In this episode Jay Rosen and I take a dive into the General Cable FCPA enforcement action, consider the ‘Invisible Hand’ of  Justice Department Compliance Counsel Hui Chen and greater regulatory enforcement, corporate response and innovation. We explain how these three factors combine in an ‘Invisible Hand’ to form a continuous improvement loop of compliance program innovation. It leads developments from cutting edge to best practices to becoming a routine part of an effective compliance program. We discuss the upcoming NFL divisional round of playoffs and conclude with Jay previewing the Jay Rosen Weekend Report. For more information on the General Cable FCPA enforcement action, check out my three-part blog post series

Part I-the Bribery Schemes

Part II-the Comeback

Part III-the Denouement

The FCPA Guidance states, that “In addition to evaluating the design and implementa­tion of a compliance program throughout an organization, enforcement of that program is fundamental to its effec­tiveness. A compliance program should apply from the board room to the supply room—no one should be beyond its reach. DOJ and SEC will thus consider whether, when enforcing a compliance program, a company has appropri­ate and clear disciplinary procedures, whether those proce­dures are applied reliably and promptly, and whether they are commensurate with the violation. Many companies have found that publicizing disciplinary actions internally, where appropriate under local law, can have an important deterrent effect, demonstrating that unethical and unlawful actions have swift and sure consequences.”

This means you need to have recognized incentives for doing business under your Code of Conduct and in fulfillment of your compliance policy and procedures. Incentives can be immediate such as cash bonuses or other awards or more long term, such as promotion within an organization. Conversely, if someone violates your Code of Conduct, there needs to be consequences for such violation.


There are some general ideas around incentive, which you can implement as compliance incentives do not have to be extravagant or groundbreaking. Even rather plain vanilla incentives can work if you deliver it consistently, if you make the rewards visible, as the FCPA Guidance states, “Beyond financial incentives, some companies have highlighted compliance within their organizations by recognizing compliance professionals and internal audit staff. Others have made working in the company’s compliance organization a way to advance an employee’s career.” Lastly, make certain that your compliance incentives can be implemented on all levels within your organization.


Another important part is around promotion of employees up to senior management. Human Resources (HR) could help you in compliance lead the effort to promote only employees who demonstrate a commitment to doing business in compliance. Once again the Fair Process Doctrine is critical here as a part of ongoing employee evaluations and promotions. If your company is seen to advance and only reward employees who achieve their numbers by whatever means necessary, other employees will certainly take note and it will be understood what management evaluates, and rewards, employees upon. I have often heard the tale about some Far East Region Manager which goes along the following lines “If I violated the Code of Conduct I may or may not get caught. If I get caught I may or may not be disciplined. If I miss my numbers for two quarters, I will be fired”. If this is what other employees believe about how they are evaluated and the basis for promotion, you have lost the compliance battle.


The types of discipline within a company are fairly standard. Most generally it is any negative consequence, up to and including termination. However, I believe that the key to discipline is procedural fairness and this will help to bring bring credibility to your compliance program. Procedural fairness also goes by the moniker of the Fair Process Doctrine and this Doctrine generally recognizes that there are fair procedures, not arbitrary ones, in processes involving rights.

Discipline must not only be administered fairly but it must be administered uniformly across the company for the violation of any compliance policy. Simply put if you are going to fire employees in South America for lying on their expense reports, you have to fire them in North America for the same offense. It cannot matter that the North American employee is a friend of yours or worse yet a ‘high producer’. Failure to administer discipline uniformly will destroy any vestige of credibility that you may have developed.

Three Takeaways

  1. Always remember and employ the Fair Process Doctrine.
  2. Discipline must be administered fairly throughout your organization and across the globe.
  3. Consider the compliance angle in promotions.

For more information, check out my book Doing Compliance: Design, Create and Implement an Effective Anti-Corruption Compliance Program, which is available by clicking here.



Welcome to Day 5 of 30 Days to a Better Compliance Program. Today, I focus on training, ongoing communications and the use of social media in a best practices compliance program. 


The communication of your anti-corruption compliance program is something that must be done on a regular basis to ensure its effectiveness. The FCPA Guidance explains, “Compliance policies cannot work unless effectively communicated throughout a company. Accordingly, DOJ and SEC will evaluate whether a company has taken steps to ensure that relevant policies and procedures have been com­municated throughout the organization, including through periodic training and certification for all directors, officers, relevant employees, and, where appropriate, agents and business partners.”

One of the key goals of any FCPA compliance program is to train company employees in awareness and understanding of the FCPA; your specific company compliance program; and to create and foster a culture of compliance. Beginning in the fall of 2015 through the announcement of the FCPA enforcement Pilot Program, the Justice Department began to talk about whether you have determined the effectiveness of your training.

Communication and Use of Social Media

Next you need to consider the messaging of compliance inside of your corporation and how it is distributed. This means that you will need to work to hone your message but also continue to plug away to send that message out. I think the Morgan Stanley Declination will always be instructional as one of the stated reasons the Department of Justice (DOJ) did not prosecute the company as they sent out 35 compliance reminders to its workforce, over 7 years. Social media can be used in the same cost effective way, to not only get the message of compliance out but also to receive information and communications back from your customer base, the company employees.

In a compliance program, your consumers/customers are your employees. Social media presents some excellent mechanisms to communicate the message of compliance going forward. Many of the applications that we use in our personal communication are free or available at very low cost. So why not take advantage of them and use those same communication tools in your internal compliance marketing efforts going forward.

Three Key Takeaways

  1. You need to demonstrate the effectiveness of your compliance training.
  2. Ongoing communications from compliance is an often overlooked tool in compliance.
  3. Utilize innovative social media techniques to communicate and train.

For more information, check out my book Doing Compliance: Design, Create and Implement an Effective Anti-Corruption Compliance Program, which is available by clicking here.

Welcome to Day 4 of 30 Days to a Better Compliance Program. Today we tackle risk assessments. One cannot really say enough about risk assessments in the context of anti-corruption programs. The FCPA Guidance stated it succinctly when it said, “Assessment of risk is fundamental to developing a strong compliance program, and is another factor DOJ and SEC evaluate when assessing a company’s compliance program.” The simple reason is straightforward; one cannot define, plan for, or design an effective compliance program to prevent bribery and corruption unless you can measure the risks you face.

What Should You Assess?

What risks should you assess? There are a number of ways you can slice and dice your basic inquiry. The FCPA Guidance states, “Factors to consider, for instance, include risks presented by: the country and industry sector, the business opportunity, potential business partners, level of involvement with governments, amount of government regulation and oversight, and exposure to customs and immigration in conducting business affairs.” Another way is to break the risk areas to evaluate down into the following categories: (1) Company Risk, (2) Country Risk, (3) Industry-Sector Risk, (4) Transaction Risk and (5) Third-Party Risk.

How Should You Assess Your Risks?

Risk assessments can be performed in a variety of ways. You can use some basic tools such as personal or telephone interviews of key employees; surveys and questionnaires of employees; and review of historical compliance information such as due diligence files for third parties and mergers and acquisitions, as well as internal audits of key offices. Another level might be a deeper dive into high risk countries, high risk business areas an more detailed review of your third party representatives.

How do You Evaluate a Risk Assessment?

Once risks are identified, they are then rated according to their significance and likelihood of occurring, and then plotted on a heat map to determine their priority. The most significant risks with the greatest likelihood of occurring are deemed the priority risks, which become the focus of the audit/monitoring plan. You should prepare a risk matrix detailing the specific risks you can relative remediation requirements identified and relevant mitigating controls.

 Three Key Takeaways

  1. Assess the risks relevant to your company.
  2. Document your risk assessment protocol and results.
  3. The evaluation of your risks and remediation therefrom. 

For more information, check out my book Doing Compliance: Design, Create and Implement an Effective Anti-Corruption Compliance Program, which is available by clicking here.

In this episode Matt Kelly and I take a deep dive into 6 compliance issues you should keep an eye on in 2017. They include the Wal-Mart FCPA resolution, the future of the FCPA Pilot Program, the SEC Whistleblower program, the Next PCAOB Chairman, the future of new overtime rules and finally the Barclay’s trial for mortgage fraud in the context of the 2008 financial crisis. We also take a look at the GOP attempt to denude the Office of Congressional Ethics and their immediate reversal in the face of intense criticism. For additional reading check out Matt’s two blogs on these subjects: Ethics, Politics, and Optics in New Washington and Six Compliance Events to Watch in 2017.