Tagged: internal controls

COSO Framework: Breaking Down the Silos and Bringing Everyone Together (Part II of II)

The COSO framework contains important principles for structuring a global organization and its internal controls, including compliance policies and procedures. Compliance officers have to learn and use the COSO framework when communicating and convincing the CFO to embrace a new world with both compliance and financial controls within an effective governance framework. Global companies are recognizing (sometimes slowly) that management silos in a company prevent...

CCOs and CFOs: Bringing Everyone Together

Chief compliance officers are politicians and have to possess great interpersonal skills. They have to “get along” and persuade key constituencies — most especially their business partners – to commit and devote time and resources to ethics and compliance. In order to operationalize their programs, CCOs have to build relationships with important partners – human resources, legal, internal audit, procurement, and finance. Up to this...

Ethics and Compliance Controls – Different Means to the Same Objective

People are getting confused. A company’s ethical culture is not a touchy-feely concept that makes everyone warm and cozy all over. At the same time, compliance controls are not hard and fast rules that are mechanically enforced with no regard to purpose or results. I always get frustrated when people like to classify concepts as either black and white. People are uncomfortable with grey concepts,...

Ensuring Compliance with Controls

Let’s start with some basics – a public company is required to implement a set of internal controls. A compliance program is a critical part of a company’s internal controls. A company’s compliance program is only as effective as its board, executives, managers and employees adhere to the compliance policies and procedures. If a company’s constituents do not comply with the compliance program and policies,...

Review, Revise and Re-Organize Your Company’s Internal Controls (Part II of II)

Assuming you made it through Part I of this two-part posting about internal controls, we need to consider a new approach to the design and implementation of internal controls. The first hurdle to overcome, as always, is acknowledgement that a new approach is needed. The CFO and the financial team will inevitable resist because this has long been an area where they are the experts,...

A New Approach to Internal Controls (Part I of II)

The Justice Department and the Securities and Exchange Commission have dedicated more time and energy to understanding a company’s internal controls and enforcing basic requirements that companies maintain effective internal controls. For prosecutors, companies often fall short when it comes to following their internal controls. If you follow my blog, you know that I have often predicted that DOJ will eventually prosecute criminally an individual...

C-Suite Misconduct Results in Sociedad Quimica Y Minera FCPA Resolution with DOJ and SEC

In an unusual FCPA enforcement action, the Justice Department and the SEC resolved FCPA violations against Sociedad Quimica y Minera, a Chilean chemical and mining company, for a total of $30.5 million, for paying approximately $15 million in bribes to Chilean officials. SQM agreed to a deferred prosecution agreement (DPA) with DOJ and to assignment of a two-year independent compliance monitor. The odd aspect of...

The SEC’s Continuing Refinement of Internal Controls Enforcement

My good friend and colleague, Tom Fox, has written an interesting post (here) on the SEC’s recent United Airlines settlement for $2.4 million for domestic bribery. As Tom has noted, the interesting aspect of the SEC’s enforcement theory is that United violated its Business Code of Ethics (and Continental’s Code of Ethics, which was in force in 2011 as well), resulting in the failure to...

Och-Ziff: Accountability and Internal Controls (Part IV)

There are a number of important lessons from the Och-Ziff enforcement action, some of which are related to the private equity and hedge fund industry and some of which apply across all businesses. SEC regulations require public companies to design and implement a system of internal controls. As FCPA enforcement has increased, companies have to question how to design and implement an effective system of...

Lessons Learned from AstraZeneca’s $5.5 Million SEC FCPA Settlement

Last week, the SEC added another pharmaceutical company to its list of FCPA violators when AstraZeneca agreed to a $5.5 million settlement with the SEC. AZ is now the 25th drug or medical device company to pay an FCPA penalty for violating the FCPA. AZ’s violations were not limited to China as a number of recent FCPA enforcement actions against drug/medical device companies, but included...