continue the work of driving ethics to the center of your business. I am attending the event and will be delivering a Keynote speaker. There are some other great speakers at the event. In the week’s Converge19 podcast series I visited with some of the presentations at Converge19 with the presenters. (Convercent is the sponsor of the podcast series.) Some of the highlights included the following.

Matt Kellywill discuss Developing Effective Strategies for Third Parties & Data Security Risk. In this session Kelly will explore recent regulatory enforcement of data security risks related to third parties, and what regulators are saying about the issue generally; how this is a challenge of risk assessment and data management capabilities, what a ‘mature’ compliance or audit function would need to do for these risks; and some practical ideas to implement at your own business.

Valerie Towery, VP, Global Compliance and CCO, Visa Global Services Inc. (Visa B2B Connect) Cross-Functional Collaboration. In her session, Towery will consider how the compliance function can remain independent while still working collaboratively with the business and with its peer support functions.

Kurt Stitcher, Vice President, Global Compliance at DJO Global, previews his talk, Operation Globalization! In this presentation, Stitcher will provide practical tips on operationalizing a program, from policies and standards, anticorruption processes, and risk management and taking a US program to a modern global program. Learn about building relationships not only with the C-Suite level but with business leaders literally across the globe.

Scott McCleskey, Senior Vice President / Subject Matter Expert at Eukleia North America will talk about Mapping Ethical Risk in Your Organization. While there are often discussions about mapping compliance risk, McCleskey will discuss ethical risk. The level of ethical risk is not uniform across an organization or over time – it varies by role, by geography, and by incentive structure. In his presentation, McCleskey will look at how you can systematically identify and classify ethical risks across your organization and the use of the resulting ethical risk heat map as a predictive analytic and how it can be used to take a risk-based approach to allocating controls and how it can be used as a key resource for reporting to the C-suite and the Board.

UB Ciminieri and Joe Thurman, co-founders of Breaking the Bias previewed their talk, The Code of Curiosity: Breaking the Bias. In their session, they will help you to create tools, methods and strategies that systematically change an organization’s ability to drive diversity and inclusion. Drive action behind the conversation of Conscious Inclusion and Unconscious Bias. What better way to start driving ethics than by first confronting our own biases and behaviors that prevent us from driving ethics through our business?

Norm Hodne, Director CET Compliance Programs at Microsoft previewed his talk, Bridging the Digital Divide. In this presentation you will learn how to build an accessibility program that meets regulatory requirements but also delights employees, practical steps to putting yourself in your employees’ shoes and how that influences your initiatives and hear about tried and tested programs that have won broad recognition.

Nicole Pitts, founder of the Ethintegrity discusses her talk on Effectively Increasing Employee Engagement from ’Shop Floor’ to ’Top Floor’ through Play. In her session, you will learn how to effectively increase employee participation and facilitate discussions on complex ethics topics across cultures and educational levels. This will lead to a better understanding of the compliance program as well as identification & mitigation of risks from all levels of the organization.

Michael Williamson, Chief Compliance Officer at Pacific Dental, discussed his talk at Converge19, moving an Ethics & Compliance from Rules-Based to Leverage Values.  In his presentation, Williamson will describe how to animate your organization’s values and create alignment behind them to foster a self-governing culture of ethics and compliance. He will discuss how to bring your organization’s purpose and values to life in support of an ethics and compliance culture that, minimally, will pivot your Program to a posture of proactive risk mitigation. Finally, Williamson will tie it all together to demonstrate how this helps create strategic differentiation between you and your competitors.

In what will no doubt be one of the most well-attended sessions, Anna Aster, Principal at Heidrick & Struggles will discuss, The Future CECO: The Executive Recruiter’s Perspective. As the field of ethics & compliance continues to evolve, what does it take to be a CECO in the future? In Aster’s session, you will hear from the world’s top executive recruiting firm on the hiring trends in the compliance field, what recruiters are looking for, and tips on how to get your LinkedIn profile and resume noticed by headhunters. This is a session you cannot afford to miss.

 This is just but a sampling of some of the speakers and topics. There will be over 40 sessions; keynotes, breakouts, interactive roundtables – you will leave the conference with actionable resources and best practices. You will be able to connect with some of the top peers in the compliance arena during breaks, meals, sessions and the CONVERGE dinner, you will be able  to interact with like-minded compliance professionals to broaden your ideas and build your network. Converge19 is unlike any other compliance conference. Every detail is designed to challenge, energize and spark curiosity for ethics and compliance professionals. Finally, you will be inspired by speakers such as Aly Raisman, U.S. Olympic gymnast on her courageous story of speaking up and her fight to end sexual abuse and Andrew Wallis, CEO of Unseen will open your eyes on the reality of modern slavery, and many more.

For more information on Converge19, click here.

This episode begins on a somber note as Tom and Jay note the passing of Compliance Week reporter Joe Mont and what he meant to the greater compliance community. They then turn to discuss some of this week’s top compliance and ethics stories which caught their collective eyes.

  1. Tributes to Joe Mont. On Compliance Week. By Tom on the FCPA Compliance and Ethics Blog.
  2. Mike Volkov takes a deep dive into the recent Business Roundtable Statement on the Purpose of a Corporation on Corruption Crime and Compliance. Part 1, Part 2& Part 3.
  3. Former Cognizant Technologies COO, Sridhar Thiruvengadam, settles FCPA charges. Dick Cassin in the FCPA Blog.
  4. Netherlands proposes nationwide AML system. John Rusch reports in Dipping Through Geometries.
  5. What is an ethical culture and why does it matter? Jay begins a multipart series in CCI.
  6. What is algomerithic corporate misconduct. Milhailis Diamantis explores on NYU’s Compliance and Enforcement Blog.
  7. Despite prevaling opinions, CCO is not a ‘god’. Clara Hudson reports on the Odebrecht CCO remarks at SCCE, in GIR.
  8. Do UK DPAs throw individuals under the bus? Ross Dixon asks in the FCPA Blog.
  9. Mary Shirely tells you how to ace job interviews, writing in CCI.
  10. Tom continues his preview of the Converge19 speakers in a special bonus series of podcasts on the Compliance Podcast Network. Check out the following: Monday-Scott McCleskey on mapping the ethical risk in your company; Tuesday-Valerie Towery on cross functional collaboration; Wednesday-Kurt Stitcher on Operation Globalization; Thursday-Matt Kelly on Developing Effective Strategies for Third Parties & Data Security Risk and Friday– Anna Aster on The Future CECO: The Executive Recruiter’s Perspective. The podcast is available on multiple sites: the FCPA Compliance Report, iTunes, JDSupra, Megaphone,YouTube,  Spotifyand theCompliance Podcast Network.
  11. The Everything Compliance gang will be doing its first live podcast at Converge19. You should be there! Listeners to this podcast can obtain a complimentary ticket by using the promotion code foxvip, for registration and information, click here.

Tom Fox is the Compliance Evangelist and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.

For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.

CONVERGE is in its 4th year of bringing together the world’s leading companies for 2 days of dynamic speakers, thought-provoking breakout sessions, and opportunities to connect with like-minded professionals. You will leave the conference with new resources and best practices allowing you to continue the hard work of driving ethics to the center of your business. In today’s episode I visit with Matt Kelly, founder and editor of Radical Compliance (and the coolest guy in compliance). We visit about his talk at Converge19 on Developing Effective Strategies for Third Parties & Data Security Risk.

Most compliance functions are on the low end of the maturity curve when it comes to effective data security when it comes to third parties. Participants in this session will explore recent regulatory enforcement of data security risks related to third parties, and what regulators are saying about the issue generally; how this is a challenge of risk assessment and data management capabilities, what a ‘mature’ compliance or audit function would need to do for these risks; and some practical ideas to implement at your own business.

For more information on Converge19, click here.

For more information on Radical Compliance, click here.

In this podcast, data privacy/data security expert Jonathan Armstrong and Compliance Evangelist Tom Fox use the framework of GDPR to discuss a wide range of issues relating to these topics. They consider what the US compliance and InfoSec security expert needs to know about what is happening in the UK, Europe and beyond. In this episode, we conclude our three-part series of some of the key lessons learned from the first year of GDPR. Some of the issues and highlights are:

Remediate then report. The remediation of an issue before reporting can be the key issue for regulators on whether they will move forward with a more public spanking. It is important to show that you have learned lessons and applied them to the facts of your data breach. Don’t try and cheat the victims by imposing new contractual terms such as Equifax did in its recent settlement. Think of the simple way for a data breach to occur, a briefcase left on the Tube.

Don’t Diss the DPA. Why would a company take on the regulator? You must respect the regulator even if you disagree with them. You can make a bad situation worse by attacking the regulators. This does not mean you cannot forcefully argue you position or zealously represent you client but calling regulators idiots in public filings will not help you position or your case. 

Keep logs. This is important in case you need to revisit a decision later. Regulators can ask to see these logs at any time, not simply during an investigation or enforcement action. A compliance officer should be involved in the maintenance of the log system. Document Document Document. Unannounced inspections are beginning to occur.

Debrief and Learn. Revisit the facts to see what lessons are to be learned. Continuous improvement. Even on a journey of 1000 miles, it is important to look back. Once again if you make a change due to a breach or other event, document what you have done so you can show the regulators.

For more information on Cordery Compliance, go their website here.

For more information on data breaches, see here.

Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.