Date: January 28, 2013 Location: Fordham University Law School. The Basics. Rolling Out Your Corporate Compliance Program

Similar documents
Creating an Ethical Culture and Protecting Your Bottom Line:

MSB FINANCIAL CORP. MILLINGTON BANK AUDIT COMMITTEE CHARTER

Audit Committee Charter

E-Business Strategies For a Cmpany s Bard

CHARTER OF THE COMPENSATION COMMITTEE OF THE BOARD OF DIRECTORS OF UPLAND SOFTWARE, INC.

Fraud Prevention Techniques for Higher Education

CMS Eligibility Requirements Checklist for MSSP ACO Participation

GENERAL MOTORS COMPANY AUDIT COMMITTEE CHARTER. Most Recently Amended: December 8, 2015

NYU Langone Medical Center NYU Hospitals Center NYU School of Medicine

Multi-Year Accessibility Policy and Plan for NSF Canada and NSF International Strategic Registrations Canada Company,

Purchasing Policy Checklist for Procurement with Federal Grants Eileen Youens, JD

Sources of Federal Government and Employee Information

RATIONALE TERMS OF REFERENCE FOR THE QUALITY COMMITTEE UNDER THE EXCELLENT CARE FOR ALL ACT. Authority

PADUA COLLEGE LIMITED ACN ABN

Roles and Responsibilities

How To Be An Administrative Assistant

Accident Investigation

Purpose Statement. Objectives

WHISTLEBLOWER LITIGATION: NEW DEVELOPMENTS AND STRATEGIES

Internet and Policy User s Guide

B Bard Video Games - Cnflict F interest

Audit Committee Charter. St Andrew s Insurance (Australia) Pty Ltd St Andrew s Life Insurance Pty Ltd St Andrew s Australia Services Pty Ltd

CASSOWARY COAST REGIONAL COUNCIL POLICY ENTERPRISE RISK MANAGEMENT

WHAT YOU NEED TO KNOW ABOUT. Protecting your Privacy

POLISH STANDARDS ON HEALTH AND SAFETY AS A TOOL FOR IMPLEMENTING REQUIREMENTS OF THE EUROPEAN DIRECTIVES INTO THE PRACTICE OF ENTERPRISES

Change Management Process

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS

The ADA: Your Employment Rights as an Individual With a Disability

FINANCIAL SERVICES FLASH REPORT

National Australia Bank Limited Group Disclosure & External Communications Policy

FERRIS STATE UNIVERSITY SCHOOL of NURSING CODE of CONDUCT

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM

VACANCY. SENIOR MANAGER: SPECIAL PROJECTS AND STAKEHOLDER MANAGEMENT x1 3 YEAR CONTRACT (WITH A POSSIBILITY OF BEING EXTENDED TO 5 YEARS) JOB LEVEL: 5

Project Open Hand Atlanta. Health Insurance Portability and Accountability Act (HIPAA) NOTICE OF PRIVACY PRACTICES

Bl$wing the Whistle $n the New Whistlebl$wer Pr$tecti$ns Created by the D$dd-Frank Act. By: Michael James L$mbardin$

SECTION J QUALITY ASSURANCE AND IMPROVEMENT PROGRAM

Environment Protection Authority

DATA REQUEST GUIDELINES

First Global Data Corp.

ISO Management Systems. Guidance on understanding the benefits of an ISO Management System

To Receive CPE Credit

Key Steps for Organizations in Responding to Privacy Breaches

How To Write An Ehsms Training, Awareness And Competency Procedure

GOVERNORS PHARMACY HIPAA NOTICE OF PRIVACY PRACTICES For Your Protected Health Information

COMPREHENSIVE SAFETY ASSESSMENT INSTRUCTIONS for STUDY ABROAD PROGRAMS

The Illinis Labratry Advisry Cmmittee Act

Information Security Incident Response Plan

WHITE PAPER: UNIVERSITY AND COLLEGE COMPLIANCE WITH THE FOREIGN CORRUPT PRACTICES ACT IN CONNECTION WITH FOREIGN ACADEMIC PROGRAMS

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions

Terms of Reference Location: Primary Category: Type of Contract: Post Level: Languages Required: Expected workload: Starting Date: Background

Heythrop College Disciplinary Procedure for Support Staff

PROFESSIONALISM. Amy Lewis Bergen, LCSW, JD. USF Office of General Counsel. Assessing Professionalism

Chapter 7 Business Continuity and Risk Management

UNITED STATES SECURITIES AND EXCHANGE COMMISSION Washington, D.C FORM WB-DEC

Project Officer, Health Content Digital (1.0 EFT)

SPENCER STUART CANDIDATE DATA PROTECTION STANDARDS

ETHICS IN GOVERNMENT CONTRACTING

Quality Assurance/Control Procedures

Risk Management Policy AGL Energy Limited

ERISA Compliance FAQs: Fiduciary Responsibilities

GUIDELINE INFORMATION MANAGEMENT (IM) PROGRAM PLAN

Personal Data Security Breach Management Policy

ensure that all users understand how mobile phones supplied by the council should and should not be used.

BIBH Duty Statements and Governance chart reviewed and approved April BIBH Executive Governance & Management Arrangements

Johnston Public Schools Special Education Procedural Manual. IEP Overview

Resident Assistant Application JOB DESCRIPTION

Process for Responding to Privacy Breaches

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013

Change Management Process For [Project Name]

UNIVERSITY INCIDENT PLANNING COMMITTEE TERMS OF REFERENCE

FREQUENTLY ASKED QUESTIONS ON THE EUCOMED ETHICAL BUSINESS LOGO

PENETRATION TEST OF THE INDIAN HEALTH SERVICE S COMPUTER NETWORK

All Harvard University schools, tubs, local units, Affiliate Institutions, Allied Institutions and University-wide Initiatives.

Version Date Comments / Changes 1.0 January 2015 Initial Policy Released

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply

Malpractice and Maladministration Policy

Hampton Roads Orthopaedics & Sports Medicine. Notice of Privacy Practices

Charmaine Brooks CRM (208)

Privacy and Security Training Policy (PS.Pol.051)

Business Continuity Management Policy

A Walk on the Human Performance Side Part I

RQ10.06 AACo Share Trading Policy

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

Training will be conducted in the following areas:

FAYETTEVILLE STATE UNIVERSITY

COMPLIANCE WITH THE FEDERAL TRADE COMMISSION S SAFEGUARDS RULE

JOB DESCRIPTION FORM

Major Duties and Responsibilities. Accounting

FINANCE SCRUTINY SUB-COMMITTEE

Directives to LHINs in respect of Reporting Requirements under the BPSAA. Issued By Minister of Health and Long-Term Care

MANITOBA SECURITIES COMMISSION STRATEGIC PLAN

Sexual AssaultRuse Consequences For Students, Staff and Students

Revised Memorandum of Understanding between the Departments of Homeland Security and labor Concerning Enforcement Activities at Worksftes

THIRD PARTY PROCUREMENT PROCEDURES

Job Classification Details Department Job Function Job Family Job Title Job Code Salary Level

LINCOLNSHIRE POLICE Policy Document

Research Report. Abstract: The Emerging Intersection Between Big Data and Security Analytics. November 2012

Transcription:

Date: January 28, 2013 Lcatin: Frdham University Law Schl The Basics Rlling Out Yur Crprate Cmpliance Prgram Carle Basri Adjunct Prfessr Frdham University Law Schl Cell: 917-822-2447 Email: cbasri@yah.cm CBasri 2013 1

New Reasns T Implement a Cmpliance Prgram: Federal Sentencing Guidelines, revised as f Nv. 1, 2004, requiring a culture f ethics and a best practice gaps analysis t supprt the underlining structure f the crprate cmpliance prgram. Justice Department guidance n the prsecutrial decisins in the Hlder, Thmpsn, McNulty and, Filip Memrandum which states that in determining whether t charge a crpratin fr the criminal miscnduct f its emplyees, prsecutrs shuld cnsider, the existence and adequacy f the crpratin s cmpliance prgram. NY Stck Exchange Rule 303A.10 requiring NYSE-listed cmpanies t adpt cdes f business cnduct and ethics fr directrs, fficers, and emplyees which cdes are t be psted publicly. Further, waivers f the cde fr directrs r executives must be prmptly disclsed t sharehlders. NASDAQ Rule 4350 requires NASDAQ listed cmpanies t adpt a cde f cnduct fr directrs, fficers and emplyees which cdes are t be psted publicly. Further, waivers f the cde must be disclsed n a Frm 8-k within five days. Large settlements with gvernment against cmpanies withut effective cmpliance prgrams such as Siemens. Caremark Decisin (Del.ch.1996), persnal liability fr directrs fr versight f cmpliance. Gvernment Impsed Crprate Integrity Agreements 2

WAKE UP CALL FOR CORPORATE COMPLIANCE An effective crprate cmpliance prgram can: Help insulate a cmpany, and its fficers and emplyees, frm criminal and civil fines Prtect its bard f directrs frm persnal liability Create a culture f gd citizen crpratin (5% gd, 5% nt, 90% fllw) A prly cnstructed prgram can: Serve a radmap fr prsecutrs Damage mrale (emplyees view cde f cnduct as merely lip service by executives) Encurage fraud and unethical cnduct t cntinue 3

Revised Nv. 1 2004 U.S. Federal Sentencing Guidelines: Prmtes Culture f Ethics Includes Part C: Risk Assessment Part C plus Seven Elements Creates an Effective Crprate Cmpliance Prgram. 4

Part C- Risk Assessment (Best Practices-Gaps Analysis) Antitrust/ Cmpetitin Cnflicts f Interest Privacy & Data Prtectin Emplyment Envirnmental Exprt Cntrls False and Deceptive Advertising Freign Crrupt Practices Act UK Bribery Act Fraudulent Financial Reprting Gifts and Gratuities Gvernment Cntracting Insider Trading Intellectual Prperty Lbbying, Plitical Cntributins and ther plitical activities New Business Alliances Prcurement f Gds/Services Recrds Management Prtectin Security/Wiretapping Privacy f Cmmunicatins Sexual Harassment Scial Netwrking Subcntractrs and Cntract Labr Tax Wrkplace Safety US Patrit Act Anti-Mney Laundering Act 5

Seven Elements f An Effective Crprate Cmpliance Prgram are as fllws: 1. Standards and prcedures t prevent and detect criminal cnduct; 2. Bard must be knwledgeable abut and versee prgram; tp management must ensure effectiveness f prgram; specific individual(s) within high level persnnel must have respnsibility fr prgram; 3. Reasnable effrts nt t include within substantial authrity persnnel individuals wh rganizatin knew r shuld knwn have engaged in illegal activities r cnduct incnsistent with effective prgram; 4. Cmmunicate standards and prcedures by training directrs, emplyees and, as apprpriate, agents, and by ther means; 5. Mnitr and audit t detect criminal cnduct; evaluate prgram peridically; have and publicize a system fr reprting suspected vilatins and seeking guidance; 6. Prmte and cnsistently enfrce thrugh apprpriate incentives t perfrm in accrdance with the prgram and apprpriate discipline; and 7. After criminal cnduct is detected, take reasnable steps t respnd apprpriately and prevent further similar criminal cnduct, including necessary mdificatins t prgram. 6

First Element Written Plicies, Prcedures and Internal Cntrls fr Risk Areas include the fllwing: Standards f Cnduct Internal Cntrls Missin statement Letter frm CEO Cde f Cnduct r Cde f Ethics Emplyee handbk Crprate Cmpliance Prgram Guidelines Alignment f Cde f Cnduct, Plices and Prcedures, and Internal Cntrls 7

Secnd Element Bard must versee the cmpliance prgram. Tp management shuld take a leadership rle in fstering the cmpliance prgram. Designate specific High-Level Persnnel t versee cmpliance such as a cmpliance fficer. A cmpliance fficer is critical t the success f the cmpliance prgram. A chief cmpliance fficer shuld be appinted t crdinate the activities f individual cmpliance fficers at subsidiaries. The cmpliance fficer shuld have the fllwing: Direct access t CEO and Bard f Directrs, and Sufficient funding and staff The cmpliance fficer s respnsibilities include: Overseeing and mnitring the implementatin f the cmpliance prgram; Reprting n a regular basis t the CEO and cmpliance cmmittee; Peridically revising the prgram in light f new develpments; Develping, crdinating and participating in a multifaceted educatinal and training prgram that fcuses n the elements f the cmpliance prgram; Assisting the financial management in crdinating internal cmpliance reviews and mnitring activities; Independently investigating and acting n matters related t cmpliance, including the flexibility t design and crdinate internal investigatins; develping plicies and prgrams that encurage managers and emplyees t reprt suspected fraud and ther imprprieties withut fear f retaliatin. 8

Third Element Reasnable effrts nt t include in the cmpliance rganizatin persnnel f questinable integrity Crdinating backgrund checks n emplyees invlved in cmpliance administratin and crdinatin 9

Furth Element Effective cmmunicatin f Standards and Prcedures Training shuld include the fllwing areas: cde f cnduct; emplyment issues; cmpetitin issues; using e-mail, vicemail, newsletters, memranda, etc., t aid cmmunicatins; and ther tpics as necessary. Training shuld be at the time f hiring as well as regularly scheduled at least nce r twice a year as necessary. 10

Fifth Element Develping effective methds f mnitring, auditing reprting, and publicizing the system. Creating an annymus htline and prtecting whistle blwers; and Setting up a regular auditing and mnitring schedule including n-site visits and spt checks. Publicize results f the cmpliance prgram. 11

Sixth Element Cnsistent enfrcement thrugh crrective actins and incentives Written plicy n disciplinary standards; Create incentives system; and Disseminatin f standards t new and existing emplyees. 12

Seventh Element Take reasnable steps t respnd t detected criminal ffenses Detecting criminal vilatins; Cnducting internal investigatins; and Reprting criminal vilatins; and Updating the Crprate Cmpliance Prgram 13

Crprate Cmpliance Prgram Rll Out Phase I Phase II Phase III Phase IV Phase V High Level Cmpliance Assessment Develp an Overall Crprate Cmpliance Blueprint Evaluate and Develp Plicies in Substantive Areas Cmmunicatin, Training and Implementatin Cntinual Refining f the Prgram, Self-Assessment, Mnitring and Reprting High Level Review Interview Best Practices and Gaps analysis/ Risk Assessment Wrk Plan Senir Management Meeting Cde f Cnduct Crprate Cmpliance Prgram Guidelines Alignment f Cde f Cnduct; Plicies and Prcedures, Internal Cntrls and Emplyee Handbk Antitrust Scial Netwrking and Privacy Dcument Management Emplyment Envirnmental Intrduce Cde f Cnduct and Prgram Onging Cmmunicatin Plan Training Plan Training Material/n Intranet Training Schedule fr Train the Trainer and Internet Training Internal Cntrls Internal Audit Incentive System Internal Investigatin Prtcls Publicize reprting results Freign Crrupt Practices Intellectual Prperty Insider Trading Other Risk Areas 14

Phase I Cnducting a High Level Cmpliance Risk Assessment During Phase I, yu shuld: Frm a cmmittee; Interview key fficers and emplyees; Prepare a reprt n Risk Assessment, including Best Practices and Gaps; and Present the reprt n Risk Assessment, including Best Practices and Gaps. The Cmmittee shuld be cmpsed f at least the fllwing: CEO r President General Cunsel CFO Internal Audit Directr The Cmmittee shuld reprt t the Audit Cmmittee f the Bard f Directrs r directly t the Bard f Directrs Interview key fficers and emplyees f the cmpany and all subsidiaries including the fllwing: President, Business Develpment/Sales Marketing, General Cunsel/Outside Cunsel, Chief Financial Officer, Human Resurces Directr, Envirnmental Health and Safety, if any, Cmpliance Officer, if any, and Other key fficers and emplyees, as necessary 15

Based n the interviews, prepare a reprt n Risk Assessment, including Best Practices and Areas f Deficiency (gaps) based n the fllwing questins: What are yur key risk areas? What are the standards and prcedures that yu nw have in place in these risk areas? What are the areas yu have successfully limited risk and hw? What areas culd yu imprve in the cst t limit risk and hw? What is happening in such key areas as antitrust, envirnmental, emplyment, intellectual prperty and insider trading? Describe the cmpany culture tward crprate cmpliance and limiting risk. Present the reprt n Risk Assessment, including Best Practices and Gaps: The reprt shuld prvide a risk assessment fr relevant areas f law. The reprt shuld be presented t senir management and the Bard f Directrs. The reprt shuld be presented t the fficers f all subsidiaries wh were interviewed. Buy-in n the reprt shuld be encuraged. Create a Wrkplan which includes a timetable and an actin plan. 16

Phase II Develp an Overall Cmpliance Blue Print During Phase II, yu shuld: Lk at ther Cdes f Cnduct; Use the Cmmittee and Fcus Grups t develp a Cde f Cnduct; Custmize the Cde f Cnduct t the Cmpany culture; Custmize the Cde f Cnduct s it is suitable fr all emplyees; Make sure the Cde f Cnduct is user friendly and attractively packaged; Create a Missin Statement and letter frm the CEO t accmpany the Cde f Cnduct; and Create Cmpliance Prgram Guidelines. 17

Phase III Evaluate and Develp Plicies and Prcedures in Substantive Areas During Phase III, yu shuld: Inventry plicies and prcedures already in place (e.g., internal cntrls fr antitrust/cmpetitin, sexual harassment plicy, envirnmental plicy, etc.); Align, Cde f Cnduct, Plicy and Prcedures, Internal Cntrls and Emplyee Handbk; and Develp Plicies and Prcedures where Gaps exist as indicated frm the reprt n Best Practices and Gaps and brrw best practices, where necessary frm ther subsidiaries r utside the rganizatin (see trade assciatins, industry practice grups, law firms, cnsultants, seminars, such as Practicing Law Institute (PLI) and the Assciatin f Crprate Cunsel 18

Phase IV Cmmunicatin, Training and Implementatin During Phase IV, yu shuld: Intrduce Cde f Cnduct and Prgram; Onging Cmmunicatins Plan; Training Plan; Training Plan fr Fraud Preventin; Training Materials/n the Intranet; and Training Schedule. 19

Phase V Cntinual Refinement, Self-assessment, Mnitring and Reprting During Phase V, yu shuld have: Management Cntrls; Internal Audit System; Internal Cntrls; Incentive System; Internal Investigatin Prtcls, and Publicize Reprting Results An Effective Crprate Cmpliance Prgram is an early warning system fr risk cntrl thrugh the fllwing: Risk assessment prcess; Mnitring; Reprting (i.e., htline); and Training sessins 20

Make Yur Cmpliance Rllut Memrable Mements (tmbstnes, plastic cubes, pst-it ntes); Screen savers; Calendars; Intranet sites; and Frmal annuncements and invitatins t cmpliance event. Remember This is a marketing campaign! Yur prduct is a Cmpliance Prgram! Yur audience is yur emplyees! 21

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information