Tagged: CCO

The Importance of Compliance Independence

The Importance of Compliance Independence

I did not expect to return to this issue.  This was an “old” issue that was resolved many moons ago.  The issue was a professional debate over the reporting relationship between the chief compliance officer (CCO) and the chief legal officer (CLO)/general counsel. After 20 years of debate, CCOs managed to sway the professional community: CCOs have to operate independently, without improper interference by the...

The Compliance “Curse” — Learning to Compromise Principles

The Compliance “Curse” — Learning to Compromise Principles

Compliance lessons are life lessons.  Compliance professionals are, by their nature, optimistic people. They see challenges as new opportunities to strive closer to an ideal.  Compliance professionals live in the shadow of the ideal — some may call it the compliance curse. Like the famous artist curse, compliance professionals suffer from an internal struggle — the obsession with perfection, an effective compliance program, and the...

SEC Sues SolarWinds and its CISO for Fraud Over Botched Data Breach Response, Marking New Era in Cyber Enforcement

SEC Sues SolarWinds and its CISO for Fraud Over Botched Data Breach Response, Marking New Era in Cyber Enforcement

The U.S. Securities and Exchange Commission has a message for publicly-traded companies that suffer a data breach: own up. On Monday, the SEC sued Texas-based SolarWinds––and its Chief Information Security Officer (“CISO”)––for defrauding investors by allegedly failing to disclose known security risks in public filings. This marks the SEC’s first ever enforcement action against an individual corporate officer over their mishandling of a data breach––but...

Episode 291 — Interview of Mary Shirley on Her New Compliance Book

Episode 291 — Interview of Mary Shirley on Her New Compliance Book

Mary Shirley, a leading voice in the legal and compliance field, has just released her new book — Living Your Best Compliance Life: 65 Hacks & Cheat Codes to Level Up Your Ethics & Compliance Program. Order Mary’s New Book Here. Mary is a well-known advocate, speaker and compliance professional. She regularly speaks at Compliance events. She is mentor to the Compliance Profession. In this Episode,...

Episode 282 — The Evolving Partnership: Compliance and Cybersecurity

Episode 282 — The Evolving Partnership: Compliance and Cybersecurity

If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy.  The rapid elevation of this risk is reflected in weekly headlines announcing ransomware, cyber-attacks and data breaches. Companies that have experienced a cyber-attack are forever changed.  The board and senior executive team quickly...

The Evolving Partnership: Compliance and Cybersecurity (Part I of IV)

The Evolving Partnership: Compliance and Cybersecurity (Part I of IV)

If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy.  The rapid elevation of this risk is reflected in weekly headlines announcing ransomware, cyber-attacks and data breaches.  In NAVEX’s recent State of Compliance Survey, one in three respondents indicated their company had experienced...

CCOs and Execution of Compliance Certification: A Significant Risk? (Part III of III)

CCOs, by definition, are careful and deliberate.  It comes with the profession.  As risk managers, CCOs are skilled in identifying, assessing and acting in a risk environment. The impact of the new CCO certification requirement, however, presents serious risks that cannot be brushed off or ignored in the face of assurances that prosecutorial discretion will protect CCOs from misguided prosecutions.  Frankly, CCOs recognize that there...

DOJ CCO Certification Requirements and DOJ Compliance Mandates (Part II of III)

DOJ CCO Certification Requirements and DOJ Compliance Mandates (Part II of III)

The new DOJ Certification requirements certainly raise a number of new issues and risks for senior management and chief compliance officers.  In Part I of this series, I outlined the specific language and the Plea Agreement standards imposed on companies that enter into a Plea Agreement with DOJ for FCPA violations. DOJ has reiterated its support for this new Certification requirement.  Indeed, a DOJ official...

The State of the Chief Compliance Officer: Looking Back and to the Future  (Part I of III)

The State of the Chief Compliance Officer: Looking Back and to the Future (Part I of III)

To start the New Year, it is a good idea to review the trends in the role and status of Chief Compliance Officers.  As we witness the continuing growth in stature of the CCO, we need to exercise caution.  Some troubling concerns are becoming apparent.  With a new Attorney General and Biden Administration, CCOs have to be mindful of their ever increasing responsibilities and concomitant...

DOJ’s Pilot Program – The Five Factors Designed to Nurture the Compliance Function

DOJ’s Pilot Program – The Five Factors Designed to Nurture the Compliance Function

Perhaps the most positive and important aspect of the FCPA Pilot Program was the announcement of forward-looking and innovative remediation requirements for corporate compliance programs. As an aside, DOJ’s FCPA Pilot Program was a disappointment and failed to deliver meaningful incentives for companies to self-disclose FCPA violations to the Justice Department. The difference between 25, 50 and 75 percent from the bottom of the sentencing...