In this episode, Jay and I return for a wide-ranging discussion on some of the top compliance and ethics related stories, including:

  1. We discuss our highlights from the recently concluded SCCE 2017 Compliance and Ethics Institute. See Tom’s blogs, here, here, here and here. Click here for a report from Matt Kelly.
  2. Mike Volkov explores ISO 37001 in a week-long series? See the full week’s series on his site, Corruption Crime & Compliance. Henry Cutter reports on the standard’s slow acceptance in the WSJ Risk and Compliance Report.
  3. What is the status of your Board’s training for compliance? Ben DiPietro reports in the WSJ Risk and Compliance Report.
  4. Italian prosecutor charges Shell and former execs with overseas bribery. Dick Cassin reports in the FCPA Blog.
  5. Revenue recognition rules change in December. Auditors are under orders to ‘show no mercy’ to companies which have not prepared for the changeover. Tammy Whitehouse reports in Compliance Week.
  6. Continued chaos in the Trump Administration. Matt Kelly is back with addition ethical considerations from HHS Secretary Tom Price in Radical Compliance.
  7. Astros come home down 3-2 to the NY Yankees. Will they overcome?
  8. Join Tom’s monthly podcast series on One Month to a More Effective Compliance Program. In October, I consider compliance with business ventures such as in the M&A context, joint ventures, distributors, channel ops partners, teaming agreements and all other manner of business venture. The third week I continue to take a deep dive into JVs under the FCPA. This month’s sponsor is the Volkov Law Group. It is available on the FCPA Compliance Report, iTunes, Libsyn, YouTube and JDSupra.
  9. The Everything Compliance gang recorded a podcast at the 2017 Compliance and Ethics Institute, with special guest Roy Snell sitting in for Mike Volkov. The podcast will go up Thursday October 26th.
  10. Tom premiers an exciting new service offering the Doing Compliance Master Class.
  11. AMI SVP Eric Feldman is speaking in Houston on November 2, at 1:30. If you are in Houston, please plan to join us. For more information see the GHBER website for details and registration.
  12. Jay previews the Rosen Weekend Report.

The top compliance roundtable podcast is back with a wealth of new topics.

  1. Matt Kelly opens with a discussion of the Equifax data breach and its implications for the compliance profession.

For Matt Kelly’s posts on the Equifax data breach and cybersecurity, see the following:

Vendor, Cybersecurity Risk, Ugh

Clayton, Congress Talk Cybersecurity

  1. Jonathan Armstrong considers the Uber situation in London where it recently lost it license to do business from the regulator Transportation for London (TfL). He discusses a prior case that he handled which had similar issues.
  2. Jay Rosen considers the massive FBI undercover operation resulting in 10 arrests in college basketball for corruption regarding high school recruits.
  3. Tom Fox sits in for Mike Volkov, who is on assignment this week. He discusses the top FCPA enforcement action of all-time, the recently announced Telia enforcement action.

For Tom Fox’s posts on the Telia enforcement action, see the following:

The Telia FCPA Resolution, Part I – Introduction

The Telia FCPA Enforcement Action: Part II – The Bribery Schemes

The Telia FCPA Enforcement Action: Part III – The Individuals

Telia FCPA Enforcement Action: Part IV – Getting Some Monies Back

Telia FCPA Enforcement Action: Part V-Lessons Learned

The gang is back with rants which follow the discussions.

The members of the Everything Compliance panel include:

  • Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
  • Mike Volkov – One of the top FCPA commentators and practitioners around and the Chief Executive Officer of The Volkov Law Group, LLC. Volkov can be reached at mvolkov@volkovlawgroup.com.
  • Matt Kelly – Founder and CEO of Radical Compliance, is the former Editor of Compliance Week. Kelly can be reached at mkelly@radicalcompliance.com
  • Jonathan Armstrong – Rounding out the panel is our UK colleague, who is an experienced lawyer with Cordery in London. Armstrong can be reached at armstrong@corderycompliance.com

The top compliance roundtable podcast is back with a wealth of new topics.

  1. Matt Kelly considers the current state of the SEC and what he sees for changes by SEC Chairman Jay Clayton. 

For Matt Kelly’s posts on SEC and Chairman Clayton, see the following: 

SEC Chair Clayton Talks Compliance Costs

Framing the Arguments Over SOX Compliance

The Private Market Stresses Driving SOX Compliance Debate

  1. Mike Volkov opens with the intersection of anti-corruption compliance and anti-trust compliance in connection with the role of the Chief Compliance Officer

For Mike Volkov’s post on the intersections on anti-corruption and anti-trust compliance, see the following: 

Chief Compliance Officers Have to Address Criminal Antitrust Risks

Focusing Antitrust Compliance Programs on the Real Criminal Risks

 The members of the Everything Compliance panel include:

  • Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
  • Mike Volkov – One of the top FCPA commentators and practitioners around and the Chief Executive Officer of The Volkov Law Group, LLC. Volkov can be reached at mvolkov@volkovlawgroup.com.
  • Matt Kelly – Founder and CEO of Radical Compliance, is the former Editor of Compliance Week. Kelly can be reached at mkelly@radicalcompliance.com
  • Jonathan Armstrong – Rounding out the panel is our UK colleague, who is an experienced lawyer with Cordery in London. Armstrong can be reached at armstrong@corderycompliance.com

Ed. Note-today we have a guest post from Brian Alster, Global Head of Compliance and Supply, Dun & Bradstreet

With a growing number of complex regulations and directives, the only thing that is constant right now in the regulatory environment is change. Supply chain leaders and compliance professionals alike continue to grapple with how best to adequately identify, screen, and gain visibility into ownership structures of suppliers, resellers, manufacturers, distributors, and customers so that they understand exactly who they are doing business with at all times.

What’s at Stake?

Companies can unknowingly finance goods that are potentially obtained illegally or sold on the black market. Procurement teams that are unaware of the third-party restrictions and activities and have antiquated systems may put their company at risk. Without proper visibility, these teams could unknowingly be funding terrorism and human trafficking.

It’s not just regulatory concerns either. A higher overall demand for transparency and provenance today means there is more focus on how corporations conduct business and with whom. The demand for green and sustainable products and services, responsible sourcing, diversity in suppliers, and ethical business practices requires the corporate procurement teams to rely on consistent, fast, accurate, and global business compliance data and analytics that give them enough visibility into every supplier relationship in order to manage those relationships. At the same time, protecting brand reputation and avoiding costly non-compliance fines is also crucial. With the prevalence and speed of social media and digital news, a company’s image, honed over years or even decades, can be destroyed in mere minutes by a lack of supply chain insight.

Current Internal Challenges

As pressure mounts for Chief Compliance Officers (CCOs) to know third parties – customers, vendors/suppliers, TPIs, business partners, and acquisition targets — new pressures are growing for Chief Procurement Officers (CPOs) to Know Your Vendor (KYV), and for Chief Technology Officers (CTOs) to connect and consolidate platforms to onboard a customer, partner, or vendor. While CPOs and CCOs need to create a framework for vendor compliance around a single source of master data, most corporations use disparate systems and data that are dependent on the department’s individual compliance knowledge and corporate standards for registration and screening of outside entities. That structure is inadequate in a regulated world, and procurement leaders are often not equipped to do the level of due diligence required and instead rely on the traditional self-assessment onboarding of a supplier. That just won’t cut it.

In-depth research is needed to identify ultimate beneficial ownership (UBO) and third-party risks. No supplier with ties to or involvement in corrupt practices such as human trafficking or money laundering is going to self-report, so procurement must take the work on themselves and procure the third-party data needed to determine risk, protect against exposure, and comply with regulations around ethics, labor, diversity, health and safety, the environment, governance, and responsible sourcing.

Pressure is also mounting for companies to adopt corporate sustainability practices, such as the ten principles promoted by the United Nations Global Compact, which cover everything from areas of human rights and labor to environment and anti-corruption. Investors are also placing a premium on companies that have solid Environmental, Social and Governance (ESG) practices, because they often achieve greater profitability and are better investments. One-third of sustainability is risk management, which is comprised of regulatory management, reputation management, and operational risk management.

Real World Costs

The entire process, and the requirement for individual groups within a company to work together is daunting, but the rising costs associated with compliance pale in comparison to risk. Perhaps the most obvious and top-of-mind risk is the financial implication of being assessed fines for regulatory noncompliance. As two recent examples on the supply side illustrate, the fines can stop your business cold: Rolls-Royce agreed to pay $830 Million to UK, US, and Brazilian authorities to settle bribery and corruption allegations. In another recent example, two major Brazilian companies, Odebrecht and Braskem, were hit with a record $3.5 billion in criminal fines in what authorities say is the largest foreign bribery case in history. While Odebrecht’s US portion of the fine was significantly reduced, from $260 million to $93 million, fines that are assessed at such high million- and even billion-dollar amounts affect even the most profitable corporations.

The bottom line is that two key internal corporate functions — procurement and compliance — must work in lockstep as supply-side due diligence responsibilities fall increasingly to CPOs.

This convergence is crucial, but it’s also intuitive. Compliance teams have the master data and tools necessary to dig into third-party involvement and UBO, which is exactly what procurement teams across industries need to proactively manage third-party relationships efficiently, while accelerating due diligence, all while keeping up with ever-changing regulations and addressing customer demand.

In this episode I caught up with Paula Long, founder and CEO of DataGravity, Inc. at the recently concluded Collision 2017 Conference. Paula has worked in the data and information space for over 30 years and now helps companies with data security and data privacy. We discuss the intersection of these issues with compliance and how they all converge for a CCO or compliance practitioner. The site has some great resources for the compliance practitioner and data professional including white papers on continuous monitoring of sensitive data and detecting and tracking anomalous use and behaviors around data. Check out more about Paula and DataGravity by going to the site DataGravity.com.