how corporate monitors assess compliance programs€¦ · expect more: sec changes, stimulus funds,...

9/25/2013

1

How Corporate Monitors Assess

Compliance Programs

© 2013 John Hanson, Bart Schwartz and Patricia Sulzbach

What is a “Monitor”

Using Interviews to Assess Compliance & Ethics

Programs

Compliance & Ethics Program Issues/Risks

Audit Techniques and Other Tools of a Monitor


9/25/2013

2

Former Chief of the Criminal Division of the United

States Attorney’s Office in the Southern District of New

York

Founder and CEO of Decision Strategies, LLC

Chairman of Guidepost Solutions, LLC

Current Federal Monitor

Prior Federal Monitorships Under:

Department of Justice

Commodity Futures Trading Commission

Securities and Exchange Commission

Various State Attorneys General


CLARK HILL, PLC - White Collar Practice Group

Former Assistant U. S. Attorney, Senior Litigation

Counsel and Lead OCDETF Task Force Attorney

Former Naval JAG Officer

Former Federal Monitor

Named to Washington DC’s 2013 Super

Lawyers List


9/25/2013

3

Artifice Forensic Financial Services, LLC –

Executive Director & Founder

Former FBI Agent

Director of Internal Audit & Quality

Control

Current Federal Monitor

Large Consulting Firm Leadership Role &

Experience


Member of the American Bar Association’s

Standards Committee on Corporate Monitors

What is a Corporate Monitor?

An independent third-party used to verify an entity’s compliance with an agreement between the entity and a government agency or agencies and/or conduct other directed actions as per the agreement

“Morford Memorandum” – “(P)rimary responsibility is to assess and monitor a corporation’s compliance with the terms of the agreement specifically designed to address and reduce the risk of recurrence of the corporation’s misconduct, and not to further punitive goals.”


9/25/2013

4

Common Types of Agreements Requiring a Monitor: – Court and/or imposed Administrative, Settlement and/or Consent Agreements

– Pre-Trial Diversion Agreements (DPAs, NPAs)

– Corporate Integrity Agreements

– Plea Agreements

Common Terminology for “Monitors” – Independent/Corporate Monitor

– Corporate Compliance Monitor

– Independent Auditor/Accountant

– Independent Ethics Reviewer

– Compliance Monitor

– Special Compliance Official

What is a Corporate Monitor?


Current Trends Steadily increasing in frequency domestically and internationally

“Hot Areas” – Anti-Corruption (i.e. Foreign Corrupt Practices Act)

– Government Contracting

– Accounting & “Corporate” Fraud

– Healthcare

– Financial Services (Banking & Insurance)

– Export Controls

– Money Laundering

Expect More: SEC Changes, Stimulus Funds, Environmental Crimes, Healthcare Legislation, Export Controls Task Force, Suspension & Debarment

Proactive/Pre-Settlement Monitors


9/25/2013

5

A Unique Perspective

• Intimate Agency contact and knowledge about Compliance and

Ethics Program expectations

• Experience assessing and remediating “troubled” Programs in a

variety of industries and among diverse organizational structures

and cultures

• Playing “Referee” and “Coach”

• Atypical and informal access to Boards and Executives

• Pure “Independence”

• Affecting ethical tone

• Seeing success


Common Goals of a Monitor

• Guide organization towards developing a robust and effective

Compliance & Ethics Program that outlasts the Monitor

• Positively influence corporate culture/ethical tone

• Vigilance – assure timely and effective compliance with

Agreement

• Broad impact on organization

• Improvement, not punishment

• Should not limit oversight to narrow issues


9/25/2013

6

Develop a Culture in Which:

• Employees expect legal and ethical behavior of themselves/their

colleagues/their counterparties

• Employees are able to identify and recognize hazards when they

arise

• Employees have the tools/training/resources to make the right

decisions and seek advice

Common Goals of a Monitor


Benefits: The Organization

• Permits organization to continue operations

• Expert resource, guide and “teacher”

• Advocate to the Government

• Increased Board/SMT attention, resources and awareness

• “Best Practices” recognition and elevation of industry standards


9/25/2013

7

Benefits: The Government

• Agency can focus on present and future matters

• Greater likelihood of appropriate technical resources and experience – “Success”

• Greater confidence in Agreement Compliance (“Spiritual Compliance”)

• Reduces risk of recidivism – early “warning system”

• Boosts public confidence

• Educates the Agency on Compliance & Ethics Programs

• Helps assure protection of the integrity of the marketplace


Compliance Issues & Risks

• “Spiritual Compliance”

• Outsized problems from undersized units

• Focus on business units – not just compliance

• Irrational comfort with risk

• Conflict(s) between HR and Legal

• Risk analysis for resources allocation

• Training and Certification fatigue

• Vendors’ understanding of critical contributions

• Systematic integration/coordination of Program components


9/25/2013

8


• Ability to identify and respond to issues

• Investigations

• More than you think

• Dangers

• Building respect for results

• Dumping grounds

• Consistent policies and legacy policies

• Support functions understanding of their critical contributions



• Confidence to speak up, report concerns and ask questions

• Tone all over – where the top is depends on where you are

• Recognition of constant need to improve and acceptance of

responsibility

• Board/Executive understanding of Compliance & Ethics Programs

and responsibilities

• Empowered and experienced Compliance & Ethics Officer


9/25/2013

9

Monitor Tradecraft: Interviews

• Covers many areas of primary concern to a Program:

• Risk assessment

• Ethical tone assessment

• Training

• Auditing/Monitoring

• Opportunity to report

• Builds familiarity and rapport with employees


• Setting the best “Atmosphere”

• Anonymity/Confidentiality

• Building rapport and calibration of responses

• Detecting signs of anxiety (could be deception)

• Overcoming anxiety

• Documenting the interview

• Safety and security



9/25/2013

10

Broad areas of coverage:

• Background/Role

• Compliance & Ethics Risks in their Role

• Policies

• Training

• Internal Controls/Auditing/Monitoring

• Reporting Concerns

• Ethical Tone

• Program Incentives and disciplinary measures

• Non-Retaliation Policy



• Risk based

• Understand and assess internal controls

• Determine control “work-arounds” and common schemes/“red

flags” relevant to concern

• Determine appropriate sample size and selection

• Acquire and test data – follow through

• Professional Skepticism2

• Recognize triggers for investigations


Monitor Tradecraft: Audits

9/25/2013

11

Common Audit Areas for Monitors:

• Policy availability and access

• Completeness and timeliness of certifications

• Training attendance

• Follow up on certification tardiness and/or trainings missed

• Incorporation of compliance and ethics aspects into performance appraisals

• New hire orientation



Common Audit Areas for Monitors:

• Hotline calls

• Compliance/ethics related reports and investigations

• Disciplinary actions

• Non-Retaliation policy

• Risk Assessment methodology and reporting

• Program Workplan design and completion

• Board and management reporting



9/25/2013

12

Public Information & Data Mining:

• Web Search Engine Alerts

• Deep Web Monitoring

• Industry/Trade Sites

• Linked-In Groups

• Publications

• Twitter

• Webpage/Website Tracking


Monitor Tradecraft: Other

United States Sentencing Guidelines: §8B2.1 “Effective Compliance

and Ethics Program”

United States Attorneys Manual: 9-28 “Principles of Federal

Prosecution of Business Organizations”

Department of Commerce: “Don’t Let This Happen to You!!!”

Department of Health & Human Resources: “Compliance Guidance”

University of Virginia Law School: “Federal Organizational Prosecution

Agreements”


http://www.ussc.gov/guidelines/2011_Guidelines/Manual_HTML/8b2_1.htm



http://www.justice.gov/usao/eousa/foia_reading_room/usam/title9/28mcrm.htm




http://www.bis.doc.gov/enforcement/dontletthishappen2u.pdf











http://oig.hhs.gov/compliance/compliance-guidance/index.asp

http://lib.law.virginia.edu/Garrett/prosecution_agreements/home.suphp

http://lib.law.virginia.edu/Garrett/prosecution_agreements/home.suphp

9/25/2013

13

Questions?


Notes

Add something about need to see components of a Program working together

Add copyright with all of our names

how corporate monitors assess compliance programs€¦ · expect more: sec changes, stimulus funds,...

Documents