Compliance Perspectives SCCE

By Adam Turteltaub



Mobile devices are terrible if you need to retrieve information from them. Employees hate handing them over and there are a ton of apps in which data disappears automatically. All in all, it’s just a nightmare.



But, the government still wants you to track what employees are saying, and you may have to produce that data.



Matt Rasmussen (LinkedIn), CEO, and Ryan Frye (LinkedIn), Chief Innovation Officer of ModeOne want to discourage you from falling into despair over the prospect. Employee resistance can be overcome by taking a targeted approach and using electronic tools that only seek business-related data.



Even before you get to that point, though, they recommend taking the time to train the workforce about what rights the company has to the data so this doesn’t come as an intrusive surprise.



Listen in to learn more about how to make retrieving mobile device data a bit less painful.

By Adam Turteltaub



“What else should the board be asking?”



It’s a good question in general and the tile of a session at the SCCE Compliance & Ethics Institute, which will be held September 22-25, 2024 in Grapevine, TX.



In this podcast, the leaders of that session, Deborah Spanic, Chief Ethics & Compliance Officer of Clarios, and David Gebler (LinkedIn), Principal of Leading with Ethics, share that there are three fundamental questions the board should be asking about the compliance program:



* Is the compliance program well designed and aligned with risk?

* Is the program being applied earnestly and in good faith with adequate resources?

* Does the compliance program work in practice?



From there a host of other questions fall out including those focused on culture and on the connection between the compliance program and the enterprise’s overarching strategy.



Making sure the board is asking the right questions, and getting the answers it needs, requires a strong relationship with the compliance team. In Deborah’s case that includes being a standing agenda item for the audit committee each quarter and having a one-on-one conversation each mid-cycle with the audit committee chair.



Listen in to learn more, and then be sure to join their session in Grapevine at the  Compliance & Ethics Institute.

By Adam Turteltaub



How do you get employees working remotely, who may have less of a connection to the company, to make the effort and take the risk of reporting potential wrongdoing?



For Evie Wentink, it starts with recognizing the need to encourage a culture of reporting for these workers. It also includes recognizing that, even though they are remote, it doesn’t mean that they aren’t victims of or witnesses to a range of bad behaviors including harassment and bullying.



Compliance teams should also recognize that remote workers lack many of the casual opportunities to discuss with peers what they are seeing and what to do about it.



To help overcome these challenges, she recommends training and creating multiple reporting avenues.



She also recommends training managers in active listening so that they know what do when an employee walks through the virtual door with a concern.

By Adam Turteltaub



It’s not for nothing that there’s a year in the title of this blog post and podcast. Social media risks change frequently, explains Kortney Nordrum, VP, Regulatory Counsel & Chief Compliance Officer at Deluxe. She is the author of the chapter “Social Media Compliance” in The Complete Compliance and Ethics Manual and will be leading the session Social Media:  Old News and New Risks at the 23rd Annual Compliance & Ethics Institute.



These days the range of those risks is substantial. TikTok poses a notable challenge, since it accesses most everything on the user’s phone, which means work email and files may be exposed.



At the same time the FTC and NLRB have been very aggressive in their enforcement. The FTC has been scrutinizing endorsements – and a “like” may count as one – by employees of their employer’s products and services. Meantime, the NLRB has made it clear that it believes employees have wide, although not complete, latitude about what they say about their workplace online.



And, if that wasn’t enough, the marketing and social media teams need to be trained (and monitored) for what they are saying and doing in the company’s name.



What should you do? She recommends training with concrete examples, teaching people some common sense, and keeping lines of communication open.



To learn more, listen in and then don’t miss her session at the 23rd Annual Compliance & Ethics Institute.

By Adam Turteltaub



Everyone wants a mentor. Not everyone gets one, and not every mentor-mentee relationship works out.



Sarah Couture, Principal at Couture Compliance wants to change that. She’s the author of the chapter, “Mentoring for Compliance Professionals” in the Complete Healthcare Compliance Manual.



In this podcast, she offers advice for mentors and mentees both. Here’s a sample:



Mentors and Mentees



* Level setting is essential for ensuring expectations are aligned

* Think about your objective, what frequency of meetings makes sense and for how long the relationship should last

* Be humble and transparent



Mentees



* Look for someone you respect

* Don’t only look for people who know exactly what you do; be open to outside expertise

* Let your goals help drive your mentor selection



Mentors



* Consider if you truly have the time

* Ask: “Can I provide what this person is looking for?”

* Only select mentees you respect and click with

* Ask if the mentee is curious, willing to learn and to grow



Listen in to learn more about how to make the mentor-mentee relationship work, and, if you subscribe to the Complete Healthcare Compliance Manual, be sure to read Sarah’s chapter.

By Adam Turteltaub



In some ways it’s still the Wild West when it comes to AI, with developments happening faster than most can fathom and the law can respond. At the same time, though, the sheriff has begun to arrive.



Gwen Hassan (LinkedIn), Deputy Chief Compliance Officer at Unisys and Adjust Professor at Loyola University Chicago School of Law explains that the EU already has a law in place with a particular focus on ranking the risks of AI, including those that must not be taken, and an emphasis on the privacy implications.



In the US, there is legislation proposed that would require clear notification when content is created using generative AI. It has yet to pass.



Thus far the strongest direction in the US comes out of the White House, where President Biden issued the Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence.  The order urges ethical generative AI guidelines, sets key goals for what good uses of AI are and calls upon various departments of the government to provide further analysis and direction.



So what should compliance teams do now, despite the legislative holes? She recommends looking at how to extend the existing compliance program to AI and, as AI evolves, develop more specific programs that maps to its risks.



Listen in to learn more about the emerging regulatory climate for AI.