by Patty P. Tehrani, Esq.
Have you noticed the number of articles and blogs covering the troubling trend of personal liability for compliance officers and Chief Compliance Officers (CCOs) in the financial services sector? While anyone entering this industry knows it is highly regulated and replete with regulatory requirements, the growing liability of its compliance professionals is worrisome. Those responsible for overseeing their firm’s compliance program have many duties, and now more than ever find themselves on the receiving end of enforcement actions. This is evident in expanded corporate probes of compliance professionals or increasing regulatory expectations cited in speeches and proposed regulations.
Compliance professionals are concerned about facing personal liability especially when it is for non-rogue behavior. As a result, I thought this trend warranted a closer review. Continue reading
by Benjamin van Rooij and Adam Fine
“Justice cannot mean a prison sentence for a teenager who steals a car, but nothing more than a sideways glance at a C.E.O. who quietly engineers the theft of billions of dollars,” wrote U.S. Senator Elizabeth Warren in a New York Times op-ed. When she calls for stronger action against corporate crime, she’s not alone. Calls resound, particularly on the political left. In 2015, the Department of Justice, under then-Deputy Attorney General Sally Q. Yates, issued a new policy prioritizing prosecuting corporate criminals.
Punishing corporate executives more strongly may be justified. Punishment rarely occurs, and, when it does, it is often too weak to constitute “justice.” But once we agree that more punishment is warranted, the next question is how we can make punishment more effective in preventing corporate crime? Continue reading
By Robert W. Werner
The compliance infrastructure for managing financial crime risk at financial institutions is intended to be based on utilizing a risk-based, rather than rule-based, approach. A risk-based approach seeks to allocate resources commensurate with varying risk levels, reflecting the fact that financial institutions cannot eliminate all the risk of illicit activity occurring within an institution without completely shutting down all of its business. To optimize compliance, financial institutions must balance the need to provide legitimate and critical financial services and products with appropriate controls designed to mitigate the financial crime risk associated with those services and products to appropriate levels.
Where activity would violate law or regulation, the calculus is easy because the activity is simply prohibited. However, most legitimate activity will necessarily allow for some level of risk that it may be abused by criminals to facilitate illicit conduct or to exploit products and services for illicit purposes. Arriving at the right balance within this context requires an understanding of the risks, what level of controls can reasonably be put in place to mitigate that risk, and then making judgments based on an institution’s tolerance for reputational, regulatory and operational risk, about whether to engage in the activity. This last element, the exercise of judgment, must be arrived at within the framework of an institution’s risk appetite statement. Continue reading
by Peter L. Lindseth
The proliferation of compliance programs in US law schools over the last several years responds to a fundamental shift in the market for law graduates. The last two decades have seen a dramatic increase in the number of jobs for in-house lawyers, far outpacing the growth in government or law firm positions over the same period. The expanding compliance demands on businesses have been a major contributor to that increase. Although today some argue that the growth may have peaked, there is no denying that law schools have needed to respond to the new reality.
The bottom-line is that a significant portion of today’s law school graduates will find themselves employed in compliance rather than in lawyer roles per se. And even if many graduates will still work as legal counsel in a more traditional sense (whether in-house or externally), their practices will almost certainly include, in important respects, involvement in compliance matters. What might these developments mean for legal education more generally? Continue reading
by Azish Filabi
Over the past few decades, while companies have invested in building and expanding their compliance programs, researchers, practitioners and employees in some companies attest to a lack of corresponding reduction in misbehavior. Some even believe that the compliance programs may be a cause of increasing misbehavior. Continue reading
by Randall Cook, Waqas Shahid and Melanie Reed
A proactive, systematic risk assessment is an essential first step to developing and implementing any corporate compliance program, regardless of your industry or the compliance areas you are targeting. As US enforcement authorities have explained, “One-size-fits-all compliance programs are generally ill-conceived and ineffective because resources inevitably are spread too thin, with too much focus on low-risk markets and transactions to the detriment of high-risk areas.” The Department of Justice specifically identified the effectiveness of a company’s compliance risk assessment as a foundational consideration when evaluating whether to bring charges against a company and in negotiating a plea or other remedies. Moreover, in a corporate environment characterized by lean performance, tailoring your compliance program to your company’s actual risks is a business necessity.
A deliberate, iterative self-assessment methodology is crucial to obtaining the benefits of both mitigating enforcement risk and achieving a high-efficiency compliance program. Continue reading
by Michael C. Neus
A fund manager typically spends most of its time not only contemplating how to maximize returns for investors, but also navigating the array of compliance and regulatory concerns involved in running a private fund. Because the manager is so caught up in thinking about these daily considerations, it may lose sight of the multitude of issues that arise when it comes time to wind down that same fund. If the manager exercises some foresight regarding the fund’s eventual wind-down and puts proper procedures in place, however, the whole process can be both smoother and less fraught with legal and regulatory risks. Once a manager decides to wind down a fund, it must navigate myriad considerations and decisions during the process. Continue reading
by Tom C.W. Lin
An important transformation is happening in the financial industry. The rise of new technology and compliance has dramatically altered many of the key functions and functionaries of modern finance. Artificial intelligence, algorithmic programs, and supercomputers, instead of human actors, now constitute the core of many financial operations. At the same time, compliance officers have become just as critical to financial institutions as traders, bankers, and analysts. Finance as we knew it has changed and continues to change.
My recent article, Compliance, Technology, and Modern Finance, offers a detailed commentary on these unfolding changes—the crosscutting developments in compliance, technology, and modern finance. It examines the concurrent and intersecting ascents of new financial technology and compliance as well as the potential perils linked with their ascents. It also highlights the larger implications of the changing financial landscape due to the growing roles of new technology and compliance. In particular, it focuses on the challenges of financial cybersecurity, the integration of technology and compliance, and the role of humans in modern finance. Continue reading
by Michael W. Peregrine
The recent release of substantive compliance program guidance by the Fraud Section of the Department of Justice (“DOJ”) provides an excellent opportunity for corporations to re-examine the effectiveness of their current internal compliance mechanisms. While the “Evaluation of Corporate Compliance Programs” (“the Guidance”) is not specific to the any particular industry, it provides a practical set of benchmarks that can be referred to throughout an organization and is of particular relevance to the board of directors (logically through its audit & compliance committee), in the exercise of its compliance oversight duties. Continue reading
by Donald C. Langevoort
Recent media reports say that certain parties associated with Fox News have been subpoenaed by federal prosecutors to obtain testimony and information about allegations that Fox may have quietly settled a series of sexual harassment cases brought by Fox employees against former Chairman Roger Ailes. This is all far too sketchy and preliminary to draw any inferences about actual violations of law, especially as the reports came out in the course of nasty private litigation. But the news is a timely reminder to lawyers and compliance officials of how treacherous the waters are for anyone caught up in this kind of narrative—one where a key company official (often the one sitting on the corporate throne) may have engaged in serious unethical or unlawful behavior, with a strong desire in-house that the troublesome allegations never become public. Continue reading