Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

In this final episode of our 31-day series, we dive into the importance of using root cause analysis for remediation in compliance programs. Emphasized by the ECCP and DOJ, an effective compliance program includes thorough root cause analysis to address misconduct and implement corrective actions. The process involves understanding who should perform the remediation, emphasizing independence and objectivity, integrating the information into solutions, and addressing deficiencies in internal controls. Key takeaways include using objective root cause analysis, effectively utilizing the information gathered, and implementing data-driven, repeatable solutions to prevent future issues. This episode provides valuable insights for compliance officers aiming to enhance their programs by focusing on root causes rather than just symptoms.

Key highlights:

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 30, we discuss the Foreign Extortion Prevention Act (FEPA), a significant piece of legislation that fills a critical gap in the FCPA. FEPA criminalizes not only the payment of bribes but also the solicitation and acceptance of bribes by foreign officials, thereby providing a more comprehensive framework for combating global corruption. This law protects American workers abroad, promotes fair business competition, and upholds ethical practices internationally. However, it also introduces challenges, such as the complexity of extraditing foreign officials and potential impacts on international relations and companies operating overseas. Compliance officers must reassess internal controls and develop response plans to navigate the implications of FEPA effectively.

Key highlights:

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

Traditional compliance reporting methods, often reliant on manual processes like Excel spreadsheets, are time-consuming and prone to errors. This episode explores how Chief Compliance Officers and compliance professionals can enhance their programs through automation. By adopting data-driven solutions and leveraging regulatory operations (Reg Ops), it’s possible to provide near real-time reporting and improve decision-making efficiency. The focus is on integrating existing security and compliance tools, gathering real-time evidence, automating compliance gap tickets, and generating comprehensive reports for stakeholders. However, challenges like balancing data accuracy and security and the cultural transformation required for adopting these new practices are critical considerations. Embracing data-driven compliance can help organizations modernize and keep pace with the evolving regulatory landscape.

Key highlights:

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 28, we look into the crucial importance of data governance in compliance and cybersecurity. As data generation increases, businesses must enhance their efforts in managing, organizing, and preserving data to meet regulatory obligations and ensure accuracy, accessibility, and adherence to legal standards. We discuss the growing trend of converging compliance, data governance, and cyber security and the necessity of breaking down organizational silos for effective collaboration. Business and legal teams rely on well-managed data to make informed decisions, analyze trends, and measure key performance indicators.

The episode also covers the challenges in gaining buy-in from the ELT and the vital process of transforming corporate culture to prioritize data governance and cybersecurity. We touch on the complexities of regional data privacy laws inspired by GDPR and emphasize the importance of understanding specific regulations for compliance. With key takeaways, including the significance of data preservation, the intertwined nature of compliance, data governance, and cybersecurity, and the urgency for organizations to prioritize data governance, this episode is packed with essential insights for compliance professionals.

Key highlights:

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 27, we explore the growing importance and responsibilities of the compliance function within corporations, emphasizing the need for adequate staffing, resources, and independence. The 2020 FCPA Resource Guide outlines key factors that the DOJ considers indicative of an effective compliance program, including the quality of personnel, authority, compensation, and reporting structure. We delve into the necessity of properly funding compliance initiatives and ensuring the organization empowers and sufficiently supports compliance professionals. The updated Corporate Enforcement Policy emphasizes the prevention of retaliation against compliance investigators and the need for a robust structure supporting the compliance program. We conclude with three key takeaways for enhancing compliance functions: evaluating their treatment in the budget process, ensuring management respects compliance decisions, and considering the implications of outsourced compliance services.

Key highlights:

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 26, we ponder the evolving stature and authority of the CCO within organizations, as highlighted by recent guidelines and regulations. The 2020 FCPA Resource Guide emphasizes the importance of the CCO’s direct reporting line to the board and senior management status. The DOJ’s updated Corporate Enforcement Policy has further enhanced the prestige and role of the CCO, introducing key factors like the quality, experience, authority, independence, compensation, and reporting structure of the CCO. The episode also touches on the significance of the Delaware Court of Chancery’s decision in the McDonald’s case, which formalized the oversight duties of corporate officers, positioning the CCO as the second-most important role in an organization. Key takeaways include demonstrating real authority for the CCO, evaluating their professional qualifications, and assessing their actual status within your company.

Key highlights:

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 25, we consider the critical importance of addressing investigative findings within a corporate compliance framework. When a whistleblower report, DOJ subpoena, or SEC notice brings compliance violations to light, it commands the board’s and senior management’s attention. The initial outrage and ethical proclamations that follow are often a prelude to the need for a serious reality check regarding costs and time outlays for remediation. The key is maintaining transparency and solid communication between those investigating and those responsible for remediation, ensuring compliance gaps are effectively identified and addressed. Today’s takeaways emphasize using the heightened attention for compliance improvement, recognizing the interplay between investigation and remediation, and being ready to answer the ‘where else’ question effectively. Join us tomorrow as we explore the authority and independence of Chief Compliance Officers.

Key highlights:

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 24, we look into the critical internal reporting process and triaging of FCPA claims. As the CCO, you will oversee the initial steps when suspicious activities are reported. Jonathan Marks’ five-step process on early assessment of incoming information is explored, providing a structured approach for evaluating the severity of allegations from low-threat level to crisis management mode. Moreover, this episode emphasizes the necessity of effective hotlines, trained managers, and a culture of listening to employees to foster a safe reporting environment. Key takeaways include the DOJ and SEC’s emphasis on internal reporting lines, regularly testing hotlines, and the triage of claims to ensure appropriate investigation levels.

Key highlights:

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6–8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 23, we delve into the essential steps for conducting a thorough and effective internal investigation following an internal report. The discussion is grounded in the ECCP’s guidelines, emphasizing the necessity of properly scoping investigations with competent personnel and adequate resources. A detailed written procedure is crucial for handling complaints or allegations of bribery and corruption, regardless of their origins. The episode outlines a five-component investigative protocol: opening and categorizing the case, planning the investigation, executing the investigative plan, determining appropriate follow-up, and closing the case. Emphasis is placed on maintaining transparency, consistency, and thorough documentation throughout the process. Three key takeaways are highlighted: the importance of a written protocol, the need for transparency and documentation, and the critical role of consistency across the organization.

Key highlights:

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Welcome to a special podcast series on the Compliance Podcast Network, 31 Days to a More Effective Compliance Program. Over these 31 days of the series in January 2025, Tom Fox will post a key part of a best practices compliance program daily. By the end of January, you will have enough information to create, design, or enhance a compliance program. Each podcast will be short, at 6-8 minutes, and will include three key takeaways you can implement at little or no cost to help update your compliance program. I hope you will join us each day in January for this exploration of best practices in compliance.

On Day 22, we consider the levels of due diligence you should use when investigating third parties. Tom outlines the three due diligence levels necessary to manage corruption risk effectively. With insights from Candice Tal, founder and CEO of Infortal, Tom breaks down each level in detail, from initial screenings in level one to comprehensive, on-the-ground investigations in level three. He emphasizes the need for tailored approaches based on the risks associated with different business transactions and the importance of thorough documentation throughout the process.

Key highlights:

Resources:

Click here to receive a 20% discount on The Compliance Handbook, 5th edition, for listeners to this podcast.

Learn more about your ad choices. Visit megaphone.fm/adchoices