1 / 60

Promising Practices for Effective Compliance Programs in Small Companies

Learn about regulatory expectations, share promising practices, and gain tips for internal and government investigations in small company compliance programs.

dione
Télécharger la présentation

Promising Practices for Effective Compliance Programs in Small Companies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. If you have a Promising Practice you would like to share from your company, please place your card in one of the Promising Practices bags! If you are selected and you share your Promising Practice, you will receive a prize! • Starting from Scratch • Code of Conduct • Sustainability • Vendors/Subcontractors/FCPA

  2. Session 609:Compliance for the Small Law Department Presenters: CARA GROUP: In-House Counsel, Newton Consulting CATHY HINGER: Partner, Womble Carlyle Sandridge & Rice, LLP MEGGAN MEDINA: General Counsel/CECO, Cloudburst Consulting Group, Inc. MARGY WEISMAN: Assistant General Counsel, ESCO Technologies, Inc.

  3. Survey Results – Company & Legal Department size Company size Legal Department size

  4. Survey Results Top compliance concerns by topic:

  5. What we will cover: • Regulatory expectations • Share Promising Practices • Internal and government investigations tips

  6. Regulatory Expectations

  7. Hallmarks of an Effective Compliance Program • Commitment from Leadership / Clearly Articulated Policy Against Corruption • Code of Conduct and Compliance Policies and Procedures • Oversight, Autonomy, and Resources • Risk Assessment • Training and Continuing Advice • Incentives and Disciplinary Measures • Third Party Due Diligence and Payments • Confidential Reporting and Internal Investigation • Continuous Improvement: Periodic Testing and Review • Mergers and Acquisitions: Pre-Acquisition Due Diligence and Post-Acquisition Integration DOJ/SEC 2012 Resource Guide to the FCPA

  8. Effective Compliance and Ethics Program • Exercise due diligence to prevent/detect criminal conduct + organizational culture of ethics and compliance • Leadership knowledgeable of compliance and ethics program and implement reasonable oversight; delegation of day to day oversight to specific professionals but they shall be given “adequate resources” • No criminals or bad actors in oversight/implementation positions • Effective communication and training on compliance and ethics • Monitoring effectiveness of program • Provide employees reporting structure without fear of retaliation • Consistent promotion, implementation and enforcement of program • Appropriate discipline for those found to have violated policies or laws • Upon discovery of criminal activity, take action to prevent/cure • Risk assessment + mitigation of risks identified in risk assessment Federal Sentencing Guidelines 18 USC § 8(B)2.1

  9. Why should I bother? 2 Factors that mitigate punishment of an organization: • existence of an effective compliance and ethics program; • self-reporting, cooperation, or acceptance of responsibility. (2015 U.S. Sentencing Guidelines Manual Ch. 8, Intro)

  10. What is expected of small companies? • Factors to consider in meeting Sentencing Guideline include, “(i) applicable industry practice or the standards called for by any applicable governmental regulation; (ii) the size of the organization; and (iii) similar misconduct.” • “The formality and scope of actions that an organization shall take to meet the requirements of this guideline . . . Depend on the size of the organization.” (2015 U.S. Sentencing Guidelines Manual §8B2.1 cmt. 2(A) & (C).

  11. What is expected of small companies? “Indeed, small- and medium-sized enterprises likely will have different compliance programs from large multi-national corporations, a fact DOJ and SEC take into account when evaluating companies’ compliance programs.” “[I]f designed carefully, implemented earnestly, and enforced fairly, a company’s compliance program – no matter how large or small the organization-will allow the company generally to prevent violations, detect those that do occur, and remediate them promptly and appropriately.” (FCPA Resource Guide at 57).

  12. What is expected of small companies? • Small organizations expected to demonstrate the same degree of commitment to ethics and compliance as large organizations • Small organizations may meet the requirements with less formality and fewer resources than would be expected of large organizations • Reliance on existing resources and simple systems can demonstrate a degree of commitment that for large organizations would only be demonstrated through more formal systems (2015 U.S. Sentencing Guidelines Manual §8B2.1 cmt. 2(C)).

  13. What is expected of small companies? Examples of ways small orgs can meet Guidelines: • Governing authority may discharge oversight responsibility by directly managing compliance and ethics program • Training employees through informal staff meetings • Monitoring through regular “walk-arounds” or continuous observation while managing the organization • Using available personnel rather than employing separate staff • Modeling program on existing, well-regarded compliance and ethics program and best practices of other similar organizations (2015 U.S. Sentencing Guidelines Manual §8B2.1 cmt. 2(C)).

  14. Starting from Scratch

  15. Risk Analysis

  16. Risk Analysis

  17. Risk Analysis

  18. Code of Conduct

  19. Code of Conduct • Tone at the top • What is important to the executives? • How can your code of conduct programming tie into that? • Tie program elements to corporate values • Explains the "Why?”

  20. Code of Conduct

  21. Code of Conduct • Proper on-boarding of a new employee is key to success • Prevent bad habits through repeated mini-trainings • Company newsletter • Management meetings – start it off with a refresher • Creative programming • Standard vendors – LMS systems, etc. • Creative team – make your own videos,role-play examples

  22. Code of Conduct – new hires • User profile set up immediately upon hire • Onboarding Packet • will include short blurb about compliance program • will have 60 days to complete training • Quarterly Renewal Groups • similar to the annual renewals that the current employees will do • use the Quarters of the calendar year to determine renewal for a particular employee • Ex #1: John Smith is hired on 13 Feb 2015. He completes all of his initial compliance training within 60 days of hire and is placed in the Q1 renewal group. He will receive a reminder at the start of Q1 2016 to complete the renewal requirements. • Ex#2: Jane Doe is hired on 15 Nov 2014. She completes all of her initial compliance training within 60 days of hire and is then placed in the Q4 renewal group. She will receive a reminder at the start of Q4 2015 to complete the renewal requirements (this is the same group as the current employees).

  23. Code of Conduct – Questions • What would cause a good person to do a bad thing? • What are the situations within our organization where the good employee could do something wrong? • How easy is it for an employee to ask a hard question?

  24. Sustainability

  25. What is sustainability reporting and why should we do this? How do we begin the process? • Sustainability reporting involves identification and assessment of the risks, opportunities and financial and strategic implications of environmental, social and economic topics. • For the last several years, ESCO has received a shareholder proposal, requesting ESCO to issue a sustainability report following the Global Reporting Initiative (GRI) Framework. • The most recent proposal received 35.9% shareholder votes in favor of reporting, which represents a significant increase from the prior year.

  26. What is sustainability reporting and why should we do this? How do we begin the process? • The expectation from investors, customers and other stakeholders to report on sustainability increases each year. In 2015, 81% of publicly traded companies issued reports. • Based on these facts, ESCO determined that we need to begin reporting. Due to the complexity of our business, it will take a few years for us to be able to produce a comprehensive report, but we intend to issue our first report in December 2016 and develop a plan to make significant progress each year. • Because ESCO does not have internal capacity or expertise to do this, we sought an experienced partner to guide us through the process.

  27. Identification of Potential Consultants • We considered and interviewed several consultants to assist us. We had numerous conversations, including multiple reference checks with the 2 firms we ultimately down selected. • The one we liked most was significantly more expensive than the other, but we worked with them to reduce the price and scale back the project.

  28. Examples of Sustainability Topics Under GRI

  29. Sustainability Topics Under GRI

  30. What is the process? • The first task is to conduct a Materiality Assessment. • The Materiality Assessment captures and prioritize sustainability issues relative to ESCO’s business. • We sought to understand what is most significant by looking at the following sources: • ESCO Internal Sources including public information (annual report, 10K, corporate governance documents, supply chain documents and subsidiary websites). In addition, we interviewed the CFO, GC and VP of HR. • Customer/Peer/Supplier Sources, including determining what our competitors in each segment do for sustainability reporting. We looked at 2-3 customers from each key segment • Industry Association Sources • Investor Sources. For example Bloomberg Intelligence, State Street Report, Investor Interview • Based on our findings, we determined the most significant issues to ESCO.

  31. Highlights of the Materiality Analysis • The following are the components of the materiality analysis: • Identified 264 research sources based on publicly available information and guidance from ESCO Technologies • Captured a universe of 471 potential material topics from the 264 sources reviewed • Narrowed the list of potential material topics to approximately 50 topics for prioritization • Interviewed three internal stakeholders to determine priority of topics to ESCO Technologies (ESCO CFO, GC and VP of HR) • Interviewed one external stakeholder (Walden Asset Management) • Analyzed and scored the 20 best information sources to prioritize material topics for stakeholders • Presented and validated our weighting analysis of all stakeholder groups and information sources • Creation of a customized materiality matrix showing the results and top topics.

  32. What our Results Showed • From an internal perspective, Governance issues were most important (ethics and compliance, innovation and technology, leadership, risk management) • Investors found emissions reduction and transparent communication as most important • Customers focused on emissions, water, waste and energy. They also found ethics and compliance and supply chain practices as critically important • Industry Associations valued human capital management, water efficiency and quality and environmental topics like emissions, energy and waste. They also noted workplace health and safety as a key priority.

  33. Key Topics • Ethics and Compliance • Innovation and Technology • Emissions & Energy Reduction • Waste Management Reduction • Supply Chain Practices • Workplace Health and Safety • Human Capital Management • Water Efficiency and Quality

  34. Example of Materiality Mapping

  35. Reporting Our Process and Findings • The ultimate end goal is a Sustainability Report prepared in accordance with the G4 guidelines. • We will start with creation of a Sustainability Page on our website which identifies our key sustainability issues, current progress and goals for the future. • We will build on this in FY 17 by creating new goals with the ultimate goal of production of a compliant report.

  36. Carbon Footprint Analysis • In addition to the materiality assessment, ESCO is conducting a carbon footprint analysis. • The carbon footprint analysis will look at information from all 23 ESCO facilities worldwide, including corporate headquarters in St. Louis. • The information will include the relevant energy consumption data, including electricity, district energy, and any fuels used at each site. Where data is not available for a particular site, the data will be estimated on a unit area basis using data from similar (use of the building, geography/climate) facilities in ESCO’s portfolio. • The calculated data will be delivered in the form of a “dashboard” that graphically depicts various aspects of the company’s energy use and greenhouse gas emissions, and a short report that describes the methodologies used, the identification of any gaps in the data.

  37. Online Disclosure • The next step will be to leverage the information gained from the materiality analysis and carbon footprinting to develop a sustainability microsite hosted separately from the ESCO Technologies corporate site (linked from the corporate site as appropriate).

  38. Vendors/Subcontractors

  39. Analyze the Risk • What country? • Size of contract • Experience with vendor • Experience of vendor (other USG contracts?)

  40. Due Diligence • Pre-Award Questionnaire • Organizational Information • Financial Resources • Accounting System and Procedures • Personnel Management • Procurement & Asset Management

  41. Due Diligence Governance: • Certificate of registration; articles of incorporation; by-laws; any licenses, certificates, accreditations, or equivalent documents granting legal status to do business • Organizational chart • Most recent annual report and other document(s), which include: • Mission statement • Overview of activities • List of current Board of Directors and corporate officers • List of management personnel Financial: • Audited financial statements and auditors report for the three most recent fiscal years OR, if external audits are not conducted, unaudited financial statements including balance sheet, profit & loss statement, and statement of cash flows for the three most recent fiscal years • If an indirect cost rate is used, documentation to substantiate the proposed rate or assurance that a third-party audit can be used to verify the indirect rates

  42. Domestic Concerns – Due Diligence Vendor Questionnaire Do you certify that your business is organized under the laws of __________________?  Initials: _______________ What is your business address and phone number? ______________________________________________________________________________ How many people are employed by your business (if any)? _____________________________ What professional or business licenses do you hold? _________________________________________________________________ _________________________________________________________________ Please certify with an authorized representative’s initials that your business has worked as an independent contractor for other businesses (received a 1099 for services rendered) in the last twelve (12) months. Yes ____________________________ No ______________________ Please list the types of insurance which your business carries (e..g, general, liability, worker’s comp, property, rental car, etc.).

  43. Foreign Corrupt Practices Act (FCPA)

  44. FCPA • Companies must conduct their business lawfully and ethically and in full compliance with the laws and regulations that govern our global business activities. • Companies should develop Anti-Bribery and Foreign Corrupt Practices Act Compliance Policies to fit their businesses. • Companies must provide training on these policies and make sure they apply to all third parties who represent the Company. • Business environments are in a constant state of change with new challenges and opportunities. In all circumstances, we must conduct ourselves with integrity in our business dealings. • Companies should require employees and agents to immediately contact the Company with any issues involving bribery, corruption or any other matter involving ethics.

  45. Anti-Bribery Policy Must Prohibit gifts or payments: • To any employee of a customer or a supplier with the intent to corruptly influence that employee’s conduct. • To any government official for favorable business treatment or government decisions.

More Related