SlideShare a Scribd company logo

scce-cep-2015-01-Murray

C
Christyl Murray (Christyl_Murray@Yahoo.com)

1) The SCCE Basic Compliance & Ethics Academy provides invaluable training and networking opportunities for compliance professionals. Attendees gain concrete strategies for building effective compliance programs and fostering ethical cultures. 2) The Academy introduces attendees to industry standards and a common framework, language, and understanding of compliance. This allows practitioners from different backgrounds to work from a shared foundation. 3) Through case studies, interactive exercises, and certification preparation, the Academy employs active learning pedagogies shown to be more effective than passive learning. Attendees learn how to apply concepts to real business situations and improve their compliance programs.

1 of 8
Download to read offline
1
2
3
4
5
6
7
8
Compliance & Ethics Professional a publication of the society of corporate compliance and ethics www.corporatecompliance.org January 2015 41 The ends do not justify the means: Performance management and ethics Ruth Steinholtz 35 The evolving role of the chief compliance officer Patrick Quinlan 39 Measuring Jim  McGrath Thomas R. Fox 23 Some realism about risk assessments Scott Killingsworth Meet Barbara Harmon Compliance and Ethics Program Lead Alyeska Pipeline Service Company See page 16 This article, published in Compliance Ethics Professional, appears here with permission from the Society of Corporate Compliance Ethics. Call SCCE at +1 952 933 4977 or 888 277 4977 with reprint requests.
+1 952 933 4977 or 888 277 4977  www.corporatecompliance.org  63 ComplianceEthicsProfessional  January2015 D o you need to know how to operationalize the basic definition of an effective compliance program? Do you have the responsibility for designing, assessing, analyzing, or improving the integrity and efficiency of a compliance and ethics program? Are you looking for concrete tactics to take your program to the next level? Are you looking to have your program deliver superior outcomes and benefits? If the answer to these questions is yes, how do you go about approaching such a valiant charge? How can you leverage benchmarks and industry best practices in your own organization? Moreover, how do you implement a structured approach to this enhancement process and build a persuasive business case that results in the requisite executive commitment, buy-in, and funding to facilitate your compliance program’s success? If you have not already indulged, I would highly recommend attending an SCCE Basic Compliance Ethics Academy. I attended the New York Academy last summer and took away invaluable networking and information-sharing opportunities, coupled with innovative, tangible strategies that I could immediately use to execute strong compliance and ethics programs and foster principled, compliant cultures at the organizations with Exploring the SCCE Basic Compliance Ethics Academy benefits »» The seven elements of an effective compliance program highlight seven compelling reasons to attend an Academy. »» The return on your investment of time in this unique training will undoubtedly improve your professional capability to be successful in the compliance and ethics practitioner role. »» The first, most critical value-add from my SCCE Academy attendance was understanding the standards, approaches, and vocabulary used and most commonly accepted by practitioners. »» The Academy underscores that effective compliance programs and a deliberate focus on an ethical compliance culture contribute to an organization’s being able to meet its strategic business goals. »» EC should be looked at like any other business process to be continuously revisited and enhanced in order to maintain an ethical compliance culture. by Christyl Murray Murray If you have not already indulged, I would highly recommend attending an SCCE Basic Compliance Ethics Academy.
64   www.corporatecompliance.org  +1 952 933 4977 or 888 277 4977 ComplianceEthicsProfessional  January2015 which I collaborate. I will use this article to review the body of knowledge I learned at the Academy and to illustrate how, in each session, there were a myriad of extremely useful lessons on how to build and maintain successful programs. Seven reasons to attend an Academy A review of the seven hallmarks of an effective compliance program—as presented by Debbie Troklus on the first day of the Academy—highlight seven compelling reasons why serious, non-certified, compliance and ethics professionals should not miss the next SCCE Basic Compliance Ethics Academy1 The return on your investment of time in this unique training will undoubtedly improve your professional capability to be successful in the compliance and ethics practitioner role.2 1. Written standards of conduct and policies and procedures In November 2012, the Criminal Division of the U.S. Department of Justice (DOJ) and the Enforcement Division of the U.S. Securities and Exchange Commission (SEC) jointly released A Resource Guide to the U.S. Foreign Corrupt Practices Act (the Guide), which provides critical insights as to the government’s point of view in reference to “what we are looking for” in defendable compliance programs.3 Just as the first critical hallmark of implementing an effective compliance program is a written code of conduct, which should outline specific policies and a corporate point of view, the foremost benefit I gained from my Academy attendance was the introduction to, and a common exploration of, the industry accepted standards. We were taught a consistent Compliance point of view and a collective framework for approaching the assessment of compliance program effectiveness. Because a certain level of experience is required to attend the Academy, each compliance professional came to the session with their own varied backgrounds, opinions, and the unique approaches being used by their own companies. They also brought along their respective acronyms that only their friends at work may readily recognize (e.g., HOW, CLM, GCLA, AERS, ELG, GRC, EHS, etc.) The beauty of the Academy is that it attracts participants with geographical, role, and industry diversity. We had practitioners in varying roles from chief compliance officers, quality assurance managers, general counsel, compliance analysts, and risk managers. My class also had representation from a myriad of industries, including higher education, pharmaceuticals, insurance, utilities, construction, advisory, consumer products, and telecom. These varying experiences added a richness to the discussions. The Academy, however, levels the experience and goes back to basics, beginning with An Introduction to the Compliance Practice. This abbreviated Compliance 101 brought us all together for a common understanding and defined for us all the generally accepted principles followed by the members of the Compliance and Ethics industry. Of tremendous value was that we all took back a common glossary of terms and more than 75 common acronyms, including The beauty of the Academy is that it attracts participants with geographical, role, and industry diversity.
+1 952 933 4977 or 888 277 4977  www.corporatecompliance.org  65 ComplianceEthicsProfessional  January2015 (to mention just a few) CP, CCEP, CCO, CECO, CIA, FCPA, SEC, DOJ, FSG, FTC, SOX, OECD, SCCE, USSC, USSG, and JAIL! In any discipline, it is imperative to understand the standards, approaches, and vocabulary used and most commonly accepted by practitioners. This was the first, most critical value-add from my SCCE Academy attendance. 2. Designation of a chief compliance officer and other appropriate bodies such as a Compliance Committee to drive an ethical compliance culture As indicated in the second of the hallmarks, the DOJ and SEC “consider the commitment of corporate leaders to a culture of compliance” when assessing compliance programs. This commitment is driven from top down, with the US government recommending the specific designation of a compliance officer with “appropriate authority” and the support of the board of directors, providing the sovereignty for the compliance officer to do the right thing. I am affiliated with an organization whose mission is to pursue significance by inspiring principled performance. LRN has promoted its mission of helping people around the world do the right thing for the past 20 years, so I felt right at home with this crowd. I was particularly impressed with the theme and messaging that was reiterated throughout all the Academy sessions: CCEP practitioners must focus on delivering a values-based approach where attention is not merely on adherence to the letter of the law, but rather directed towards elevating culture and behaviors, so that employees will be animated by their corporate values – even when there is no rule and when no one is looking. The message that I took away was, in fact, that we have to move away from merely a “check the box” compliance approach to an approach which really seeks to positively influence culture and behavior. I admire how Odell Guyton, powerfully reminded us in his anti-bribery and corruption session that “The law is the minimal level accepted by society…The policy should be higher than the law.” A key message delivered by Marjorie Doyle was that EC should be looked at like any other business process and has to be continuously revisited and enhanced in order to maintain an ethical compliance culture. Furthermore, the value added to me personally by analyzing this approach was that it provided me with additional support to build an effective business case as to why organizations must focus on culture and behaviors, in addition to rules and compliance. Deliberate maintenance of the appropriate culture adds value to the business exemplified by advantages reaped on various levels of organizational effectiveness, such as those described by Ms. Doyle, including positive reputational risk, more stable and consistent corporate reaction to changing rules/laws, a less disruptive workplace, and an organizational capability to find problems A key message delivered by Marjorie Doyle was that EC should be looked at like any other business process and has to be continuously revisited and enhanced in order to maintain an ethical compliance culture.
66   www.corporatecompliance.org  +1 952 933 4977 or 888 277 4977 ComplianceEthicsProfessional  January2015 more quickly and resolve them expeditiously. These business benefits of culture presented in the Academy are consistent with the findings of the empirical research conducted by my colleagues, demonstrating that those benefits derived from a deliberate focus on culture also extend to animating higher customer satisfaction, enjoying higher employee loyalty, experiencing lower instances of misconduct, and financially out-performing competitors as documented in the HOW report.4 The Academy assists in the quantification of the business benefits resulting from effective compliance programs and equips practitioners with more ammunition. We can go back to our home organizations with the message that top leadership support—starting with commitment from the board level—and a deliberate focus on an ethical compliance culture, contribute to an organization being able to meet its strategic business goals. 3. Effective communication, training, and continuing advice Education is the cornerstone of an effective compliance program. As stated in the Guide, “The DOJ and SEC will evaluate whether a company has taken steps to ensure that relevant policies and procedures have been communicated throughout the organization, including through periodic training and certification for all… relevant employees.” My analogy between this hallmark of an effective compliance program, and another compelling reason why I believe that attendance in the Academy is of considerable value, is because we, as attendees, received concise and engaging experiential learning and training. Similar to a premier business-school case analysis experience, in many sessions we were broken down into groups and given the opportunity to apply the learning to case studies. In one such scenario, we were given a business situation and instructed to act as a newly hired compliance and ethics officer, mandated with the charge of identifying any potential compliance program issues, presenting an approach for resolving these issues, and evaluating the program’s essential components. This brought the learning to life, because we had to apply all the tactics and strategies we had learned at the Academy to a real business situation. A recent Corporate Compliance Insights article highlights that the latest research on adult learning methodologies demonstrates that passive learning…is far less effective than active learning.5 The SCCE Basic Compliance Ethics Academy is leading edge in its active learning pedagogy and training delivery; we participated in collaborative, shared learning which facilitated networking and information sharing. The interactive team exercises allowed the attendees to discuss case scenarios in smaller groups and present our findings to the larger class. We were encouraged to speak up and ask questions during the sessions. We were provided group questions, charts, graphs, quotes, funny cartoons, and discussion points to guide the analysis and the fun engagement. The instructors lectured, but also facilitated group learning and presented The Academy assists in the quantification of the business benefits resulting from effective compliance programs and equips practitioners with more ammunition.
+1 952 933 4977 or 888 277 4977  www.corporatecompliance.org  67 ComplianceEthicsProfessional  January2015 themselves as ongoing advisors, providing contact information for continued networking and reference. As the ultimate test of knowledge capture, we were also provided the opportunity to sit for the CCEP certification exam on the last day of the program. I will admit that the pressure was on to succeed, given that I was sponsored by my organization. However, I feel that active participation in the Academy paid off in the end. 4. Audits and Evaluation techniques to monitor compliance – benchmarks and best practices As stated in the Guide, the “DOJ and SEC will give meaningful credit to thoughtful efforts to create a sustainable compliance program if a problem is later discovered. Similarly, undertaking proactive evaluations before a problem strikes can lower the applicable penalty range…” The point here is that, as the Federal Sentencing Guidelines also indicate, a company’s steps to conduct audits and evaluations can be deemed as mitigating factors in an investigation, which is good! However, for the newer compliance practitioner, how do you know the best practices and most effective frameworks for conducting those audits and evaluations? The Academy is a wealth of group sourcing and review of relevant metrics and benchmarking findings. Greg Triguba’s session on compliance program practices and perspectives presented relevant comparisons as to how other organizations are approaching the design and implementation of their programs. The key message centered on guiding the students on how to leverage industry best practices to inform our own program design and apply to the unique dynamics of our own individual home organizations. These benchmarks provide critical insights as to how we might structure our own programs and take them to the next level.6-9 Another critical success factor presented is that there is no one, single effective approach. We were challenged to incorporate the unique nuisances of our own programs in the implementation of industry-leading best practices. 5. Establishment of reporting processes and procedure Contrary to the Guide’s suggestion of anonymous reporting as a hallmark of an effective compliance program, the key lesson I learned from this is that reporting back to the class—in an engaged and active way—delivered invaluable practice for implementing learning in a safe environment. Just as employees need to feel safe that their complaints and disclosures will be handled appropriately without retaliation, effective learning comes from safe environments in which everyone feels comfortable to speak up, even at the risk of making a mistake in front of their colleagues. One of the group exercises that resonated most with me was one in which the Academy attendees had to present a business case as As the ultimate test of knowledge capture, we were also provided the opportunity to sit for the CCEP certification exam on the last day of the program.
68   www.corporatecompliance.org  +1 952 933 4977 or 888 277 4977 ComplianceEthicsProfessional  January2015 to why their compliance program should maintain funding, even under strict budget pressures from the CEO. We worked together as a group to go over the expected benefits of our EC program (e.g., reduced reputational risk, invest in EC now or pay later, fulfillment of legal compliance requirements, reduced risk of fines and court imposed programs, protection of corporate directors from personal liability, building ethical cultures, etc.). However, only one representative from each group engaged in the negotiation in front of the class with the mock CEO. This CEO was aggressive in presenting that the EC budget needed to be cut! As such, our team had to appropriately prepare our presenter and that representative had to deliver a compelling business case for compliance. We all learned how to present the reasons to implement compliance programs, how to handle objections, and how to quantify expected benefits. Furthermore, in the same vein that it is just as important what a company does after an allegation is made, the most important Academy lesson will be what I learned from the reporting exercises and how I will apply those lessons and arguments in my company back home, as we continue to work towards CE program enhancement. 6. Appropriate incentives, disciplinary mechanisms, and consistent enforcement Another hallmark of an effective compliance program is that an organization’s compliance program should apply from “the board room to the supply room – no one should be beyond its reach.” There must be consistent enforcement in place and administered for any violation of the organization’s compliance efforts. In addition, the “DOJ and SEC recognize that positive incentives can also drive compliant behavior. These incentives can take many forms such as personnel evaluations and promotions, rewards for enhancing the compliance program, and rewards for ethics and compliance leadership.” The same opposing pressures of incentives for studying include passing the CCEP certification exam with the conflict of wanting to explore your Academy host city and network with new friends. How to best manage the conflict of networking with studying and preparing for the certification examination will require strict personal discipline and effective time management. I must admit, that by taking the course in New York City, I had a home court advantage in that I did not feel the need to go out and explore the sights. However, the Academy does provide an amazingly unique opportunity to network with compliance and ethics professionals from across geographies, industries, and roles. This is where the appropriate discipline and time management comes into play. I would definitely recommend initiating your study process before your Academy attendance. The Academy does adequately prepare you for the exam. However, you need to come into the experience with a solid foundation on the CE body of knowledge. I can also share that, although I did study and did not engage in too many I learned from the reporting exercises and how I will apply those lessons and arguments in my company back home, as we continue to work towards CE program enhancement.
+1 952 933 4977 or 888 277 4977  www.corporatecompliance.org  69 ComplianceEthicsProfessional  January2015 extracurricular activities, I did find the certification exam to be challenging! In fact, many with whom I spoke found it to be more difficult than they had anticipated. So my suggestion is take this effort seriously and begin your test preparation before you arrive at the Academy. Don’t overlook the study group on the SCCEnet® site (http://community.corporatecompliance.org/home). 7. Investigation and remediation of systemic problems As a final learning from my review of the hallmarks, and a nostalgic look back at the positive experiences and new relationships formed at the SCCE Academy, I feel it is important to close with our collective charge to quantify and continuously demonstrate the value delivered by the Ethics and Compliance function. Our success is ultimately driven by how well we design and implement programs that are defensible; it is then our role to showcase how our function is relevant—important on the organizational level, but also pertinent on an individual level. I did hear it mentioned that you either pay on the front end with solid investments in the CE function, or you pay on the tail end with potential fines and reputational damage. Yet, one of the resulting liabilities that really hit home, and I never really pondered, is for practitioners to also make the message resonate with individuals. We would do a disservice not to acknowledge and promote that the responsibility we hold can change people’s lives for the better or the worse. Odell Guyton challenged us with his rhetorical question, “Do you know what it is like to be the target of an investigation?” We all got it— your life sucks! In this day and age, we see the headlines covering organizational lapses, with individuals also taking a fall. As such, as effective practitioners, we must also look deep at the value we can bring to individuals in really helping them to do the right thing! Moreover, the responsibility is also personal. We cannot fail to enforce our own internal policies and we cannot look away when we detect misconduct. The Guide states: [C]ompliance programs that do not just exist on paper but are followed in practice will inevitably uncover compliance weaknesses and require enhancements. As such, the DOJ and SEC evaluate whether companies regularly review and improve their compliance programs and not allow them to become stale. ✵ 1. View the upcoming schedule at the SCCE website under the Events tab at http://bit.ly/scceacademies 2. Watch the You Tube video of Debbie Troklus at http://bit.ly/1pNrEAq 3. U.S. Department of Justice website: A Resource Guide to the U.S. Foreign Corrupt Practices Act is available at http://1.usa.gov/1uqCRWO 4. LRN: The HOW Report. Available at http://pages.lrn.com/how-report 5. Marsha Ershaghi Hames: “Education and Communcations: High Expectations for User Engagement” Corporate Compliance Insights website, July 14, 2014. Available at http://bit.ly/1FJNh6E 6. Conversant white paper: The common causes of FCPA enforcement. 2014. Available at http://bit.ly/1FL67fn 7. Deloitte: Governance, Regulatory, and Risk Strategies. Available at http://bit.ly/1CBOksU 8. LRN: The 2014 Ethics Compliance Program Effectiveness report. Available at http://bit.ly/1tzIKOr 9. Ethics Resource Center: National Surveys. Available at http://bit.ly/1yCUbcl Christyl Murray (christyl.murray@lrn.com) is an Engagement Project Management Executive at LRN in New York City. Odell Guyton challenged us with his rhetorical question, “Do you know what it is like to be the target of an investigation?”

More Related Content

PDF
Are CEO's an Unmanaged Risk to the Organisation's they Steer?
David Mallard
 
PDF
Ethics and-internal-auditing published
savassociates1
 
PPT
Shelley Trent Ethics Presentation 05 09
Austin Baker
 
PDF
Why a Code of Conduct is Important for the Entrepeneur (Dingman Center of Ent...
Wonderjunior
 
PDF
Ethics And Governance - Next Global Frontier
Achal Raghavan
 
PPTX
Lesson 4 the ethics test
Samuel Lee Mohan
 
PPT
MGMT 374 Week 11 Lecture Presentation
Michael Hill
 
DOCX
Volksvegan
Trade Expert
 
Are CEO's an Unmanaged Risk to the Organisation's they Steer?
David Mallard
 
Ethics and-internal-auditing published
savassociates1
 
Shelley Trent Ethics Presentation 05 09
Austin Baker
 
Why a Code of Conduct is Important for the Entrepeneur (Dingman Center of Ent...
Wonderjunior
 
Ethics And Governance - Next Global Frontier
Achal Raghavan
 
Lesson 4 the ethics test
Samuel Lee Mohan
 
MGMT 374 Week 11 Lecture Presentation
Michael Hill
 
Volksvegan
Trade Expert
 

What's hot (20)

PPTX
Performance Ethics Prospectus_final
memcween
 
PPT
MGMT 374 Week 12 Lecture Presentation
Michael Hill
 
PDF
Ethics in business decision-making August 2014
Christine Elgood
 
PPTX
Quality, Social Responsibility, and ISO 26000
Baez Coaching and Consulting
 
PPT
BUS137 Chapter 3
Deborah Oronzio
 
PPTX
ARC MGMT 374 Week 11 Presentation
Michael Hill
 
PPTX
Chapter 3 review
pejansen
 
DOCX
The State of Business Ethics in North America
Shannon Szabo-Pickering
 
PPTX
Chapter 5 review
pejansen
 
PDF
overview_efqm_2013_v1.1
Dr. Mohamed Shteawi
 
PPT
Ethics Management Presentation
quazzimomma
 
PPTX
Corporate governance and e governance
Mamdudur Rahman Akash
 
PPTX
Business Process Focus
yeganehmajidi
 
PPTX
Deloitte
Ninad Jadhav
 
PPT
Business Ethics and Corporate Governance
Tanmay Chakraborty
 
PDF
Ethics in Project Management
Association for Project Management
 
PPT
MGMT 374 Week 8 Lecture Presentation
Michael Hill
 
PPTX
Chapter 2 Stakeholder Relationships, Social Responsibility, & Corporate Gover...
Firdaus Fitri Zainal Abidin
 
DOCX
Csr
Tejal Patil
 
PPTX
Codes of ethics
SKS
 
Performance Ethics Prospectus_final
memcween
 
MGMT 374 Week 12 Lecture Presentation
Michael Hill
 
Ethics in business decision-making August 2014
Christine Elgood
 
Quality, Social Responsibility, and ISO 26000
Baez Coaching and Consulting
 
BUS137 Chapter 3
Deborah Oronzio
 
ARC MGMT 374 Week 11 Presentation
Michael Hill
 
Chapter 3 review
pejansen
 
The State of Business Ethics in North America
Shannon Szabo-Pickering
 
Chapter 5 review
pejansen
 
overview_efqm_2013_v1.1
Dr. Mohamed Shteawi
 
Ethics Management Presentation
quazzimomma
 
Corporate governance and e governance
Mamdudur Rahman Akash
 
Business Process Focus
yeganehmajidi
 
Deloitte
Ninad Jadhav
 
Business Ethics and Corporate Governance
Tanmay Chakraborty
 
Ethics in Project Management
Association for Project Management
 
MGMT 374 Week 8 Lecture Presentation
Michael Hill
 
Chapter 2 Stakeholder Relationships, Social Responsibility, & Corporate Gover...
Firdaus Fitri Zainal Abidin
 
Csr
Tejal Patil
 
Codes of ethics
SKS
 
Ad

Viewers also liked (6)

ODT
Mark Hudspeth C.V. 2015
mark hudspeth
 
PDF
IT Engineer_CV
Abdullatif Faleh
 
PDF
The Arts + Healthcare Initiative
Catherine Toben
 
PDF
MUSM at Off the Hook 2014
Taylor Maunder
 
PPTX
Pitch
044261
 
DOC
Tony avendano new resume (1)
Tony Avendano
 
Mark Hudspeth C.V. 2015
mark hudspeth
 
IT Engineer_CV
Abdullatif Faleh
 
The Arts + Healthcare Initiative
Catherine Toben
 
MUSM at Off the Hook 2014
Taylor Maunder
 
Pitch
044261
 
Tony avendano new resume (1)
Tony Avendano
 
Ad

Similar to scce-cep-2015-01-Murray (20)

PDF
Code of Ethics Training
Jeremiah Lloyd
 
PDF
Building-world-class-ethics-and-compliance-programs.pdf
L. S.
 
PPTX
Compliance Training
Jeremiah Lloyd
 
PDF
The State of The Chief Compliance Officer 2018 - SAI Global
SAI Global
 
PPTX
Developing an Effective Ethics Program
Zubair Bhatti
 
PPTX
Chapter 9 Managing and Controlling Ethics Programs
Firdaus Fitri Zainal Abidin
 
PPTX
IMPLEMENTING AND AUDITING ETHICS PROGRAM .pptx
jycebcnncbpa
 
PPTX
CORPORATE GOVERNANCE. (1).pptx
Muqaddasijaz25
 
DOCX
1082018 Printhttpscontent.ashford.eduprintAUOMM640..docx
drennanmicah
 
PDF
scce-cep-2017-02-Tuchow
Matthew Tuchow
 
PPT
How To Provide Superior Ethics Training
Kendal Peterson
 
PPTX
Standard of Conduct
David Way
 
PDF
Corporate Culture-final
Keith Darcy
 
PPT
business ethics and its role in improving governance
support346674
 
PDF
EVERFI Webinar: From Paper to Action: Using a Code of Conduct Effectively
Michele Collu
 
PDF
Chapter 1- Lesson 2 Notes.pdf
WENDELREYWENCESLAO
 
PDF
scce-2016-cei-brochure
Krista Muszak, CCEP, CCEP-I
 
PPT
Institutionalization of Business Ethics.ppt
Shahla Gahramanova
 
PDF
Ethics module2 kerala univer
POOJA UDAYAN
 
PPTX
Exploring the significance and framework of compliance policy templates..pptx
Altius IT
 
Code of Ethics Training
Jeremiah Lloyd
 
Building-world-class-ethics-and-compliance-programs.pdf
L. S.
 
Compliance Training
Jeremiah Lloyd
 
The State of The Chief Compliance Officer 2018 - SAI Global
SAI Global
 
Developing an Effective Ethics Program
Zubair Bhatti
 
Chapter 9 Managing and Controlling Ethics Programs
Firdaus Fitri Zainal Abidin
 
IMPLEMENTING AND AUDITING ETHICS PROGRAM .pptx
jycebcnncbpa
 
CORPORATE GOVERNANCE. (1).pptx
Muqaddasijaz25
 
1082018 Printhttpscontent.ashford.eduprintAUOMM640..docx
drennanmicah
 
scce-cep-2017-02-Tuchow
Matthew Tuchow
 
How To Provide Superior Ethics Training
Kendal Peterson
 
Standard of Conduct
David Way
 
Corporate Culture-final
Keith Darcy
 
business ethics and its role in improving governance
support346674
 
EVERFI Webinar: From Paper to Action: Using a Code of Conduct Effectively
Michele Collu
 
Chapter 1- Lesson 2 Notes.pdf
WENDELREYWENCESLAO
 
scce-2016-cei-brochure
Krista Muszak, CCEP, CCEP-I
 
Institutionalization of Business Ethics.ppt
Shahla Gahramanova
 
Ethics module2 kerala univer
POOJA UDAYAN
 
Exploring the significance and framework of compliance policy templates..pptx
Altius IT
 

scce-cep-2015-01-Murray

  • 1. Compliance & Ethics Professional a publication of the society of corporate compliance and ethics www.corporatecompliance.org January 2015 41 The ends do not justify the means: Performance management and ethics Ruth Steinholtz 35 The evolving role of the chief compliance officer Patrick Quinlan 39 Measuring Jim  McGrath Thomas R. Fox 23 Some realism about risk assessments Scott Killingsworth Meet Barbara Harmon Compliance and Ethics Program Lead Alyeska Pipeline Service Company See page 16 This article, published in Compliance Ethics Professional, appears here with permission from the Society of Corporate Compliance Ethics. Call SCCE at +1 952 933 4977 or 888 277 4977 with reprint requests.
  • 2. +1 952 933 4977 or 888 277 4977  www.corporatecompliance.org  63 ComplianceEthicsProfessional  January2015 D o you need to know how to operationalize the basic definition of an effective compliance program? Do you have the responsibility for designing, assessing, analyzing, or improving the integrity and efficiency of a compliance and ethics program? Are you looking for concrete tactics to take your program to the next level? Are you looking to have your program deliver superior outcomes and benefits? If the answer to these questions is yes, how do you go about approaching such a valiant charge? How can you leverage benchmarks and industry best practices in your own organization? Moreover, how do you implement a structured approach to this enhancement process and build a persuasive business case that results in the requisite executive commitment, buy-in, and funding to facilitate your compliance program’s success? If you have not already indulged, I would highly recommend attending an SCCE Basic Compliance Ethics Academy. I attended the New York Academy last summer and took away invaluable networking and information-sharing opportunities, coupled with innovative, tangible strategies that I could immediately use to execute strong compliance and ethics programs and foster principled, compliant cultures at the organizations with Exploring the SCCE Basic Compliance Ethics Academy benefits »» The seven elements of an effective compliance program highlight seven compelling reasons to attend an Academy. »» The return on your investment of time in this unique training will undoubtedly improve your professional capability to be successful in the compliance and ethics practitioner role. »» The first, most critical value-add from my SCCE Academy attendance was understanding the standards, approaches, and vocabulary used and most commonly accepted by practitioners. »» The Academy underscores that effective compliance programs and a deliberate focus on an ethical compliance culture contribute to an organization’s being able to meet its strategic business goals. »» EC should be looked at like any other business process to be continuously revisited and enhanced in order to maintain an ethical compliance culture. by Christyl Murray Murray If you have not already indulged, I would highly recommend attending an SCCE Basic Compliance Ethics Academy.
  • 3. 64   www.corporatecompliance.org  +1 952 933 4977 or 888 277 4977 ComplianceEthicsProfessional  January2015 which I collaborate. I will use this article to review the body of knowledge I learned at the Academy and to illustrate how, in each session, there were a myriad of extremely useful lessons on how to build and maintain successful programs. Seven reasons to attend an Academy A review of the seven hallmarks of an effective compliance program—as presented by Debbie Troklus on the first day of the Academy—highlight seven compelling reasons why serious, non-certified, compliance and ethics professionals should not miss the next SCCE Basic Compliance Ethics Academy1 The return on your investment of time in this unique training will undoubtedly improve your professional capability to be successful in the compliance and ethics practitioner role.2 1. Written standards of conduct and policies and procedures In November 2012, the Criminal Division of the U.S. Department of Justice (DOJ) and the Enforcement Division of the U.S. Securities and Exchange Commission (SEC) jointly released A Resource Guide to the U.S. Foreign Corrupt Practices Act (the Guide), which provides critical insights as to the government’s point of view in reference to “what we are looking for” in defendable compliance programs.3 Just as the first critical hallmark of implementing an effective compliance program is a written code of conduct, which should outline specific policies and a corporate point of view, the foremost benefit I gained from my Academy attendance was the introduction to, and a common exploration of, the industry accepted standards. We were taught a consistent Compliance point of view and a collective framework for approaching the assessment of compliance program effectiveness. Because a certain level of experience is required to attend the Academy, each compliance professional came to the session with their own varied backgrounds, opinions, and the unique approaches being used by their own companies. They also brought along their respective acronyms that only their friends at work may readily recognize (e.g., HOW, CLM, GCLA, AERS, ELG, GRC, EHS, etc.) The beauty of the Academy is that it attracts participants with geographical, role, and industry diversity. We had practitioners in varying roles from chief compliance officers, quality assurance managers, general counsel, compliance analysts, and risk managers. My class also had representation from a myriad of industries, including higher education, pharmaceuticals, insurance, utilities, construction, advisory, consumer products, and telecom. These varying experiences added a richness to the discussions. The Academy, however, levels the experience and goes back to basics, beginning with An Introduction to the Compliance Practice. This abbreviated Compliance 101 brought us all together for a common understanding and defined for us all the generally accepted principles followed by the members of the Compliance and Ethics industry. Of tremendous value was that we all took back a common glossary of terms and more than 75 common acronyms, including The beauty of the Academy is that it attracts participants with geographical, role, and industry diversity.
  • 4. +1 952 933 4977 or 888 277 4977  www.corporatecompliance.org  65 ComplianceEthicsProfessional  January2015 (to mention just a few) CP, CCEP, CCO, CECO, CIA, FCPA, SEC, DOJ, FSG, FTC, SOX, OECD, SCCE, USSC, USSG, and JAIL! In any discipline, it is imperative to understand the standards, approaches, and vocabulary used and most commonly accepted by practitioners. This was the first, most critical value-add from my SCCE Academy attendance. 2. Designation of a chief compliance officer and other appropriate bodies such as a Compliance Committee to drive an ethical compliance culture As indicated in the second of the hallmarks, the DOJ and SEC “consider the commitment of corporate leaders to a culture of compliance” when assessing compliance programs. This commitment is driven from top down, with the US government recommending the specific designation of a compliance officer with “appropriate authority” and the support of the board of directors, providing the sovereignty for the compliance officer to do the right thing. I am affiliated with an organization whose mission is to pursue significance by inspiring principled performance. LRN has promoted its mission of helping people around the world do the right thing for the past 20 years, so I felt right at home with this crowd. I was particularly impressed with the theme and messaging that was reiterated throughout all the Academy sessions: CCEP practitioners must focus on delivering a values-based approach where attention is not merely on adherence to the letter of the law, but rather directed towards elevating culture and behaviors, so that employees will be animated by their corporate values – even when there is no rule and when no one is looking. The message that I took away was, in fact, that we have to move away from merely a “check the box” compliance approach to an approach which really seeks to positively influence culture and behavior. I admire how Odell Guyton, powerfully reminded us in his anti-bribery and corruption session that “The law is the minimal level accepted by society…The policy should be higher than the law.” A key message delivered by Marjorie Doyle was that EC should be looked at like any other business process and has to be continuously revisited and enhanced in order to maintain an ethical compliance culture. Furthermore, the value added to me personally by analyzing this approach was that it provided me with additional support to build an effective business case as to why organizations must focus on culture and behaviors, in addition to rules and compliance. Deliberate maintenance of the appropriate culture adds value to the business exemplified by advantages reaped on various levels of organizational effectiveness, such as those described by Ms. Doyle, including positive reputational risk, more stable and consistent corporate reaction to changing rules/laws, a less disruptive workplace, and an organizational capability to find problems A key message delivered by Marjorie Doyle was that EC should be looked at like any other business process and has to be continuously revisited and enhanced in order to maintain an ethical compliance culture.
  • 5. 66   www.corporatecompliance.org  +1 952 933 4977 or 888 277 4977 ComplianceEthicsProfessional  January2015 more quickly and resolve them expeditiously. These business benefits of culture presented in the Academy are consistent with the findings of the empirical research conducted by my colleagues, demonstrating that those benefits derived from a deliberate focus on culture also extend to animating higher customer satisfaction, enjoying higher employee loyalty, experiencing lower instances of misconduct, and financially out-performing competitors as documented in the HOW report.4 The Academy assists in the quantification of the business benefits resulting from effective compliance programs and equips practitioners with more ammunition. We can go back to our home organizations with the message that top leadership support—starting with commitment from the board level—and a deliberate focus on an ethical compliance culture, contribute to an organization being able to meet its strategic business goals. 3. Effective communication, training, and continuing advice Education is the cornerstone of an effective compliance program. As stated in the Guide, “The DOJ and SEC will evaluate whether a company has taken steps to ensure that relevant policies and procedures have been communicated throughout the organization, including through periodic training and certification for all… relevant employees.” My analogy between this hallmark of an effective compliance program, and another compelling reason why I believe that attendance in the Academy is of considerable value, is because we, as attendees, received concise and engaging experiential learning and training. Similar to a premier business-school case analysis experience, in many sessions we were broken down into groups and given the opportunity to apply the learning to case studies. In one such scenario, we were given a business situation and instructed to act as a newly hired compliance and ethics officer, mandated with the charge of identifying any potential compliance program issues, presenting an approach for resolving these issues, and evaluating the program’s essential components. This brought the learning to life, because we had to apply all the tactics and strategies we had learned at the Academy to a real business situation. A recent Corporate Compliance Insights article highlights that the latest research on adult learning methodologies demonstrates that passive learning…is far less effective than active learning.5 The SCCE Basic Compliance Ethics Academy is leading edge in its active learning pedagogy and training delivery; we participated in collaborative, shared learning which facilitated networking and information sharing. The interactive team exercises allowed the attendees to discuss case scenarios in smaller groups and present our findings to the larger class. We were encouraged to speak up and ask questions during the sessions. We were provided group questions, charts, graphs, quotes, funny cartoons, and discussion points to guide the analysis and the fun engagement. The instructors lectured, but also facilitated group learning and presented The Academy assists in the quantification of the business benefits resulting from effective compliance programs and equips practitioners with more ammunition.
  • 6. +1 952 933 4977 or 888 277 4977  www.corporatecompliance.org  67 ComplianceEthicsProfessional  January2015 themselves as ongoing advisors, providing contact information for continued networking and reference. As the ultimate test of knowledge capture, we were also provided the opportunity to sit for the CCEP certification exam on the last day of the program. I will admit that the pressure was on to succeed, given that I was sponsored by my organization. However, I feel that active participation in the Academy paid off in the end. 4. Audits and Evaluation techniques to monitor compliance – benchmarks and best practices As stated in the Guide, the “DOJ and SEC will give meaningful credit to thoughtful efforts to create a sustainable compliance program if a problem is later discovered. Similarly, undertaking proactive evaluations before a problem strikes can lower the applicable penalty range…” The point here is that, as the Federal Sentencing Guidelines also indicate, a company’s steps to conduct audits and evaluations can be deemed as mitigating factors in an investigation, which is good! However, for the newer compliance practitioner, how do you know the best practices and most effective frameworks for conducting those audits and evaluations? The Academy is a wealth of group sourcing and review of relevant metrics and benchmarking findings. Greg Triguba’s session on compliance program practices and perspectives presented relevant comparisons as to how other organizations are approaching the design and implementation of their programs. The key message centered on guiding the students on how to leverage industry best practices to inform our own program design and apply to the unique dynamics of our own individual home organizations. These benchmarks provide critical insights as to how we might structure our own programs and take them to the next level.6-9 Another critical success factor presented is that there is no one, single effective approach. We were challenged to incorporate the unique nuisances of our own programs in the implementation of industry-leading best practices. 5. Establishment of reporting processes and procedure Contrary to the Guide’s suggestion of anonymous reporting as a hallmark of an effective compliance program, the key lesson I learned from this is that reporting back to the class—in an engaged and active way—delivered invaluable practice for implementing learning in a safe environment. Just as employees need to feel safe that their complaints and disclosures will be handled appropriately without retaliation, effective learning comes from safe environments in which everyone feels comfortable to speak up, even at the risk of making a mistake in front of their colleagues. One of the group exercises that resonated most with me was one in which the Academy attendees had to present a business case as As the ultimate test of knowledge capture, we were also provided the opportunity to sit for the CCEP certification exam on the last day of the program.
  • 7. 68   www.corporatecompliance.org  +1 952 933 4977 or 888 277 4977 ComplianceEthicsProfessional  January2015 to why their compliance program should maintain funding, even under strict budget pressures from the CEO. We worked together as a group to go over the expected benefits of our EC program (e.g., reduced reputational risk, invest in EC now or pay later, fulfillment of legal compliance requirements, reduced risk of fines and court imposed programs, protection of corporate directors from personal liability, building ethical cultures, etc.). However, only one representative from each group engaged in the negotiation in front of the class with the mock CEO. This CEO was aggressive in presenting that the EC budget needed to be cut! As such, our team had to appropriately prepare our presenter and that representative had to deliver a compelling business case for compliance. We all learned how to present the reasons to implement compliance programs, how to handle objections, and how to quantify expected benefits. Furthermore, in the same vein that it is just as important what a company does after an allegation is made, the most important Academy lesson will be what I learned from the reporting exercises and how I will apply those lessons and arguments in my company back home, as we continue to work towards CE program enhancement. 6. Appropriate incentives, disciplinary mechanisms, and consistent enforcement Another hallmark of an effective compliance program is that an organization’s compliance program should apply from “the board room to the supply room – no one should be beyond its reach.” There must be consistent enforcement in place and administered for any violation of the organization’s compliance efforts. In addition, the “DOJ and SEC recognize that positive incentives can also drive compliant behavior. These incentives can take many forms such as personnel evaluations and promotions, rewards for enhancing the compliance program, and rewards for ethics and compliance leadership.” The same opposing pressures of incentives for studying include passing the CCEP certification exam with the conflict of wanting to explore your Academy host city and network with new friends. How to best manage the conflict of networking with studying and preparing for the certification examination will require strict personal discipline and effective time management. I must admit, that by taking the course in New York City, I had a home court advantage in that I did not feel the need to go out and explore the sights. However, the Academy does provide an amazingly unique opportunity to network with compliance and ethics professionals from across geographies, industries, and roles. This is where the appropriate discipline and time management comes into play. I would definitely recommend initiating your study process before your Academy attendance. The Academy does adequately prepare you for the exam. However, you need to come into the experience with a solid foundation on the CE body of knowledge. I can also share that, although I did study and did not engage in too many I learned from the reporting exercises and how I will apply those lessons and arguments in my company back home, as we continue to work towards CE program enhancement.
  • 8. +1 952 933 4977 or 888 277 4977  www.corporatecompliance.org  69 ComplianceEthicsProfessional  January2015 extracurricular activities, I did find the certification exam to be challenging! In fact, many with whom I spoke found it to be more difficult than they had anticipated. So my suggestion is take this effort seriously and begin your test preparation before you arrive at the Academy. Don’t overlook the study group on the SCCEnet® site (http://community.corporatecompliance.org/home). 7. Investigation and remediation of systemic problems As a final learning from my review of the hallmarks, and a nostalgic look back at the positive experiences and new relationships formed at the SCCE Academy, I feel it is important to close with our collective charge to quantify and continuously demonstrate the value delivered by the Ethics and Compliance function. Our success is ultimately driven by how well we design and implement programs that are defensible; it is then our role to showcase how our function is relevant—important on the organizational level, but also pertinent on an individual level. I did hear it mentioned that you either pay on the front end with solid investments in the CE function, or you pay on the tail end with potential fines and reputational damage. Yet, one of the resulting liabilities that really hit home, and I never really pondered, is for practitioners to also make the message resonate with individuals. We would do a disservice not to acknowledge and promote that the responsibility we hold can change people’s lives for the better or the worse. Odell Guyton challenged us with his rhetorical question, “Do you know what it is like to be the target of an investigation?” We all got it— your life sucks! In this day and age, we see the headlines covering organizational lapses, with individuals also taking a fall. As such, as effective practitioners, we must also look deep at the value we can bring to individuals in really helping them to do the right thing! Moreover, the responsibility is also personal. We cannot fail to enforce our own internal policies and we cannot look away when we detect misconduct. The Guide states: [C]ompliance programs that do not just exist on paper but are followed in practice will inevitably uncover compliance weaknesses and require enhancements. As such, the DOJ and SEC evaluate whether companies regularly review and improve their compliance programs and not allow them to become stale. ✵ 1. View the upcoming schedule at the SCCE website under the Events tab at http://bit.ly/scceacademies 2. Watch the You Tube video of Debbie Troklus at http://bit.ly/1pNrEAq 3. U.S. Department of Justice website: A Resource Guide to the U.S. Foreign Corrupt Practices Act is available at http://1.usa.gov/1uqCRWO 4. LRN: The HOW Report. Available at http://pages.lrn.com/how-report 5. Marsha Ershaghi Hames: “Education and Communcations: High Expectations for User Engagement” Corporate Compliance Insights website, July 14, 2014. Available at http://bit.ly/1FJNh6E 6. Conversant white paper: The common causes of FCPA enforcement. 2014. Available at http://bit.ly/1FL67fn 7. Deloitte: Governance, Regulatory, and Risk Strategies. Available at http://bit.ly/1CBOksU 8. LRN: The 2014 Ethics Compliance Program Effectiveness report. Available at http://bit.ly/1tzIKOr 9. Ethics Resource Center: National Surveys. Available at http://bit.ly/1yCUbcl Christyl Murray (christyl.murray@lrn.com) is an Engagement Project Management Executive at LRN in New York City. Odell Guyton challenged us with his rhetorical question, “Do you know what it is like to be the target of an investigation?”