Featured Articles:

Three Critical Questions to Ask Your CEO About Your Ethical Culture

In the business world, answering questions is not the same as the game show Jeopardy.  Nor does it require an answer in the form of a question (thank goodness, although that is not a bad strategy).  CEOs are used to being put on the spot and doing the CEO-shuffle.  They are good at it – they have to answer questions from key stakeholders, the media,...

Three Important Points to Remember About Third-Party Risks

If you want to learn and read about managing third-party risks, you will have no trouble finding articles, white papers, webinars and more available to you on the Internet.  And for good reason. Third-parties create significant risks, and these risks are not just limited to bribery but extend into sanctions, money laundering, privacy and cybersecurity, human trafficking, child labor and reputational damage.  The compliance marketplace...

Episode 27 — Internal Controls and Enforcement Risks

The FCPA includes a specific requirement that a public company maintain an adequate set of internal controls.  A company’s compliance program is one component of a company’s internal controls.  Sarbanes-Oxley expended and reinforced this important requirement. The Department of Justice and the SEC have aggressively enforced the internal controls requirement.  The SEC, in particular, has expansively enforced the internal controls requirement even where a failure...

New Episode — Everything Compliance — The Year-End Wrap Up

Tom Fox, the Compliance Evangelist and Guru, has posted a new episode of Everything Compliance, a roundtable discussion led by Tom and including Matt Kelly, Jonathan Armstrong, Jay Rosen, and myself. . Here is a link to the episode. Thanks to Tom, Matt, Jonathan, and Jay!

Financial Institutions and the Glaring Absence of an Ethical Culture

Federal prosecutors and regulators have been active in tackling US banks.  In the last few weeks, the Federal Reserve took the extraordinary step of blocking Wells Fargo’s ability to grow its business until it improves its corporate governance and risk and compliance management; and Rabobank and US Bank were punished with six-figure settlements for AML and Bank Secrecy Act violations. When you review the facts,...

The Obvious Partnership — Compliance and Cybersecurity

Cybersecurity compliance, like the compliance profession, is rapidly growing. The forces pushing cyber compliance are two-fold: the ever-increasing and changing nature of cyber threats and harms, and the logical application of compliance strategies. Compliance has to work closely with in-house corporate information technology. To the extent a company outsources information technology to a cloud provider, compliance will serve an even more important function in coordinating...

US Bancorp Pays $613 Million and Joins the Ranks of AML Violators

Prosecutors and regulators are targeting global banks.  The beginning of 2018 has seen dominated by enforcement actions of financial institutions – the Federal Reserve’s unprecedented enforcement action against Wells Fargo; Rabobank’s payment of $600 million for significant AML violations; and US Bancorp’s (USB’s) recent $613 million settlement AML violations. (Documents Here). In the latest enforcement action, USB entered into a two-year deferred prosecution agreement (DPA)...

Rabobank Coughs Up $368 Million and Pleads Guilty to Conspiracy to Money Launder and Obstruct Investigation

The Justice Department announced a guilty plea by a subsidiary of Rabobank, a Dutch global bank, to a conspiracy to violate money laundering laws and obstruct a regulatory investigation of Rabobank’s activities in California.  (Copy of Plea Agreement Here).  Rabobank agreed to pay $368 million in forfeited funds.  Rabobank’s settlement follows the deferred prosecution agreement with George Martin, a Rabobank manager in Southern California, who...

Episode 26 — Federal Reserve Blocks Wells Fargo Growth In Response to Governance and Risk Management Disaster

In an unprecedented action, on February 2, 2018, the Federal Reserve restricted Wells Fargo’s ability to grow its business until it implements comprehensive improvements to its board governance and risk and compliance systems.  Citing Wells Fargo’s poor record of governance and risk management resulting in the community banking sales incentive scandal and continuing problems at the bank, the Federal Reserve imposed detailed governance and risk...

Planning for the Perilous Consequences of a Data Breach

The nightmare scenario for corporate boards and senior executives revolves around the impact of a major data breach. We have seen this first hand with Equifax, Anthem Healthcare, and Target, as prime examples.  In the Equifax case alone, it is estimated that approximately 140 million individuals had their information hacked in the attack.  It is easy to understand, in these circumstances, that a company can...