Ten Ways to Turn Your Holiday Party Into A Lawsuit

Shanti Atkins of ELT published The Top 10 Ways to Turn your Holiday Party into a Lawsuit:

Number 10: Ask staff to work evenings or weekends arranging the party, but don’t pay them for the extra time because it’s not really “work.”

Number 9: Insist on calling it a “Christmas party.”

Number 8: Invite the purchasing officer for a big government contract your company is pursuing, and make sure to buy her a lavish, expensive gift.

Number 7: Open bar all night, with holiday colored jello shots.

Number 6: Lots of mistletoe.

Number 5: Pass around a microphone, and make everyone describe how they’ve been “naughty or nice” this past year.

Number 4: On the party invitation, summon “husbands and wives” to join you for an evening of holiday cheer.

Number 3: To make sure you get a great turn out, tell employees that anyone who doesn’t show up will have their pay docked 4 hours.

Number 2: Don’t provide alternative transportation home for inebriated party goers.

And our Number 1 way to turn your holiday party into a lawsuit? Announce to everyone that “what happens at the holiday party, stays at the holiday party.”

See Shanti’s post for some of the reasons these items made the list. There is also a podcast that accompanies the blog post: Top 10 Ways to Turn your Holiday Party Into a Lawsuit podcast

General Counsel as the Chief Ethics and Compliance Officer

Over at the Society of Corporate Compliance and Ethics bulletin boards there was a great deal of discussion about whether the CECO should hold a concurrent role as general counsel or whether the positions should be split. Here are a collection of reasons:

  • In some industries, including healthcare, the government has specifically stated that it does not believe that the compliance officer and general counsel roles should be filled by the same person or that the compliance officer should report to the general counsel.  This position occurs in “compliance program guidance” issued by the HHS Office of Inspector General. Daniel Roach
  • The role of compliance is to unearth issues and potential issues while they are still inchoate – not necessarily the same as the GC who is generally reactive and then not beyond the specific question presented. Emil Moschella
  • I think the joint role could affect the integrity of the attorney-client privilege.  If the roles are separate then I think the privilege is less assailable on the grounds that the hat being worn at the time the alleged protected information was received that the individual was wearing the hat of the compliance officer and not that of the GC. Emil Moschella
  • Many of the processes that the Compliance Officer (CO) may wish to review, may have been previously blessed by the office of the GC so that they may not get the fresh look of the compliance office would give it.  Independence of the compliance review is questioned. Emil Moschella
  • The compliance and ethics function is not the business of giving legal advice.  It is a management function that calls for good project management skills. It calls for a focus on ethics and compliance, when often lawyers focus on just the law.  Joseph Murphy

Standard & Poor’s To Begin Evaluating Enterprise Risk Analysis

On May 7, 2008, Standard and Poor’s Announced that they address enterprise risk management at part of their ratings: Standard & Poor’s To Apply Enterprise Risk Analysis To Corporate Ratings. (.pdf)

Ultimately, we will enhance transparency by providing investors and issuers our views of a management team’s ability to understand, articulate, and successfully manage risk. The benefits of the ERM enhancement will be to make the process of forming our rating opinions more forward looking, achieve finer differentiation among ratings, and facilitate construction of “what if” forecast scenarios.

S &P will look toward a company’s adoption of the COSO standards or the AS/NZS 4360 standards. But S&P will not make them a prerequisite for enterprise risk management nor sufficient evidence of sufficient risk manangement.

The Cumulative Effect of Gift Giving

The line between holiday gift giving and corruption is very gray. You need to be concerned that traditional holiday gifts are not actually holiday corruption bribes.

Not only should you look at an individual gift, you need to look to gifts to the organization as a whole. One excessive gift may seem over the top to the recipient. But what happens when the gift-giver does the same for many people in the organization. One gift of $100 may be a little much. But if 25 people get similar gifts from the same gift-giver, then you have a $2,500 gift issue.

Gifts should not result in, or even give the perception of, a conflict of interest. An example of this would be excessive gift giving from a vendor — would you direct more business to that vendor solely because of the gifts, thereby compromising your obligations? This is the conflict that results when more than nominal gifts are given

The action by the SEC against Lazard Capital Markets LLC is an example of excessive gift-giving. The charges lump together $600,000 in entertainment expenses. But that was over a 4 year period. $125,000 per year is still too much, but illustrates the cumulative effect.

You can read more about the Lazard case:

Right to Audit

From the KPMG 2008 Anti-Bribery and Anti-Corruption Survey:

While 63 percent of those respondents that require periodic compliance certifications said they incorporate a right-to-audit clause in their third-party contracts, a significant majority of these (68 percent) has never exercised the right (see Chart 4). A right-to-audit clause appears to be the kind of oversight expected by regulators and prosecutors, and has been included as an essential element of FCPA compliance in several recent deferred or nonprosecution agreements that companies have reached with the SEC and the DOJ. Recent agreements entered into in 2008 included, for example, stipulations that the parties agree to adopt new or to modify existing procedures to include “rights to conduct audits of the books and records of” agents or business partners “to ensure compliance” with anti-bribery laws and regulations.

KPMG 2008 Anti-Bribery and Anti-Corruption Survey

KPMG Forensic published its 2008 Anti-bribery and Anti-corruption Survey. KPMG surveyed 103 U.S. executives in the summer of 2008.

At a time when bribery and corruption prosecutions and enforcement actions are on the rise across the globe, the results of a new KPMG LLP survey suggest that multinational organizations based in the United States continue to be challenged by a number of key issues, which, if addressed, could lower the risk of violating the Foreign Corrupt Practices Act (FCPA) and other global anti-bribery and anti-corruption standards. The survey, conducted in summer 2008, found that although 85 percent of the respondents reported having an FCPA compliance program, many struggled with fundamental elements, including:

    • Performing effective due diligence on foreign agents/third parties (cited as challenging by 82 percent of respondents)
    • Auditing third parties for compliance (cited as challenging by 76 percent of respondents)
    • Performing due diligence during merger and acquisition (M&A) activities (cited as challenging by 73 percent of respondents).

Why I Love Twitter

Tim O’Reilly wrote a great peice: Why I love Twitter.

  1. Twitter is simple.
  2. Twitter works like people do
  3. Twitter cooperates well with others
  4. Twitter transcends the web
  5. Twitter is user-extensible
  6. Twitter evolves quickly

Now that I have moved from The Firm to the New Company, I have been using Twitter much more. Since I have shifted my career from knowledge management to compliance, I am trying to grow my network of information flows and people in the compliance area. (There are lots of KM people using twitter; Very few compliance people.)

Twitter is great way to get news and information updates. There are mainstream news story publishers. New York Times (@nytimes), Wall Street Journal (@wsj), CNN (@cnnbrk) and BBC(@BBC and @BBCbreaking) all push out news stories through Twitter. On the legal side, the American Bar Association pushed law related news stories through @ABAjournal.  Individual journalists are also using Twitter to push out information. Some CNN anchors are using twitter during their broadcasts (@donlemoncnn). In local news, veteran new England news anchorman R.D. Sahl joined Twitter (@rdsahl) this week and has a new program on NECN.

I make extensive use of the Twitter Search (formerly Summize): search.twitter.com. I run a search on my name to pick up tweets with my handle. I run a search on “compliance” and other key words that interest me. That picks up both people and stories around the topic.

The one concern I have with Twitter is how it will survive. As far as I can tell Twitter has no revenue. There are no subscription fees and no advertising. Something will have to change for Twitter to survive.

If you are looking for a great list of people in the legal field using twitter go to JD Scoop‘s list of 145 Lawyers and Legal Professionals) to Follow on Twitter. The list has grown to over 500 Twitterers.

Do you use Twitter? Feel free to follow me @dougcornelius.

If not, why not?

Originally published at KM Space.

IT for GRC: Improving Information Quality

Carole Switzer, President of OCEG and Lee Dittmar, principal of Deloitte Consulting LLP presented this webinar.

There is an imperative to improve governance, risk management and compliance processes to better manage risk, address increasing regulatory requirements, increased executive accountability and the fragmentation of information. It is about getting the right information, to the right person, at the right time. (Isn’t that knowledge management too? )

What is the information problem?

  • Managers need to know, anticipate and respond quickly and correctly
  • Stakeholders expect reliable and transparent reporting
  • Time and resources are spent searching for data
  • Data overload
  • DINK – Data Is Not Knowledge

It is not about “check the box” compliance it is about improving your business.

Lee thinks governance, risk and compliance should be viewed comprehensively and leverage common systems. Integrated systems can help overcome silos. The key is a single source of the truth.

The goal is to get GRC embedded in the core processes. To be “in the flow” instead of “above the flow.”

Lee is seeing organizations adopting the business concepts of integrated GRC (even if they do not call it GRC).

Defining “Foreign Official” Under the Foreign Corrupt Practices Act

Jeffrey Clark of  Willkie Farr & Gallagher moderated a conference on Defining “Foreign Official” Under the Foreign Corrupt Practices Act. David Stewart, U.S. Department of State and Georgetown University Law Center and Kathleen Hamann, U.S. Department of Justice led the discussion.

They start with a quote: why is a raven like a writing desk? (From Alice in Wonderland) There is no answer. There are some obvious examples. The problem is the “instrumentality of a foreign government” part of the definition of foreign official. The statute offers no clarification. The DOJ releases provide some examples: 94-01 and 08-01. There are some settlements that provide some guidance.

The issues is also pertinent to the OECD, the UN convention against corruption and other international treaties.

One thing to look at is whether a public official can veto or control the operations of the enterprise. It is not necessarily majority ownership or majority voting rights.

You can also look to the sovereign immunity. Would that person be protected by the sovereign immunity laws? If so, then they are public officials.

They also point out that a corrupt act is a corrupt act. You could be violating other non-public corruption laws. You should focus on not committing the corrupt acts.

It was clear from the discussion that companies are having a hard time figuring out when an entity is public and when it is private. If you can’t figure that out then you cannot figure out the individuals.

Evolution of Compliance

I watched a recorded webinar presented Complinet: Compliance Evolution: Lessons Learned, Forgotten and Ignored. (March 13, 2008) Betsy Prout Lefler, the Deputy Director of Compliance at Piper Jaffray and Co. gave the presentation.

There are many different perspective on compliance and what compliance professionals do. In part because the role has changed very quickly.

At first is was only about procedures and monitoring designed to deter and deter violations of applicable laws and regulations. Now, compliance is involved in the CEO certification process, internal controls (SOX) and risk based reviews of company action.

Regulators originally gave little guidance on the role of compliance. Now compliance officers need to be involved in the SEC review process. Compliance officers need to understand not only the regulations, but also need to know the industry, the operations of the company and the products offered. CCO is not a risk manager and a strategist.

Betsy referred to the SIA 2005 Role of Compliance White Paper. This white paper tries to establish a model for compliance professionals thorughout the industry. She also notes that in 2003 the SEC began a formal approach to assessing a company’s culture of compliance.

What has caused evolution?

  • Regulatory changes – there are increasing number of regulations in the financial industry
  • Scandals – each scandal triggers more regulations and more concerns
  • Technology – more and more technology means more and more information

She things technology has made some of the biggest changes. Technology can be a compliance officer’s best friend. It is much easier to find and track issues and trends. Technology can help automate compliance. But technology can also be your worst enemy. There are lots of smoking gun emails. Technology can also automate non-compliance. Technology glitches can cause misstatements.

Don’t get stuck on “how we used to do it.” The role is evolving.