Author: Michael Volkov

Webinar: How to Conduct Periodic Reviews and Assessments of Your Compliance Program

Webinar: How to Conduct Periodic Reviews and Assessments of Your Compliance Program Wednesday, November 15, 2017, 12 Noon EST Sign Up Here An effective compliance program requires that companies review and improve their compliance programs. A company should regularly review and test its controls, and address potential weaknesses in its compliance program. The Justice Department and the SEC have encouraged companies to conduct regular tests...

Episode 8 — The Critical Importance of Beneficial Ownership to Compliance

In the aftermath of the Panama Papers scandal and increased focus on shell companies and hidden ownership interests, US enforcement and regulatory agencies are increasing focus on beneficial ownership of related entities.  In this era of aggressive enforcement, global companies have to integrate beneficial ownership requirements when conducting due diligence of business associates and when engaging customers in order to ensure full compliance with anti-corruption,...

It Takes a Village . . . To Commit Bribery

A company that commits bribery has to undergo a soul-searching examination of its operations, from top to bottom. Bribery violations come in all shapes and forms – systemic violations like Siemens, Daimler and other enforcement actions from the past; country (or regional) specific violations that involve a group of employees sometime limited to a specific function (e.g. Johnson Controls); and small group enforcement actions, sometimes...

FCPA Enforcement and Credit for an Effective Compliance Program

The Justice Department has touted its efforts to bring greater transparency to FCPA enforcement. There is no question that in the last five years the Justice Department has moved the needle – the FCPA Guidance issued in 2012; the release of the April 5, 2016 Pilot Program; the Evaluation of Corporate Compliance Programs issued in February 2017; the release of letters confirming declinations awarded to...

Watch Exiger Webinar Replay “How AI is Transforming Third Party Risk Management”

I was pleased to participate in a live webinar with Exiger on artificial intelligence and third party risk management.  Watch the 60 minute webinar replay — here. The growing complexity of third party relationships and the immediate regulatory and reputational risks of those third parties has procurement teams, compliance officers and legal departments wondering what to do. When and how should they do due diligence?...

Five Essential Steps to Improve Corporate Board Oversight and Support of Compliance

Corporate boards need to devote more energy to oversight and improvement of corporate culture and compliance. Over the last ten years, we have witnessed corporate scandals and misconduct that could have been prevented or, at least, mitigated by a corporate board’s proper oversight, and management of a company’s culture and compliance program. All too often, corporate boards fail to identify potential red flags of serious...

Episode 7 — The Perils of Compliance with the Russia Sanctions Program

The Ukraine-Russia Sanctions program is a complex set of executives orders, statutes and regulations defining prohibited business transactions with Russian entities and individuals.  The sanctions program was instituted in 2014 in response to Russia’s invasion of the Ukraine and annexation of Crimea.  In August 2017, Congress enacted statues and directed OFAC to implement additional regulations.  Congress acted in response to fears that the Trump Administration...

ISO 37001: Training, Employee Concerns, and Internal Investigations (Part V of V)

In my final posting on ISO 37001, I review requirements for training, raising concerns and internal investigations as part of a company’s anti-bribery risk management system. I could certainly write more on ISO 37001 because there are other issues that I have not addressed, including audits, assessments and reviews of the anti-bribery risk management system. In this posting, it is important to identify and tailor...

ISO 37001: Risk Assessments, Employees, and Due Diligence Requirements (Part IV of V)

In Part IV of my series on ISO 37001, I examine requirements relating to risk assessments, design of policies and procedures, and due diligence requirements. Section 4.5 sets out requirements for conducting risk assessments. ISO 37001 requires companies to conduct regular risk assessments in order to identify the bribery risks the company might reasonably anticipate; analyze, assess and prioritize the identified bribery risks; and evaluate...

ISO 37001: Board, Top Management and Anti-Bribery Compliance Responsibilities (Part III of V)

In Part III of my continuing series on ISO 37001, today I examine the board and top management’s respective responsibilities in the implementation and oversight of an anti-bribery management system. ISO 37001 defines a “governing body” to include a supervisory board or board committee as having the ultimate responsibility for company activities, governance and policies of its anti-bribery management system. “Top management” is responsible for...