Doug Cornelius on compliance for private equity real estate
One way to view compliance policies is grouping them into mandatory and voluntary policies. Mandatory are those dictated by law. Voluntary are those the organization has imposed to futher business objectives and manage risk.
Thanks to Carole Switzer, President of OCEG for this perspective.
The SEC has put together a collection of Researching the Federal Securities Laws Through the SEC Website.
This guide provides an overview of how to research the securities law through the SEC website and is provided as a service to investors and members of the public. It is neither a legal interpretation nor a statement of SEC policy. If you have questions concerning the meaning or application of a particular law or rule you should consult with an attorney who specializes in securities law. This guide does not address primary and secondary sources available in print or through other websites, other than those to which the SEC website links. The guide is organized by providing suggestions for the research of:
- Statutes (the Securities Laws)
- SEC Rules and Regulations
- SEC Concept Releases
- SEC Interpretive Releases
- SEC Staff Interpretations
In general, you should conduct your research on the federal securities laws in the order prescribed above. This is because while the federal statutes and the SEC rules and regulations have the force of law, other SEC-issued documents vary in the degree to which they carry the force of law.
LRN hosted a webinar on Managing Ethics and Compliance During a Recession.
The panel consisted of:
An ERC survey found that 60% of employees who feel pressured to do misconduct said “keeping their job” was a reason. As the economy sours, there seems more pressure to perform and to take shortcuts to achieve that performance. In times of economic stress, it is better to over-inform rather than under-inform.
How do you enlist support in your ethics and compliance program?
It is important to let people know the consequences of bad behavior. There are concrete remedies for badness. Also celebrate good behavior.
Highlight the non-retaliation policy. People are not going to make the call if they think they may lose their jobs. Silence is not good.
Obviously, compliance is not a profit center, so you need to be concerned when there are declining profits.
Over at the Society of Corporate Compliance and Ethics bulletin boards there was a great deal of discussion about whether the CECO should hold a concurrent role as general counsel or whether the positions should be split. Here are a collection of reasons:
Carole Switzer, President of OCEG and Lee Dittmar, principal of Deloitte Consulting LLP presented this webinar.
There is an imperative to improve governance, risk management and compliance processes to better manage risk, address increasing regulatory requirements, increased executive accountability and the fragmentation of information. It is about getting the right information, to the right person, at the right time. (Isn’t that knowledge management too? )
What is the information problem?
It is not about “check the box” compliance it is about improving your business.
Lee thinks governance, risk and compliance should be viewed comprehensively and leverage common systems. Integrated systems can help overcome silos. The key is a single source of the truth.
The goal is to get GRC embedded in the core processes. To be “in the flow” instead of “above the flow.”
Lee is seeing organizations adopting the business concepts of integrated GRC (even if they do not call it GRC).
I watched a recorded webinar presented Complinet: Compliance Evolution: Lessons Learned, Forgotten and Ignored. (March 13, 2008) Betsy Prout Lefler, the Deputy Director of Compliance at Piper Jaffray and Co. gave the presentation.
There are many different perspective on compliance and what compliance professionals do. In part because the role has changed very quickly.
At first is was only about procedures and monitoring designed to deter and deter violations of applicable laws and regulations. Now, compliance is involved in the CEO certification process, internal controls (SOX) and risk based reviews of company action.
Regulators originally gave little guidance on the role of compliance. Now compliance officers need to be involved in the SEC review process. Compliance officers need to understand not only the regulations, but also need to know the industry, the operations of the company and the products offered. CCO is not a risk manager and a strategist.
Betsy referred to the SIA 2005 Role of Compliance White Paper. This white paper tries to establish a model for compliance professionals thorughout the industry. She also notes that in 2003 the SEC began a formal approach to assessing a company’s culture of compliance.
What has caused evolution?
She things technology has made some of the biggest changes. Technology can be a compliance officer’s best friend. It is much easier to find and track issues and trends. Technology can help automate compliance. But technology can also be your worst enemy. There are lots of smoking gun emails. Technology can also automate non-compliance. Technology glitches can cause misstatements.
Don’t get stuck on “how we used to do it.” The role is evolving.
My notes from the EthicsPoint webinar on intake models and the value of web intake forms. The presenter was Erin Watkinson a business solutions consultant at EthicsPoint.
A custom web intake form is a replacement for paper based forms. You can use the web to report on issues.
Reporting should encourage employees to first go to a supervisor and not go anonymously right away.
A custom WIF is a case intake mechanism for non-licensed users. Its a custom report form that you can brand and format as needed or desired. The WIF can eliminate the re-keying of data. The form dumps the information into a central database. in a WIF you can have explanatory text, images, fields and/or links to other documentation. The WIF is mapped to fields in the EthicsPoint Event Manager. You can create custom print forms to match the look and feel of the WIF. All of the data elements are available for reporting and analytics. There is also branching logic available depending on how questions are answered.
Erin then showed an example of an HR Management report. This highlighted the branching features. Another demo was the Hospira HR system. They used the system for people to ask questions. The system tracks the questions and the answers given.
I watched the webinar from EthicsPoint and Kroll on Investigating Suspected Financial Accounting Irregularities. Jed Davis is the Managing Director in the Business Intelligence and Investigations Division of Kroll and Dave Hess is the Managing Director of the Forensic Accounting and Litigation Consulting Division of Kroll.
Dave emphasized the need to have a plan in place to deal with an investigation.
In Planning the investigation:
Some key objectives and considerations are:
Presentation slides for Investigating Suspected Financial Accounting Irregularities.(.pdf)
You can find a seried of FINRA Compliance Podcasts on their Compliance Podcast webpage and from iTunes. Last summer they have a few on Customer Identification Programs and Anti-Money Laundering programs:
Jones Lang LaSalle Incorporated was named to The Ethisphere Institute’s 2008 World’s Most Ethical Companies list.
The World’s Most Ethical Companies are the ones that go above and beyond legal minimums, bring about innovative new ideas to expand the public well being, work on reducing their carbon footprint rather than contributing to green washing and won’t be found next to the words “Billion Dollar Fine” in newspaper headlines any time in the near future. These are the companies that stand out among the competition in their industry.
The Jones Lang LaSalle Code of Ethics (.pdf) is published on the “investor relations” section of their website.