163 episodes

In this podcast series, I lay the best way to more fully operationalize a compliance program. Each month I will consider a different topic in a best practices compliance program. This podcast series provides the compliance practitioner with a thorough grounding in the key aspects of a best practices compliance program based on the most recent information from the regulators. Each episode concludes with three key takeaways with which you can enhance your compliance program at little or no cost. If you are a compliance professional, this is the podcast series for you.

31 Days to a More Effective Compliance Program Thomas Fox

    • Management

In this podcast series, I lay the best way to more fully operationalize a compliance program. Each month I will consider a different topic in a best practices compliance program. This podcast series provides the compliance practitioner with a thorough grounding in the key aspects of a best practices compliance program based on the most recent information from the regulators. Each episode concludes with three key takeaways with which you can enhance your compliance program at little or no cost. If you are a compliance professional, this is the podcast series for you.

    OIG Guidance for Boards Regarding Compliance

    OIG Guidance for Boards Regarding Compliance

    The OIG white paper “Practical Guidance for Health Care Governing Boards on Compliance Oversight” (OIG Guidance), provides an excellent road map for thinking about how to structure a Compliance Committee for your Board and a Board’s obligations. As an introduction, the OIG Guidance states that a Board must act in good faith around its obligations regarding compliance. This means that there must be both a corporation information and reporting system and that such reporting mechanisms provide appropriate information to a Board. It states: The existence of a corporate reporting system is a key compliance program element, which not only keeps the Board informed of the activities of the organization, but also enables an organization to evaluate and respond to issues of potentially illegal or otherwise inappropriate activity.
    The OIG Guidance sets out four areas of Board oversight and review of a compliance function:

    Roles of, and relationships between, the organization’s audit, compliance, and legal departments;

    Mechanism and process for issue-reporting within an organization;

    Approach to identifying regulatory risk; and

    Methods of encouraging enterprise-wide accountability for achievement of compliance goals and objectives.

    The OIG Guidance is an excellent review for not only compliance professionals and others in the healthcare industry but a good primer for Boards around their own duties under a best practices compliance program. The U.S. Sentencing Guidelines, the Hallmarks of an Effective Compliance Program, the OIG Guidance, and OIG Corporate Integrity Agreements can be used as baseline assessment tools for Boards and management in determining what specific functions may be necessary to meet the requirements of an effective compliance program.
    Three key takeaways:

    Information flow up to the Board is critical.

    Compliance should be institutionalized in your company as a way of life.

    A Board needs to consider all risks.

    This month's sponsor is Affiliated Monitors, Inc. 

    • 11 min
    Compliance expertise on the Board

    Compliance expertise on the Board

    Every Board of Directors need a true compliance expert sitting at the table. Almost every Board has a former CFO, former head of Internal Audit or persons with a similar background and often times these are also the Audit Committee members of the Board. Such a background brings a level of sophistication, training and SME that can help all companies with their financial reporting and other finance-based issues. So why is there not such compliance SME at the Board level?
    This requirement was set out in 2017 in the FCPA Corporate Enforcement Policy, where one of the criteria to be evaluated in compliance program is “the availability of compliance expertise to the board;”. Finally, in the 2020 Update to the Evaluation of Corporate Compliance Programs, under the section entitled Oversight, it posed the following questions What compliance expertise has been available on the board of directors?
    The DOJ and Securities and Exchange Commission brought this concept forward into the FCPA Resource Guide, 2ndedition. This means that when your company is evaluated by the DOJ, under the factors set out in the 2020 Update and the FCPA Corporate Enforcement Policy, to retrospectively determine if your company had a best practices compliance program in place at the time of any violation, you need to have not only the structure of the Board-level Compliance Committee but also the specific SME on the Board and on that committee.
    Three key takeaways:

    Boards must have compliance expertise.

    Government regulators and shareholder groups have both called for greater compliance expertise at the Board.

    Compliance expertise at the Board works up and down as such expertise can be a resource to both the CCO and Compliance Department.

    This month's sponsor is Affiliated Monitors, Inc. 

    • 11 min
    BOD Compliance Committee

    BOD Compliance Committee

    Under the U.S. Sentencing Guidelines, the Board must exercise reasonable oversight on the effectiveness of a company’s compliance program. The DOJ Prosecution Standards posed the following queries: 1) Do the directors exercise independent review of a company’s compliance program? and 2) Are directors provided information sufficient to enable the exercise of independent judgment? Moreover, the FCPA Resource Guide, 2nd edition required a CCO to have direct access to the Board or an appropriate sub-committee and requires a tangible commitment from the top levels of an organization, starting with the Board of Directors, that the company creates an ethical culture.
    This requirement was brought forward in 2017 in the FCPA Corporate Enforcement Policy. Finally, nn the 2020 Update to the Evaluation of Corporate Compliance Programs, under the section entitled Oversight, it posed the following questions What compliance expertise has been available on the board of directors? Have the board of directors and/or external auditors held executive or private sessions with the compliance and control functions?
    Today’s regulatory climate and hyper-transparency in social media make a Board Compliance Committee’s task seem Herculean. But more than simply the regulatory climate, shareholders are taking a much more active role in asserting their rights against Boards of Directors. It is incumbent that Boards seek out and obtain sufficient information to fulfill their legal obligations and keep their company off the front page of the New York Times, Wall Street Journal or Financial Times, just to name a few, to prevent serious reputational damage. A Board Compliance Committee is a good place to start.
    Three key takeaways:

    The Board Compliance Committee exists to provide oversight and assist the CCO, not to substitute its judgment for that of the CCO.

    The Board Compliance Committee should work to hold the CCO accountable to hit appropriate metrics.

    The Board Compliance Committee is ideal for leading the efforts around strategic planning.

    This month's sponsor is Affiliated Monitors, Inc. 

    • 11 min
    Prudent discharge of compliance obligations

    Prudent discharge of compliance obligations

    What are the obligations of a Board member regarding the FCPA? Are the obligations of the Compliance Committee under the FCPA at odds with a director’s “prudent discharge of duties to shareholders”? Do the words prudent discharge even appear anywhere in the FCPA? In the the case of Stone v. Ritter is found the proposition that “a duty to attempt in good faith to assure that a corporate information and reporting system, which the board concludes is adequate exists.” From the case of In re Walt Disney Company Derivative Litigation, she drew the principle that directors should follow the best practices in the area of ethics and compliance. The Board has the role of monitoring the performance of the compliance function, including monitoring the performance of it using customary economic metrics, and by overseeing compliance with applicable laws and regulations. While the Board is not responsible for auditing or ferreting out compliance problems, it is responsible for determining that the company has an appropriate system of internal controls. The Board should also monitor company policies and practices that address compliance and matters affecting the public perception and reputation of the company. Every company should ensure that it conducts appropriate compliance training for employees and conducts regular compliance assessments. Finally, the Board must take appropriate action if and when it becomes aware of a material problem that it believes management is not properly handling.
    There is no reference to prudent discharge in the FCPA itself. However, a Board member might well think more than twice about the prudent discharge of duties to the shareholders as both the DOJ and SEC now might well wish to look into a Board’s prudent discharge of duties under the FCPA.
    Three key takeaways:

    What is prudent discharge?

    What is your process for doing compliance at the Board level?

    A Board must have active rather than passive engagement around compliance.


    This month's sponsor is Affiliated Monitors, Inc.

    • 11 min
    Legal requirements of the Board regarding compliance

    Legal requirements of the Board regarding compliance

    Welcome to this month's offer of 31 Days to a More Effective Compliance Program. This month I will focus on the Board of Directors and its role in an effective compliance program. At the end of August, you will not only have a good summary of the basics of a best practices compliance program for a Board of Directors but information that you can incorporate into your compliance regime.
    Case law. As to the specific role of best practices in the area of general compliance and ethics, one can look to Delaware corporate law for guidance. The case of In Re Caremark International Inc., 698 A.2d 959, (Del. SCt. 1996) was the first case to hold that a Board’s obligation “includes a duty to attempt in good faith to assure that a corporate information and reporting system, which the board concludes is adequate, exists, and that failure to do so under some circumstances may, in theory at least, render a director liable for losses caused by non-compliance with applicable legal standards.”
    2020 FCPA Resource Guide, 2nd edition and U.S. Sentencing Guidelines. A Board’s duty under the FCPA is well-known. In the FCPA Resource Guide, 2nd edition, there are two specific references to the obligations of a Board. The first, in Hallmark No. 1, states: “Within a business organization, compliance begins with the board of directors and senior executives setting the proper tone for the rest of the company.” The second is found under Hallmark No. 3 and notes that the CCO should have “direct access to an organization’s governing authority, such as the board of directors and committees of the board of directors (e.g., the audit committee).” Further, under the U.S. Sentencing Guidelines, the Board must exercise reasonable oversight on the effectiveness of a company’s compliance program. The DOJ’s Prosecution Standards posed the following queries: 1) Do the Directors exercise independent review of a company’s compliance program? and 2) Are Directors provided information sufficient to enable the exercise of independent judgment?
    From the Delaware cases, a Board must not only have a corporate compliance program in place but actively oversee that function. Further, if a company’s business plan includes a high-risk proposition, there should be additional oversight. In other words, there is an affirmative duty to ask the tough questions. The specific obligations set out regarding the FCPA drive home these general legal obligations down to the specific level of the statute.
    Three key takeaways:

    The Delaware courts have led the way with the In Re Caremark and Stone v. Ritter decisions.

    Note the obligations of the Board under the Ten Hallmarks of an Effective Compliance Program.

    The U.S. Sentencing Guidelines also require Board involvement and oversight.

    A special thanks to this month's sponsor, Affiliated Monitors, Inc. 

    • 11 min
    Wrap up of 3rd Party Management and Preview of Boards of Directors

    Wrap up of 3rd Party Management and Preview of Boards of Directors

    In this final episode for the month of July on 31 Days to a More Effective Compliance Program, I review the past month's offerings and preview the month of August where I take up the topic of Boards of Directors and Compliance. 

    • 8 min

Top Podcasts In Management