Despite the COVID-19 pandemic crisis, the SEC is continuing its FCPA enforcement activities. The SEC lawyers and staff have brought two cases recently – an enforcement action against a former Goldman Sachs executive and the...more
Corporate boards and management face serious challenges in navigating the COVID-19 pandemic. In this difficult environment, companies have to be mindful to apply best practices and exercise care to fulfill their duties of...more
3/31/2020
/ CARES Act ,
Compliance ,
Coronavirus/COVID-19 ,
Corporate Governance ,
Crisis Management ,
Duty of Care ,
Duty of Loyalty ,
Families First Coronavirus Response Act (FFCRA) ,
Financial Stimulus ,
Government Shutdown ,
Internal Controls ,
Sick Pay
Cardinal Health (“Cardinal”) agreed to pay the SEC $8.8 million for FCPA violations in China relating to its internal controls and books and records. Cardinal acknowledged facts relating to internal controls deficiencies and...more
3/4/2020
/ Books & Records ,
Cardinal Health ,
China ,
Civil Monetary Penalty ,
Corruption ,
Disgorgement ,
Enforcement Actions ,
Foreign Corrupt Practices Act (FCPA) ,
Internal Controls ,
Marketing ,
Pharmaceutical Distribution ,
Pharmaceutical Industry ,
Securities and Exchange Commission (SEC) ,
Subsidiaries ,
White Collar Crimes
Chief compliance officers are heroes. They labor every day to advance a company’s ethics and compliance program without much recognition, with few resources, and with well-known gaps in their programs....more
3/3/2020
/ Anti-Corruption ,
Chief Compliance Officers ,
Compliance ,
Compliance Management Systems ,
Corporate Culture ,
Corporate Governance ,
Corruption ,
Ethics ,
Internal Controls ,
Leadership ,
Risk Management ,
White Collar Crimes
The Justice Department “listens and learns” from companies and compliance practitioners. As part of every enforcement action, DOJ prosecutors review and assess compliance programs in accordance with the standards explained...more
2/27/2020
/ Anti-Corruption ,
Chief Compliance Officers ,
Compliance ,
Confidentiality Policies ,
Corporate Culture ,
Corruption ,
Department of Justice (DOJ) ,
Incident Response Plans ,
Internal Controls ,
Internal Reporting ,
White Collar Crimes
As companies move forward on third-party risk management programs, and as automated third-party risk solutions are being implemented, compliance professionals have to re-examine and re-balance the allocation of resources and...more
Compliance officers face almost an infinite number of risks – not to be trite, but CCOs can drive themselves crazy identifying every plausible legal and compliance risk a company faces. I am exaggerating a little bit to make...more
2/11/2020
/ Anti-Corruption ,
Chief Compliance Officers ,
Compliance ,
Compliance Management Systems ,
Cooperative Compliance Regime ,
Corporate Governance ,
Ethics ,
Internal Controls ,
Policy Management ,
Risk Management ,
Third-Party Risk ,
White Collar Crimes ,
Willful Misconduct
I am reluctant to start off the New Year with a negative comment or posting. But I have a significant concern about the path and current state of ethics and compliance....more
1/24/2020
/ Automation Systems ,
Chief Compliance Officers ,
Compliance ,
Corporate Governance ,
Ethics ,
Internal Controls ,
Leadership ,
Risk Management ,
Senior Managers ,
Technology ,
Vendors
As a passionate supporter of the compliance function, I continue to advocate for compliance officers and the importance of compliance to overall governance. Good compliance means good business – we all know that....more
The Sweden-based telecommunications company, Ericsson, agreed to a pay a total of $1 billion (yes, billion with a “B”) for FCPA violations.
Ericsson entered into settlement agreements with DOJ and the SEC. Ericsson agreed to...more
12/8/2019
/ Anti-Bribery ,
Books & Records ,
Bribery ,
Corporate Misconduct ,
Corporate Monitoring ,
Criminal Conspiracy ,
Criminal Prosecution ,
Deferred Prosecution Agreements ,
Department of Justice (DOJ) ,
Foreign Corrupt Practices Act (FCPA) ,
Guilty Pleas ,
Internal Controls ,
Securities and Exchange Commission (SEC) ,
Settlement Agreements ,
Statutory Violations ,
Telecommunications
Even the mighty can fall – Apple agreed to pay OFAC $467k for violations of the Foreign Narcotics Kingpin Sanctions regulations.
In 2008, Apple entered into an applications development agreement with SIS, a Slovenian...more
12/3/2019
/ Anti-Corruption ,
App Store ,
Apple ,
Compliance Management Systems ,
Corruption ,
Foreign Narcotics Kingpin Designation Act ,
Foreign Narcotics Kingpin Sanctions ,
Internal Controls ,
Mobile Apps ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Regulatory Requirements ,
Regulatory Violations ,
Sanction Violations ,
Screening Procedures ,
Slovenia ,
Software ,
Transfer of Assets ,
White Collar Crimes
Just to repeat myself – pharmaceutical and medical device firms face extraordinary risks of enforcement under the False Claims Act. While everyone likes to write and focus on FCPA or anti-corruption risks for global drug and...more
10/23/2019
/ Anti-Kickback Statute ,
Compliance ,
Cooperation ,
Corporate Counsel ,
Corporate Integrity Agreement ,
Corruption ,
Criminal Conspiracy ,
Criminal Prosecution ,
Deferred Prosecution Agreements ,
Dementia ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
False Claims Act (FCA) ,
Fraudulent Marketing ,
Health Care Providers ,
Healthcare Fraud ,
Internal Controls ,
Kickbacks ,
Long Term Care Facilities ,
Medical Devices ,
OIG ,
Pharmaceutical Industry ,
Physicians ,
Popular ,
Prescription Drug Coverage ,
Prescription Drugs ,
Qui Tam ,
Whistleblowers ,
White Collar Crimes
Without belaboring all the feel good and esoteric discussion surrounding societal ethics and applying these concepts to business ethics, I would suggest that we focus on the term “business ethics” by focusing on the concept...more
Most compliance programs include some form of internal compliance committee separate from the company’s audit committee. An internal compliance committee can play a very important role in advancing a compliance program....more
We all know that businesses rely on a large number of third-party vendors to support their business operations. Many of these third parties require access to a company’s data and its internal information and technology...more
9/11/2019
/ Class Action ,
Compliance ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Loss Prevention ,
Data Protection ,
Hackers ,
Incident Response Plans ,
Insurance Claims ,
Internal Controls ,
Popular ,
Public Relations ,
Risk Assessment ,
Risk Management ,
Third-Party Service Provider
Not to say, I told you so, but around the same time that the Capital One data breach occurred, I was reminding clients that nearly half of all significant data breaches or cyber-incidents occur because of internal actors. ...more
9/10/2019
/ Amazon Marketplace ,
Capital One ,
Cloud Computing ,
Compliance ,
Credit Cards ,
Cyber Attacks ,
Data Breach ,
Data Security ,
Data Theft ,
FBI ,
Financial Services Industry ,
GitHub ,
Identity Theft ,
Internal Controls ,
Personally Identifiable Information ,
Popular ,
Risk Management ,
Risk Mitigation ,
Slack ,
Third-Party Service Provider ,
Vendors
Compliance officers and internal auditors are natural partners and allies in the compliance governance landscape. As the compliance profession and influence grew, compliance officers often leaned on internal auditors for...more
This is likely to be a politically incorrect posting. I hope I do not offend too many people, especially those new data privacy professionals.
As kids, we were always excited when an ice cream truck visited our...more
Compliance professionals are implementing their own monitoring and auditing strategies. Internal audit does not have the resources nor the time to assume responsibility for this function. If possible, internal audit may...more
As companies elevate their “game” in sanctions compliance, it is important that compliance officers critically examine the strengths and weaknesses of their compliance programs. Many companies already have a screening...more
The Microsoft FCPA settlement, while not significant in the total penalty of approximately $25 million, provides some important instructions concerning distributor and re-seller risks and mitigation strategies. ...more
7/29/2019
/ Bribery ,
Compliance ,
Corruption ,
Due Diligence ,
Foreign Corrupt Practices Act (FCPA) ,
Internal Controls ,
Meals-Gifts-and Entertainment Rules ,
Microsoft ,
Third-Party Risk ,
Third-Party Service Provider ,
White Collar Crimes
Microsoft finally resolved its FCPA enforcement action with a whimper. Notwithstanding prior suggestions that Microsoft’s investigation uncovered global conduct, Microsoft’s liability focused primarily on Microsoft’s conduct...more
7/25/2019
/ Bribery ,
Compliance ,
Corruption ,
Criminal Prosecution ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Federal Sentencing Guidelines ,
Foreign Corrupt Practices Act (FCPA) ,
Internal Controls ,
Microsoft ,
Non-Prosecution Agreements ,
Regulatory Violations ,
Securities and Exchange Commission (SEC) ,
Technology Sector ,
White Collar Crimes
Chief compliance officers have a hard job. CCOs know that fact and them fully embrace the challenges of their positions. At the same time, CCOs have extraordinary expectations placed on their shoulders – they are rarely...more
Based on its aggressive enforcement program and its recently issued Framework for Sanctions Compliance Programs, OFAC has established a new era in sanctions compliance. Trade compliance is often siloed into its own...more
It is easy to get swept up into compliance trends, prognosticators of the future, and future compliance terms such as “artificial intelligence,” or “blockchain.” Do not get me wrong, these are the terms for the future and...more