Innovation in Compliance with Tom Fox

Welcome to a special five-part podcast series, A Conversation with Skillsoft and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Skillsoft and StoneTurn Group, LLP. Over the course of this series we have explored the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). Focused on your Code of Conduct and how it is informed by your Risk Assessment, training on your Code of Conduct, performing a Risk Assessment and conclude with how all this ties to continuous monitoring and continuous improvement. Participants in this podcast series include: from Skillsoft, Charlie Voelker, Director, Compliance Products; John Arendes, Vice President and GM of Global Compliance Solutions; from StoneTurn, Toby Ralston, Managing Director, Jamen Tyler, Managing Director and Stephen Martin, Partner. In this fifth and final episode, I conclude with Stephen Martin on continuous monitoring and continuous improvement. A new focus in the 2020 Update and FCPA Resource Guide, 2nd edition, was the new mandate for continuous monitoring and continuous improvement. But it all begins with your risk assessment. Martin said, “they are the most critical part of your compliance program because they frame what you are supposed to do overall in your compliance regime.” What has changed recently, with the 2020 Update is the emphasis around continuous program improvement and that it should be “guided by your risk assessment, which is something new.” This means that you must look at more than “simply a limited snapshot in time, but using risk assessment, that is based on continuous operational data and information across a number of functions so that you can have real time risk assessment and improvement of your compliance program.”All of these developments have led to the clear conclusion that your compliance program should be a living breathing document. Martin said, “I think it’s more important today, given the guidance that came out, before you would talk a risk assessment that would be done once a year or once every couple of years, or perhaps you would do a program assessment. Now, what you’re expected to do is continually be evaluating your program and looking at data and information.” From there compliance officers and companies need to gather the data and look at is as an “ongoing review to update your policies, procedures, and controls, and tracking the information to incorporate into their risk assessments.”WebinarIf you enjoyed today’s podcast, I want to let you know about an upcoming webinar Skillsoft and StoneTurn are hosting. The webinar “Evolving Your Compliance Program” will be held on Wednesday Sept 23 and will explore how companies are leveraging data and information to improve and evolve their compliance programs. Information and Registration click here. ResourcesFor more information on Skillsoft’s compliance offerings, click here.For more information on the Skillsoft/StoneTurn partnership, click here.For more information on StoneTurn, click here.

Welcome to a special five-part podcast series, A Conversation with Skillsoft and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Skillsoft and StoneTurn Group, LLP. In this podcast series we will explore the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on your Code of Conduct and how it is informed by your Risk Assessment, training on your Code of Conduct, performing a Risk Assessment and conclude with how all this ties to continuous monitoring and continuous improvement. Participants in this podcast series include: from Skillsoft, Charlie Voelker, Director, Compliance Products; John Arendes, Vice President and GM of Global Compliance Solutions; from StoneTurn, Toby Ralston, Managing Director, Jamen Tyler, Managing Director and Stephen Martin, Partner. In this fourth episode, I visit with Arendes on assessing your risks and using that process to then manage those risks. The two recent releases of information in the form of the 2020 Update and FCPA Resource Guide, 2nd edition, make clear that companies must assess their risk and manage their risk. Years ago, there was this idea of one size fits all for compliance programs. The government’s thinking on this began moving towards taking into account a number of different risk variables that impact those businesses and what exposes them to areas of risk. This has led to the current environment where it is clear that one size does not fit all. Arendes said you should begin with the precept “to understand what the goal is of that risk assessment. What are you trying to get out of it? Is it a holistic view? Is it a specific area of risk or are there areas of data risks that we want to look at? The bottom line is to understand what’s your goal of the risk assessment.” Arendes also said an independent perspective should be sought. Using outside firms, having someone come in with an objective view is certainly an important part of your risk assessment.WebinarIf you enjoyed today’s podcast, I want to let you know about an upcoming webinar Skillsoft and StoneTurn are hosting. The webinar “Evolving Your Compliance Program” will be held on Wednesday Sept 23 and will explore how companies are leveraging data and information to improve and evolve their compliance programs. Information and Registration click here.ResourcesFor more information on Skillsoft’s compliance offerings, click here.For more information on the Skillsoft/StoneTurn partnership, click here.For more information on StoneTurn, click here.

Welcome to a special five-part podcast series, A Conversation with Skillsoft and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Skillsoft and StoneTurn Group, LLP. In this podcast series we will explore the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on your Code of Conduct and how it is informed by your Risk Assessment, training on your Code of Conduct, performing a Risk Assessment and conclude with how all this ties to continuous monitoring and continuous improvement. Participants in this podcast series include: from Skillsoft, Charlie Voelker, Director, Compliance Products; John Arendes, Vice President and GM of Global Compliance Solutions; from StoneTurn, Toby Ralston, Managing Director, Jamen Tyler, Managing Director and Stephen Martin, Partner. In this third episode, I visit with Jamen Tyler on conducting an effective risk assessment. We began with some of Tyler’s top tips for conducting a risk assessment. She began that everyone needs to understand that risk assessments are about putting together and thinking about all of your risks. This means typically thinking about risks falling into kind of four buckets. They are (1) financial, (2) operational (3) legal/regulatory and (4) reputational. While most companies are pretty well versed in conducting risk assessments for financial and operational risks; legal regulatory and reputational can be just as harmful. This means a company needs to think critically about those final two buckets of risk, in addition to the more traditional financial operational risks. This means targeting specific risk areas by subject matter and even breaking it down to specific geographies or business units, can be both more efficient. It can also help to insure you are conducting risk assessments on a timely basis.Join us tomorrow where I visit with John Arendes, Vice President and GM of Global Compliance Solutions at Skillsoft, who helps us take a deep dive into assessing your risks and using that process to then manage those risks.WebinarIf you enjoyed today’s podcast, I want to let you know about an upcoming webinar Skillsoft and StoneTurn are hosting. The webinar “Evolving Your Compliance Program” will be held on Wednesday Sept 23 and will explore how companies are leveraging data and information to improve and evolve their compliance programs. Information and Registration click here.ResourcesFor more information on Skillsoft’s compliance offerings, click here.For more information on the Skillsoft/StoneTurn partnership, click here.For more information on StoneTurn, click here.

Welcome to a special five-part podcast series, A Conversation with Skillsoft and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Skillsoft and StoneTurn Group, LLP. In this podcast series we will explore the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on your Code of Conduct and how it is informed by your Risk Assessment, training on your Code of Conduct, performing a Risk Assessment and conclude with how all this ties to continuous monitoring and continuous improvement. Participants in this podcast series include: from Skillsoft, Charlie Voelker, Director, Compliance Products; John Arendes, Vice President and GM of Global Compliance Solutions; from StoneTurn, Toby Ralston, Managing Director, Jamen Tyler, Managing Director and Stephen Martin, Partner. In this second episode, I visit with Voelker on how a Risk Assessment informs your Code of Conduct. We began with an exploration of why the Code of Conduct is so foundational to a compliance program in general. Voelker said, the “Code of Conduct is a way of capturing the risks and the issues that the organization faces. These are the major concerns that, that the organization has in terms of the type of business it is in, where it is operating and other factors of that nature.” Moreover, “by capturing those major issues within a training experience that is delivered across the organization and to all employees, it helps to level set everybody within the company in terms of what are those issues that are sort of top of mind for the company, what are the areas that as an employee needs to be focused on. Also, for employees, the Code of Conduct is a source of that information and also about where to go for more help. In many cases, a Code of Conduct will point to other policies or procedures or other resources that serve to provide that support that employees might need as they go about their day-to-day business.”One of the key themes of the 2020 Update was of the importance of a risk assessment to all aspects of your compliance program. Additionally, the 2020 Update made clear the relationship between risk assessment and Code of Conduct training going forward. A risk assessment informs the content of the company’s Code of Conduct itself by identifying the topics and the issues that relate to the risks the organization faces.Join us tomorrow where Jamen Tyler, Managing Director at StoneTurn, helps us take a deep dive into Risk Assessments.WebinarIf you enjoyed today’s podcast, I want to let you know about an upcoming webinar Skillsoft and StoneTurn are hosting. The webinar “Evolving Your Compliance Program” will be held on Wednesday Sept 23 and will explore how companies are leveraging data and information to improve and evolve their compliance programs. Information and Registration click here. ResourcesFor more information on Skillsoft’s compliance offerings, click here. For more information on the Skillsoft/StoneTurn partnership, click here. For more information on StoneTurn, click here. 

Matt Kunkel saw a need in the market for “a platform that could act as a central nucleus and bring together and automate in a flexible, easy fashion, all of the different components that make up a traditional governance, risk and compliance regulatory program.” He, together with John Siegler and Dan Campbell, founded LogicGate to fulfil that need. Matt joins Tom Fox on this week’s show to talk about LogicGate’s GRC platform and how it helps businesses improve their bottom line.Every Business Needs a GRC ChampionMatt wants to give business leaders the keys to the kingdom from a technology perspective. Leaders should be able to own and maintain Governance, Risk and Compliance (GRC) technology that grows and evolves alongside the company’s growth and evolution. A well run GRC program has multiple stakeholders throughout the organization, he points out, especially a champion who will advocate for a culture of risk and compliance. He shares six tips for choosing the best GRC solution.Managing Third Party RiskTom asks about the key exposure points in third party risk and how LogicGate’s solution helps to manage those risks. Matt responds that the best GRC program is only as good as the third parties we use and the programs they have in place. He explains the role of their platform in managing third party risk as well as performing due diligence. Risk is GoodMatt explains why all businesses should have a Business Continuity Playbook: it’s your Bible to tell you what to do when a disaster strikes, he says. He emphasizes that risk is good. “Risk is good. Companies are built and scaled and grow and achieve great things because they take on… additional strategic risk,” he remarks. It’s about evaluating where risk lies and taking the necessary mitigating steps that would enable you to take on more risk and drive better business outcomes. “I hope that we as an industry can elevate compliance professionals, risk professionals, security professionals to a spot where we can help the organization make strategic decisions based on risk to drive better top line outcomes, more revenue for the business. It’s not just about asset protection, it's about revenue generation,” he comments.ResourcesLogicGate.comLogicGate on LinkedIn | TwitterMatt Kunkel on LinkedIn

Welcome to a special five-part podcast series, A Conversation with Skillsoft and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Skillsoft and StoneTurn Group, LLP. In this podcast series we will explore the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on your Code of Conduct and how it is informed by your Risk Assessment, training on your Code of Conduct, performing a Risk Assessment and conclude with how all this ties to continuous monitoring and continuous improvement. Participants in this podcast series include: from Skillsoft, Charlie Voelker, Director, Compliance Products; John Arendes, Vice President and GM of Global Compliance Solutions; from StoneTurn, Toby Ralston, Managing Director, Jamen Tyler, Managing Director, and Stephen Martin, Partner. In this first episode, I visit with Toby Ralston on Code of Conduct.Obviously, your Code of Conduct is viewed as a foundational document by the DOJ and Securities and Exchange Commission (SEC) as they laid out in the FCPA Resource Guide, 2nd edition. Yet many compliance practitioners struggle with how to benchmark a code of conduct. Ralston believes there are a number of ways that a compliance professional could potentially benchmark a Code of Conduct. He suggested “a matrix approach that uses a modified scorecard or a balanced scorecard where we measure objectives early and subjectively rank an individual Code. We then consider those components against the Codes of competitors and those recognized as best practice.” This can make such a benchmarking exercise a peer comparison, but that peer to peer comparison should not be limited to organizations in your industry. “We find that this approach helps us identify missing or underdeveloped topics as well as sections of a Code that likely need to be condensed or reorganized.”Join us tomorrow where Charlie Voelker, Director, Compliance Products, Skillsoft, discusses how a Risk Assessment informs your Code of Conduct.WebinarIf you enjoyed today’s podcast, I want to let you know about an upcoming webinar Skillsoft and StoneTurn are hosting. The webinar “Evolving Your Compliance Program” will be held on Wednesday Sept 23 and will explore how companies are leveraging data and information to improve and evolve their compliance programs. Information and Registration click here. ResourcesFor more information on Skillsoft’s compliance offerings, click here.For more information on the Skillsoft/StoneTurn partnership, click here.For more information on StoneTurn, click here.

Welcome to a special five-part podcast series, A Conversation with Convercent and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Convercent and StoneTurn Group. Over the course of the series we have explored the impacts on corporate compliance programs from the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on investigations, data analytics, evaluating compliance programs, internal reporting and corporate culture. Participants in this podcast series include: Asha Palmer, Convercent Chief Ethics and Compliance Officer (CECO) and Executive Vice President (EVP) of CONVERGE; Rex Homme, Michele Edwards, and Stephen Martin, all Partners at StoneTurn. In this fifth and final episode, I am joined by Martin for a discussion of evaluating compliance programs.ResourcesFor more information on StoneTurn, check out their website, here.For more information on Convercent, check out their website, here.To download a copy of the Convercent Interactive Self-Assessment based on the 2020 Update to the Evaluation of Corporate Compliance Programs, click here.

Welcome to a special five-part podcast series, A Conversation with Convercent and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Convercent and StoneTurn Group. Over the course of the series we are exploring the impacts on corporate compliance programs from the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on investigations, data analytics, evaluating compliance programs, internal reporting and corporate culture. Participants in this podcast series include: Asha Palmer, Convercent Chief Ethics and Compliance Officer (CECO) and Executive Vice President (EVP) of CONVERGE; Rex Homme, Michele Edwards, and Stephen Martin, all Partners at StoneTurn. In this fourth episode, we take a deep dive with Palmer into corporate culture.Join us tomorrow, as Stephen Martin, Partner at StoneTurn discusses evaluating compliance programs.ResourcesFor more information on StoneTurn, check out their website, here.For more information on Convercent, check out their website, here.To download a copy of the Convercent Interactive Self-Assessment based on the 2020 Update to the Evaluation of Corporate Compliance Programs, click here.

Welcome to a special five-part podcast series, A Conversation with Convercent and StoneTurn:  From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Convercent and StoneTurn Group. Over the course of the series we will explore the impacts on corporate compliance programs from the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on investigations, data analytics, evaluating compliance programs, internal reporting and corporate culture. Participants in this podcast series include: Asha Palmer, Convercent Chief Ethics and Compliance Officer (CECO) and Executive Vice President (EVP) of CONVERGE; Rex Homme, Michele Edwards, and Stephen Martin, all Partners at StoneTurn. In this third episode, Edwards and I discuss how a compliance professional can create an inventory of metrics by which to monitor and then improve a compliance program.Join us tomorrow, as Asha Palmer, CECO at Convercent, discusses corporate culture itself to better monitor and improve your compliance program.ResourcesFor more information on StoneTurn, check out their website, here. For more information on Convercent, check out their website, here.To download a copy of the  Convercent Interactive Self-Assessment based on the 2020 Update to the Evaluation of Corporate Compliance Programs, click here.

Welcome to a special five-part podcast series, A Conversation with Convercent and StoneTurn: From the Code of Conduct to Risk Assessment to Continuous Improvement. This week’s podcast series is jointly sponsored by Convercent and StoneTurn Group. Over the course of the series we will explore the impacts on corporate compliance programs from the recently released 2020 Update to the Department of Justice’s (DOJ) Evaluation of Corporate Compliance Programs (2020 Update). We focus on investigations, data analytics, evaluating compliance programs, internal reporting and corporate culture. Participants in this podcast series include: Asha Palmer, Convercent Chief Ethics and Compliance Officer (CECO) and Executive Vice President (EVP) of CONVERGE; Rex Homme, Michele Edwards, and Stephen Martin, all Partners at StoneTurn. In this second episode, we take a deep dive with Palmer into internal reporting.Join us tomorrow, as Michele Edwards, Partner at StoneTurn details how to create an inventory of compliance metrics.ResourcesFor more information on StoneTurn, check out their website, here. For more information on Convercent, check out their website, here.To download a copy of the  Convercent Interactive Self-Assessment based on the 2020 Update to the Evaluation of Corporate Compliance Programs, click here.