Compliance &Ethics - Society of Corporate Compliance and Ethics

More documents

Recommendations

Info

The last wordby Joe Murphy, CCEP, CCEP-IDiscipline for “failure to takereasonable steps”: Could youfind even one example inyour company?Compliance & Ethics Professional May/June 2013MurphyThere are certain parts of the FederalSentencing Guidelines standards mostfolks seem comfortable with (e.g., codesof conduct, training, helplines). And then thereare topics that it seems almost no one is comfortablewith. One example is discipline—notmany articles or presentations on that.So here is an issue I just don’tsee discussed. The Guidelines veryclearly call for:“(B) appropriate disciplinary measuresfor… failing to take reasonable stepsto prevent or detect criminal conduct.”(emphasis added)It is right there, in black andwhite, clear as day. Our Canadian friends, intheir Competition Bureau’s guidance on complianceprograms, also say:“Proper disciplinary actions should alsobe taken against managers who fail to takereasonable steps to prevent or detect misconduct.”(emphasis added)Does your discipline meet this standard?If your company’s coverage of disciplineconsists of nothing more than routine codelanguage (“violations will result in discipline,up to and including termination”), and a recordof firing junior employees for petty theft fromthe company, then can you really argue thatyou have met the language of the guidelines?What is the message of this language?Think about it. Government believescompanies routinely engage in scapegoating.Punish the little guys so the big guys get away.The language quoted above means you can’thave an officer with subordinates runningamuck, and have that officer get off by saying“Gee, I didn’t know.” If that officer had nottaken real steps to address the risk, then theofficer must be disciplined. Taking preventivesteps is every supervisor’s job.But have you ever, in the entire life of yourprogram, done that? Do you have any exampleof a manager or officer, not directly involvedin a violation, who was nevertheless subjectto “on your watch” discipline? I suspect theseare very, very rare. And when you conductinvestigations of alleged misconduct, are yourinvestigators also looking at this issue? Do theyalways include the question, “What did theboss do to prevent this violation from happening?”Or do you routinely notify and bring intothe inner circle the boss of the person beinginvestigated, even though that person might besubject to discipline under this standard? Doesyour code warn managers and officers that thisstandard applies to them? Do line and staffmanagers know that their jobs include taking“reasonable steps to prevent or detect criminalconduct”? Perhaps we need a bit more disciplinedapproach to this topic of discipline. ✵Joe Murphy (jemurphy5730 @ gmail.com) is Of Counsel to ComplianceSystems Legal Group and Editor-in-Chief of Compliance & EthicsProfessional Magazine.76 www.corporatecompliance.org +1 952 933 4977 or 888 277 4977
sTakeawaysMay/June 2013Compliance & EthicsProfessionalTear out this page and keep for reference, or share with a colleague. Visit www.corporatecompliance.org for more information.Seven strategies for preventingusers from hoarding documentsMark Diamond (page 25)»»Employee hoarding of electronic documents isan information governance change managementproblem.»»Aggressive deletion often drives undergroundarchiving, making the problem worse.»»Addressing underground archiving requires across-functional approach engaging policies,processes, tools, and technologies.»»Effective approaches create a “win” for employeesby understanding the reasons for their behaviors.»»Ongoing auditing is critical to assess programeffectiveness.You’ve identified a corporate risk—what next?C. J. Rathbun (page 33)»»The company’s choices in response to anidentified risk will depend on its risk tolerance.»»The CCO’s considerations should include howmitigating the risk will affect everyone from theboard room to the mailroom.»»The CCO’s report should be carefully designed forits target audience.»»Internal procedures may need to be changed toprevent future risks.»»Proactive monitoring and/or auditing will help youcatch problems before they become issues.Mind the gap! Where corporatepolicy and social media meetSteve Carr (page 41)»»Social media offers opportunities for broader,timely communication in a fashion peopleappreciate more than static PDF or email formats.»»The gap between liability concerns and potentialbenefits of adopting social media can often bebridged with policy and company-wide planning.»»New online tools to manage and archivesocial media, emails, and other electroniccommunications are widely available andinexpensive.»»Each organization should view social mediain its regulatory context, including Reg FD forpublicly held US companies, the Dodd-Frank Act,Sarbanes Oxley, Solvency II, and Basel III.»»Properly adopted, social media offers theopportunity to improve compliance and corporategovernance practices and even maintain or reducecosts.Political activity compliance:A complex but necessary subjectfor compliance professionalsScott Stetson (page 47)»»Corporations have substantial politicalinvolvement, which may entangle gift and conflictof interest policies.»»Compliance requirements are continually changingwith the passage of new legislation at local, state,and federal levels.»»The Government Affairs department and generalcounsel cannot do it alone.»»Non-compliance has serious organizationalimplications.»»Political compliance should be included in anorganization’s compliance plan.Powerful witness preparation:Don’t volunteerDan Small and Robert F. Roach (page 52)»»Free-flowing conversations move through a seriesof connections to seemingly unrelated topics.»»Testimony should stick to the question at handand stay on a narrow path.»»The questioner’s job is to ask clear questions, notlead the witness into volunteering information thatis inadmissible, irrelevant, or just off track.»»Don’t fill the silence—use it to prepare for whatlies ahead.»»Volunteer information only if it will clear up amisunderstanding or emphasize a key theme.You can’t cure symptomsFrank J. Navran (page 55)»»Finding the underlying problem first may avert acatastrophe later.»»Diagnostic interviews, focus groups, andsurveys will help you uncover the root cause oforganizational problems.»»Build a rapport and an atmosphere of trust beforeyou start asking the tough questions.»»A document review will give you insights intowhat employees learn about the formally statedstandards for employee conduct.»»Skills, knowledge, and conceptual models canonly take us so far in solving the organizationalproblems we face.Ethics in the workplace: TheDominican Republic perspectiveLaura Serra Nova (page 66)»»In addition to the concerns and conflicts thatarise during the hiring process, companies mayoverlook compliance management.»»Current laws in the Dominican Republic allowcompanies to establish internal manuals andprocedures, as well as codes of ethics.»»Procedural justice has played an important rolein establishing ethical standards, however, theperception required to implement such standardsneeds to be shifted in the right direction.»»State must set an example in order to mitigate the“produce-at-all-cost” mentality in the country.»»Great efforts have been made by the public and privatesector to have an ethical business environment.An invitation to connect: The FFIECembraces social media regulationCris Mattoon (page 69)»»Social media usage requires corporategovernance.»»Enterprise risk management must encompasssocial media risks.»»Federal regulators will expect organizations toactively manage social media risks.»»Compliance officers can leverage current federalaction to enhance governance.»»Failure to proactively address social media mayimpact future safety and soundness ratings.Conflict of interest: It’s not so badif I don’t get any benefit out of it.Right?Peter Fazio (page 71)»»Familial relationships among employees cancreate real conflicts of interest.»»Conflicts of interest related to employeeinteractions have a tangible cost to theorganization.»»Conflict of interest risk management should beaddressed as a component of the organization’soverall anti-fraud program.»»Disclosure of conflicts of interest to a higher leveltends to increase the trust of the discloser withoutthe intended increase in the level of professionalskepticism for the integrity of the transaction.»»The real challenge with conflicts of interest is themanner in which we react to them or ignore theirimpact on the integrity of our work.Gray areas: When ethics problemsare not exactly black or whiteFrank C. Bucaro (page 74)»»Not all ethics problems fit neatly into a black-orwhitecategory; some problems fall into a “grayarea.”»»Gray area issues can provide an opportunity todeal proactively, before issues becomes a fullblownethics problems.»»Gray area issues can help point the way to gaps inethics education or training.»»Ethics resources for employees must be known,accessible, and consistently communicated to beeffective.»»Gray area issues may not be right vs. wrongsituations, but could possibly be a right vs. rightsituation, or even right vs. “more” right.Compliance & Ethics Professional May/June 2013+1 952 933 4977 or 888 277 4977 www.corporatecompliance.org 77
Page 7 and 8:
NewsRegulatory NewsSupreme Court de
Page 9 and 10:
SCCE NewsSCCE conference News12 th
Page 11 and 12:
SCCE NewsNewsContact Eric Newman at
Page 13 and 14:
Help Keep YourCompliance ProgramFul
Page 15 and 16:
Featurequickly grasp the requiremen
Page 17 and 18:
Featureinternal or external to the
Page 19 and 20:
Michigan··Lisa Aragon, ITC Holdin
Page 21 and 22:
ANY TIME.ANYWHERE.ANY MATTEROF RISK
Page 23 and 24:
Boehme of Contentionby Donna Boehme
Page 25 and 26: Featureby Mark DiamondSeven strateg
Page 27 and 28: Featurehoarding is an information g
Page 29 and 30: Feature··Programatically control
Page 31 and 32: The Art of Complianceby Art Weiss,
Page 33 and 34: Featureby C. J. Rathbun, CCEP, FLMI
Page 35 and 36: Featureinclude the protocols you ne
Page 37 and 38: Featurecompliance audits are alread
Page 39 and 40: Empirically Speakingby Leslie Altiz
Page 41 and 42: Featureby Steve CarrMind the gap!Wh
Page 43 and 44: Featurecontinue to grow as the pace
Page 45 and 46: View from the Front Linesby Meric C
Page 47 and 48: Featureby Scott Stetson, Esq.Politi
Page 49 and 50: Kaplan’s Courtby Jeffrey M. Kapla
Page 51 and 52: Become a CertifiedCompliance & Ethi
Page 53 and 54: that kind of volunteering is all ri
Page 55 and 56: y Frank J. NavranYou can’t cure s
Page 57 and 58: groups. If they are being done “i
Page 59 and 60: ··What are the barriers to succes
Page 61 and 62: high ethical standards and practice
Page 63 and 64: about to become a headline? And, gi
Page 65 and 66: For the past 35 years, my experienc
Page 67 and 68: www.corporatecompliance.orgprofessi
Page 69 and 70: y Cris Mattoon, JD, CCEPAn invitati
Page 71 and 72: y Peter FazioConflict of interest:I
Page 73 and 74: additional internal controls to ens
Page 75: Heading off potential gray area hea
Page 79 and 80: Get expert guidance with:The Comple
show all

Compliance &Ethics - Society of Corporate Compliance and Ethics

Create successful ePaper yourself

Delete template?

Save as template?