But for other more salacious political concerns, the biggest story of the last couple weeks likely would have been Mark Zuckerberg’s testimony before Congress. Zuckerberg spent two days answering hundreds of questions from lawmakers. Much of the questioning was concerned with Facebook’s protection, or alleged lack thereof, of its users’ privacy. The testimony, however, once again raises questions about how companies that engage in repeated instances of misconduct should be sanctioned. Continue reading
by Michael Held
Good morning. It’s an honor to join you at the 1LoD Summit. The views I express today are my own, not necessarily those of the Federal Reserve Bank of New York or the Federal Reserve System.
I’ve heard it said that being in the risk control business can be, and often is, a thankless task. We get all the blame when something goes wrong, and none of the glory when things go right. So, I want to start my remarks with a word of gratitude to you, my fellow travelers in the world of risk controls. Thank you—not just for the invitation to speak today, but also for the work you perform each day at your firms.
The growing sophistication and stature of the first line of defense is, in my view, an unqualified improvement in corporate governance—especially at financial firms. Let’s begin with what you are defending. Continue reading
Last week the Financial Crimes Enforcement Network (FinCEN) issued much-anticipated Frequently Asked Questions (FAQs) that provide additional guidance to financial institutions relating to the implementation of the new Customer Due Diligence Rule (CDD Rule), set to go into effect on May 11, 2018. In general, the FAQs clarify certain issues that have caused implementation challenges for financial institutions. While FinCEN’s earlier guidance provided a general overview of the CDD Rule—including the purpose of the rule, the institutions to which it is applicable, and some relevant definitions—the new FAQs provide greater detail for financial institutions seeking to comply with the CDD Rule. The FAQs are meant to assist covered financial institutions in understanding the scope of their customer due diligence (CDD) obligations, as well as the rule’s impact on their broader anti-money laundering (AML) compliance. While the guidance is helpful in clarifying some of FinCEN’s expectations, the implementation challenge lies in applying the CDD Rule to a financial institution’s specific products and services.
As financial institutions work to meet the CDD Rule’s fast-approaching May 11 compliance deadline, they should pay special attention to the following key areas summarized below. Continue reading
The importance of establishing a robust “culture of compliance” within corporations is a common refrain among government regulators. But developing a structured process, much less a firm definition, around such a squishy concept can be a daunting task for compliance officers. At its core, an effective culture of compliance should shape employees’ gut instincts by reinforcing values that weigh against breaking the law. To accomplish this, companies should supplement their traditional ethics trainings and “tone at the top” by integrating compliance factors into their incentives programs and forestalling ethical fading. As an additional line of defense, companies should actively encourage employees to slow down and think methodically about their decisions before they take final action. Continue reading
As governments around the world watch the rising tide of public sentiment and law enforcement actions against corruption, some are looking to the United Kingdom Bribery Act 2010 (the “Act”) as a model for crafting their own criminal sanctions, including with regard to corporate criminal liability. Section 7 of the Act, which is captioned, “Failure of commercial organization to prevent bribery,” defines the offense in just 45 words:
A relevant commercial organisation (“C”) is guilty of an offence under this section if a person (“A”) associated with C bribes another person intending—
(a) to obtain or retain business for C, or
(b) to obtain or retain an advantage in the conduct of business for C.
Unless the company, as an affirmative defense, can “prove that [it] had in place adequate procedures designed to prevent persons associated with [it] from undertaking such conduct,” it faces a criminal fine without statutory limit. Continue reading
In a significant development for companies relating to the Foreign Corrupt Practices Act (FCPA), in late November the U.S. Department of Justice (DOJ) announced a new FCPA Corporate Enforcement Policy (the Enforcement Policy).
The Enforcement Policy is designed to encourage companies to voluntarily disclose misconduct by providing greater transparency concerning the amount of credit the DOJ will give to companies that self-report, fully cooperate and appropriately remediate misconduct. Notably, in announcing the Enforcement Policy, the DOJ highlighted the continued critical role that anti-corruption compliance programs play in its evaluation of eligibility under the Enforcement Policy. Continue reading
In our memo last year, we acknowledged that it was close to impossible to predict the likely impact that the newly elected Trump administration would have on white-collar and regulatory enforcement. (White Collar and Regulatory Enforcement: What to Expect in 2017) Instead, we set out a list of initiatives we urged the new administration to consider, including clarifying standards for when cooperation credit would be given, reducing the use of monitors, and giving greater weight to a company’s pre-existing compliance program when exercising prosecutorial discretion, among other suggestions. While the DOJ under Attorney General Jeff Sessions has, for example, taken some steps toward clarifying the applicable standards for cooperation and increasing incentives to disclose misconduct in the FCPA area, few other policy choices or shifts in approach have been articulated or implemented. Continue reading
This past year marked the 40th anniversary of the U.S. Foreign Corrupt Practices Act (“FCPA”). Since its enactment in 1977, the U.S. Department of Justice (the “DOJ”) has brought approximately 300 FCPA enforcement actions, while the U.S. Securities and Exchange Commission (the “SEC”) has brought approximately 200 cases. This anniversary year, the first year of the Trump administration, demonstrated that the FCPA continues to be a powerful tool in combating corruption abroad and encouraging compliance at global companies.
Below are six key take-aways regarding FCPA enforcement in 2017: Continue reading
Many constituents have a vested interest in determining a firm’s culture of compliance: regulators, investors, prospective employees, among others. Investment advisers registered with the Securities and Exchange Commission must demonstrate their compliance culture during periodic examinations by the Office of Compliance, Inspection and Examinations. Current and former SEC examination staff often state that the primary indicator of a healthy compliance culture is the “tone from the top.” There are a number of steps that a firm can take to demonstrate that top management fosters an effective compliance culture. Continue reading