Current Developments in Compliance Management System (CMS) Structures and Auditing. June 2010

Similar documents
Compliance Management System 3.0

Henkel s Compliance Management System (CMS)

DRAFT. Anti-Bribery and Anti-Corruption Policy. Introduction. Scope. 1. Definitions

Fraud Risk Management Procedures

Fraud Prevention and Deterrence

Mental Health Resources, Inc. Mental Health Resources, Inc. Corporate Compliance Plan Corporate Compliance Plan

Fraud Prevention Policy

APEC General Elements of Effective Voluntary Corporate Compliance Programs

2016 The global ABB integrity program.

Assessing anti-corruption policies of non-governmental organisations

Compliance

Fraud and the Government Internal Auditor

Aligning Compliance Program Priorities with Business Objectives

Partnering Against Corruption Initiative Global Principles for Countering Corruption

Compliance Management System

The anglo american Safety way. Safety Management System Standards

RMBC s Governance Framework for Significant Partnerships

BARRICK GOLD CORPORATION

TRANSNATIONAL JOINT VENTURES. & the importance of fcpa compliance

Guidance ETHICAL PROCUREMENT AND SUPPLY

ING Group Compliance Risk Management Charter and Framework

BUSINESS PRINCIPLES FOR COUNTERING BRIBERY A MULTI-STAKEHOLDER INITIATIVE LED BY TRANSPARENCY INTERNATIONAL

Overview on the Compliance Management System of Seves

RISK ASSESSMENT CHECKLIST

RISK AND COMPLIANCE COMMITTEE CHARTER

EAGLE PARENT, INC EPICOR SOFTWARE CORPORATION ACTIVANT SOLUTIONS, INC. UK ANTI-BRIBERY AND CORRUPTION POLICY. (As Adopted July 2011)

Policy-Standard heading. Fraud and Corruption Policy

THE US FOREIGN CORRUPT PRACTICES ACT ( FCPA ) COMPLIANCE POLICY AND GUIDELINES

ICC Guidelines on Whistleblowing

Understanding Your Ethics & Code of Conduct Training Requirements. May 29, 2008

Anti-Bribery & Corruption. FX Plus Policy & Code of Conduct, Issue 1

CODE OF BUSINESS CONDUCT AND ETHICS

Annual Governance Statement 2013/14

ORVANA MINERALS CORP. CODE OF BUSINESS CONDUCT AND ETHICS ADOPTED BY THE BOARD OF DIRECTORS. October 2, 2013

ANTI BRIBERY AND FOREIGN CORRUPT PRACTICES ACT COMPLIANCE POLICY

Governance, Risk and Compliance Charter

PostNL Group Policy. on Fraud Prevention. PostNL Group Policy. on Fraud Prevention Page 1 of 15

LAUREATE ANTI-CORRUPTION POLICY

Importance and Challenges of Antitrust Compliance for Large Corporations. Dr. Christoph Klahold - Chief Compliance Officer ThyssenKrupp AG

Fraud Prevention, Detection and Response. Dean Bunch, Ernst & Young Fraud Investigation & Dispute Services

Compliance and Risk Assessment Sao Paulo June 13, Restricted Siemens AG All rights reserved.

AS Merko Ehitus CODE OF BUSINESS ETHICS

CODE OF ETHICS AND BUSINESS CONDUCT

STATEMENT FROM THE CHAIRMAN

WOLTERS KLUWER COMPANY VALUES AND BUSINESS PRINCIPLES

Global Compliance Audit

WMACCA Small Law Department Initiative. Scaling a Compliance Program To Your Organization And Small Law Department

INSTITUTIONAL COMPLIANCE PLAN

Anti-Bribery and Corruption Policy

Glossary 2. About this chapter About fraud and corruption prevention and control 4

ANTI-BRIBERY AND FOREIGN CORRUPT PRACTICES ACT COMPLIANCE POLICY

Working Toward our Vision AN OVERVIEW OF QANTAS GROUP BUSINESS PRACTICES

Anti-Bribery and Corruption Policy (including Gifts and Hospitality)

LANTHEUS HOLDINGS, INC. Foreign Corrupt Practices Act and Anti-Bribery Compliance Policy

Board of Directors Meeting 12/04/2010. Operational Risk Management Charter

Complying with the U.S. Foreign Corrupt Practices Act

Platform Specialty Products Corporation Foreign Corrupt Practices Act/Anti-Corruption Policy

CODE OF ETHICS ZERO TOLERANCE - BRIBERY AND CORRUPTION ADVANTAGE

COMPLIANCE: THE NEW INTERNATIONAL LAW

Global Anti Bribery and Corruption Policy

The Latest Wave of Securities Enforcement Actions And What To Do About It

Foreign Corrupt Practices Act Summary and Policy

BDO NORDIC. Investigation, fraud prevention and computer forensics. You can guess. You can assume. Or you can know. And knowing is always better.

Tax-Exempt Organizations Alert: Whistleblower Policies

Anti-bribery and Fraud Protection Policy

The Compliance and Ethics Essentials Toolkit

LATEST ON THE DODD-FRANK ACT AND INTERNATIONAL COMPLIANCE RISKS

COMPLIANCE PROGRAM GUIDANCE FOR MEDICARE FEE-FOR-SERVICE CONTRACTORS

Revised 05/22/14 P a g e 1

COMPLIANCE PROGRAM FOR XL GROUP PLC

Corporate Governance Report and Declaration Pursuant to Section 289a of the German Commercial Code (HGB)

MALAYSIAN TECHNOLOGY DEVELOPMENT CORPORATION SDN. BHD.

Whistle Blower Policy

Guidance from the FCPA Experience Building an Effective Approach to the UK Bribery Act

Park-Ohio Holdings Corp. Foreign Corrupt Practices Act Policy

POLICY INVESTIGATIONS OF LEGAL AND ETHICAL MISCONDUCT

Fraud-Related Compliance

3 August 2012 Policy updated to reflect name changes and alignment with current Aurora Energy Group Policy standards.

The Fraud Section's Foreign Corrupt Practices Act Enforcement Plan and Guidancel

White Paper: The Seven Elements of an Effective Compliance and Ethics Program

The Upside of Risk: Enterprise Risk Management and Public Real Estate Companies

FOREIGN CORRUPT PRACTICES ACT POLICY for PROJECT PROFESSIONALS GROUP PTY. LTD.

EADS INTERNATIONAL COMPLIANCE PROGRAMME

HORIZON OIL LIMITED (ABN: )

The Role of Compliance and Supervision. Rules Notice Guidance Note Dealer Member Rules. Introduction

Fraud-Related Compliance

Transcription:

Current Developments in Compliance Management System (CMS) Structures and Auditing June 2010

Principles of the Implementation and Certification of Compliance Management Systems Protection of corporate management and supervisory boards from civil and criminal liability in cases of non-compliance by employees Alignment of Compliance Management Systems with national and international standards, such as IDW EPS 980 (Audit of Compliance Management Systems) or the OCEG (US) Focusing on the prevention of offences against civil and criminal laws, such as the German Art. 130 OwiG or the US Sentencing Guidelines Focusing on the prevention of personal civil and criminal liability Sustainable implementation of all elements of the systems, i.e. prevent, detect and response as well as Tone from the Top and regular auditing

Requirements on the Design of a Compliance Management Systems As of today, there are no mandatory requirements regarding the design of Compliance Management Systems. A draft of the German IDW Standard on Auditing Principles of Compliance Management System Audits (IDW EPS 980) was published in March 2010. A standard comparable in other countries does exist. The standard summarizes the fundamental elements of a Compliance Management System and recommends to consider generally accepted CMS-frameworks. The draft refers to the following (quasi-) standards Foundation Guidelines Red Book of the Open Compliance and Ethics Group (OCEG) US Federal Sentencing Guidelines Manual, Chapter 8, Sentencing of Organizations, Part B Remedying Harm from Criminal Conduct, and Effective Compliance and Ethics Program Australian Standard (AS) 3806-2006 Compliance Programs Over the past years international companies have developed Leading Practices that also need to be considered in auditing Compliance Management Systems.

Leading Practice for Compliance Management Systems Compliance Culture, Compliance Goals, Compliance Organization Prevent Detect Respond Rules and Regulations Risk Analysis Investigation Trainings Whistleblower System Sanctions Coaching and Consulting Integrity Barometer Remediation Incentive System Compliance Detection Audits Communication Audits of the System

Elements of a Compliance Management System* Compliance goals & Risks CoC, Policies & Guidelines Compliance Responsibility & Organization Communication & Training Controls & Monitoring Compliance goals which are derived from business goals on company level Regular performed risk analysis to identify compliance risks; countermeasures and controls Code of Conduct Policies, guidelines and procedures on compliance issues Responsibility for compliance issues lays with one member of the management board Compliance Committee, Compliance Officer and local managers responsible for compliance management with appropriate resources and competencies Whistleblowing system (e.g. Ombudsman, Hotline) Fraud response plan Compliance issues are reflected within HR processes Compliance Management components are integrated in the corporate risk management / Internal Control System Controls within business processes to ensure proper conduct and to avoid misconduct (e.g. Due Diligence for Business Partner, authorization concept and regulations) Tone from the Top and zero tolerance culture Internal communication of corporate Code Of Conduct and guidelines Implementation of a compliance reporting system Trainings for management and employees in defined risk areas External communication of the corporate Code Of Conduct Audit of the implementation and efficiency of compliance controls within business processes Audit of the implementation and efficiency of CMS Execution of results from CMS audit and investigation processes Documentation to support the (a) controls and (b) monitoring processes as well as (c) provide evidences * Esp. Follows USSG, Australien Standards, ZfW Standards, OECG

Approach on Auditing Compliance Management Systems Assessment of CMS Effectiveness The assessments are based on the IDW CMS-Auditing-Standard and the USSG. Assessment of CMS Implementation Assessment of CMS Concept Type 1 Type 2 Type 3 The IDW Standard requires compliance processes to be implemented and running before the audit types 2 and 3 can be performed. Thus we have designed a 2 step approach. Due to the similarity of the documentation, audit type 2 and 3 will be performed simultaneously. March April May June July Aug. Sept. Oct. Nov. Dec. 20XX Step 1: Concept Audit (Type 1), Certificate for CMS Concept Step 2: Implementation & Effectiveness Audit (Type 2 & 3), Certificate for CMS Implementation & Effectiveness

Questions?

MANAGING COMPLIANCE Well I know I had that legal training warning me against inducements...its just that I need this deal... Maybe this might help your decision??? humm...very interesting. The deal on the table might just sway me... FOR INTERNAL USE ONLY SYMANTEC CONFIDENTIAL

Symantec s Compliance Program Making Compliance HOW we do Business AWARENESS Training, Online Resources and People Resources Online mandatory training for all employees In person training with internal and external counsel in priority regions with regional focus Programmatic guidelines that interface with our business models CORPORATE GOVERNANCE AND ETHICS Ethics Hotline and Mailbox Code of Conduct: Online policy, links to key information, and training Ethics and Compliance Office Hotline Consistent guidelines Making Ethics and Compliance part of the company FOR INTERNAL USE ONLY SYMANTEC CONFIDENTIAL

WHAT IS COMPLIANCE? Policy and Process Checkpoints Red Flag Indicators Order Process and Procedures (including Signature Authority) Code of Conduct and other Internal Policies IT Automation Points of law Legal requirements Policy stating a company s intent and interpretation, at times Risk Analysis Interpretation of law Standardization of process for control Repercussions for failure to comply fines/penalties/criminal action Benchmarking Mitigation and Follow Through -What do we do to ensure that we comply? Training is critical Audit, Reporting, Escalations FOR INTERNAL USE ONLY SYMANTEC CONFIDENTIAL 3

SECURITY = TRUST Ethisphere Magazine - Worlds Most Ethical Companies, 2008 - In recognition of its commitment to ethical leadership, Symantec was named in Ethisphere Magazine's second-annual listing of the Worlds Most Ethical Companies. DATA PRIVACY/PROTECTION Protecting our Employees and our Customer s Personal and Private information = We CARE about Security We are THE leading security company Our brand is all about trust Customers look to us as the example Risk from hackers, spyware FOR INTERNAL USE ONLY SYMANTEC CONFIDENTIAL 4

The Counsel s Role in the Global Ethics and Compliance Programme Enrique Aznar Chief Ethics & Compliance Officer Nokia Siemens Networks

NSN will only conduct its business worldwide with the highest ethical and integrity standards and will lead others in the industry to embrace equally high standards Rajeev Suri, CEO, NSN

Zero tolerance to non-compliance

NSN Board of Directors Nokia Audit Committee NSN Executive Board CEO Business Managers Sales and Marketing Nokia Chief Legal Officer CFO Chief Ethics & Compliance Officer Regional Compliance Counsel General Counsel Legal & Compliance Team Internal Audit Finance & Controls Nokia F&C

Vision Mission Companies competing fairly and meeting their duties to their stakeholders and Society We support NSN employees to make decisions that are ethical, legal and consistent with NSN s values and drive industry participants to embrace equally high ethical standards Strategy Prevention Detection Correction Interaction Foundation Tone at the Top Relentless Drive, Leadership & Determination Lean and efficient organisation

Compliance Principles Compliance with Ethics and the Law Avoidance of Conflicts of Interest Accurate Books and Records No acceptance or paying of Bribes Appropriate Internal Controls Reporting of Violations Anti-Corruption Compliance Training and Compliance Office Assistance

Compliance Numbers 2009 Code of Conduct Training: 82% completion rate online training Anti-Bribery Training Sessions: 100+ More than 500 questions or reports through reporting lines Total Compliance investigations: 137 At least 19 employees terminated theft, fraud, conflict of interest and misuse of company assets Of these 19, criminal action was initiated against 3 employees In addition, other 18 employees received a written warning, 1 employee was demoted, 1 promotion was frozen and several employees received oral warnings.

Vivian Robinson QC General Counsel

Introducing the Serious Fraud Office Function Involvement in business ethics 2 SFO 2010.

New UK Bribery Act Specific corporate offence Defence of adequate procedures Link to business ethics Governmental guidance Suggested compliance essentials 3 SFO 2010.

What does good ethical leadership look like? Ethical responsibility at all levels of management Demonstrable commitment to ethical standards of behaviour Employee engagement and support 4 SFO 2010.

The role of in house counsel Cultivate an ethics based mindset Be proactive in asking questions at all levels Focus on wider issues to develop a virtuous circle Be brave 5 SFO 2010.

Vivian Robinson QC General Counsel

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information