Compliance officers have to be mindful of new and emerging threats.  In the past few years, cyber security and data privacy have been quickly rising as new and significant threats that corporations face in the global marketplace. The European Union has adopted a far-reaching new regulatory regime applicable to companies that conduct business in the European Union and collect any sensitive data relating to EU...

I have always been struck by the “feel good” advocacy and advice from so-called ethics “experts.”  Sure, it is great to talk about moral values, ethical principles, and other high-minded ideas that inspire an audience to embrace the value of an ethical culture.  But that is not really the point of promoting an ethical culture as part of a corporate culture. Let’s start with a...

Sanctions compliance is challenging because of the changing nature of sanctions regulations and individuals identified as Specially Designated Nationals. With each new administration, foreign policy priorities are usually played out in a variety of sanctions regimes and policies. This year, however, saw Congress enter the regulatory fray, when it imposed detailed regulatory requirements and procedures designed to constrain the current administration from making major changes...

One consequence of the ongoing Russia investigation against the current administration is increased focus and probable enforcement of the Foreign Agents Registration Act (FARA). For Washington insiders, FARA was a known requirement but strict compliance was never the rule. FARA’s purpose was aimed at encouraging disclosure of hidden relationships with foreign governments that are intended to influence US government officials. With the increased enforcement of...

How to Implement an Effective Sanctions Compliance Program Tuesday, December 19, 2017 Sign Up Here The Department of Justice and the Department of Treasury’s Office of Foreign Asset Control (“OFAC”) have aggressively enforced comprehensive and complex sanctions statutes and regulations. Global companies have to design and implement an effective sanctions compliance program in order to avoid sanctions enforcement risks. Join Michael Volkov, CEO of The...

In a follow-on prosecution and end to a twisted investigation and enforcement path, SBM Offshore agreed to settle an FCPA enforcement matter for $238 million (including a $500,000 criminal fine and $13.2 million forfeiture). Under the agreement, SBM offshore entered into a three-year deferred prosecution agreement (DPA, copy here), and a US subsidiary entered a guilty plea to one count of FCPA conspiracy. The Justice...

In a significant FCPA enforcement development, DOJ’s Deputy Attorney General (“DAG”) Rod Rosenstein announced the implementation of a new FCPA Corporate Enforcement Policy last week. (Here).  The announcement was not a surprise based on earlier statements made by DAG Rosenstein. Before outlining the specific five takeaways, there are a few issues surrounding the release of the new policy that require some comment. DAG Rosenstein implemented...

To implement an effective ethics and compliance program, global companies have to establish an effective internal investigation program.  Whether conducting a critical or routine investigation, investigators have to be able to conduct interviews in a fair and effective manner.  The success of an internal investigation often depends on the interviews of subjects and witnesses. In this podcast, Michael Volkov reviews his top 10 rules for...

Tom Fox, the Compliance Evangelist and Guru, has posted a new episode of Everything Compliance, a roundtable discussion led by Tom and including Matt Kelly, Jonathan Armstrong, Jay Rosen, and myself. During this episode, we discuss Deputy Attorney General Rod Rosenstein, the Paradise Papers, corporate monitors, and the AT&T-Time Warner merger. Here is a link to the episode. Thanks to Tom, Matt, Jonathan, and Jay!

Global companies should implement an AML program and KYC practices that follow the general outline for best practices, though it does not need to be as rigorous as a financial institution.  For most companies, AML risks can be addressed in existing policies and procedures and would not require extensive additions to a compliance program. However, a company has to document its risk assessment, mitigation strategies...